Examples with IdentifiedUser com.google.gerrit.server.IdentifiedUser used on opensource projects

Example 46 with IdentifiedUser

use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.

the class PutAssignee method applyImpl.

@Override
protected AccountInfo applyImpl(BatchUpdate.Factory updateFactory, ChangeResource rsrc, AssigneeInput input) throws RestApiException, UpdateException, OrmException, IOException, PermissionBackendException {
    rsrc.permissions().check(ChangePermission.EDIT_ASSIGNEE);
    input.assignee = Strings.nullToEmpty(input.assignee).trim();
    if (input.assignee.isEmpty()) {
        throw new BadRequestException("missing assignee field");
    }
    IdentifiedUser assignee = accounts.parse(input.assignee);
    if (!assignee.getAccount().isActive()) {
        throw new UnprocessableEntityException(input.assignee + " is not active");
    }
    try {
        rsrc.permissions().database(db).user(assignee).check(ChangePermission.READ);
    } catch (AuthException e) {
        throw new AuthException("read not permitted for " + input.assignee);
    }
    try (BatchUpdate bu = updateFactory.create(db.get(), rsrc.getChange().getProject(), rsrc.getControl().getUser(), TimeUtil.nowTs())) {
        SetAssigneeOp op = assigneeFactory.create(assignee);
        bu.addOp(rsrc.getId(), op);
        PostReviewers.Addition reviewersAddition = addAssigneeAsCC(rsrc, input.assignee);
        bu.addOp(rsrc.getId(), reviewersAddition.op);
        bu.execute();
        return accountLoaderFactory.create(true).fillOne(assignee.getAccountId());
    }
}

Example 47 with IdentifiedUser

use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.

the class LabelNormalizer method getRange.

private PermissionRange getRange(ChangeControl ctl, LabelType lt, Account.Id id) {
    String permission = Permission.forLabel(lt.getName());
    IdentifiedUser user = userFactory.create(id);
    return ctl.forUser(user).getRange(permission);
}

Example 48 with IdentifiedUser

use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.

the class ChangeEditUtil method byChange.

/**
   * Retrieve edit for a change and the given user.
   *
   * <p>At most one change edit can exist per user and change.
   *
   * @param ctl control with user to retrieve change edits for.
   * @return edit for this change for this user, if present.
   * @throws AuthException if this is not a logged-in user.
   * @throws IOException if an error occurs.
   */
public Optional<ChangeEdit> byChange(ChangeControl ctl) throws AuthException, IOException {
    if (!ctl.getUser().isIdentifiedUser()) {
        throw new AuthException("Authentication required");
    }
    IdentifiedUser u = ctl.getUser().asIdentifiedUser();
    Change change = ctl.getChange();
    try (Repository repo = gitManager.openRepository(change.getProject())) {
        int n = change.currentPatchSetId().get();
        String[] refNames = new String[n];
        for (int i = n; i > 0; i--) {
            refNames[i - 1] = RefNames.refsEdit(u.getAccountId(), change.getId(), new PatchSet.Id(change.getId(), i));
        }
        Ref ref = repo.getRefDatabase().firstExactRef(refNames);
        if (ref == null) {
            return Optional.empty();
        }
        try (RevWalk rw = new RevWalk(repo)) {
            RevCommit commit = rw.parseCommit(ref.getObjectId());
            PatchSet basePs = getBasePatchSet(ctl, ref);
            return Optional.of(new ChangeEdit(change, ref.getName(), commit, basePs));
        }
    }
}

Example 49 with IdentifiedUser

use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.

the class ProjectControl method verifyActiveContributorAgreement.

private Capable verifyActiveContributorAgreement() {
    metrics.claCheckCount.increment();
    if (!(user.isIdentifiedUser())) {
        return new Capable("Must be logged in to verify Contributor Agreement");
    }
    final IdentifiedUser iUser = user.asIdentifiedUser();
    List<AccountGroup.UUID> okGroupIds = new ArrayList<>();
    for (ContributorAgreement ca : contributorAgreements) {
        List<AccountGroup.UUID> groupIds;
        groupIds = okGroupIds;
        for (PermissionRule rule : ca.getAccepted()) {
            if ((rule.getAction() == Action.ALLOW) && (rule.getGroup() != null) && (rule.getGroup().getUUID() != null)) {
                groupIds.add(new AccountGroup.UUID(rule.getGroup().getUUID().get()));
            }
        }
    }
    if (iUser.getEffectiveGroups().containsAnyOf(okGroupIds)) {
        return Capable.OK;
    }
    final StringBuilder msg = new StringBuilder();
    msg.append("A Contributor Agreement must be completed before uploading");
    if (canonicalWebUrl != null) {
        msg.append(":\n\n  ");
        msg.append(canonicalWebUrl);
        msg.append("#");
        msg.append(PageLinks.SETTINGS_AGREEMENTS);
        msg.append("\n");
    } else {
        msg.append(".");
    }
    msg.append("\n");
    return new Capable(msg.toString());
}

Example 50 with IdentifiedUser

use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.

the class PostReview method onBehalfOf.

private RevisionResource onBehalfOf(RevisionResource rev, ReviewInput in) throws BadRequestException, AuthException, UnprocessableEntityException, OrmException, PermissionBackendException {
    if (in.labels == null || in.labels.isEmpty()) {
        throw new AuthException(String.format("label required to post review on behalf of \"%s\"", in.onBehalfOf));
    }
    if (in.drafts == null) {
        in.drafts = DraftHandling.KEEP;
    }
    if (in.drafts != DraftHandling.KEEP) {
        throw new AuthException("not allowed to modify other user's drafts");
    }
    CurrentUser caller = rev.getUser();
    PermissionBackend.ForChange perm = rev.permissions().database(db);
    LabelTypes labelTypes = rev.getControl().getLabelTypes();
    Iterator<Map.Entry<String, Short>> itr = in.labels.entrySet().iterator();
    while (itr.hasNext()) {
        Map.Entry<String, Short> ent = itr.next();
        LabelType type = labelTypes.byLabel(ent.getKey());
        if (type == null && in.strictLabels) {
            throw new BadRequestException(String.format("label \"%s\" is not a configured label", ent.getKey()));
        } else if (type == null) {
            itr.remove();
            continue;
        }
        if (!caller.isInternalUser()) {
            try {
                perm.check(new LabelPermission.WithValue(ON_BEHALF_OF, type, ent.getValue()));
            } catch (AuthException e) {
                throw new AuthException(String.format("not permitted to modify label \"%s\" on behalf of \"%s\"", type.getName(), in.onBehalfOf));
            }
        }
    }
    if (in.labels.isEmpty()) {
        throw new AuthException(String.format("label required to post review on behalf of \"%s\"", in.onBehalfOf));
    }
    IdentifiedUser reviewer = accounts.parseOnBehalfOf(caller, in.onBehalfOf);
    try {
        perm.user(reviewer).check(ChangePermission.READ);
    } catch (AuthException e) {
        throw new UnprocessableEntityException(String.format("on_behalf_of account %s cannot see change", reviewer.getAccountId()));
    }
    ChangeControl ctl = rev.getControl().forUser(reviewer);
    return new RevisionResource(changes.parse(ctl), rev.getPatchSet());
}