Example 1 with PermissionDeniedException
use of com.google.gerrit.server.permissions.PermissionDeniedException in project gerrit by GerritCodeReview.
the class RevertIT method cantCreateRevertWithoutCreateChangePermission.
@Test
public void cantCreateRevertWithoutCreateChangePermission() throws Exception {
PushOneCommit.Result r = createChange();
gApi.changes().id(r.getChangeId()).revision(r.getCommit().name()).review(ReviewInput.approve());
gApi.changes().id(r.getChangeId()).revision(r.getCommit().name()).submit();
projectOperations.project(project).forUpdate().add(block(Permission.PUSH).ref("refs/for/*").group(REGISTERED_USERS)).update();
PermissionDeniedException thrown = assertThrows(PermissionDeniedException.class, () -> gApi.changes().id(r.getChangeId()).revert());
assertThat(thrown).hasMessageThat().contains("not permitted: create change on refs/heads/master");
}
Also used :
PermissionDeniedException(com.google.gerrit.server.permissions.PermissionDeniedException)
PushOneCommit(com.google.gerrit.acceptance.PushOneCommit)
Test(org.junit.Test)
AbstractDaemonTest(com.google.gerrit.acceptance.AbstractDaemonTest)
Example 2 with PermissionDeniedException
use of com.google.gerrit.server.permissions.PermissionDeniedException in project gerrit by GerritCodeReview.
the class RevertIT method cantCreateRevertSubmissionWithoutCreateChangePermission.
@Test
@GerritConfig(name = "change.submitWholeTopic", value = "true")
public void cantCreateRevertSubmissionWithoutCreateChangePermission() throws Exception {
String secondProject = "secondProject";
projectOperations.newProject().name(secondProject).create();
TestRepository<InMemoryRepository> secondRepo = cloneProject(Project.nameKey("secondProject"), admin);
String topic = "topic";
String change1 = createChange(testRepo, "master", "first change", "a.txt", "message", topic).getChangeId();
String change2 = createChange(secondRepo, "master", "second change", "b.txt", "message", topic).getChangeId();
gApi.changes().id(change1).current().review(ReviewInput.approve());
gApi.changes().id(change2).current().review(ReviewInput.approve());
gApi.changes().id(change1).current().submit();
// revoke create change permissions for the first repository.
projectOperations.project(project).forUpdate().add(block(Permission.PUSH).ref("refs/for/*").group(REGISTERED_USERS)).update();
// assert that if first repository has no write create change, it will fail.
PermissionDeniedException thrown = assertThrows(PermissionDeniedException.class, () -> gApi.changes().id(change1).revertSubmission());
assertThat(thrown).hasMessageThat().contains("not permitted: create change on refs/heads/master");
// assert that if the first repository has no create change permissions and a change from
// another repository is trying to revert the submission, it will fail.
thrown = assertThrows(PermissionDeniedException.class, () -> gApi.changes().id(change2).revertSubmission());
assertThat(thrown).hasMessageThat().contains("not permitted: create change on refs/heads/master");
}
Also used :
InMemoryRepository(org.eclipse.jgit.internal.storage.dfs.InMemoryRepository)
PermissionDeniedException(com.google.gerrit.server.permissions.PermissionDeniedException)
GerritConfig(com.google.gerrit.acceptance.config.GerritConfig)
Test(org.junit.Test)
AbstractDaemonTest(com.google.gerrit.acceptance.AbstractDaemonTest)
Aggregations
AbstractDaemonTest (com.google.gerrit.acceptance.AbstractDaemonTest)2
PermissionDeniedException (com.google.gerrit.server.permissions.PermissionDeniedException)2
Test (org.junit.Test)2
PushOneCommit (com.google.gerrit.acceptance.PushOneCommit)1
GerritConfig (com.google.gerrit.acceptance.config.GerritConfig)1
InMemoryRepository (org.eclipse.jgit.internal.storage.dfs.InMemoryRepository)1
