Rework checking preconditions for rebase

* Pull the permission check out of the RebaseUtil method that checks
  * This allows us to do the permission check first in the rebase REST
    endpoints. If the calling user has no permissions to rebase, we
    should reject the request immediately and not open any resources
    (e.g. we should not open the repository).
  * This makes the permission checks more explicit which improves
    readability (the permission check is easy to miss if it’s done in a
    helper method).
  * To be on the safe side let RebaseChain still check the permission
    for every change in the chain (although this should not be
    necessary, since the rebase permission is assigned on the target
    branch the result of the permission evaluation should be the same
    for all changes in a chain).

* Pull the checking whether the project is writable out of the
  RebaseUtil method that checks preconditions:
  This check needs to be done only once, but RebaseChain checked this
  once per change in the chain.

* Make the RebaseUtil method that checks preconditions non-static:
  This way it can make use of the psUtil member variable and callers do
  not need to pass this in.

* Remove unnecessary else in RebaseUtil#verifyRebasePreconditions.

Release-Notes: skip
Signed-off-by: Edwin Kempin <>
Change-Id: If8882684e88f1f5e44a7885d296b134911a06877
3 files changed
tree: 2cdb7d9cfef07ff4d4a1394a80f312e7189c22f8
  1. .settings/
  2. .ts-out/
  3. antlr3/
  4. contrib/
  5. Documentation/
  6. e2e-tests/
  7. java/
  8. javatests/
  9. lib/
  10. modules/
  11. plugins/
  12. polygerrit-ui/
  13. prolog/
  14. prologtests/
  15. proto/
  16. resources/
  17. tools/
  18. webapp/
  19. .bazelignore
  20. .bazelproject
  21. .bazelrc
  22. .bazelversion
  23. .editorconfig
  24. .git-blame-ignore-revs
  25. .gitignore
  26. .gitmodules
  27. .gitreview
  28. .mailmap
  29. .pydevproject
  30. .zuul.yaml
  31. BUILD
  34. Jenkinsfile
  35. package.json
  38. version.bzl
  39. web-dev-server.config.mjs
  41. yarn.lock

Gerrit Code Review

Gerrit is a code review and project management tool for Git based projects.

Build Status Maven Central


Gerrit makes reviews easier by showing changes in a side-by-side display, and allowing inline comments to be added by any reviewer.

Gerrit simplifies Git based project maintainership by permitting any authorized user to submit changes to the master Git repository, rather than requiring all approved changes to be merged in by hand by the project maintainer.


For information about how to install and use Gerrit, refer to the documentation.


Our canonical Git repository is located on There is a mirror of the repository on Github.

Reporting bugs

Please report bugs on the issue tracker.


Gerrit is the work of hundreds of contributors. We appreciate your help!

Please read the contribution guidelines.

Note that we do not accept Pull Requests via the Github mirror.

Getting in contact

The Developer Mailing list is repo-discuss on Google Groups.


Gerrit is provided under the Apache License 2.0.


Install Bazel and run the following:

    git clone --recurse-submodules
    cd gerrit && bazel build release

Install binary packages (Deb/Rpm)

The instruction how to configure GerritForge/BinTray repositories is here

On Debian/Ubuntu run:

    apt-get update && apt-get install gerrit=<version>-<release>

NOTE: release is a counter that starts with 1 and indicates the number of packages that have been released with the same version of the software.

On CentOS/RedHat run:

    yum clean all && yum install gerrit-<version>[-<release>]

On Fedora run:

    dnf clean all && dnf install gerrit-<version>[-<release>]

Use pre-built Gerrit images on Docker

Docker images of Gerrit are available on DockerHub

To run a CentOS 8 based Gerrit image:

    docker run -p 8080:8080 gerritcodereview/gerrit[:version]-centos8

To run a Ubuntu 20.04 based Gerrit image:

    docker run -p 8080:8080 gerritcodereview/gerrit[:version]-ubuntu20

NOTE: release is optional. Last released package of the version is installed if the release number is omitted.