use of com.google.gerrit.extensions.restapi.AuthException in project gerrit by GerritCodeReview.
the class ListTasks method apply.
@Override
public List<TaskInfo> apply(ConfigResource resource) throws AuthException, PermissionBackendException {
CurrentUser user = self.get();
if (!user.isIdentifiedUser()) {
throw new AuthException("Authentication required");
}
List<TaskInfo> allTasks = getTasks();
try {
permissionBackend.user(user).check(GlobalPermission.VIEW_QUEUE);
return allTasks;
} catch (AuthException e) {
// Fall through to filter tasks.
}
Map<String, Boolean> visibilityCache = new HashMap<>();
List<TaskInfo> visibleTasks = new ArrayList<>();
for (TaskInfo task : allTasks) {
if (task.projectName != null) {
Boolean visible = visibilityCache.get(task.projectName);
if (visible == null) {
try {
permissionBackend.user(user).project(new Project.NameKey(task.projectName)).check(ProjectPermission.ACCESS);
visible = true;
} catch (AuthException e) {
visible = false;
}
visibilityCache.put(task.projectName, visible);
}
if (visible) {
visibleTasks.add(task);
}
}
}
return visibleTasks;
}
use of com.google.gerrit.extensions.restapi.AuthException in project gerrit by GerritCodeReview.
the class PostReviewers method addByAccountId.
@Nullable
private Addition addByAccountId(String reviewer, ChangeResource rsrc, ReviewerState state, NotifyHandling notify, ListMultimap<RecipientType, Account.Id> accountsToNotify, boolean allowGroup, boolean allowByEmail) throws OrmException, PermissionBackendException {
Account.Id accountId = null;
try {
accountId = accounts.parse(reviewer).getAccountId();
} catch (UnprocessableEntityException | AuthException e) {
// AuthException won't occur since the user is authenticated at this point.
if (!allowGroup && !allowByEmail) {
// Only return failure if we aren't going to try other interpretations.
return fail(reviewer, MessageFormat.format(ChangeMessages.get().reviewerNotFoundUser, reviewer));
}
return null;
}
ReviewerResource rrsrc = reviewerFactory.create(rsrc, accountId);
Account member = rrsrc.getReviewerUser().getAccount();
PermissionBackend.ForRef perm = permissionBackend.user(rrsrc.getReviewerUser()).ref(rrsrc.getChange().getDest());
if (isValidReviewer(member, perm)) {
return new Addition(reviewer, rsrc, ImmutableSet.of(member.getId()), null, state, notify, accountsToNotify);
}
if (!member.isActive()) {
if (allowByEmail && state == CC) {
return null;
}
return fail(reviewer, MessageFormat.format(ChangeMessages.get().reviewerInactive, reviewer));
}
return fail(reviewer, MessageFormat.format(ChangeMessages.get().reviewerCantSeeChange, reviewer));
}
use of com.google.gerrit.extensions.restapi.AuthException in project gerrit by GerritCodeReview.
the class PutAssignee method applyImpl.
@Override
protected AccountInfo applyImpl(BatchUpdate.Factory updateFactory, ChangeResource rsrc, AssigneeInput input) throws RestApiException, UpdateException, OrmException, IOException, PermissionBackendException {
rsrc.permissions().check(ChangePermission.EDIT_ASSIGNEE);
input.assignee = Strings.nullToEmpty(input.assignee).trim();
if (input.assignee.isEmpty()) {
throw new BadRequestException("missing assignee field");
}
IdentifiedUser assignee = accounts.parse(input.assignee);
if (!assignee.getAccount().isActive()) {
throw new UnprocessableEntityException(input.assignee + " is not active");
}
try {
rsrc.permissions().database(db).user(assignee).check(ChangePermission.READ);
} catch (AuthException e) {
throw new AuthException("read not permitted for " + input.assignee);
}
try (BatchUpdate bu = updateFactory.create(db.get(), rsrc.getChange().getProject(), rsrc.getControl().getUser(), TimeUtil.nowTs())) {
SetAssigneeOp op = assigneeFactory.create(assignee);
bu.addOp(rsrc.getId(), op);
PostReviewers.Addition reviewersAddition = addAssigneeAsCC(rsrc, input.assignee);
bu.addOp(rsrc.getId(), reviewersAddition.op);
bu.execute();
return accountLoaderFactory.create(true).fillOne(assignee.getAccountId());
}
}
use of com.google.gerrit.extensions.restapi.AuthException in project gerrit by GerritCodeReview.
the class TestSubmitRule method apply.
@Override
public List<Record> apply(RevisionResource rsrc, TestSubmitRuleInput input) throws AuthException, OrmException {
if (input == null) {
input = new TestSubmitRuleInput();
}
if (input.rule != null && !rules.isProjectRulesEnabled()) {
throw new AuthException("project rules are disabled");
}
input.filters = MoreObjects.firstNonNull(input.filters, filters);
SubmitRuleEvaluator evaluator = new SubmitRuleEvaluator(changeDataFactory.create(db.get(), rsrc.getControl()));
List<SubmitRecord> records = evaluator.setPatchSet(rsrc.getPatchSet()).setLogErrors(false).setSkipSubmitFilters(input.filters == Filters.SKIP).setRule(input.rule).evaluate();
List<Record> out = Lists.newArrayListWithCapacity(records.size());
AccountLoader accounts = accountInfoFactory.create(true);
for (SubmitRecord r : records) {
out.add(new Record(r, accounts));
}
if (!out.isEmpty()) {
out.get(0).prologReductionCount = evaluator.getReductionsConsumed();
}
accounts.fill();
return out;
}
use of com.google.gerrit.extensions.restapi.AuthException in project gerrit by GerritCodeReview.
the class TasksCollection method parse.
@Override
public TaskResource parse(ConfigResource parent, IdString id) throws ResourceNotFoundException, AuthException, PermissionBackendException {
CurrentUser user = self.get();
if (!user.isIdentifiedUser()) {
throw new AuthException("Authentication required");
}
int taskId;
try {
taskId = (int) Long.parseLong(id.get(), 16);
} catch (NumberFormatException e) {
throw new ResourceNotFoundException(id);
}
Task<?> task = workQueue.getTask(taskId);
if (task instanceof ProjectTask) {
try {
permissionBackend.user(user).project(((ProjectTask<?>) task).getProjectNameKey()).check(ProjectPermission.ACCESS);
return new TaskResource(task);
} catch (AuthException e) {
// Fall through and try view queue permission.
}
}
if (task != null) {
try {
permissionBackend.user(user).check(GlobalPermission.VIEW_QUEUE);
return new TaskResource(task);
} catch (AuthException e) {
// Fall through and return not found.
}
}
throw new ResourceNotFoundException(id);
}
Aggregations