use of com.google.gerrit.entities.GroupReference in project gerrit by GerritCodeReview.
the class AccessIT method grantRevertPermissionByOnNewRefAndDeletingOnOldRef.
@Test
public void grantRevertPermissionByOnNewRefAndDeletingOnOldRef() throws Exception {
String refsHeads = "refs/heads/*";
String refsStar = "refs/*";
String groupId = "global:Registered-Users";
GroupReference registeredUsers = systemGroupBackend.getGroup(REGISTERED_USERS);
try (Repository repo = repoManager.openRepository(newProjectName)) {
MetaDataUpdate md = new MetaDataUpdate(GitReferenceUpdated.DISABLED, newProjectName, repo);
ProjectConfig projectConfig = projectConfigFactory.read(md);
projectConfig.upsertAccessSection(AccessSection.HEADS, heads -> {
grant(projectConfig, heads, Permission.REVERT, registeredUsers);
});
md.getCommitBuilder().setAuthor(admin.newIdent());
md.getCommitBuilder().setCommitter(admin.newIdent());
md.setMessage("Add revert permission for all registered users\n");
projectConfig.commit(md);
}
grantRevertPermission.execute(newProjectName);
ProjectAccessInfo info = pApi().access();
// Revert permission is removed on refs/heads/*.
assertThat(info.local.containsKey(refsHeads)).isTrue();
AccessSectionInfo accessSectionInfo = info.local.get(refsHeads);
assertThat(accessSectionInfo.permissions.containsKey(Permission.REVERT)).isFalse();
// new permission is added on refs/* with Registered-Users.
assertThat(info.local.containsKey(refsStar)).isTrue();
accessSectionInfo = info.local.get(refsStar);
assertThat(accessSectionInfo.permissions.containsKey(Permission.REVERT)).isTrue();
PermissionInfo permissionInfo = accessSectionInfo.permissions.get(Permission.REVERT);
assertThat(permissionInfo.rules.containsKey(groupId)).isTrue();
PermissionRuleInfo permissionRuleInfo = permissionInfo.rules.get(groupId);
assertThat(permissionRuleInfo.action).isEqualTo(PermissionRuleInfo.Action.ALLOW);
}
use of com.google.gerrit.entities.GroupReference in project gerrit by GerritCodeReview.
the class AccessIT method grantRevertPermissionDoesntDeleteAdminsPreferences.
@Test
public void grantRevertPermissionDoesntDeleteAdminsPreferences() throws Exception {
GroupReference registeredUsers = systemGroupBackend.getGroup(REGISTERED_USERS);
GroupReference otherGroup = systemGroupBackend.getGroup(ANONYMOUS_USERS);
try (Repository repo = repoManager.openRepository(newProjectName)) {
MetaDataUpdate md = new MetaDataUpdate(GitReferenceUpdated.DISABLED, newProjectName, repo);
ProjectConfig projectConfig = projectConfigFactory.read(md);
projectConfig.upsertAccessSection(AccessSection.HEADS, heads -> {
grant(projectConfig, heads, Permission.REVERT, registeredUsers);
grant(projectConfig, heads, Permission.REVERT, otherGroup);
});
md.getCommitBuilder().setAuthor(admin.newIdent());
md.getCommitBuilder().setCommitter(admin.newIdent());
md.setMessage("Add revert permission for all registered users\n");
projectConfig.commit(md);
}
projectCache.evict(newProjectName);
ProjectAccessInfo expected = pApi().access();
grantRevertPermission.execute(newProjectName);
projectCache.evict(newProjectName);
ProjectAccessInfo actual = pApi().access();
// Permissions don't change
assertThat(actual.local).isEqualTo(expected.local);
}
use of com.google.gerrit.entities.GroupReference in project gerrit by GerritCodeReview.
the class AccessIT method grantAllowAndDenyForSameGroup.
@Test
public void grantAllowAndDenyForSameGroup() throws Exception {
GroupReference registeredUsers = systemGroupBackend.getGroup(REGISTERED_USERS);
String access = "access";
List<String> allowThenDeny = asList(registeredUsers.toConfigValue(), "deny " + registeredUsers.toConfigValue());
// Clone repository to forcefully add permission
TestRepository<InMemoryRepository> allProjectsRepo = cloneProject(allProjects, admin);
// Fetch permission ref
GitUtil.fetch(allProjectsRepo, "refs/meta/config:cfg");
allProjectsRepo.reset("cfg");
// Load current permissions
String config = gApi.projects().name(allProjects.get()).branch(RefNames.REFS_CONFIG).file(ProjectConfig.PROJECT_CONFIG).asString();
// Append and push allowThenDeny permissions
Config cfg = new Config();
cfg.fromText(config);
cfg.setStringList(access, AccessSection.HEADS, Permission.READ, allowThenDeny);
config = cfg.toText();
PushOneCommit push = pushFactory.create(admin.newIdent(), allProjectsRepo, "Subject", ProjectConfig.PROJECT_CONFIG, config);
push.to(RefNames.REFS_CONFIG).assertOkStatus();
ProjectAccessInfo pai = gApi.projects().name(allProjects.get()).access();
Map<String, AccessSectionInfo> local = pai.local;
AccessSectionInfo heads = local.get(AccessSection.HEADS);
Map<String, PermissionInfo> permissions = heads.permissions;
PermissionInfo read = permissions.get(Permission.READ);
Map<String, PermissionRuleInfo> rules = read.rules;
assertEquals(rules.get(registeredUsers.getUUID().get()), new PermissionRuleInfo(PermissionRuleInfo.Action.ALLOW, false));
}
use of com.google.gerrit.entities.GroupReference in project gerrit by GerritCodeReview.
the class GroupListTest method byUUID.
@Test
public void byUUID() throws Exception {
AccountGroup.UUID uuid = AccountGroup.uuid("d96b998f8a66ff433af50befb975d0e2bb6e0999");
GroupReference groupReference = groupList.byUUID(uuid);
assertEquals(uuid, groupReference.getUUID());
assertEquals(ServiceUserClassifier.SERVICE_USERS, groupReference.getName());
}
use of com.google.gerrit.entities.GroupReference in project gerrit by GerritCodeReview.
the class GroupQueryBuilder method parseGroup.
private AccountGroup.UUID parseGroup(String groupNameOrUuid) throws QueryParseException {
Optional<InternalGroup> group = args.groupCache.get(AccountGroup.uuid(groupNameOrUuid));
if (group.isPresent()) {
return group.get().getGroupUUID();
}
GroupReference groupReference = GroupBackends.findBestSuggestion(args.groupBackend, groupNameOrUuid);
if (groupReference == null) {
throw error("Group " + groupNameOrUuid + " not found");
}
return groupReference.getUUID();
}
Aggregations