Example 21 with IdentifiedUser
use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.
the class SshLog method log.
private LoggingEvent log(final String msg) {
final SshSession sd = session.get();
final CurrentUser user = sd.getUser();
final LoggingEvent event = new //
LoggingEvent(// fqnOfCategoryClass
Logger.class.getName(), // logger
log, // when
TimeUtil.nowMs(), // level
Level.INFO, // message text
msg, // thread name
"SSHD", // exception information
null, // current NDC string
null, // caller location
null, // MDC properties
null);
event.setProperty(P_SESSION, id(sd.getSessionId()));
String userName = "-";
String accountId = "-";
if (user != null && user.isIdentifiedUser()) {
IdentifiedUser u = user.asIdentifiedUser();
userName = u.getAccount().getUserName();
accountId = "a/" + u.getAccountId().toString();
} else if (user instanceof PeerDaemonUser) {
userName = PeerDaemonUser.USER_NAME;
}
event.setProperty(P_USER_NAME, userName);
event.setProperty(P_ACCOUNT_ID, accountId);
return event;
}
Also used :
LoggingEvent(org.apache.log4j.spi.LoggingEvent)
CurrentUser(com.google.gerrit.server.CurrentUser)
Logger(org.apache.log4j.Logger)
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
PeerDaemonUser(com.google.gerrit.server.PeerDaemonUser)
Example 22 with IdentifiedUser
use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.
the class AgreementJson method format.
public AgreementInfo format(ContributorAgreement ca) {
AgreementInfo info = new AgreementInfo();
info.name = ca.getName();
info.description = ca.getDescription();
info.url = ca.getAgreementUrl();
GroupReference autoVerifyGroup = ca.getAutoVerify();
if (autoVerifyGroup != null && self.get().isIdentifiedUser()) {
IdentifiedUser user = identifiedUserFactory.create(self.get().getAccountId());
try {
GroupControl gc = genericGroupControlFactory.controlFor(user, autoVerifyGroup.getUUID());
GroupResource group = new GroupResource(gc);
info.autoVerifyGroup = groupJson.format(group);
} catch (NoSuchGroupException | OrmException e) {
log.warn("autoverify group \"" + autoVerifyGroup.getName() + "\" does not exist, referenced in CLA \"" + ca.getName() + "\"");
}
}
return info;
}
Also used :
GroupControl(com.google.gerrit.server.account.GroupControl)
OrmException(com.google.gwtorm.server.OrmException)
AgreementInfo(com.google.gerrit.extensions.common.AgreementInfo)
GroupReference(com.google.gerrit.common.data.GroupReference)
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
GroupResource(com.google.gerrit.server.group.GroupResource)
NoSuchGroupException(com.google.gerrit.common.errors.NoSuchGroupException)
Example 23 with IdentifiedUser
use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.
the class CheckAccess method apply.
@Override
public AccessCheckInfo apply(ConfigResource unused, AccessCheckInput input) throws OrmException, PermissionBackendException, RestApiException, IOException {
permissionBackend.user(currentUser.get()).check(GlobalPermission.ADMINISTRATE_SERVER);
if (input == null) {
throw new BadRequestException("input is required");
}
if (Strings.isNullOrEmpty(input.account)) {
throw new BadRequestException("input requires 'account'");
}
if (Strings.isNullOrEmpty(input.project)) {
throw new BadRequestException("input requires 'project'");
}
Account match = accountResolver.find(db.get(), input.account);
if (match == null) {
throw new BadRequestException(String.format("cannot find account %s", input.account));
}
AccessCheckInfo info = new AccessCheckInfo();
Project.NameKey key = new Project.NameKey(input.project);
if (projectCache.get(key) == null) {
info.message = String.format("project %s does not exist", key);
info.status = HttpServletResponse.SC_NOT_FOUND;
return info;
}
IdentifiedUser user = userFactory.create(match.getId());
try {
permissionBackend.user(user).project(key).check(ProjectPermission.ACCESS);
} catch (AuthException | PermissionBackendException e) {
info.message = String.format("user %s (%s) cannot see project %s", user.getNameEmail(), user.getAccount().getId(), key);
info.status = HttpServletResponse.SC_FORBIDDEN;
return info;
}
if (!Strings.isNullOrEmpty(input.ref)) {
try {
permissionBackend.user(user).ref(new Branch.NameKey(key, input.ref)).check(RefPermission.READ);
} catch (AuthException | PermissionBackendException e) {
info.status = HttpServletResponse.SC_FORBIDDEN;
info.message = String.format("user %s (%s) cannot see ref %s in project %s", user.getNameEmail(), user.getAccount().getId(), input.ref, key);
return info;
}
}
info.status = HttpServletResponse.SC_OK;
return info;
}
Also used :
Account(com.google.gerrit.reviewdb.client.Account)
Project(com.google.gerrit.reviewdb.client.Project)
AccessCheckInfo(com.google.gerrit.extensions.api.config.AccessCheckInfo)
BadRequestException(com.google.gerrit.extensions.restapi.BadRequestException)
AuthException(com.google.gerrit.extensions.restapi.AuthException)
PermissionBackendException(com.google.gerrit.server.permissions.PermissionBackendException)
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
Example 24 with IdentifiedUser
use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.
the class CheckConsistency method apply.
@Override
public ConsistencyCheckInfo apply(ConfigResource resource, ConsistencyCheckInput input) throws RestApiException, IOException {
IdentifiedUser user = userProvider.get();
if (!user.isIdentifiedUser()) {
throw new AuthException("Authentication required");
}
if (!user.getCapabilities().canAccessDatabase()) {
throw new AuthException("not allowed to run consistency checks");
}
if (input == null || input.checkAccountExternalIds == null) {
throw new BadRequestException("input required");
}
ConsistencyCheckInfo consistencyCheckInfo = new ConsistencyCheckInfo();
if (input.checkAccountExternalIds != null) {
consistencyCheckInfo.checkAccountExternalIdsResult = new CheckAccountExternalIdsResultInfo(externalIdsConsistencyChecker.check());
}
return consistencyCheckInfo;
}
Also used :
ConsistencyCheckInfo(com.google.gerrit.extensions.api.config.ConsistencyCheckInfo)
AuthException(com.google.gerrit.extensions.restapi.AuthException)
BadRequestException(com.google.gerrit.extensions.restapi.BadRequestException)
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
CheckAccountExternalIdsResultInfo(com.google.gerrit.extensions.api.config.ConsistencyCheckInfo.CheckAccountExternalIdsResultInfo)
Example 25 with IdentifiedUser
use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.
the class Submit method applyImpl.
@Override
protected Output applyImpl(BatchUpdate.Factory updateFactory, RevisionResource rsrc, SubmitInput input) throws RestApiException, RepositoryNotFoundException, IOException, OrmException, PermissionBackendException {
input.onBehalfOf = Strings.emptyToNull(input.onBehalfOf);
IdentifiedUser submitter;
if (input.onBehalfOf != null) {
submitter = onBehalfOf(rsrc, input);
} else {
rsrc.permissions().check(ChangePermission.SUBMIT);
submitter = rsrc.getUser().asIdentifiedUser();
}
return new Output(mergeChange(updateFactory, rsrc, submitter, input));
}
Also used :
Output(com.google.gerrit.server.change.Submit.Output)
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
Aggregations
IdentifiedUser (com.google.gerrit.server.IdentifiedUser)48
AuthException (com.google.gerrit.extensions.restapi.AuthException)12
Account (com.google.gerrit.reviewdb.client.Account)10
Change (com.google.gerrit.reviewdb.client.Change)10
CurrentUser (com.google.gerrit.server.CurrentUser)8
ResourceNotFoundException (com.google.gerrit.extensions.restapi.ResourceNotFoundException)7
Project (com.google.gerrit.reviewdb.client.Project)7
ChangeControl (com.google.gerrit.server.project.ChangeControl)7
BadRequestException (com.google.gerrit.extensions.restapi.BadRequestException)6
BatchUpdate (com.google.gerrit.server.update.BatchUpdate)6
ResourceConflictException (com.google.gerrit.extensions.restapi.ResourceConflictException)5
UnprocessableEntityException (com.google.gerrit.extensions.restapi.UnprocessableEntityException)5
AccountGroup (com.google.gerrit.reviewdb.client.AccountGroup)5
PatchSet (com.google.gerrit.reviewdb.client.PatchSet)5
OrmException (com.google.gwtorm.server.OrmException)5
Ref (org.eclipse.jgit.lib.Ref)5
Repository (org.eclipse.jgit.lib.Repository)5
Test (org.junit.Test)5
IOException (java.io.IOException)4
ArrayList (java.util.ArrayList)4
