Access rights in Gerrit 2.13.x

The Git integration maps Gerrit access rights to TeamForge Role Based Access Control (RBAC) permissions.

With the current version of the integration, gerritforge.mappings (including custom changes you might have done) is automatically migrated to an XML file located at /opt/collabnet/gerrit/etc/TeamForgeGerritMappings.xml. The following table shows how TeamForge RBAC permissions are now mapped to Gerrit access rights by default.

Code review policy TeamForge permission cluster Gerrit access right
Default SCM None -
SCM View Only Read
SCM Commit/View

Read
Push
Create Reference
Push Annotated Tag (refs/tags/*)
Push Signed Tag (refs/tags/*)

SCM Delete/View

Read
Push (forcePush)
Create Reference
Forge Author Identity
Forge Committer Identity
Push Annotated Tag (refs/tags/*)
Push Signed Tag (refs/tags/*)

SCM Admin

Read
Push (forcePush)
Create Reference
Forge Author Identity
Forge Committer Identity
Forge Server Identity
Owner
Abandon
Push Annotated Tag (refs/tags/*)
Push Signed Tag (refs/tags/*)

Optional Review SCM None -
SCM View Only

Read
View Drafts
Publish Drafts
Code Review  -1,1
Push (refs/for/refs/*)
Rebase(refs/for/refs/*)            

SCM Commit/View

Read
View Drafts
Publish Drafts
Code Review  -2,2
Verify -1,1
Submit
Push
Create Reference
Rebase (refs/for/refs/*)
Push Annotated  Tag(refs/tags/*)
Push Signed Tag (refs/tags/*)

SCM Delete/View

Read
View Drafts
Publish Drafts
Code Review  -2,2
Verify  -1,1
Submit
Push (forcePush)
Create Reference
Rebase (refs/for/refs/*)
Create References
Push Signed Tag (refs/tags/*)
Push Annotated Tag (refs/tags/*)
Push Merges(refs/for/refs/*)
Forge Author Identity
Forge Committer Identity

SCM Admin

Read
View Drafts
Publish Drafts
Delete Drafts
Code Review  -2,2
Verify  -1,1
Submit
Push (forcePush)
Create Reference
Owner
Abandon
Rebase (refs/for/refs/*)
Create References
Push Signed Tag (refs/tags/*)
Push Annotated Tag (refs/tags/*)
Push Merges(refs/for/refs/*)
Forge Author Identity
Forge Committer Identity
Forge Server Identity

Mandatory Review SCM None -
SCM View Only

Read
View Drafts
Publish Drafts
Code Review  -2,2
Push (refs/for/refs/*)
Rebase (refs/for/refs/*)

SCM Commit/View

Read
View Drafts
Publish Drafts
Code Review  -2,2
Verify -1,1
Submit
Push(refs/for/refs/*)
Rebase (refs/for/refs/*)

SCM Delete/View

Read
View Drafts
Publish Drafts
Code Review  -2,2
Verify -1,1
Submit
Push(refs/for/refs/*)
Rebase (refs/for/refs/*)

SCM Admin

Read
View Drafts
Publish Drafts
Delete Drafts
Code Review  -2,2
Verify  -1,1
Submit
Push (forcePush)
Create Reference
Owner
Abandon
Rebase (refs/for/refs/*)
Push Annotated  Tag(refs/tags/*)
Push Signed Tag (refs/tags/*)
Create References
Push Merges(refs/for/refs/*)
Forge Author Identity
Forge Committer Identity
Forge Server Identity

To make changes to the mappings, modify the /opt/collabnet/gerrit/etc/TeamForgeGerritMappings.xml file on the server where your Git integration is hosted. Make sure that the resulting XML structure complies with this schema: https://forge.collab.net/gerrit/static/TeamForgeGerritMappings-8.0.0.xsd.