After installing version 4.13, I realized that the new "edit file in browser" feature is enabled by default. I attempted to use the feature and discovered a couple issues:
This is an interesting feature, but it needs a bit more control. For example, is there a way to prevent commits directly to master from this feature. It should be possible to configure that all edits from the UI and REST API require a pull request.
Documentation should explain how to enforce commit message validation.
It seems the only control is on file size. There should be a separate option to disable Edit and remove the button from the UI completely.
I've reverted to version 4.12.1 for now.
All that said, it is possible I overlooked some relevant documentation. If these issues are already addressed, I would appreciate someone pointing me to the related docs.
The "edit in browser" feature was added in 4.13 but can be disabled by setting the following property in your
See the Bitbucket Server config properties for a full list of all configuration options
With respect to the issues you mentioned:
I have an 'update' hook enabled on the repository to validate commit messages. The 'update' hook does not appear to be invoked. I was unable to reject commits for invalid commit message.
I think you're referring to a pre-receive hook? Anyway, pre-receive hooks only get called when people push to a repository and not a branch or tag is updated through the browser or REST api (for example, merging a pull request, creating/deleting a branch or tag, or now editing a file in the browser). There is still a way for plugins to block these update attempts though.
If your plugin adds an event listener for the
FileEditRequestedEvent, you'll get a callback just before the change is committed. Your event listener can validate the proposed change and call
event.cancel(message) to prevent the change from going through.
I attempted to disable the file edit feature by setting content.upload.max.size=0. This caused the "commit" button to be disabled, but did not disable the "edit" button. I expected to see the "edit" button disabled.
As mentioned above, you can use the
feature.file.editor flag to completely disable the feature
I was able to commit directly to the master branch.
The file edit feature should take your branch permissions into account. If you're able to directly push to the master branch, you will be able to directly commit on the master branch. The same permissions will apply if you create the commit in Bitbucket directly or you do it locally and push it up to Bitbucket.
Michael, do you communicate with author of Editor for Bitbucket plugin? It does the same thing. We already paid it. The standard 4.13 editor ignored totally all branch permissions and make direct commits It also does not configurable per repository and it also can't deny changes without pull request. We turn it off via bitbucket.properties...
>The file edit feature should take your branch permissions into account.
It does not. We tested it. Check if branch permission deny changes without pull request and try to edit file.
@Alexey Efimov, can you provide more information about what doesn't work? We've tried to reproduce it on 4.13 and cannot reproduce the problem you reported; See the recording below: branch permissions are taken into account.
If your plugin adds an event listener for the FileEditRequestedEvent, you'll get a callback just before the change is committed.
Actually, we are not using a plugin. We are using the standard Git hooks found in the repository/hooks directory. We have a cron that adds a symlink to a site standard 'update' hook to all new repositories, and any repository that does not have an 'update' hook. But as you say, this is a pre-receive hook. I suspect we need to configure the commit-msg client side hook to achieve this.
The file edit feature should take your branch permissions into account.
I will retest using branch permissions.
Edit: It is provided by core Bitbucket as of 4.13! I expected to see a ticket in the Bitbucket 4.13 release notes, and didn't notice the huge new section at the top of the release notes called, "Edit files from the browser." Oops!
@Michael Heemskerk - why no mention at all of this new feature in BSERV-3032 ?
You should be able to disable direct pushes through the add-on's own configuration menu (repository --> settings --> add-ons --> editor for bitbucket).
p.s. Don't forget to try my add-on! Bit-Booster for Bitbucket Server
This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.Read more
Bitbucket Pipelines helps me manage and automate a number of serverless deployments to AWS Lambda and this is how I do it. I'm building Node.js Lambda functions using node-lambda ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs