kallithea Files · docs/usage/locking.rst

Files @ b4d1e85265c1

Branch filter:

Location: kallithea/docs/usage/locking.rst - annotation

b4d1e85265c1 1.1 KiB text/prs.fallenstein.rst Show Source Show as Raw Download as Raw

Søren Løvborg

auth: simplify repository group permission checks

In practice, Kallithea has the 'group.admin' permission imply the
'group.write' permission, which again implies 'group.read'.

This codifies this practice by replacing HasRepoGroupPermissionAny
"perm function" with the new HasRepoGroupLevel function, reducing the
risk of errors and saving quite a lot of typing.

aa17c7a1b8a5
aa17c7a1b8a5
8d065db04909
8d065db04909
8d065db04909
aa17c7a1b8a5
5ae8e644aa88
8d065db04909
03bbd33bc084
03bbd33bc084
5ae8e644aa88
5ae8e644aa88
8d065db04909
aa17c7a1b8a5
5ae8e644aa88
8d065db04909
aa17c7a1b8a5
8d065db04909
5ae8e644aa88
8d065db04909
aa17c7a1b8a5
8d065db04909
8d065db04909
5ae8e644aa88
8d065db04909
aa17c7a1b8a5
8d065db04909
8d065db04909

.. _locking:

==================
Repository locking
==================

Kallithea has a *repository locking* feature, disabled by default. When
enabled, every initial clone and every pull gives users (with write permission)
the exclusive right to do a push.

When repository locking is enabled, repositories get a ``locked`` flag.
The hg/git commands ``hg/git clone``, ``hg/git pull``,
and ``hg/git push`` influence this state:

- A ``clone`` or ``pull`` action locks the target repository
  if the user has write/admin permissions on this repository.

- Kallithea will remember the user who locked the repository so only this
  specific user can unlock the repo by performing a ``push``
  command.

- Every other command on a locked repository from this user and every command
  from any other user will result in an HTTP return code 423 (Locked).
  Additionally, the HTTP error will mention the user that locked the repository
  (e.g., “repository <repo> locked by user <user>”).

Each repository can be manually unlocked by an administrator from the
repository settings menu.