projects / scm / acls / domains.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Modify access rules
[scm/acls/domains.git] / project.config
diff --git a/project.config b/project.config
index 809b490..e115547 100644 (file)
--- a/project.config
+++ b/project.config
@@ -1,7 +1,6 @@
 [access]
        inheritFrom = All-Projects
 [project]
-       state = active
        description = Access inherited by domain projects.
 [access "refs/changes/*"]
        read = group Registered Users
@@ -17,15 +16,50 @@
 [access "refs/tags/accepted/*"]
        create = group Administrators
        create = group Non-Interactive Users
-       create = block group Registered Users
        push = +force group Administrators
        push = +force group Non-Interactive Users
-       push = block +force group Registered Users
        pushTag = +force group Administrators
        pushTag = +force group Non-Interactive Users
-       pushTag = block group Registered Users
        pushSignedTag = group Administrators
        pushSignedTag = group Non-Interactive Users
-       pushSignedTag = block group Registered Users
+       exclusiveGroupPermissions = create forgeAuthor forgeCommitter push pushTag pushSignedTag
+       read = group Registered Users
+       forgeAuthor = group Administrators
+       forgeAuthor = group Non-Interactive Users
+       forgeCommitter = group Administrators
+       forgeCommitter = group Non-Interactive Users
 [receive]
        requireChangeId = true
+       requireSignedOffBy = true
+[access "refs/heads/sandbox/${username}/*"]
+       abandon = group Registered Users
+       create = group Registered Users
+       forgeAuthor = group Registered Users
+       forgeCommitter = group Registered Users
+       push = +force group Registered Users
+       pushMerge = group Registered Users
+       label-Code-Review = -2..+2 group Registered Users
+       label-Verified = -1..+1 group Registered Users
+       rebase = group Registered Users
+       submit = group Registered Users
+[access "refs/heads/accepted/*"]
+       exclusiveGroupPermissions = create push pushMerge
+       read = group Registered Users
+       create = group Administrators
+       create = group Non-Interactive Users
+       forgeAuthor = group Administrators
+       forgeAuthor = group Non-Interactive Users
+       forgeCommitter = group Administrators
+       forgeCommitter = group Non-Interactive Users
+       push = +force group Administrators
+       push = +force group Non-Interactive Users
+       pushMerge = group Administrators
+       pushMerge = group Non-Interactive Users
+[submit]
+       mergeContent = true
+[access "refs/tags/*"]
+       push = +force group Administrators
+       create = group Administrators
+[access "refs/tags/submit/*"]
+       create = group Administrators
+       push = group Administrators
Access inherited by domain projects.