use of com.google.gerrit.extensions.restapi.MethodNotAllowedException in project gerrit by GerritCodeReview.
the class Move method apply.
@Override
public Response<ChangeInfo> apply(ChangeResource rsrc, MoveInput input) throws RestApiException, UpdateException, PermissionBackendException, IOException {
if (!moveEnabled) {
// behavior. See: https://bugs.chromium.org/p/gerrit/issues/detail?id=9877
throw new MethodNotAllowedException("move changes endpoint is disabled");
}
Change change = rsrc.getChange();
Project.NameKey project = rsrc.getProject();
IdentifiedUser caller = rsrc.getUser().asIdentifiedUser();
if (input.destinationBranch == null) {
throw new BadRequestException("destination branch is required");
}
input.destinationBranch = RefNames.fullName(input.destinationBranch);
if (!change.isNew()) {
throw new ResourceConflictException("Change is " + ChangeUtil.status(change));
}
BranchNameKey newDest = BranchNameKey.create(project, input.destinationBranch);
if (change.getDest().equals(newDest)) {
throw new ResourceConflictException("Change is already destined for the specified branch");
}
// Not allowed to move if the current patch set is locked.
psUtil.checkPatchSetNotLocked(rsrc.getNotes());
// Only administrators are allowed to keep all labels at their own risk.
try {
if (input.keepAllVotes) {
permissionBackend.user(caller).check(GlobalPermission.ADMINISTRATE_SERVER);
}
} catch (AuthException denied) {
throw new AuthException("move is not permitted with keepAllVotes option", denied);
}
// Move requires abandoning this change, and creating a new change.
try {
rsrc.permissions().check(ABANDON);
permissionBackend.user(caller).ref(newDest).check(CREATE_CHANGE);
} catch (AuthException denied) {
throw new AuthException("move not permitted", denied);
}
projectCache.get(project).orElseThrow(illegalState(project)).checkStatePermitsWrite();
Op op = new Op(input);
try (BatchUpdate u = updateFactory.create(project, caller, TimeUtil.now())) {
u.addOp(change.getId(), op);
u.execute();
}
return Response.ok(json.noOptions().format(op.getChange()));
}
use of com.google.gerrit.extensions.restapi.MethodNotAllowedException in project gerrit by GerritCodeReview.
the class ChangeIT method deleteMergedChangeWithDeleteOwnChangesPermission.
@Test
@TestProjectInput(cloneAs = "user1")
public void deleteMergedChangeWithDeleteOwnChangesPermission() throws Exception {
projectOperations.project(project).forUpdate().add(allow(Permission.DELETE_OWN_CHANGES).ref("refs/*").group(REGISTERED_USERS)).update();
try {
PushOneCommit.Result changeResult = pushFactory.create(user.newIdent(), testRepo).to("refs/for/master");
String changeId = changeResult.getChangeId();
merge(changeResult);
requestScopeOperations.setApiUser(user.id());
MethodNotAllowedException thrown = assertThrows(MethodNotAllowedException.class, () -> gApi.changes().id(changeId).delete());
assertThat(thrown).hasMessageThat().contains("delete not permitted");
} finally {
projectOperations.project(project).forUpdate().remove(permissionKey(Permission.DELETE_OWN_CHANGES).ref("refs/*")).update();
}
}
use of com.google.gerrit.extensions.restapi.MethodNotAllowedException in project gerrit by GerritCodeReview.
the class TagsIT method createSignedTagNotSupported.
@Test
public void createSignedTagNotSupported() throws Exception {
TagInput input = new TagInput();
input.ref = "test";
input.message = SIGNED_ANNOTATION;
MethodNotAllowedException thrown = assertThrows(MethodNotAllowedException.class, () -> tag(input.ref).create(input));
assertThat(thrown).hasMessageThat().contains("Cannot create signed tag \"" + R_TAGS + "test\"");
}
use of com.google.gerrit.extensions.restapi.MethodNotAllowedException in project gerrit by GerritCodeReview.
the class DeleteIncludedGroups method apply.
@Override
public Response<?> apply(GroupResource resource, Input input) throws AuthException, MethodNotAllowedException, UnprocessableEntityException, OrmException {
AccountGroup internalGroup = resource.toAccountGroup();
if (internalGroup == null) {
throw new MethodNotAllowedException();
}
input = Input.init(input);
final GroupControl control = resource.getControl();
final Map<AccountGroup.UUID, AccountGroupById> includedGroups = getIncludedGroups(internalGroup.getId());
final List<AccountGroupById> toRemove = new ArrayList<>();
for (final String includedGroup : input.groups) {
GroupDescription.Basic d = groupsCollection.parse(includedGroup);
if (!control.canRemoveGroup()) {
throw new AuthException(String.format("Cannot delete group: %s", d.getName()));
}
AccountGroupById g = includedGroups.remove(d.getGroupUUID());
if (g != null) {
toRemove.add(g);
}
}
if (!toRemove.isEmpty()) {
writeAudits(toRemove);
db.get().accountGroupById().delete(toRemove);
for (final AccountGroupById g : toRemove) {
groupIncludeCache.evictParentGroupsOf(g.getIncludeUUID());
}
groupIncludeCache.evictSubgroupsOf(internalGroup.getGroupUUID());
}
return Response.none();
}
use of com.google.gerrit.extensions.restapi.MethodNotAllowedException in project gerrit by GerritCodeReview.
the class AddIncludedGroups method apply.
@Override
public List<GroupInfo> apply(GroupResource resource, Input input) throws MethodNotAllowedException, AuthException, UnprocessableEntityException, OrmException {
AccountGroup group = resource.toAccountGroup();
if (group == null) {
throw new MethodNotAllowedException();
}
input = Input.init(input);
GroupControl control = resource.getControl();
Map<AccountGroup.UUID, AccountGroupById> newIncludedGroups = new HashMap<>();
List<GroupInfo> result = new ArrayList<>();
Account.Id me = control.getUser().getAccountId();
for (String includedGroup : input.groups) {
GroupDescription.Basic d = groupsCollection.parse(includedGroup);
if (!control.canAddGroup()) {
throw new AuthException(String.format("Cannot add group: %s", d.getName()));
}
if (!newIncludedGroups.containsKey(d.getGroupUUID())) {
AccountGroupById.Key agiKey = new AccountGroupById.Key(group.getId(), d.getGroupUUID());
AccountGroupById agi = db.get().accountGroupById().get(agiKey);
if (agi == null) {
agi = new AccountGroupById(agiKey);
newIncludedGroups.put(d.getGroupUUID(), agi);
}
}
result.add(json.format(d));
}
if (!newIncludedGroups.isEmpty()) {
auditService.dispatchAddGroupsToGroup(me, newIncludedGroups.values());
db.get().accountGroupById().insert(newIncludedGroups.values());
for (AccountGroupById agi : newIncludedGroups.values()) {
groupIncludeCache.evictParentGroupsOf(agi.getIncludeUUID());
}
groupIncludeCache.evictSubgroupsOf(group.getGroupUUID());
}
return result;
}
Aggregations