Skip to content
Snippets Groups Projects
New issue look: Off

'Developer' can push to a protected branch over HTTP

    • Closed Issue created by Terri Chu @terrichu

    Created by: gorefi

    Over SSH a user ('developer') with 'Developer' role in a project is denied pushing to a protected branch ('OngoingDev'), as expected. However, over HTTP it is possible.

    Please see sequence of commands below:

    $ git remote show origin

    $ git push Counting objects: 5, done. Compressing objects: 100% (2/2), done. Writing objects: 100% (3/3), 286 bytes, done. Total 3 (delta 0), reused 0 (delta 0) remote: FATAL: W refs/heads/OngoingDev root/exxx2 developer_local_host_1357780035 DENIED by refs/heads/OngoingDev$ remote: error: hook declined to update refs/heads/OngoingDev To git@ec2-XX-XXX-XX-XX.us-west-2.compute.amazonaws.com:root/eXXX2.git ! [remote rejected] OngoingDev -> OngoingDev (hook declined) error: failed to push some refs to 'git@ec2-XX-XXX-XX-XX.us-west-2.compute.amazonaws.com:root/eXXX2.git'

    $ git remote rm origin $ git remote add origin http://developer:developer@ec2-XX-XXX-XX-XX.us-west-2.compute.amazonaws.com/root/eXXX2.git

    $ git push Counting objects: 5, done. Compressing objects: 100% (2/2), done. Writing objects: 100% (3/3), 286 bytes, done. Total 3 (delta 0), reused 0 (delta 0) To http://developer:developer@ec2-XX-XXX-XX-XX.us-west-2.compute.amazonaws.com/root/eXXX2.git ec869b0..fee0e17 OngoingDev -> OngoingDev

    ... and the changes are in.

    Designs

    Child items ...

    • Activity

    • Terri Chu
      Terri Chu @terrichu ·
      Author Developer

      Created by: gliptak

      Are there some instructions available on protected branches?

      The one reference I could see was the blog post:

      http://blog.gitlabhq.com/gitlab-version-2-2/

      Thanks

      By Administrator on 2013-01-18T12:46:53 (imported from GitLab)

    • Terri Chu
      Terri Chu @terrichu ·
      Author Developer

      Created by: dzaporozhets

      will fix it today

      By Administrator on 2013-01-19T09:02:04 (imported from GitLab)

    • Terri Chu
      Terri Chu @terrichu ·
      Author Developer

      Created by: mjdetullio

      I just updated to 4.1 stable. If you're the owner of project (i.e. the project is in your namespace, this was also as an admin account) and I can still push to protected over HTTP as a developer. If it were to deny it, I could just go in and give myself master, so just an FYI, not a huge issue. It works as intended by blocking me over SSH.

      By Administrator on 2013-01-22T22:56:23 (imported from GitLab)

    • Terri Chu
      Terri Chu @terrichu ·
      Author Developer

      Created by: zoic21

      Are they any news on this probleme?

      By Administrator on 2013-03-11T16:16:48 (imported from GitLab)

    Please register or sign in to reply