Examples with AccessSection com.google.gerrit.common.data.AccessSection used on opensource projects

Example 26 with AccessSection

use of com.google.gerrit.common.data.AccessSection in project gerrit by GerritCodeReview.

the class ProjectConfig method remove.

public void remove(AccessSection section) {
    if (section != null) {
        String name = section.getName();
        if (sectionsWithUnknownPermissions.contains(name)) {
            AccessSection a = accessSections.get(name);
            a.setPermissions(new ArrayList<Permission>());
        } else {
            accessSections.remove(name);
        }
    }
}

Example 27 with AccessSection

use of com.google.gerrit.common.data.AccessSection in project gerrit by GerritCodeReview.

the class ProjectState method getLocalAccessSections.

/** Get the sections that pertain only to this project. */
List<SectionMatcher> getLocalAccessSections() {
    List<SectionMatcher> sm = localAccessSections;
    if (sm == null) {
        Collection<AccessSection> fromConfig = config.getAccessSections();
        sm = new ArrayList<>(fromConfig.size());
        for (AccessSection section : fromConfig) {
            if (isAllProjects) {
                List<Permission> copy = Lists.newArrayListWithCapacity(section.getPermissions().size());
                for (Permission p : section.getPermissions()) {
                    if (Permission.canBeOnAllProjects(section.getName(), p.getName())) {
                        copy.add(p);
                    }
                }
                section = new AccessSection(section.getName());
                section.setPermissions(copy);
            }
            SectionMatcher matcher = SectionMatcher.wrap(getProject().getNameKey(), section);
            if (matcher != null) {
                sm.add(matcher);
            }
        }
        localAccessSections = sm;
    }
    return sm;
}

Example 28 with AccessSection

use of com.google.gerrit.common.data.AccessSection in project gerrit by GerritCodeReview.

the class SetAccess method getAccessSections.

private List<AccessSection> getAccessSections(Map<String, AccessSectionInfo> sectionInfos) throws UnprocessableEntityException {
    if (sectionInfos == null) {
        return Collections.emptyList();
    }
    List<AccessSection> sections = new ArrayList<>(sectionInfos.size());
    for (Map.Entry<String, AccessSectionInfo> entry : sectionInfos.entrySet()) {
        AccessSection accessSection = new AccessSection(entry.getKey());
        if (entry.getValue().permissions == null) {
            continue;
        }
        for (Map.Entry<String, PermissionInfo> permissionEntry : entry.getValue().permissions.entrySet()) {
            Permission p = new Permission(permissionEntry.getKey());
            if (permissionEntry.getValue().exclusive != null) {
                p.setExclusiveGroup(permissionEntry.getValue().exclusive);
            }
            if (permissionEntry.getValue().rules == null) {
                continue;
            }
            for (Map.Entry<String, PermissionRuleInfo> permissionRuleInfoEntry : permissionEntry.getValue().rules.entrySet()) {
                PermissionRuleInfo pri = permissionRuleInfoEntry.getValue();
                GroupDescription.Basic group = groupsCollection.parseId(permissionRuleInfoEntry.getKey());
                if (group == null) {
                    throw new UnprocessableEntityException(permissionRuleInfoEntry.getKey() + " is not a valid group ID");
                }
                PermissionRule r = new PermissionRule(GroupReference.forGroup(group));
                if (pri != null) {
                    if (pri.max != null) {
                        r.setMax(pri.max);
                    }
                    if (pri.min != null) {
                        r.setMin(pri.min);
                    }
                    r.setAction(GetAccess.ACTION_TYPE.inverse().get(pri.action));
                    if (pri.force != null) {
                        r.setForce(pri.force);
                    }
                }
                p.add(r);
            }
            accessSection.getPermissions().add(p);
        }
        sections.add(accessSection);
    }
    return sections;
}

Example 29 with AccessSection

use of com.google.gerrit.common.data.AccessSection in project gerrit by GerritCodeReview.

the class ProjectControlTest method setUpPermissions.

private void setUpPermissions() throws Exception {
    // Remove read permissions for all users besides admin, because by default
    // Anonymous user group has ALLOW READ permission in refs/*.
    // This method is idempotent, so is safe to call on every test setup.
    ProjectConfig pc = projectCache.checkedGet(allProjects).getConfig();
    for (AccessSection sec : pc.getAccessSections()) {
        sec.removePermission(Permission.READ);
    }
    allow(pc, Permission.READ, admins, "refs/*");
}

Example 30 with AccessSection

use of com.google.gerrit.common.data.AccessSection in project gerrit by GerritCodeReview.

the class Schema_125 method migrateData.

@Override
protected void migrateData(ReviewDb db, UpdateUI ui) throws OrmException {
    try (Repository git = repoManager.openRepository(allUsersName);
        MetaDataUpdate md = new MetaDataUpdate(GitReferenceUpdated.DISABLED, allUsersName, git)) {
        ProjectConfig config = ProjectConfig.read(md);
        config.getAccessSection(RefNames.REFS_USERS + "*", true).remove(new Permission(Permission.READ));
        GroupReference registered = systemGroupBackend.getGroup(REGISTERED_USERS);
        AccessSection users = config.getAccessSection(RefNames.REFS_USERS + "${" + RefPattern.USERID_SHARDED + "}", true);
        grant(config, users, Permission.READ, true, registered);
        grant(config, users, Permission.PUSH, true, registered);
        grant(config, users, Permission.SUBMIT, true, registered);
        for (LabelType lt : getLabelTypes(config)) {
            if ("Code-Review".equals(lt.getName()) || "Verified".equals(lt.getName())) {
                grant(config, users, lt, lt.getMin().getValue(), lt.getMax().getValue(), registered);
            }
        }
        md.getCommitBuilder().setAuthor(serverUser);
        md.getCommitBuilder().setCommitter(serverUser);
        md.setMessage(COMMIT_MSG);
        config.commit(md);
    } catch (ConfigInvalidException | IOException ex) {
        throw new OrmException(ex);
    }
}