Google Git
Sign in
gerrit / gerrit / 77bc1864ea612ee09536929018afc31698a9462b
commit77bc1864ea612ee09536929018afc31698a9462b[log] [tgz]
authorAlice Kober-Sotzek <aliceks@google.com>Thu Jun 25 20:05:47 2020 +0200
committerAlice Kober-Sotzek <aliceks@google.com>Fri Jun 26 09:39:10 2020 +0000
treeb869bcedece0190bad32ce2ef1d8a4ac65b875a4
parent6b2874dd1213365c26963cd2574ff7619db74bb1 [diff]
GetConfig: Don't show plugin config entries to all users

The GetConfig REST endpoint exposes configuration values stored
on refs/meta/config. It is accessible by everybody who can see at least
one ref in the repository even if they don't have read access on
refs/meta/config. Originally, some fields were only filled if the
calling user had read access on refs/meta/config (I299a5317f). This was
adjusted in I37a3e3047 as all other fields at that time were considered
safe to expose. However, we added many more fields in the meantime for
which we might not have considered the necessity of an explicit
permission check.

Iab3bc2ea2 added the possibility for plugins to show and adjust their
config values on the UI. Since then, plugin owners have made use of
this extension point in good belief for any configuration options they
wanted to conveniently see/modify on the UI. What the non-existent
extension point documentation doesn't mention, though, is that none of
these configuration options are guarded by read access to
refs/meta/config. That might easily be something that plugin authors
(or admins deciding to use the plugin) might miss and be negatively
surprised about in retrospect.

Hence, we think it's best to guard the plugin config options with
read access on refs/meta/config. This stays compliant with the promises
of the GetConfig REST endpoint as we've had the sentence "Some fields
are only visible to users that have read access to refs/meta/config."
in the documentation continuously since the original change
(I299a5317f).

If we get complaints from plugin authors about the changed behavior,
we can add a way again to show the plugin config values without read
access to refs/meta/config. However, that solution should involve an
explicit acknowledgement in code that the config values should be
exposed in that way (e.g. an explicit flag with an appropriate name
needs to be set).

Change-Id: I42a78b9d7bdee66033e0c7e0cc853c4880d3f322
4 files changed
tree: b869bcedece0190bad32ce2ef1d8a4ac65b875a4
  1. .settings/
  2. antlr3/
  3. contrib/
  4. Documentation/
  5. e2e-tests/
  6. java/
  7. javatests/
  8. lib/
  9. modules/
  10. plugins/
  11. polygerrit-ui/
  12. prolog/
  13. prologtests/
  14. proto/
  15. resources/
  16. tools/
  17. webapp/
  18. polymer-bridges
  19. .bazelignore
  20. .bazelproject
  21. .bazelrc
  22. .bazelversion
  23. .editorconfig
  24. .git-blame-ignore-revs
  25. .gitignore
  26. .gitmodules
  27. .gitreview
  28. .mailmap
  29. .pydevproject
  30. .zuul.yaml
  31. BUILD
  32. COPYING
  33. INSTALL
  34. Jenkinsfile
  35. package.json
  36. README.md
  37. SUBMITTING_PATCHES
  38. version.bzl
  39. WORKSPACE
  40. yarn.lock
README.md

Gerrit Code Review

Gerrit is a code review and project management tool for Git based projects.

Build Status Maven Central

Objective

Gerrit makes reviews easier by showing changes in a side-by-side display, and allowing inline comments to be added by any reviewer.

Gerrit simplifies Git based project maintainership by permitting any authorized user to submit changes to the master Git repository, rather than requiring all approved changes to be merged in by hand by the project maintainer.

Documentation

For information about how to install and use Gerrit, refer to the documentation.

Source

Our canonical Git repository is located on googlesource.com. There is a mirror of the repository on Github.

Reporting bugs

Please report bugs on the issue tracker.

Contribute

Gerrit is the work of hundreds of contributors. We appreciate your help!

Please read the contribution guidelines.

Note that we do not accept Pull Requests via the Github mirror.

Getting in contact

The Developer Mailing list is repo-discuss on Google Groups.

License

Gerrit is provided under the Apache License 2.0.

Build

Install Bazel and run the following:

    git clone --recurse-submodules https://gerrit.googlesource.com/gerrit
    cd gerrit && bazel build release

Install binary packages (Deb/Rpm)

The instruction how to configure GerritForge/BinTray repositories is here

On Debian/Ubuntu run:

    apt-get update & apt-get install gerrit=<version>-<release>

NOTE: release is a counter that starts with 1 and indicates the number of packages that have been released with the same version of the software.

On CentOS/RedHat run:

    yum clean all && yum install gerrit-<version>[-<release>]

On Fedora run:

    dnf clean all && dnf install gerrit-<version>[-<release>]

Use pre-built Gerrit images on Docker

Docker images of Gerrit are available on DockerHub

To run a CentOS 8 based Gerrit image:

    docker run -p 8080:8080 gerritcodereview/gerrit[:version]-centos8

To run a Ubuntu 20.04 based Gerrit image:

    docker run -p 8080:8080 gerritcodereview/gerrit[:version]-ubuntu20

NOTE: release is optional. Last released package of the version is installed if the release number is omitted.