use of com.google.gerrit.common.data.PermissionRule in project gerrit by GerritCodeReview.
the class RefControlTest method unblockForce.
@Test
public void unblockForce() {
PermissionRule r = block(local, PUSH, ANONYMOUS_USERS, "refs/heads/*");
r.setForce(true);
allow(local, PUSH, DEVS, "refs/heads/*").setForce(true);
ProjectControl u = user(local, DEVS);
assertCanForceUpdate("refs/heads/master", u);
}
use of com.google.gerrit.common.data.PermissionRule in project gerrit by GerritCodeReview.
the class Util method block.
public static PermissionRule block(ProjectConfig project, String capabilityName, AccountGroup.UUID group) {
PermissionRule rule = newRule(project, group);
project.getAccessSection(AccessSection.GLOBAL_CAPABILITIES, true).getPermission(capabilityName, true).add(rule);
return rule;
}
use of com.google.gerrit.common.data.PermissionRule in project gerrit by GerritCodeReview.
the class CapabilityCollection method configureDefault.
private static void configureDefault(Map<String, List<PermissionRule>> out, AccessSection section, String capName, GroupReference group) {
if (doesNotDeclare(section, capName)) {
PermissionRange.WithDefaults range = GlobalCapability.getRange(capName);
if (range != null) {
PermissionRule rule = new PermissionRule(group);
rule.setRange(range.getDefaultMin(), range.getDefaultMax());
out.put(capName, Collections.singletonList(rule));
}
}
}
use of com.google.gerrit.common.data.PermissionRule in project gerrit by GerritCodeReview.
the class ProjectConfig method loadContributorAgreements.
private void loadContributorAgreements(Config rc, Map<String, GroupReference> groupsByName) {
contributorAgreements = new HashMap<>();
for (String name : rc.getSubsections(CONTRIBUTOR_AGREEMENT)) {
ContributorAgreement ca = getContributorAgreement(name, true);
ca.setDescription(rc.getString(CONTRIBUTOR_AGREEMENT, name, KEY_DESCRIPTION));
ca.setAgreementUrl(rc.getString(CONTRIBUTOR_AGREEMENT, name, KEY_AGREEMENT_URL));
ca.setAccepted(loadPermissionRules(rc, CONTRIBUTOR_AGREEMENT, name, KEY_ACCEPTED, groupsByName, false));
List<PermissionRule> rules = loadPermissionRules(rc, CONTRIBUTOR_AGREEMENT, name, KEY_AUTO_VERIFY, groupsByName, false);
if (rules.isEmpty()) {
ca.setAutoVerify(null);
} else if (rules.size() > 1) {
error(new ValidationError(PROJECT_CONFIG, "Invalid rule in " + CONTRIBUTOR_AGREEMENT + "." + name + "." + KEY_AUTO_VERIFY + ": at most one group may be set"));
} else if (rules.get(0).getAction() != Action.ALLOW) {
error(new ValidationError(PROJECT_CONFIG, "Invalid rule in " + CONTRIBUTOR_AGREEMENT + "." + name + "." + KEY_AUTO_VERIFY + ": the group must be allowed"));
} else {
ca.setAutoVerify(rules.get(0).getGroup());
}
}
}
use of com.google.gerrit.common.data.PermissionRule in project gerrit by GerritCodeReview.
the class ProjectConfig method saveNotifySections.
private void saveNotifySections(Config rc, Set<AccountGroup.UUID> keepGroups) {
for (NotifyConfig nc : sort(notifySections.values())) {
List<String> email = new ArrayList<>();
for (GroupReference gr : nc.getGroups()) {
if (gr.getUUID() != null) {
keepGroups.add(gr.getUUID());
}
email.add(new PermissionRule(gr).asString(false));
}
Collections.sort(email);
List<String> addrs = new ArrayList<>();
for (Address addr : nc.getAddresses()) {
addrs.add(addr.toString());
}
Collections.sort(addrs);
email.addAll(addrs);
set(rc, NOTIFY, nc.getName(), KEY_HEADER, nc.getHeader(), NotifyConfig.Header.BCC);
if (email.isEmpty()) {
rc.unset(NOTIFY, nc.getName(), KEY_EMAIL);
} else {
rc.setStringList(NOTIFY, nc.getName(), KEY_EMAIL, email);
}
if (nc.getNotify().equals(EnumSet.of(NotifyType.ALL))) {
rc.unset(NOTIFY, nc.getName(), KEY_TYPE);
} else {
List<String> types = Lists.newArrayListWithCapacity(4);
for (NotifyType t : NotifyType.values()) {
if (nc.isNotify(t)) {
types.add(StringUtils.toLowerCase(t.name()));
}
}
rc.setStringList(NOTIFY, nc.getName(), KEY_TYPE, types);
}
set(rc, NOTIFY, nc.getName(), KEY_FILTER, nc.getFilter());
}
}
Aggregations