Search in sources :

Example 46 with MethodNotAllowedException

use of com.google.gerrit.extensions.restapi.MethodNotAllowedException in project gerrit by GerritCodeReview.

the class RevisionIT method deleteVoteOnNonCurrentPatchSet.

@Test
public void deleteVoteOnNonCurrentPatchSet() throws Exception {
    // patch set 1
    PushOneCommit.Result r = createChange();
    gApi.changes().id(r.getChangeId()).revision(r.getCommit().name()).review(ReviewInput.approve());
    // patch set 2
    amendChange(r.getChangeId());
    // code-review
    requestScopeOperations.setApiUser(user.id());
    recommend(r.getChangeId());
    // check if it's blocked to delete a vote on a non-current patch set.
    requestScopeOperations.setApiUser(admin.id());
    MethodNotAllowedException thrown = assertThrows(MethodNotAllowedException.class, () -> gApi.changes().id(r.getChangeId()).revision(r.getCommit().getName()).reviewer(user.id().toString()).deleteVote(LabelId.CODE_REVIEW));
    assertThat(thrown).hasMessageThat().contains("Cannot access on non-current patch set");
}
Also used : MethodNotAllowedException(com.google.gerrit.extensions.restapi.MethodNotAllowedException) PushOneCommit(com.google.gerrit.acceptance.PushOneCommit) AbstractDaemonTest(com.google.gerrit.acceptance.AbstractDaemonTest) Test(org.junit.Test)

Example 47 with MethodNotAllowedException

use of com.google.gerrit.extensions.restapi.MethodNotAllowedException in project gerrit by GerritCodeReview.

the class RestApiServlet method parseRawInput.

private Object parseRawInput(HttpServletRequest req, Type type) throws SecurityException, NoSuchMethodException, IllegalArgumentException, InstantiationException, IllegalAccessException, InvocationTargetException, MethodNotAllowedException {
    Object obj = createInstance(type);
    for (Field f : obj.getClass().getDeclaredFields()) {
        if (f.getType() == RawInput.class) {
            f.setAccessible(true);
            f.set(obj, RawInputUtil.create(req));
            return obj;
        }
    }
    throw new MethodNotAllowedException("raw input not supported");
}
Also used : Field(java.lang.reflect.Field) MethodNotAllowedException(com.google.gerrit.extensions.restapi.MethodNotAllowedException)

Example 48 with MethodNotAllowedException

use of com.google.gerrit.extensions.restapi.MethodNotAllowedException in project gerrit by GerritCodeReview.

the class RestApiServlet method service.

@Override
protected final void service(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
    final long startNanos = System.nanoTime();
    long auditStartTs = TimeUtil.nowMs();
    res.setHeader("Content-Disposition", "attachment");
    res.setHeader("X-Content-Type-Options", "nosniff");
    int statusCode = SC_OK;
    long responseBytes = -1;
    Optional<Exception> cause = Optional.empty();
    Response<?> response = null;
    QueryParams qp = null;
    Object inputRequestBody = null;
    RestResource rsrc = TopLevelResource.INSTANCE;
    ViewData viewData = null;
    try (TraceContext traceContext = enableTracing(req, res)) {
        String requestUri = requestUri(req);
        try (PerThreadCache ignored = PerThreadCache.create()) {
            List<IdString> path = splitPath(req);
            RequestInfo requestInfo = createRequestInfo(traceContext, requestUri, path);
            globals.requestListeners.runEach(l -> l.onRequest(requestInfo));
            // TraceIT#performanceLoggingForRestCall()).
            try (RequestStateContext requestStateContext = RequestStateContext.open().addRequestStateProvider(globals.deadlineCheckerFactory.create(requestInfo, req.getHeader(X_GERRIT_DEADLINE)));
                PerformanceLogContext performanceLogContext = new PerformanceLogContext(globals.config, globals.performanceLoggers)) {
                traceRequestData(req);
                if (isCorsPreflight(req)) {
                    doCorsPreflight(req, res);
                    return;
                }
                qp = ParameterParser.getQueryParams(req);
                checkCors(req, res, qp.hasXdOverride());
                if (qp.hasXdOverride()) {
                    req = applyXdOverrides(req, qp);
                }
                checkUserSession(req);
                RestCollection<RestResource, RestResource> rc = members.get();
                globals.permissionBackend.currentUser().checkAny(GlobalPermission.fromAnnotation(rc.getClass()));
                viewData = new ViewData(null, null);
                if (path.isEmpty()) {
                    globals.quotaChecker.enforce(req);
                    if (rc instanceof NeedsParams) {
                        ((NeedsParams) rc).setParams(qp.params());
                    }
                    if (isRead(req)) {
                        viewData = new ViewData(null, rc.list());
                    } else if (isPost(req)) {
                        RestView<RestResource> restCollectionView = rc.views().get(PluginName.GERRIT, "POST_ON_COLLECTION./");
                        if (restCollectionView != null) {
                            viewData = new ViewData(null, restCollectionView);
                        } else {
                            throw methodNotAllowed(req);
                        }
                    } else {
                        // DELETE on root collections is not supported
                        throw methodNotAllowed(req);
                    }
                } else {
                    IdString id = path.remove(0);
                    try {
                        rsrc = parseResourceWithRetry(req, traceContext, viewData.pluginName, rc, rsrc, id);
                        globals.quotaChecker.enforce(rsrc, req);
                        if (path.isEmpty()) {
                            checkPreconditions(req);
                        }
                    } catch (ResourceNotFoundException e) {
                        if (!path.isEmpty()) {
                            throw e;
                        }
                        globals.quotaChecker.enforce(req);
                        if (isPost(req) || isPut(req)) {
                            RestView<RestResource> createView = rc.views().get(PluginName.GERRIT, "CREATE./");
                            if (createView != null) {
                                viewData = new ViewData(null, createView);
                                path.add(id);
                            } else {
                                throw e;
                            }
                        } else if (isDelete(req)) {
                            RestView<RestResource> deleteView = rc.views().get(PluginName.GERRIT, "DELETE_MISSING./");
                            if (deleteView != null) {
                                viewData = new ViewData(null, deleteView);
                                path.add(id);
                            } else {
                                throw e;
                            }
                        } else {
                            throw e;
                        }
                    }
                    if (viewData.view == null) {
                        viewData = view(rc, req.getMethod(), path);
                    }
                }
                checkRequiresCapability(viewData);
                while (viewData.view instanceof RestCollection<?, ?>) {
                    @SuppressWarnings("unchecked") RestCollection<RestResource, RestResource> c = (RestCollection<RestResource, RestResource>) viewData.view;
                    if (path.isEmpty()) {
                        if (isRead(req)) {
                            viewData = new ViewData(null, c.list());
                        } else if (isPost(req)) {
                            // TODO: Here and on other collection methods: There is a bug that binds child views
                            // with pluginName="gerrit" instead of the real plugin name. This has never worked
                            // correctly and should be fixed where the binding gets created (DynamicMapProvider)
                            // and here.
                            RestView<RestResource> restCollectionView = c.views().get(PluginName.GERRIT, "POST_ON_COLLECTION./");
                            if (restCollectionView != null) {
                                viewData = new ViewData(null, restCollectionView);
                            } else {
                                throw methodNotAllowed(req);
                            }
                        } else if (isDelete(req)) {
                            RestView<RestResource> restCollectionView = c.views().get(PluginName.GERRIT, "DELETE_ON_COLLECTION./");
                            if (restCollectionView != null) {
                                viewData = new ViewData(null, restCollectionView);
                            } else {
                                throw methodNotAllowed(req);
                            }
                        } else {
                            throw methodNotAllowed(req);
                        }
                        break;
                    }
                    IdString id = path.remove(0);
                    try {
                        rsrc = parseResourceWithRetry(req, traceContext, viewData.pluginName, c, rsrc, id);
                        checkPreconditions(req);
                        viewData = new ViewData(null, null);
                    } catch (ResourceNotFoundException e) {
                        if (!path.isEmpty()) {
                            throw e;
                        }
                        if (isPost(req) || isPut(req)) {
                            RestView<RestResource> createView = c.views().get(PluginName.GERRIT, "CREATE./");
                            if (createView != null) {
                                viewData = new ViewData(viewData.pluginName, createView);
                                path.add(id);
                            } else {
                                throw e;
                            }
                        } else if (isDelete(req)) {
                            RestView<RestResource> deleteView = c.views().get(PluginName.GERRIT, "DELETE_MISSING./");
                            if (deleteView != null) {
                                viewData = new ViewData(viewData.pluginName, deleteView);
                                path.add(id);
                            } else {
                                throw e;
                            }
                        } else {
                            throw e;
                        }
                    }
                    if (viewData.view == null) {
                        viewData = view(c, req.getMethod(), path);
                    }
                    checkRequiresCapability(viewData);
                }
                if (notModified(req, traceContext, viewData, rsrc)) {
                    logger.atFinest().log("REST call succeeded: %d", SC_NOT_MODIFIED);
                    res.sendError(SC_NOT_MODIFIED);
                    return;
                }
                try (DynamicOptions pluginOptions = new DynamicOptions(globals.injector, globals.dynamicBeans)) {
                    if (!globals.paramParser.get().parse(viewData.view, pluginOptions, qp.params(), req, res)) {
                        return;
                    }
                    if (viewData.view instanceof RestReadView<?> && isRead(req)) {
                        response = invokeRestReadViewWithRetry(req, traceContext, viewData, (RestReadView<RestResource>) viewData.view, rsrc);
                    } else if (viewData.view instanceof RestModifyView<?, ?>) {
                        @SuppressWarnings("unchecked") RestModifyView<RestResource, Object> m = (RestModifyView<RestResource, Object>) viewData.view;
                        Type type = inputType(m);
                        inputRequestBody = parseRequest(req, type);
                        response = invokeRestModifyViewWithRetry(req, traceContext, viewData, m, rsrc, inputRequestBody);
                        if (inputRequestBody instanceof RawInput) {
                            try (InputStream is = req.getInputStream()) {
                                ServletUtils.consumeRequestBody(is);
                            }
                        }
                    } else if (viewData.view instanceof RestCollectionCreateView<?, ?, ?>) {
                        @SuppressWarnings("unchecked") RestCollectionCreateView<RestResource, RestResource, Object> m = (RestCollectionCreateView<RestResource, RestResource, Object>) viewData.view;
                        Type type = inputType(m);
                        inputRequestBody = parseRequest(req, type);
                        response = invokeRestCollectionCreateViewWithRetry(req, traceContext, viewData, m, rsrc, path.get(0), inputRequestBody);
                        if (inputRequestBody instanceof RawInput) {
                            try (InputStream is = req.getInputStream()) {
                                ServletUtils.consumeRequestBody(is);
                            }
                        }
                    } else if (viewData.view instanceof RestCollectionDeleteMissingView<?, ?, ?>) {
                        @SuppressWarnings("unchecked") RestCollectionDeleteMissingView<RestResource, RestResource, Object> m = (RestCollectionDeleteMissingView<RestResource, RestResource, Object>) viewData.view;
                        Type type = inputType(m);
                        inputRequestBody = parseRequest(req, type);
                        response = invokeRestCollectionDeleteMissingViewWithRetry(req, traceContext, viewData, m, rsrc, path.get(0), inputRequestBody);
                        if (inputRequestBody instanceof RawInput) {
                            try (InputStream is = req.getInputStream()) {
                                ServletUtils.consumeRequestBody(is);
                            }
                        }
                    } else if (viewData.view instanceof RestCollectionModifyView<?, ?, ?>) {
                        @SuppressWarnings("unchecked") RestCollectionModifyView<RestResource, RestResource, Object> m = (RestCollectionModifyView<RestResource, RestResource, Object>) viewData.view;
                        Type type = inputType(m);
                        inputRequestBody = parseRequest(req, type);
                        response = invokeRestCollectionModifyViewWithRetry(req, traceContext, viewData, m, rsrc, inputRequestBody);
                        if (inputRequestBody instanceof RawInput) {
                            try (InputStream is = req.getInputStream()) {
                                ServletUtils.consumeRequestBody(is);
                            }
                        }
                    } else {
                        throw new ResourceNotFoundException();
                    }
                    String isUpdatedRefEnabled = req.getHeader(X_GERRIT_UPDATED_REF_ENABLED);
                    if (!Strings.isNullOrEmpty(isUpdatedRefEnabled) && Boolean.valueOf(isUpdatedRefEnabled)) {
                        setXGerritUpdatedRefResponseHeaders(req, res);
                    }
                    if (response instanceof Response.Redirect) {
                        CacheHeaders.setNotCacheable(res);
                        String location = ((Response.Redirect) response).location();
                        res.sendRedirect(location);
                        logger.atFinest().log("REST call redirected to: %s", location);
                        return;
                    } else if (response instanceof Response.Accepted) {
                        CacheHeaders.setNotCacheable(res);
                        res.setStatus(response.statusCode());
                        res.setHeader(HttpHeaders.LOCATION, ((Response.Accepted) response).location());
                        logger.atFinest().log("REST call succeeded: %d", response.statusCode());
                        return;
                    }
                    statusCode = response.statusCode();
                    configureCaching(req, res, traceContext, rsrc, viewData, response.caching());
                    res.setStatus(statusCode);
                    logger.atFinest().log("REST call succeeded: %d", statusCode);
                }
                if (response != Response.none()) {
                    Object value = Response.unwrap(response);
                    if (value instanceof BinaryResult) {
                        responseBytes = replyBinaryResult(req, res, (BinaryResult) value);
                    } else {
                        responseBytes = replyJson(req, res, false, qp.config(), value);
                    }
                }
            }
        } catch (MalformedJsonException | JsonParseException e) {
            cause = Optional.of(e);
            logger.atFine().withCause(e).log("REST call failed on JSON parsing");
            responseBytes = replyError(req, res, statusCode = SC_BAD_REQUEST, "Invalid " + JSON_TYPE + " in request", e);
        } catch (BadRequestException e) {
            cause = Optional.of(e);
            responseBytes = replyError(req, res, statusCode = SC_BAD_REQUEST, messageOr(e, "Bad Request"), e.caching(), e);
        } catch (AuthException e) {
            cause = Optional.of(e);
            responseBytes = replyError(req, res, statusCode = SC_FORBIDDEN, messageOr(e, "Forbidden"), e.caching(), e);
        } catch (AmbiguousViewException e) {
            cause = Optional.of(e);
            responseBytes = replyError(req, res, statusCode = SC_NOT_FOUND, messageOr(e, "Ambiguous"), e);
        } catch (ResourceNotFoundException e) {
            cause = Optional.of(e);
            responseBytes = replyError(req, res, statusCode = SC_NOT_FOUND, messageOr(e, "Not Found"), e.caching(), e);
        } catch (MethodNotAllowedException e) {
            cause = Optional.of(e);
            responseBytes = replyError(req, res, statusCode = SC_METHOD_NOT_ALLOWED, messageOr(e, "Method Not Allowed"), e.caching(), e);
        } catch (ResourceConflictException e) {
            cause = Optional.of(e);
            responseBytes = replyError(req, res, statusCode = SC_CONFLICT, messageOr(e, "Conflict"), e.caching(), e);
        } catch (PreconditionFailedException e) {
            cause = Optional.of(e);
            responseBytes = replyError(req, res, statusCode = SC_PRECONDITION_FAILED, messageOr(e, "Precondition Failed"), e.caching(), e);
        } catch (UnprocessableEntityException e) {
            cause = Optional.of(e);
            responseBytes = replyError(req, res, statusCode = SC_UNPROCESSABLE_ENTITY, messageOr(e, "Unprocessable Entity"), e.caching(), e);
        } catch (NotImplementedException e) {
            cause = Optional.of(e);
            logger.atSevere().withCause(e).log("Error in %s %s", req.getMethod(), uriForLogging(req));
            responseBytes = replyError(req, res, statusCode = SC_NOT_IMPLEMENTED, messageOr(e, "Not Implemented"), e);
        } catch (QuotaException e) {
            cause = Optional.of(e);
            responseBytes = replyError(req, res, statusCode = SC_TOO_MANY_REQUESTS, messageOr(e, "Quota limit reached"), e.caching(), e);
        } catch (InvalidDeadlineException e) {
            cause = Optional.of(e);
            responseBytes = replyError(req, res, statusCode = SC_BAD_REQUEST, messageOr(e, "Bad Request"), e);
        } catch (Exception e) {
            cause = Optional.of(e);
            Optional<RequestCancelledException> requestCancelledException = RequestCancelledException.getFromCausalChain(e);
            if (requestCancelledException.isPresent()) {
                RequestStateProvider.Reason cancellationReason = requestCancelledException.get().getCancellationReason();
                globals.cancellationMetrics.countCancelledRequest(RequestInfo.RequestType.REST, requestUri, cancellationReason);
                statusCode = getCancellationStatusCode(cancellationReason);
                responseBytes = replyError(req, res, statusCode, getCancellationMessage(requestCancelledException.get()), e);
            } else {
                statusCode = SC_INTERNAL_SERVER_ERROR;
                Optional<ExceptionHook.Status> status = getStatus(e);
                statusCode = status.map(ExceptionHook.Status::statusCode).orElse(SC_INTERNAL_SERVER_ERROR);
                if (res.isCommitted()) {
                    responseBytes = 0;
                    if (statusCode == SC_INTERNAL_SERVER_ERROR) {
                        logger.atSevere().withCause(e).log("Error in %s %s, response already committed", req.getMethod(), uriForLogging(req));
                    } else {
                        logger.atWarning().log("Response for %s %s already committed, wanted to set status %d", req.getMethod(), uriForLogging(req), statusCode);
                    }
                } else {
                    res.reset();
                    TraceContext.getTraceId().ifPresent(traceId -> res.addHeader(X_GERRIT_TRACE, traceId));
                    if (status.isPresent()) {
                        responseBytes = reply(req, res, e, status.get(), getUserMessages(e));
                    } else {
                        responseBytes = replyInternalServerError(req, res, e, getUserMessages(e));
                    }
                }
            }
        } finally {
            String metric = getViewName(viewData);
            String formattedCause = cause.map(globals.retryHelper::formatCause).orElse("_none");
            globals.metrics.count.increment(metric);
            if (statusCode >= SC_BAD_REQUEST) {
                globals.metrics.errorCount.increment(metric, statusCode, formattedCause);
            }
            if (responseBytes != -1) {
                globals.metrics.responseBytes.record(metric, responseBytes);
            }
            globals.metrics.serverLatency.record(metric, System.nanoTime() - startNanos, TimeUnit.NANOSECONDS);
            globals.auditService.dispatch(new ExtendedHttpAuditEvent(globals.webSession.get().getSessionId(), globals.currentUser.get(), req, auditStartTs, qp != null ? qp.params() : ImmutableListMultimap.of(), inputRequestBody, statusCode, response, rsrc, viewData == null ? null : viewData.view));
        }
    }
}
Also used : ResourceNotFoundException(com.google.gerrit.extensions.restapi.ResourceNotFoundException) PluginName(com.google.gerrit.extensions.registration.PluginName) ListMultimap(com.google.common.collect.ListMultimap) DynamicItem(com.google.gerrit.extensions.registration.DynamicItem) DeadlineChecker(com.google.gerrit.server.DeadlineChecker) OptionUtil(com.google.gerrit.server.OptionUtil) RequestStateProvider(com.google.gerrit.server.cancellation.RequestStateProvider) BadRequestException(com.google.gerrit.extensions.restapi.BadRequestException) PermissionBackend(com.google.gerrit.server.permissions.PermissionBackend) ActionType(com.google.gerrit.server.update.RetryableAction.ActionType) GsonBuilder(com.google.gson.GsonBuilder) InvalidDeadlineException(com.google.gerrit.server.InvalidDeadlineException) Config(org.eclipse.jgit.lib.Config) IntMath(com.google.common.math.IntMath) OutputFormat(com.google.gerrit.json.OutputFormat) ISO_8859_1(java.nio.charset.StandardCharsets.ISO_8859_1) HttpHeaders(com.google.common.net.HttpHeaders) Map(java.util.Map) CEILING(java.math.RoundingMode.CEILING) RawInput(com.google.gerrit.extensions.restapi.RawInput) RetryHelper(com.google.gerrit.server.update.RetryHelper) AnonymousUser(com.google.gerrit.server.AnonymousUser) ExclusionStrategy(com.google.gson.ExclusionStrategy) GroupAuditService(com.google.gerrit.server.group.GroupAuditService) Metadata(com.google.gerrit.server.logging.Metadata) RestReadView(com.google.gerrit.extensions.restapi.RestReadView) GerritServerConfig(com.google.gerrit.server.config.GerritServerConfig) HttpServlet(javax.servlet.http.HttpServlet) TraceContext(com.google.gerrit.server.logging.TraceContext) ImmutableList.toImmutableList(com.google.common.collect.ImmutableList.toImmutableList) PerThreadCache(com.google.gerrit.server.cache.PerThreadCache) Set(java.util.Set) FilterOutputStream(java.io.FilterOutputStream) Collectors.joining(java.util.stream.Collectors.joining) InvocationTargetException(java.lang.reflect.InvocationTargetException) RequestListener(com.google.gerrit.server.RequestListener) SC_NOT_FOUND(javax.servlet.http.HttpServletResponse.SC_NOT_FOUND) Stream(java.util.stream.Stream) ChangesCollection(com.google.gerrit.server.restapi.change.ChangesCollection) SC_CONFLICT(javax.servlet.http.HttpServletResponse.SC_CONFLICT) ImmutableListMultimap(com.google.common.collect.ImmutableListMultimap) PluginSetContext(com.google.gerrit.server.plugincontext.PluginSetContext) GZIPOutputStream(java.util.zip.GZIPOutputStream) LazyArgs.lazy(com.google.common.flogger.LazyArgs.lazy) TypeLiteral(com.google.inject.TypeLiteral) ACCESS_CONTROL_ALLOW_HEADERS(com.google.common.net.HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS) FluentLogger(com.google.common.flogger.FluentLogger) ACCESS_CONTROL_ALLOW_CREDENTIALS(com.google.common.net.HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS) Joiner(com.google.common.base.Joiner) Iterables(com.google.common.collect.Iterables) PermissionBackendException(com.google.gerrit.server.permissions.PermissionBackendException) ByteArrayOutputStream(java.io.ByteArrayOutputStream) UnprocessableEntityException(com.google.gerrit.extensions.restapi.UnprocessableEntityException) CountingOutputStream(com.google.common.io.CountingOutputStream) RawInputUtil(com.google.gerrit.common.RawInputUtil) Action(com.google.gerrit.server.update.RetryableAction.Action) Response(com.google.gerrit.extensions.restapi.Response) TraceTimer(com.google.gerrit.server.logging.TraceContext.TraceTimer) CONTENT_TYPE(com.google.common.net.HttpHeaders.CONTENT_TYPE) Constructor(java.lang.reflect.Constructor) DefaultInput(com.google.gerrit.extensions.restapi.DefaultInput) CancellationMetrics(com.google.gerrit.server.CancellationMetrics) FieldAttributes(com.google.gson.FieldAttributes) JsonReader(com.google.gson.stream.JsonReader) PerformanceLogger(com.google.gerrit.server.logging.PerformanceLogger) ArrayList(java.util.ArrayList) Strings(com.google.common.base.Strings) HttpServletRequest(javax.servlet.http.HttpServletRequest) VARY(com.google.common.net.HttpHeaders.VARY) SC_NOT_IMPLEMENTED(javax.servlet.http.HttpServletResponse.SC_NOT_IMPLEMENTED) Lists(com.google.common.collect.Lists) RestCollectionDeleteMissingView(com.google.gerrit.extensions.restapi.RestCollectionDeleteMissingView) RestCollectionCreateView(com.google.gerrit.extensions.restapi.RestCollectionCreateView) RestApiException(com.google.gerrit.extensions.restapi.RestApiException) CacheHeaders(com.google.gerrit.util.http.CacheHeaders) JsonWriter(com.google.gson.stream.JsonWriter) NeedsParams(com.google.gerrit.extensions.restapi.NeedsParams) RequestUtil(com.google.gerrit.util.http.RequestUtil) PreconditionFailedException(com.google.gerrit.extensions.restapi.PreconditionFailedException) BaseEncoding(com.google.common.io.BaseEncoding) QueryParams(com.google.gerrit.httpd.restapi.ParameterParser.QueryParams) ExperimentFeatures(com.google.gerrit.server.experiments.ExperimentFeatures) BufferedWriter(java.io.BufferedWriter) Throwables(com.google.common.base.Throwables) ChangeNotes(com.google.gerrit.server.notedb.ChangeNotes) IOException(java.io.IOException) Field(java.lang.reflect.Field) ETagView(com.google.gerrit.extensions.restapi.ETagView) MalformedJsonException(com.google.gson.stream.MalformedJsonException) JsonToken(com.google.gson.stream.JsonToken) ParameterizedType(java.lang.reflect.ParameterizedType) TreeMap(java.util.TreeMap) SC_NOT_MODIFIED(javax.servlet.http.HttpServletResponse.SC_NOT_MODIFIED) DynamicMap(com.google.gerrit.extensions.registration.DynamicMap) Project(com.google.gerrit.entities.Project) DynamicSet(com.google.gerrit.extensions.registration.DynamicSet) SC_BAD_REQUEST(javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST) DynamicOptions(com.google.gerrit.server.DynamicOptions) TimeUtil(com.google.gerrit.server.util.time.TimeUtil) BufferedReader(java.io.BufferedReader) RequestCancelledException(com.google.gerrit.server.cancellation.RequestCancelledException) RequestId(com.google.gerrit.server.logging.RequestId) ChangeFinder(com.google.gerrit.server.change.ChangeFinder) ACCESS_CONTROL_ALLOW_METHODS(com.google.common.net.HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS) ServletException(javax.servlet.ServletException) Inject(com.google.inject.Inject) HttpServletRequestWrapper(javax.servlet.http.HttpServletRequestWrapper) AUTHORIZATION(com.google.common.net.HttpHeaders.AUTHORIZATION) AccessPath(com.google.gerrit.server.AccessPath) CacheControl(com.google.gerrit.extensions.restapi.CacheControl) RestModifyView(com.google.gerrit.extensions.restapi.RestModifyView) RestResource(com.google.gerrit.extensions.restapi.RestResource) Preconditions.checkArgument(com.google.common.base.Preconditions.checkArgument) ACCESS_CONTROL_ALLOW_ORIGIN(com.google.common.net.HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN) Gson(com.google.gson.Gson) Locale(java.util.Locale) AuthException(com.google.gerrit.extensions.restapi.AuthException) GERRIT_BACKEND_REQUEST_FEATURE_REMOVE_REVISION_ETAG(com.google.gerrit.server.experiments.ExperimentFeaturesConstants.GERRIT_BACKEND_REQUEST_FEATURE_REMOVE_REVISION_ETAG) PerformanceLogContext(com.google.gerrit.server.logging.PerformanceLogContext) Splitter(com.google.common.base.Splitter) ORIGIN(com.google.common.net.HttpHeaders.ORIGIN) GlobalPermission(com.google.gerrit.server.permissions.GlobalPermission) ImmutableSet(com.google.common.collect.ImmutableSet) RestCollectionView(com.google.gerrit.extensions.restapi.RestCollectionView) Timestamp(java.sql.Timestamp) ACCESS_CONTROL_REQUEST_HEADERS(com.google.common.net.HttpHeaders.ACCESS_CONTROL_REQUEST_HEADERS) SC_REQUEST_TIMEOUT(javax.servlet.http.HttpServletResponse.SC_REQUEST_TIMEOUT) RequestInfo(com.google.gerrit.server.RequestInfo) MethodNotAllowedException(com.google.gerrit.extensions.restapi.MethodNotAllowedException) EOFException(java.io.EOFException) Preconditions.checkState(com.google.common.base.Preconditions.checkState) TopLevelResource(com.google.gerrit.extensions.restapi.TopLevelResource) RestCollectionModifyView(com.google.gerrit.extensions.restapi.RestCollectionModifyView) List(java.util.List) Nullable(com.google.gerrit.common.Nullable) Type(java.lang.reflect.Type) ACCESS_CONTROL_MAX_AGE(com.google.common.net.HttpHeaders.ACCESS_CONTROL_MAX_AGE) SC_OK(javax.servlet.http.HttpServletResponse.SC_OK) Url(com.google.gerrit.extensions.restapi.Url) Writer(java.io.Writer) Optional(java.util.Optional) Providers(com.google.inject.util.Providers) Pattern(java.util.regex.Pattern) SC_METHOD_NOT_ALLOWED(javax.servlet.http.HttpServletResponse.SC_METHOD_NOT_ALLOWED) RestCollection(com.google.gerrit.extensions.restapi.RestCollection) RequestStateContext(com.google.gerrit.server.cancellation.RequestStateContext) JsonParseException(com.google.gson.JsonParseException) NotImplementedException(com.google.gerrit.extensions.restapi.NotImplementedException) SC_PRECONDITION_FAILED(javax.servlet.http.HttpServletResponse.SC_PRECONDITION_FAILED) ACCESS_CONTROL_REQUEST_METHOD(com.google.common.net.HttpHeaders.ACCESS_CONTROL_REQUEST_METHOD) SC_INTERNAL_SERVER_ERROR(javax.servlet.http.HttpServletResponse.SC_INTERNAL_SERVER_ERROR) IdString(com.google.gerrit.extensions.restapi.IdString) HashMap(java.util.HashMap) AtomicReference(java.util.concurrent.atomic.AtomicReference) JsonElement(com.google.gson.JsonElement) HashSet(java.util.HashSet) GitReferenceUpdatedListener(com.google.gerrit.extensions.events.GitReferenceUpdatedListener) BinaryResult(com.google.gerrit.extensions.restapi.BinaryResult) FieldNamingPolicy(com.google.gson.FieldNamingPolicy) ImmutableList(com.google.common.collect.ImmutableList) ExceptionHook(com.google.gerrit.server.ExceptionHook) Objects.requireNonNull(java.util.Objects.requireNonNull) ExtendedHttpAuditEvent(com.google.gerrit.server.audit.ExtendedHttpAuditEvent) OutputStreamWriter(java.io.OutputStreamWriter) WebSession(com.google.gerrit.httpd.WebSession) OutputStream(java.io.OutputStream) CurrentUser(com.google.gerrit.server.CurrentUser) TemporaryBuffer(org.eclipse.jgit.util.TemporaryBuffer) UTF_8(java.nio.charset.StandardCharsets.UTF_8) ProjectsCollection(com.google.gerrit.server.restapi.project.ProjectsCollection) RestView(com.google.gerrit.extensions.restapi.RestView) HttpServletResponse(javax.servlet.http.HttpServletResponse) RetryableAction(com.google.gerrit.server.update.RetryableAction) Injector(com.google.inject.Injector) TimeUnit(java.util.concurrent.TimeUnit) Provider(com.google.inject.Provider) ServletUtils(org.eclipse.jgit.http.server.ServletUtils) Heap(org.eclipse.jgit.util.TemporaryBuffer.Heap) ResourceConflictException(com.google.gerrit.extensions.restapi.ResourceConflictException) RevisionResource(com.google.gerrit.server.change.RevisionResource) SC_FORBIDDEN(javax.servlet.http.HttpServletResponse.SC_FORBIDDEN) QuotaException(com.google.gerrit.server.quota.QuotaException) VisibleForTesting(com.google.common.annotations.VisibleForTesting) Collections(java.util.Collections) InputStream(java.io.InputStream) DynamicOptions(com.google.gerrit.server.DynamicOptions) RestCollection(com.google.gerrit.extensions.restapi.RestCollection) RestResource(com.google.gerrit.extensions.restapi.RestResource) RestView(com.google.gerrit.extensions.restapi.RestView) RawInput(com.google.gerrit.extensions.restapi.RawInput) IdString(com.google.gerrit.extensions.restapi.IdString) RestCollectionModifyView(com.google.gerrit.extensions.restapi.RestCollectionModifyView) JsonParseException(com.google.gson.JsonParseException) PerformanceLogContext(com.google.gerrit.server.logging.PerformanceLogContext) QuotaException(com.google.gerrit.server.quota.QuotaException) ResourceNotFoundException(com.google.gerrit.extensions.restapi.ResourceNotFoundException) UnprocessableEntityException(com.google.gerrit.extensions.restapi.UnprocessableEntityException) RestModifyView(com.google.gerrit.extensions.restapi.RestModifyView) Optional(java.util.Optional) RestReadView(com.google.gerrit.extensions.restapi.RestReadView) RestCollectionDeleteMissingView(com.google.gerrit.extensions.restapi.RestCollectionDeleteMissingView) ResourceConflictException(com.google.gerrit.extensions.restapi.ResourceConflictException) RequestStateContext(com.google.gerrit.server.cancellation.RequestStateContext) NotImplementedException(com.google.gerrit.extensions.restapi.NotImplementedException) AuthException(com.google.gerrit.extensions.restapi.AuthException) ExtendedHttpAuditEvent(com.google.gerrit.server.audit.ExtendedHttpAuditEvent) RequestInfo(com.google.gerrit.server.RequestInfo) PerThreadCache(com.google.gerrit.server.cache.PerThreadCache) RestCollectionCreateView(com.google.gerrit.extensions.restapi.RestCollectionCreateView) InvalidDeadlineException(com.google.gerrit.server.InvalidDeadlineException) QueryParams(com.google.gerrit.httpd.restapi.ParameterParser.QueryParams) PreconditionFailedException(com.google.gerrit.extensions.restapi.PreconditionFailedException) MalformedJsonException(com.google.gson.stream.MalformedJsonException) MethodNotAllowedException(com.google.gerrit.extensions.restapi.MethodNotAllowedException) InputStream(java.io.InputStream) ResourceNotFoundException(com.google.gerrit.extensions.restapi.ResourceNotFoundException) BadRequestException(com.google.gerrit.extensions.restapi.BadRequestException) InvalidDeadlineException(com.google.gerrit.server.InvalidDeadlineException) InvocationTargetException(java.lang.reflect.InvocationTargetException) PermissionBackendException(com.google.gerrit.server.permissions.PermissionBackendException) UnprocessableEntityException(com.google.gerrit.extensions.restapi.UnprocessableEntityException) RestApiException(com.google.gerrit.extensions.restapi.RestApiException) PreconditionFailedException(com.google.gerrit.extensions.restapi.PreconditionFailedException) IOException(java.io.IOException) MalformedJsonException(com.google.gson.stream.MalformedJsonException) RequestCancelledException(com.google.gerrit.server.cancellation.RequestCancelledException) ServletException(javax.servlet.ServletException) AuthException(com.google.gerrit.extensions.restapi.AuthException) MethodNotAllowedException(com.google.gerrit.extensions.restapi.MethodNotAllowedException) EOFException(java.io.EOFException) JsonParseException(com.google.gson.JsonParseException) NotImplementedException(com.google.gerrit.extensions.restapi.NotImplementedException) ResourceConflictException(com.google.gerrit.extensions.restapi.ResourceConflictException) QuotaException(com.google.gerrit.server.quota.QuotaException) Response(com.google.gerrit.extensions.restapi.Response) HttpServletResponse(javax.servlet.http.HttpServletResponse) ExceptionHook(com.google.gerrit.server.ExceptionHook) ActionType(com.google.gerrit.server.update.RetryableAction.ActionType) ParameterizedType(java.lang.reflect.ParameterizedType) Type(java.lang.reflect.Type) IdString(com.google.gerrit.extensions.restapi.IdString) TraceContext(com.google.gerrit.server.logging.TraceContext) BadRequestException(com.google.gerrit.extensions.restapi.BadRequestException) NeedsParams(com.google.gerrit.extensions.restapi.NeedsParams) BinaryResult(com.google.gerrit.extensions.restapi.BinaryResult)

Example 49 with MethodNotAllowedException

use of com.google.gerrit.extensions.restapi.MethodNotAllowedException in project gerrit by GerritCodeReview.

the class RestApiServlet method parseRequest.

private Object parseRequest(HttpServletRequest req, Type type) throws IOException, BadRequestException, SecurityException, IllegalArgumentException, NoSuchMethodException, IllegalAccessException, InstantiationException, InvocationTargetException, MethodNotAllowedException {
    // 400). Consume the request body for all but raw input request types here.
    if (isType(JSON_TYPE, req.getContentType())) {
        try (BufferedReader br = req.getReader();
            JsonReader json = new JsonReader(br)) {
            try {
                json.setLenient(true);
                JsonToken first;
                try {
                    first = json.peek();
                } catch (EOFException e) {
                    throw new BadRequestException("Expected JSON object", e);
                }
                if (first == JsonToken.STRING) {
                    return parseString(json.nextString(), type);
                }
                return OutputFormat.JSON.newGson().fromJson(json, type);
            } finally {
                try {
                    // Reader.close won't consume the rest of the input. Explicitly consume the request
                    // body.
                    br.skip(Long.MAX_VALUE);
                } catch (Exception e) {
                // ignore, e.g. trying to consume the rest of the input may fail if the request was
                // cancelled
                }
            }
        }
    }
    String method = req.getMethod();
    if (("PUT".equals(method) || "POST".equals(method)) && acceptsRawInput(type)) {
        return parseRawInput(req, type);
    }
    if (isDelete(req) && hasNoBody(req)) {
        return null;
    }
    if (hasNoBody(req)) {
        return createInstance(type);
    }
    if (isType(PLAIN_TEXT, req.getContentType())) {
        try (BufferedReader br = req.getReader()) {
            char[] tmp = new char[256];
            StringBuilder sb = new StringBuilder();
            int n;
            while (0 < (n = br.read(tmp))) {
                sb.append(tmp, 0, n);
            }
            return parseString(sb.toString(), type);
        }
    }
    if (isPost(req) && isType(FORM_TYPE, req.getContentType())) {
        return OutputFormat.JSON.newGson().fromJson(ParameterParser.formToJson(req), type);
    }
    throw new BadRequestException("Expected Content-Type: " + JSON_TYPE);
}
Also used : BufferedReader(java.io.BufferedReader) EOFException(java.io.EOFException) JsonReader(com.google.gson.stream.JsonReader) BadRequestException(com.google.gerrit.extensions.restapi.BadRequestException) JsonToken(com.google.gson.stream.JsonToken) IdString(com.google.gerrit.extensions.restapi.IdString) ResourceNotFoundException(com.google.gerrit.extensions.restapi.ResourceNotFoundException) BadRequestException(com.google.gerrit.extensions.restapi.BadRequestException) InvalidDeadlineException(com.google.gerrit.server.InvalidDeadlineException) InvocationTargetException(java.lang.reflect.InvocationTargetException) PermissionBackendException(com.google.gerrit.server.permissions.PermissionBackendException) UnprocessableEntityException(com.google.gerrit.extensions.restapi.UnprocessableEntityException) RestApiException(com.google.gerrit.extensions.restapi.RestApiException) PreconditionFailedException(com.google.gerrit.extensions.restapi.PreconditionFailedException) IOException(java.io.IOException) MalformedJsonException(com.google.gson.stream.MalformedJsonException) RequestCancelledException(com.google.gerrit.server.cancellation.RequestCancelledException) ServletException(javax.servlet.ServletException) AuthException(com.google.gerrit.extensions.restapi.AuthException) MethodNotAllowedException(com.google.gerrit.extensions.restapi.MethodNotAllowedException) EOFException(java.io.EOFException) JsonParseException(com.google.gson.JsonParseException) NotImplementedException(com.google.gerrit.extensions.restapi.NotImplementedException) ResourceConflictException(com.google.gerrit.extensions.restapi.ResourceConflictException) QuotaException(com.google.gerrit.server.quota.QuotaException)

Example 50 with MethodNotAllowedException

use of com.google.gerrit.extensions.restapi.MethodNotAllowedException in project gerrit by GerritCodeReview.

the class PutAgreement method apply.

@Override
public Response<String> apply(AccountResource resource, AgreementInput input) throws IOException, RestApiException, ConfigInvalidException {
    if (!agreementsEnabled) {
        throw new MethodNotAllowedException("contributor agreements disabled");
    }
    if (!self.get().hasSameAccountId(resource.getUser())) {
        throw new AuthException("not allowed to enter contributor agreement");
    }
    String agreementName = Strings.nullToEmpty(input.name);
    ContributorAgreement ca = projectCache.getAllProjects().getConfig().getContributorAgreements().get(agreementName);
    if (ca == null) {
        throw new UnprocessableEntityException("contributor agreement not found");
    }
    if (ca.getAutoVerify() == null) {
        throw new BadRequestException("cannot enter a non-autoVerify agreement");
    }
    AccountGroup.UUID uuid = ca.getAutoVerify().getUUID();
    if (uuid == null) {
        throw new ResourceConflictException("autoverify group uuid not found");
    }
    AccountState accountState = self.get().state();
    try {
        addMembers.addMembers(uuid, ImmutableSet.of(accountState.account().id()));
    } catch (NoSuchGroupException e) {
        throw new ResourceConflictException("autoverify group not found", e);
    }
    agreementSignup.fire(accountState, agreementName);
    return Response.ok(agreementName);
}
Also used : UnprocessableEntityException(com.google.gerrit.extensions.restapi.UnprocessableEntityException) ResourceConflictException(com.google.gerrit.extensions.restapi.ResourceConflictException) MethodNotAllowedException(com.google.gerrit.extensions.restapi.MethodNotAllowedException) AccountGroup(com.google.gerrit.entities.AccountGroup) ContributorAgreement(com.google.gerrit.entities.ContributorAgreement) AuthException(com.google.gerrit.extensions.restapi.AuthException) BadRequestException(com.google.gerrit.extensions.restapi.BadRequestException) AccountState(com.google.gerrit.server.account.AccountState) NoSuchGroupException(com.google.gerrit.exceptions.NoSuchGroupException)

Aggregations

MethodNotAllowedException (com.google.gerrit.extensions.restapi.MethodNotAllowedException)66 BadRequestException (com.google.gerrit.extensions.restapi.BadRequestException)27 AuthException (com.google.gerrit.extensions.restapi.AuthException)23 AbstractDaemonTest (com.google.gerrit.acceptance.AbstractDaemonTest)16 ResourceNotFoundException (com.google.gerrit.extensions.restapi.ResourceNotFoundException)16 Test (org.junit.Test)16 ResourceConflictException (com.google.gerrit.extensions.restapi.ResourceConflictException)15 AccountGroup (com.google.gerrit.reviewdb.client.AccountGroup)11 IOException (java.io.IOException)11 ArrayList (java.util.ArrayList)11 IdentifiedUser (com.google.gerrit.server.IdentifiedUser)10 Account (com.google.gerrit.reviewdb.client.Account)9 UnprocessableEntityException (com.google.gerrit.extensions.restapi.UnprocessableEntityException)8 PermissionBackend (com.google.gerrit.server.permissions.PermissionBackend)7 BatchUpdate (com.google.gerrit.server.update.BatchUpdate)7 Account (com.google.gerrit.entities.Account)6 GroupInfo (com.google.gerrit.extensions.common.GroupInfo)5 Response (com.google.gerrit.extensions.restapi.Response)5 Change (com.google.gerrit.reviewdb.client.Change)5 CurrentUser (com.google.gerrit.server.CurrentUser)5