blob: 653303a29c5febc684973e783792bdbdb83d79dc [file] [log] [blame]
// Copyright (C) 2017 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package com.google.gerrit.server.permissions;
import static java.util.Objects.requireNonNull;
import com.google.gerrit.extensions.api.access.CoreOrPluginProjectPermission;
import com.google.gerrit.extensions.api.access.GerritPermission;
import com.google.gerrit.reviewdb.client.RefNames;
public enum ProjectPermission implements CoreOrPluginProjectPermission {
/**
* Can access at least one reference or change within the repository.
*
* <p>Checking this permission instead of {@link #READ} may require filtering to hide specific
* references or changes, which can be expensive.
*/
ACCESS("access at least one ref"),
/**
* Can read all references in the repository.
*
* <p>This is a stronger form of {@link #ACCESS} where no filtering is required.
*/
READ,
/**
* Can create at least one reference in the project.
*
* <p>This project level permission only validates the user may create some type of reference
* within the project. The exact reference name must be checked at creation:
*
* <pre>permissionBackend
* .user(user)
* .project(proj)
* .ref(ref)
* .check(RefPermission.CREATE);
* </pre>
*/
CREATE_REF,
/**
* Can create at least one tag reference in the project.
*
* <p>This project level permission only validates the user may create some tag reference within
* the project. The exact reference name must be checked at creation:
*
* <pre>permissionBackend
* .user(user)
* .project(proj)
* .ref(ref)
* .check(RefPermission.CREATE);
* </pre>
*/
CREATE_TAG_REF,
/**
* Can create at least one change in the project.
*
* <p>This project level permission only validates the user may create a change for some branch
* within the project. The exact reference name must be checked at creation:
*
* <pre>permissionBackend
* .user(user)
* .project(proj)
* .ref(ref)
* .check(RefPermission.CREATE_CHANGE);
* </pre>
*/
CREATE_CHANGE,
/** Can run receive pack. */
RUN_RECEIVE_PACK("run receive-pack"),
/** Can run upload pack. */
RUN_UPLOAD_PACK("run upload-pack"),
/** Allow read access to refs/meta/config. */
READ_CONFIG("read " + RefNames.REFS_CONFIG),
/** Allow write access to refs/meta/config. */
WRITE_CONFIG("write " + RefNames.REFS_CONFIG),
/** Allow banning commits from Gerrit preventing pushes of these commits. */
BAN_COMMIT,
/** Allow accessing the project's reflog. */
READ_REFLOG,
/** Can push to at least one reference within the repository. */
PUSH_AT_LEAST_ONE_REF("push to at least one ref");
private final String description;
ProjectPermission() {
this.description = null;
}
ProjectPermission(String description) {
this.description = requireNonNull(description);
}
@Override
public String describeForException() {
return description != null ? description : GerritPermission.describeEnumValue(this);
}
}