Example 36 with IdentifiedUser
use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.
the class ProjectControl method verifyActiveContributorAgreement.
private Capable verifyActiveContributorAgreement() {
metrics.claCheckCount.increment();
if (!(user.isIdentifiedUser())) {
return new Capable("Must be logged in to verify Contributor Agreement");
}
final IdentifiedUser iUser = user.asIdentifiedUser();
List<AccountGroup.UUID> okGroupIds = new ArrayList<>();
for (ContributorAgreement ca : contributorAgreements) {
List<AccountGroup.UUID> groupIds;
groupIds = okGroupIds;
for (PermissionRule rule : ca.getAccepted()) {
if ((rule.getAction() == Action.ALLOW) && (rule.getGroup() != null) && (rule.getGroup().getUUID() != null)) {
groupIds.add(new AccountGroup.UUID(rule.getGroup().getUUID().get()));
}
}
}
if (iUser.getEffectiveGroups().containsAnyOf(okGroupIds)) {
return Capable.OK;
}
final StringBuilder msg = new StringBuilder();
msg.append("A Contributor Agreement must be completed before uploading");
if (canonicalWebUrl != null) {
msg.append(":\n\n ");
msg.append(canonicalWebUrl);
msg.append("#");
msg.append(PageLinks.SETTINGS_AGREEMENTS);
msg.append("\n");
} else {
msg.append(".");
}
msg.append("\n");
return new Capable(msg.toString());
}
Also used :
Capable(com.google.gerrit.common.data.Capable)
AccountGroup(com.google.gerrit.reviewdb.client.AccountGroup)
PermissionRule(com.google.gerrit.common.data.PermissionRule)
ContributorAgreement(com.google.gerrit.common.data.ContributorAgreement)
ArrayList(java.util.ArrayList)
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
Example 37 with IdentifiedUser
use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.
the class PostReview method onBehalfOf.
private RevisionResource onBehalfOf(RevisionResource rev, ReviewInput in) throws BadRequestException, AuthException, UnprocessableEntityException, OrmException, PermissionBackendException {
if (in.labels == null || in.labels.isEmpty()) {
throw new AuthException(String.format("label required to post review on behalf of \"%s\"", in.onBehalfOf));
}
if (in.drafts == null) {
in.drafts = DraftHandling.KEEP;
}
if (in.drafts != DraftHandling.KEEP) {
throw new AuthException("not allowed to modify other user's drafts");
}
CurrentUser caller = rev.getUser();
PermissionBackend.ForChange perm = rev.permissions().database(db);
LabelTypes labelTypes = rev.getControl().getLabelTypes();
Iterator<Map.Entry<String, Short>> itr = in.labels.entrySet().iterator();
while (itr.hasNext()) {
Map.Entry<String, Short> ent = itr.next();
LabelType type = labelTypes.byLabel(ent.getKey());
if (type == null && in.strictLabels) {
throw new BadRequestException(String.format("label \"%s\" is not a configured label", ent.getKey()));
} else if (type == null) {
itr.remove();
continue;
}
if (!caller.isInternalUser()) {
try {
perm.check(new LabelPermission.WithValue(ON_BEHALF_OF, type, ent.getValue()));
} catch (AuthException e) {
throw new AuthException(String.format("not permitted to modify label \"%s\" on behalf of \"%s\"", type.getName(), in.onBehalfOf));
}
}
}
if (in.labels.isEmpty()) {
throw new AuthException(String.format("label required to post review on behalf of \"%s\"", in.onBehalfOf));
}
IdentifiedUser reviewer = accounts.parseOnBehalfOf(caller, in.onBehalfOf);
try {
perm.user(reviewer).check(ChangePermission.READ);
} catch (AuthException e) {
throw new UnprocessableEntityException(String.format("on_behalf_of account %s cannot see change", reviewer.getAccountId()));
}
ChangeControl ctl = rev.getControl().forUser(reviewer);
return new RevisionResource(changes.parse(ctl), rev.getPatchSet());
}
Also used :
UnprocessableEntityException(com.google.gerrit.extensions.restapi.UnprocessableEntityException)
LabelTypes(com.google.gerrit.common.data.LabelTypes)
CurrentUser(com.google.gerrit.server.CurrentUser)
PermissionBackend(com.google.gerrit.server.permissions.PermissionBackend)
AuthException(com.google.gerrit.extensions.restapi.AuthException)
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
ChangeControl(com.google.gerrit.server.project.ChangeControl)
LabelType(com.google.gerrit.common.data.LabelType)
BadRequestException(com.google.gerrit.extensions.restapi.BadRequestException)
Map(java.util.Map)
HashMap(java.util.HashMap)
LabelPermission(com.google.gerrit.server.permissions.LabelPermission)
Example 38 with IdentifiedUser
use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.
the class CreateMergePatchSet method applyImpl.
@Override
protected Response<ChangeInfo> applyImpl(BatchUpdate.Factory updateFactory, ChangeResource rsrc, MergePatchSetInput in) throws OrmException, IOException, InvalidChangeOperationException, RestApiException, UpdateException, PermissionBackendException {
rsrc.permissions().database(db).check(ChangePermission.ADD_PATCH_SET);
MergeInput merge = in.merge;
if (merge == null || Strings.isNullOrEmpty(merge.source)) {
throw new BadRequestException("merge.source must be non-empty");
}
ChangeControl ctl = rsrc.getControl();
PatchSet ps = psUtil.current(db.get(), ctl.getNotes());
ProjectControl projectControl = ctl.getProjectControl();
Change change = ctl.getChange();
Project.NameKey project = change.getProject();
Branch.NameKey dest = change.getDest();
try (Repository git = gitManager.openRepository(project);
ObjectInserter oi = git.newObjectInserter();
ObjectReader reader = oi.newReader();
RevWalk rw = new RevWalk(reader)) {
RevCommit sourceCommit = MergeUtil.resolveCommit(git, rw, merge.source);
if (!projectControl.canReadCommit(db.get(), git, sourceCommit)) {
throw new ResourceNotFoundException("cannot find source commit: " + merge.source + " to merge.");
}
RevCommit currentPsCommit = rw.parseCommit(ObjectId.fromString(ps.getRevision().get()));
Timestamp now = TimeUtil.nowTs();
IdentifiedUser me = user.get().asIdentifiedUser();
PersonIdent author = me.newCommitterIdent(now, serverTimeZone);
RevCommit newCommit = createMergeCommit(in, projectControl, dest, git, oi, rw, currentPsCommit, sourceCommit, author, ObjectId.fromString(change.getKey().get().substring(1)));
PatchSet.Id nextPsId = ChangeUtil.nextPatchSetId(ps.getId());
PatchSetInserter psInserter = patchSetInserterFactory.create(ctl, nextPsId, newCommit);
try (BatchUpdate bu = updateFactory.create(db.get(), project, me, now)) {
bu.setRepository(git, rw, oi);
bu.addOp(ctl.getId(), psInserter.setMessage("Uploaded patch set " + nextPsId.get() + ".").setDraft(ps.isDraft()).setNotify(NotifyHandling.NONE).setCheckAddPatchSetPermission(false));
bu.execute();
}
ChangeJson json = jsonFactory.create(ListChangesOption.CURRENT_REVISION);
return Response.ok(json.format(psInserter.getChange()));
}
}
Also used :
MergeInput(com.google.gerrit.extensions.common.MergeInput)
PatchSet(com.google.gerrit.reviewdb.client.PatchSet)
Change(com.google.gerrit.reviewdb.client.Change)
RevWalk(org.eclipse.jgit.revwalk.RevWalk)
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
ProjectControl(com.google.gerrit.server.project.ProjectControl)
Timestamp(java.sql.Timestamp)
BatchUpdate(com.google.gerrit.server.update.BatchUpdate)
Project(com.google.gerrit.reviewdb.client.Project)
Repository(org.eclipse.jgit.lib.Repository)
ObjectInserter(org.eclipse.jgit.lib.ObjectInserter)
PersonIdent(org.eclipse.jgit.lib.PersonIdent)
GerritPersonIdent(com.google.gerrit.server.GerritPersonIdent)
ChangeControl(com.google.gerrit.server.project.ChangeControl)
Branch(com.google.gerrit.reviewdb.client.Branch)
BadRequestException(com.google.gerrit.extensions.restapi.BadRequestException)
ObjectReader(org.eclipse.jgit.lib.ObjectReader)
ResourceNotFoundException(com.google.gerrit.extensions.restapi.ResourceNotFoundException)
RevCommit(org.eclipse.jgit.revwalk.RevCommit)
Example 39 with IdentifiedUser
use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.
the class Move method applyImpl.
@Override
protected ChangeInfo applyImpl(BatchUpdate.Factory updateFactory, ChangeResource rsrc, MoveInput input) throws RestApiException, OrmException, UpdateException, PermissionBackendException {
Change change = rsrc.getChange();
Project.NameKey project = rsrc.getProject();
IdentifiedUser caller = rsrc.getUser();
input.destinationBranch = RefNames.fullName(input.destinationBranch);
if (change.getStatus().isClosed()) {
throw new ResourceConflictException("Change is " + ChangeUtil.status(change));
}
Branch.NameKey newDest = new Branch.NameKey(project, input.destinationBranch);
if (change.getDest().equals(newDest)) {
throw new ResourceConflictException("Change is already destined for the specified branch");
}
// Move requires abandoning this change, and creating a new change.
try {
rsrc.permissions().database(dbProvider).check(ChangePermission.ABANDON);
permissionBackend.user(caller).database(dbProvider).ref(newDest).check(RefPermission.CREATE_CHANGE);
} catch (AuthException denied) {
throw new AuthException("move not permitted", denied);
}
try (BatchUpdate u = updateFactory.create(dbProvider.get(), project, caller, TimeUtil.nowTs())) {
u.addOp(change.getId(), new Op(input));
u.execute();
}
return json.noOptions().format(project, rsrc.getId());
}
Also used :
Project(com.google.gerrit.reviewdb.client.Project)
BatchUpdateOp(com.google.gerrit.server.update.BatchUpdateOp)
ResourceConflictException(com.google.gerrit.extensions.restapi.ResourceConflictException)
Branch(com.google.gerrit.reviewdb.client.Branch)
AuthException(com.google.gerrit.extensions.restapi.AuthException)
Change(com.google.gerrit.reviewdb.client.Change)
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
BatchUpdate(com.google.gerrit.server.update.BatchUpdate)
Example 40 with IdentifiedUser
use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.
the class ChangeEmail method setFrom.
@Override
public void setFrom(final Account.Id id) {
super.setFrom(id);
/** Is the from user in an email squelching group? */
final IdentifiedUser user = args.identifiedUserFactory.create(id);
emailOnlyAuthors = !user.getCapabilities().canEmailReviewers();
}
Also used :
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
Aggregations
IdentifiedUser (com.google.gerrit.server.IdentifiedUser)48
AuthException (com.google.gerrit.extensions.restapi.AuthException)12
Account (com.google.gerrit.reviewdb.client.Account)10
Change (com.google.gerrit.reviewdb.client.Change)10
CurrentUser (com.google.gerrit.server.CurrentUser)8
ResourceNotFoundException (com.google.gerrit.extensions.restapi.ResourceNotFoundException)7
Project (com.google.gerrit.reviewdb.client.Project)7
ChangeControl (com.google.gerrit.server.project.ChangeControl)7
BadRequestException (com.google.gerrit.extensions.restapi.BadRequestException)6
BatchUpdate (com.google.gerrit.server.update.BatchUpdate)6
ResourceConflictException (com.google.gerrit.extensions.restapi.ResourceConflictException)5
UnprocessableEntityException (com.google.gerrit.extensions.restapi.UnprocessableEntityException)5
AccountGroup (com.google.gerrit.reviewdb.client.AccountGroup)5
PatchSet (com.google.gerrit.reviewdb.client.PatchSet)5
OrmException (com.google.gwtorm.server.OrmException)5
Ref (org.eclipse.jgit.lib.Ref)5
Repository (org.eclipse.jgit.lib.Repository)5
Test (org.junit.Test)5
IOException (java.io.IOException)4
ArrayList (java.util.ArrayList)4
