Search in sources :

Example 41 with AuthException

use of com.google.gerrit.extensions.restapi.AuthException in project gerrit by GerritCodeReview.

the class GetExternalIds method apply.

@Override
public List<AccountExternalIdInfo> apply(AccountResource resource) throws RestApiException, IOException, OrmException {
    if (self.get() != resource.getUser() && !self.get().getCapabilities().canAccessDatabase()) {
        throw new AuthException("not allowed to get external IDs");
    }
    Collection<ExternalId> ids = externalIds.byAccount(resource.getUser().getAccountId());
    if (ids.isEmpty()) {
        return ImmutableList.of();
    }
    List<AccountExternalIdInfo> result = Lists.newArrayListWithCapacity(ids.size());
    for (ExternalId id : ids) {
        AccountExternalIdInfo info = new AccountExternalIdInfo();
        info.identity = id.key().get();
        info.emailAddress = id.email();
        info.trusted = toBoolean(authConfig.isIdentityTrustable(Collections.singleton(id)));
        // actually used to establish this web session.
        if (!id.isScheme(SCHEME_USERNAME)) {
            ExternalId.Key last = resource.getUser().getLastLoginExternalIdKey();
            info.canDelete = toBoolean(last == null || !last.get().equals(info.identity));
        }
        result.add(info);
    }
    return result;
}
Also used : ExternalId(com.google.gerrit.server.account.externalids.ExternalId) AuthException(com.google.gerrit.extensions.restapi.AuthException) AccountExternalIdInfo(com.google.gerrit.extensions.common.AccountExternalIdInfo)

Example 42 with AuthException

use of com.google.gerrit.extensions.restapi.AuthException in project gerrit by GerritCodeReview.

the class GetOAuthToken method apply.

@Override
public OAuthTokenInfo apply(AccountResource rsrc) throws AuthException, ResourceNotFoundException {
    if (self.get() != rsrc.getUser()) {
        throw new AuthException("not allowed to get access token");
    }
    Account a = rsrc.getUser().getAccount();
    OAuthToken accessToken = tokenCache.get(a.getId());
    if (accessToken == null) {
        throw new ResourceNotFoundException();
    }
    OAuthTokenInfo accessTokenInfo = new OAuthTokenInfo();
    accessTokenInfo.username = a.getUserName();
    accessTokenInfo.resourceHost = hostName;
    accessTokenInfo.accessToken = accessToken.getToken();
    accessTokenInfo.providerId = accessToken.getProviderId();
    accessTokenInfo.expiresAt = Long.toString(accessToken.getExpiresAt());
    accessTokenInfo.type = BEARER_TYPE;
    return accessTokenInfo;
}
Also used : OAuthToken(com.google.gerrit.extensions.auth.oauth.OAuthToken) Account(com.google.gerrit.reviewdb.client.Account) AuthException(com.google.gerrit.extensions.restapi.AuthException) ResourceNotFoundException(com.google.gerrit.extensions.restapi.ResourceNotFoundException)

Example 43 with AuthException

use of com.google.gerrit.extensions.restapi.AuthException in project gerrit by GerritCodeReview.

the class ReceiveCommits method parseRewind.

private void parseRewind(ReceiveCommand cmd) throws PermissionBackendException {
    RevCommit newObject;
    try {
        newObject = rp.getRevWalk().parseCommit(cmd.getNewId());
    } catch (IncorrectObjectTypeException notCommit) {
        newObject = null;
    } catch (IOException err) {
        logError("Invalid object " + cmd.getNewId().name() + " for " + cmd.getRefName() + " forced update", err);
        reject(cmd, "invalid object");
        return;
    }
    logDebug("Rewinding {}", cmd);
    RefControl ctl = projectControl.controlForRef(cmd.getRefName());
    if (newObject != null) {
        validateNewCommits(ctl, cmd);
        if (cmd.getResult() != NOT_ATTEMPTED) {
            return;
        }
    }
    boolean ok;
    try {
        permissions.ref(cmd.getRefName()).check(RefPermission.FORCE_UPDATE);
        ok = true;
    } catch (AuthException err) {
        ok = false;
    }
    if (ok) {
        if (!validRefOperation(cmd)) {
            return;
        }
        actualCommands.add(cmd);
    } else {
        cmd.setResult(REJECTED_NONFASTFORWARD, " need '" + PermissionRule.FORCE_PUSH + "' privilege.");
    }
}
Also used : RefControl(com.google.gerrit.server.project.RefControl) AuthException(com.google.gerrit.extensions.restapi.AuthException) IncorrectObjectTypeException(org.eclipse.jgit.errors.IncorrectObjectTypeException) IOException(java.io.IOException) RevCommit(org.eclipse.jgit.revwalk.RevCommit)

Example 44 with AuthException

use of com.google.gerrit.extensions.restapi.AuthException in project gerrit by GerritCodeReview.

the class SetDefaultDashboard method apply.

@Override
public Response<DashboardInfo> apply(DashboardResource resource, Input input) throws AuthException, BadRequestException, ResourceConflictException, ResourceNotFoundException, IOException {
    if (input == null) {
        // Delete would set input to null.
        input = new Input();
    }
    input.id = Strings.emptyToNull(input.id);
    ProjectControl ctl = resource.getControl();
    if (!ctl.isOwner()) {
        throw new AuthException("not project owner");
    }
    DashboardResource target = null;
    if (input.id != null) {
        try {
            target = dashboards.parse(new ProjectResource(ctl), IdString.fromUrl(input.id));
        } catch (ResourceNotFoundException e) {
            throw new BadRequestException("dashboard " + input.id + " not found");
        } catch (ConfigInvalidException e) {
            throw new ResourceConflictException(e.getMessage());
        }
    }
    try (MetaDataUpdate md = updateFactory.create(ctl.getProject().getNameKey())) {
        ProjectConfig config = ProjectConfig.read(md);
        Project project = config.getProject();
        if (inherited) {
            project.setDefaultDashboard(input.id);
        } else {
            project.setLocalDefaultDashboard(input.id);
        }
        String msg = MoreObjects.firstNonNull(Strings.emptyToNull(input.commitMessage), input.id == null ? "Removed default dashboard.\n" : String.format("Changed default dashboard to %s.\n", input.id));
        if (!msg.endsWith("\n")) {
            msg += "\n";
        }
        md.setAuthor(ctl.getUser().asIdentifiedUser());
        md.setMessage(msg);
        config.commit(md);
        cache.evict(ctl.getProject());
        if (target != null) {
            DashboardInfo info = get.get().apply(target);
            info.isDefault = true;
            return Response.ok(info);
        }
        return Response.none();
    } catch (RepositoryNotFoundException notFound) {
        throw new ResourceNotFoundException(ctl.getProject().getName());
    } catch (ConfigInvalidException e) {
        throw new ResourceConflictException(String.format("invalid project.config: %s", e.getMessage()));
    }
}
Also used : ConfigInvalidException(org.eclipse.jgit.errors.ConfigInvalidException) AuthException(com.google.gerrit.extensions.restapi.AuthException) IdString(com.google.gerrit.extensions.restapi.IdString) RepositoryNotFoundException(org.eclipse.jgit.errors.RepositoryNotFoundException) DashboardInfo(com.google.gerrit.server.project.DashboardsCollection.DashboardInfo) ProjectConfig(com.google.gerrit.server.git.ProjectConfig) Project(com.google.gerrit.reviewdb.client.Project) Input(com.google.gerrit.server.project.SetDashboard.Input) ResourceConflictException(com.google.gerrit.extensions.restapi.ResourceConflictException) BadRequestException(com.google.gerrit.extensions.restapi.BadRequestException) ResourceNotFoundException(com.google.gerrit.extensions.restapi.ResourceNotFoundException) MetaDataUpdate(com.google.gerrit.server.git.MetaDataUpdate)

Example 45 with AuthException

use of com.google.gerrit.extensions.restapi.AuthException in project gerrit by GerritCodeReview.

the class SetParent method validateParentUpdate.

public void validateParentUpdate(final ProjectControl ctl, String newParent, boolean checkIfAdmin) throws AuthException, ResourceConflictException, UnprocessableEntityException, PermissionBackendException {
    IdentifiedUser user = ctl.getUser().asIdentifiedUser();
    if (checkIfAdmin) {
        permissionBackend.user(user).check(GlobalPermission.ADMINISTRATE_SERVER);
    }
    if (ctl.getProject().getNameKey().equals(allProjects)) {
        throw new ResourceConflictException("cannot set parent of " + allProjects.get());
    }
    newParent = Strings.emptyToNull(newParent);
    if (newParent != null) {
        ProjectState parent = cache.get(new Project.NameKey(newParent));
        if (parent == null) {
            throw new UnprocessableEntityException("parent project " + newParent + " not found");
        }
        if (Iterables.tryFind(parent.tree(), p -> {
            return p.getProject().getNameKey().equals(ctl.getProject().getNameKey());
        }).isPresent()) {
            throw new ResourceConflictException("cycle exists between " + ctl.getProject().getName() + " and " + parent.getProject().getName());
        }
    }
}
Also used : ResourceNotFoundException(com.google.gerrit.extensions.restapi.ResourceNotFoundException) Project(com.google.gerrit.reviewdb.client.Project) Iterables(com.google.common.collect.Iterables) GlobalPermission(com.google.gerrit.server.permissions.GlobalPermission) PermissionBackendException(com.google.gerrit.server.permissions.PermissionBackendException) ConfigInvalidException(org.eclipse.jgit.errors.ConfigInvalidException) UnprocessableEntityException(com.google.gerrit.extensions.restapi.UnprocessableEntityException) RepositoryNotFoundException(org.eclipse.jgit.errors.RepositoryNotFoundException) MetaDataUpdate(com.google.gerrit.server.git.MetaDataUpdate) Inject(com.google.inject.Inject) Preconditions.checkNotNull(com.google.common.base.Preconditions.checkNotNull) MoreObjects(com.google.common.base.MoreObjects) IOException(java.io.IOException) PermissionBackend(com.google.gerrit.server.permissions.PermissionBackend) DefaultInput(com.google.gerrit.extensions.restapi.DefaultInput) RestModifyView(com.google.gerrit.extensions.restapi.RestModifyView) Strings(com.google.common.base.Strings) AllProjectsName(com.google.gerrit.server.config.AllProjectsName) ResourceConflictException(com.google.gerrit.extensions.restapi.ResourceConflictException) IdentifiedUser(com.google.gerrit.server.IdentifiedUser) AuthException(com.google.gerrit.extensions.restapi.AuthException) ProjectConfig(com.google.gerrit.server.git.ProjectConfig) Input(com.google.gerrit.server.project.SetParent.Input) Singleton(com.google.inject.Singleton) Project(com.google.gerrit.reviewdb.client.Project) UnprocessableEntityException(com.google.gerrit.extensions.restapi.UnprocessableEntityException) ResourceConflictException(com.google.gerrit.extensions.restapi.ResourceConflictException) IdentifiedUser(com.google.gerrit.server.IdentifiedUser)

Aggregations

AuthException (com.google.gerrit.extensions.restapi.AuthException)68 ResourceConflictException (com.google.gerrit.extensions.restapi.ResourceConflictException)22 BadRequestException (com.google.gerrit.extensions.restapi.BadRequestException)20 UnprocessableEntityException (com.google.gerrit.extensions.restapi.UnprocessableEntityException)16 ResourceNotFoundException (com.google.gerrit.extensions.restapi.ResourceNotFoundException)15 MethodNotAllowedException (com.google.gerrit.extensions.restapi.MethodNotAllowedException)14 Change (com.google.gerrit.reviewdb.client.Change)13 IOException (java.io.IOException)12 Account (com.google.gerrit.reviewdb.client.Account)11 Project (com.google.gerrit.reviewdb.client.Project)11 CurrentUser (com.google.gerrit.server.CurrentUser)11 IdentifiedUser (com.google.gerrit.server.IdentifiedUser)11 PermissionBackendException (com.google.gerrit.server.permissions.PermissionBackendException)11 ArrayList (java.util.ArrayList)11 AccountGroup (com.google.gerrit.reviewdb.client.AccountGroup)10 BatchUpdate (com.google.gerrit.server.update.BatchUpdate)8 ChangeControl (com.google.gerrit.server.project.ChangeControl)7 PermissionBackend (com.google.gerrit.server.permissions.PermissionBackend)6 OrmException (com.google.gwtorm.server.OrmException)6 RepositoryNotFoundException (org.eclipse.jgit.errors.RepositoryNotFoundException)6