Allow disabling GPG key editing while leaving signed push enabled
Administrators may choose to populate GPG keys by hand, or to
temporarily restrict adding new keys, without disabling signed push
verification or verification of push certs stored in PatchSets.
Separate the UI and REST API for editing GPG keys from the protocol
machinery for verifying signed push.
Change-Id: I2c921cf92a3452d44ee8cb02efd77ab7f2bd02dd
diff --git a/Documentation/config-gerrit.txt b/Documentation/config-gerrit.txt
index 42549c8..7472820 100644
--- a/Documentation/config-gerrit.txt
+++ b/Documentation/config-gerrit.txt
@@ -1720,6 +1720,16 @@
`/Documentation/index.html` can be reached by the browser at app load
time.
+[[gerrit.editGpgKeys]]gerrit.editGpgKeys::
++
+If enabled and server-side signed push validation is also
+link:#receive.enableSignedPush[enabled], enable the
+link:rest-api-accounts.html#list-gpg-keys[REST API endpoints] and web UI
+for editing GPG keys. If disabled, GPG keys can only be added by
+administrators with direct git access to All-Users.
++
+Defaults to true.
+
[[gerrit.installCommitMsgHookCommand]]gerrit.installCommitMsgHookCommand::
+
Optional command to install the `commit-msg` hook. Typically of the
diff --git a/Documentation/rest-api-config.txt b/Documentation/rest-api-config.txt
index c54f7db..b1b795c 100644
--- a/Documentation/rest-api-config.txt
+++ b/Documentation/rest-api-config.txt
@@ -1193,6 +1193,8 @@
Custom base URL where Gerrit server documentation is located.
(Documentation may still be available at /Documentation relative to the
Gerrit base path even if this value is unset.)
+|`edit_gpg_keys` |not set if `false`|
+Whether to enable the web UI for editing GPG keys.
|`report_bug_url` |optional|
link:config-gerrit.html#gerrit.reportBugUrl[URL to report bugs].
|`report_bug_text` |optional, not set if default|
diff --git a/gerrit-gpg/src/main/java/com/google/gerrit/gpg/GpgModule.java b/gerrit-gpg/src/main/java/com/google/gerrit/gpg/GpgModule.java
index 3e80e37..bbf61b8 100644
--- a/gerrit-gpg/src/main/java/com/google/gerrit/gpg/GpgModule.java
+++ b/gerrit-gpg/src/main/java/com/google/gerrit/gpg/GpgModule.java
@@ -35,6 +35,8 @@
protected void configure() {
boolean configEnableSignedPush =
cfg.getBoolean("receive", null, "enableSignedPush", false);
+ boolean configEditGpgKeys =
+ cfg.getBoolean("gerrit", null, "editGpgKeys", true);
boolean havePgp = BouncyCastleUtil.havePGP();
boolean enableSignedPush = configEnableSignedPush && havePgp;
bindConstant().annotatedWith(EnableSignedPush.class).to(enableSignedPush);
@@ -47,6 +49,6 @@
install(new SignedPushModule());
factory(GerritPushCertificateChecker.Factory.class);
}
- install(new GpgApiModule(enableSignedPush));
+ install(new GpgApiModule(enableSignedPush && configEditGpgKeys));
}
}
diff --git a/gerrit-gwtui-common/src/main/java/com/google/gerrit/client/info/GerritInfo.java b/gerrit-gwtui-common/src/main/java/com/google/gerrit/client/info/GerritInfo.java
index f0f3b66..55ef892 100644
--- a/gerrit-gwtui-common/src/main/java/com/google/gerrit/client/info/GerritInfo.java
+++ b/gerrit-gwtui-common/src/main/java/com/google/gerrit/client/info/GerritInfo.java
@@ -37,6 +37,7 @@
public final native String allProjects() /*-{ return this.all_projects; }-*/;
public final native String allUsers() /*-{ return this.all_users; }-*/;
public final native String docUrl() /*-{ return this.doc_url; }-*/;
+ public final native boolean editGpgKeys() /*-{ return this.edit_gpg_keys || false; }-*/;
public final native String reportBugUrl() /*-{ return this.report_bug_url; }-*/;
public final native String reportBugText() /*-{ return this.report_bug_text; }-*/;
diff --git a/gerrit-gwtui/src/main/java/com/google/gerrit/client/Dispatcher.java b/gerrit-gwtui/src/main/java/com/google/gerrit/client/Dispatcher.java
index f78230b..1efccf2 100644
--- a/gerrit-gwtui/src/main/java/com/google/gerrit/client/Dispatcher.java
+++ b/gerrit-gwtui/src/main/java/com/google/gerrit/client/Dispatcher.java
@@ -539,7 +539,8 @@
return new MySshKeysScreen();
}
- if (matchExact(SETTINGS_GPGKEYS, token)) {
+ if (matchExact(SETTINGS_GPGKEYS, token)
+ && Gerrit.info().gerrit().editGpgKeys()) {
return new MyGpgKeysScreen();
}
diff --git a/gerrit-gwtui/src/main/java/com/google/gerrit/client/account/SettingsScreen.java b/gerrit-gwtui/src/main/java/com/google/gerrit/client/account/SettingsScreen.java
index 2f3a819..4935692 100644
--- a/gerrit-gwtui/src/main/java/com/google/gerrit/client/account/SettingsScreen.java
+++ b/gerrit-gwtui/src/main/java/com/google/gerrit/client/account/SettingsScreen.java
@@ -45,7 +45,7 @@
if (Gerrit.info().auth().isHttpPasswordSettingsEnabled()) {
linkByGerrit(Util.C.tabHttpAccess(), PageLinks.SETTINGS_HTTP_PASSWORD);
}
- if (Gerrit.info().receive().enableSignedPush()) {
+ if (Gerrit.info().gerrit().editGpgKeys()) {
linkByGerrit(Util.C.tabGpgKeys(), PageLinks.SETTINGS_GPGKEYS);
}
linkByGerrit(Util.C.tabWebIdentities(), PageLinks.SETTINGS_WEBIDENT);
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/config/GetServerInfo.java b/gerrit-server/src/main/java/com/google/gerrit/server/config/GetServerInfo.java
index b75d775..9eca842 100644
--- a/gerrit-server/src/main/java/com/google/gerrit/server/config/GetServerInfo.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/config/GetServerInfo.java
@@ -238,6 +238,8 @@
info.reportBugUrl = cfg.getString("gerrit", null, "reportBugUrl");
info.reportBugText = cfg.getString("gerrit", null, "reportBugText");
info.docUrl = getDocUrl(cfg);
+ info.editGpgKeys = toBoolean(enableSignedPush
+ && cfg.getBoolean("gerrit", null, "editGpgKeys", true));
return info;
}
@@ -367,6 +369,7 @@
public String docUrl;
public String reportBugUrl;
public String reportBugText;
+ public Boolean editGpgKeys;
}
public static class GitwebInfo {
