概要
Gerritの権限設定は、All-Projects レポジトリの、project.config に書かれている。この設定ファイルに、あるグループが何をできるかという設定が記述されている。
設定ファイルの保存場所
設定値はデータベースでもGerrit本体の設定でもなく、Gitレポジトリに保存されている。
project.configの設定例
[project]
description = Access inherited by all other projects.
[receive]
requireContributorAgreement = false
requireSignedOffBy = false
requireChangeId = true
enableSignedPush = false
[submit]
mergeContent = true
[capability]
administrateServer = group Administrators
priority = batch group Service Users
streamEvents = group Service Users
[access "refs/*"]
read = group Administrators
read = group Anonymous Users
revert = group Registered Users
[access "refs/for/*"]
addPatchSet = group Registered Users
[access "refs/for/refs/*"]
push = group Registered Users
pushMerge = group Registered Users
[access "refs/heads/*"]
create = group Administrators
create = group Project Owners
editTopicName = +force group Administrators
editTopicName = +force group Project Owners
forgeAuthor = group Registered Users
forgeCommitter = group Administrators
forgeCommitter = group Project Owners
label-Code-Review = -2..+2 group Administrators
label-Code-Review = -2..+2 group Project Owners
label-Code-Review = -1..+1 group Registered Users
push = group Administrators
push = group Project Owners
submit = group Administrators
submit = group Project Owners