Created
September 20, 2018 18:43
-
-
Save Andrei-Stepanov/d2c7439dcaf6d33d2e4c0870acf45fbe to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# Protect branch from pushes by non-authorized users | |
authorized_emails=() # KEEP THIS LINE | |
authorized_users=() # KEEP THIS LINE | |
# Protected branch name | |
protected_branch="refs/heads/master" | |
# List of authorized users or emails, add any of | |
authorized_users+=("Andrew") | |
authorized_users+=("xxx") | |
authorized_users+=("adrew2") | |
authorized_emails+=("andrsha@gmail.com") | |
authorized_emails+=("xxxx@gmail.com") | |
# Do not edit below | |
containsElement() { | |
local e match="$1" && shift | |
for e; do | |
[[ "$e" == "$match" ]] && return 0; | |
done | |
return 1 | |
} | |
# Default: deny | |
return_value=1 | |
# Test the query branch against the protected branch | |
while read oldrev newrev refname ; do | |
if test "$refname" = "$protected_branch"; then | |
echo "Check authorization for protected branch: $protected_branch" | |
if containsElement "$GOGS_AUTH_USER_NAME" "${authorized_users[@]}"; then | |
# Allow | |
return_value=0 | |
break | |
echo "ALLOWS push to protected branch to" $GOGS_AUTH_USER_NAME | |
fi | |
if containsElement "$GOGS_AUTH_USER_EMAIL" "${authorized_emails[@]}"; then | |
# Allow | |
return_value=0 | |
break | |
echo "ALLOWS push to protected branch to" $GOGS_AUTH_USER_EMAIL | |
fi | |
fi | |
done | |
exit $return_value |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment