Details
Description
Summary
When adding an Access Key to a Project and granting it a Branch Permissions exception, pushes using that key are denied
Environment
- Linux server
Steps to Reproduce
- Create a Project Test Project.
- Create a Repository in Test Project called test-repository.
- Create 2 branches in test-repository, master and test.
- Add an access key to Test Project with Read/Write access.
- Add the Branch Permission to Test Project for master: "Prevent Changes without a pull request" with an exception for the access key.
- Push commits to the test branch in test-repository.
Expected Results
Pushes to test are successful.
Actual Results
The push fails with:
remote: Communication breakdown with Bitbucket. To <Server URL>/tp/test-repository.git ! [remote rejected] test -> test (pre-receive hook declined) error: failed to push some refs to <Server URL>/tp/test-repository.git'
The below exception is thrown in the atlassian-bitbucket.log file:
2017-07-24 15:30:50,900 WARN [threadpool:thread-3] 1161040a8c3b3f23 @1YWEVGEx930x824x0 pyx zkp 192.168.0.1 SSH - git-receive-pack '/tp5/shared-repository.git' c.a.s.i.h.r.DefaultRepo sitoryHookService [TP5/shared-repository[1]] Error calling com.atlassian.stash.internal.rep ository.ref.restriction.RestrictionEnforcer.preUpdate (com.atlassian.bitbucket.server.bitbu cket-ref-restriction:restrictionEnforcerHook) com.atlassian.bitbucket.AuthorisationException: You are not permitted to access this resource ... Caused by: org.springframework.security.access.AccessDeniedException: Access is denied
2017-07-24 15:30:50,901 INFO [threadpool:thread-3] 1161040a8c3b3f23 @1YWEVGEx930x824x0 pyx zkp 192.168.0.1 SSH - git-receive-pack '/tp5/shared-repository.git' c.a.s.i.h.r.DefaultRepo sitoryHookService [TP5/shared-repository[1]] hook 'restrictionEnforcerHook' vetoed the push request 2017-07-24 15:30:50,911 WARN [threadpool:thread-3] c.a.s.i.hook.DefaultHookService Hook s ocket I/O failed before the repository/hook could be identified org.springframework.transaction.UnexpectedRollbackException: Transaction rolled back becaus e it has been marked as rollback-only
Workaround
Create a generic user account and associate the SSH key with the account.