summaryrefslogtreecommitdiffstats
path: root/templates
diff options
context:
space:
mode:
authorPierre Habouzit <madcoder@debian.org>2009-04-16 22:00:44 +0200
committerJunio C Hamano <gitster@pobox.com>2009-04-18 06:26:11 +0200
commitaed97c677cdfd1b9bbc9b33b5418ad4a29109082 (patch)
treea79f1ffa4fd4b5521888b8e6e83a68137267beee /templates
parentget_local_heads(): do not return random pointer if there is no head (diff)
downloadgit-aed97c677cdfd1b9bbc9b33b5418ad4a29109082.tar.xz
git-aed97c677cdfd1b9bbc9b33b5418ad4a29109082.zip
hook/update: example of how to prevent branch creation
Since git doesn't provide a receive.denyBranchCreation or similar, here is an example of how to be sure users cannot create branches remotely by pushing a new reference. This setup has been proven useful to prevent creation of spurious branches because of users having their remote.origin.push set to HEAD, when they use `git push` while being on a local topic branch of theirs instead of the proper one. Signed-off-by: Pierre Habouzit <madcoder@debian.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'templates')
-rwxr-xr-xtemplates/hooks--update.sample11
1 files changed, 10 insertions, 1 deletions
diff --git a/templates/hooks--update.sample b/templates/hooks--update.sample
index a3f68ae3b4..f8bf490cff 100755
--- a/templates/hooks--update.sample
+++ b/templates/hooks--update.sample
@@ -16,6 +16,9 @@
# hooks.allowdeletebranch
# This boolean sets whether deleting branches will be allowed in the
# repository. By default they won't be.
+# hooks.denycreatebranch
+# This boolean sets whether remotely creating branches will be denied
+# in the repository. By default this is allowed.
#
# --- Command line
@@ -39,6 +42,7 @@ fi
# --- Config
allowunannotated=$(git config --bool hooks.allowunannotated)
allowdeletebranch=$(git config --bool hooks.allowdeletebranch)
+denycreatebranch=$(git config --bool hooks.denycreatebranch)
allowdeletetag=$(git config --bool hooks.allowdeletetag)
# check for no description
@@ -52,7 +56,8 @@ esac
# --- Check types
# if $newrev is 0000...0000, it's a commit to delete a ref.
-if [ "$newrev" = "0000000000000000000000000000000000000000" ]; then
+zero="0000000000000000000000000000000000000000"
+if [ "$newrev" = "$zero" ]; then
newrev_type=delete
else
newrev_type=$(git-cat-file -t $newrev)
@@ -80,6 +85,10 @@ case "$refname","$newrev_type" in
;;
refs/heads/*,commit)
# branch
+ if [ "$oldrev" = "$zero" -a "$denycreatebranch" = "true" ]; then
+ echo "*** Creating a branch is not allowed in this repository" >&2
+ exit 1
+ fi
;;
refs/heads/*,delete)
# delete branch