commit | e85209051d3ba118e339f076b2ffee14d042a151 | [log] [tgz] |
---|---|---|
author | Luca Milanesio <luca.milanesio@gmail.com> | Sun May 16 11:15:47 2021 +0100 |
committer | David Ostrovsky <david@ostrovsky.org> | Mon May 17 19:53:17 2021 +0200 |
tree | 9a5be3aa14fa46f6172f6727966be0e1ca635f25 | |
parent | 9196855d0fad68dd6de00176117cb40da54c21ee [diff] |
Fix PUT/POST/DELETE REST-API with cookie authentication Change-Id: I2a56197ee0 has broken existing Python (or other) scripting when performing automation with Gerrit REST-API. That is due to the generation of the GerritAccount cookie in the HTTP response, which Python automatically manages to reuse in subsequent calls. Gerrit REST-API have a stricter requirement for incoming calls that are not GET or HEAD requests: they need the X-Gerrit-Auth HTTP header matching the associated attribute in the user's session. When the X-Gerrit-Auth header isn't there OR does not correspond to the user's session, the REST-API execution fails with 403 FORBIDDEN even though the user has an active session associated with the cookie. Python has no way to manage that logic out of the box and therefore it is the responsibility of the Gerrit backend to request explicit authentication when the incoming call isn't from a Git/HTTP client. For the Git/HTTP requests instead, the requirement for X-Gerrit-Auth isn't there and therefore, the current cookie-based authentication can continue to be used as usual and won't cause any trouble. Bug: Issue 14553 Change-Id: I62a7a59b07333eeb1a36d4a6b8b67edd5da76440
Gerrit is a code review and project management tool for Git based projects.
Gerrit makes reviews easier by showing changes in a side-by-side display, and allowing inline comments to be added by any reviewer.
Gerrit simplifies Git based project maintainership by permitting any authorized user to submit changes to the master Git repository, rather than requiring all approved changes to be merged in by hand by the project maintainer.
For information about how to install and use Gerrit, refer to the documentation.
Our canonical Git repository is located on googlesource.com. There is a mirror of the repository on Github.
Please report bugs on the issue tracker.
Gerrit is the work of hundreds of contributors. We appreciate your help!
Please read the contribution guidelines.
Note that we do not accept Pull Requests via the Github mirror.
The Developer Mailing list is repo-discuss on Google Groups.
Gerrit is provided under the Apache License 2.0.
Install Bazel and run the following:
git clone --recurse-submodules https://gerrit.googlesource.com/gerrit cd gerrit && bazel build release
The instruction how to configure GerritForge/BinTray repositories is here
On Debian/Ubuntu run:
apt-get update & apt-get install gerrit=<version>-<release>
NOTE: release is a counter that starts with 1 and indicates the number of packages that have been released with the same version of the software.
On CentOS/RedHat run:
yum clean all && yum install gerrit-<version>[-<release>]
On Fedora run:
dnf clean all && dnf install gerrit-<version>[-<release>]
Docker images of Gerrit are available on DockerHub
To run a CentOS 7 based Gerrit image:
docker run -p 8080:8080 gerritforge/gerrit-centos7[:version]
To run a Ubuntu 15.04 based Gerrit image:
docker run -p 8080:8080 gerritforge/gerrit-ubuntu15.04[:version]
NOTE: release is optional. Last released package of the version is installed if the release number is omitted.