Search in sources :

Example 11 with GroupControl

use of com.google.gerrit.server.account.GroupControl in project gerrit by GerritCodeReview.

the class GetGroups method apply.

@Override
public Response<List<GroupInfo>> apply(AccountResource resource) throws PermissionBackendException {
    IdentifiedUser user = resource.getUser();
    Account.Id userId = user.getAccountId();
    Set<AccountGroup.UUID> knownGroups = user.getEffectiveGroups().getKnownGroups();
    List<GroupInfo> visibleGroups = new ArrayList<>();
    for (AccountGroup.UUID uuid : knownGroups) {
        GroupControl ctl;
        try {
            ctl = groupControlFactory.controlFor(uuid);
        } catch (NoSuchGroupException e) {
            logger.atFine().log("skipping non-existing group %s", uuid);
            continue;
        }
        if (!ctl.isVisible()) {
            logger.atFine().log("skipping non-visible group %s", uuid);
            continue;
        }
        if (!ctl.canSeeMember(userId)) {
            logger.atFine().log("skipping group %s because member %d cannot be seen", uuid, userId.get());
            continue;
        }
        visibleGroups.add(json.format(ctl.getGroup()));
    }
    return Response.ok(visibleGroups);
}
Also used : GroupControl(com.google.gerrit.server.account.GroupControl) Account(com.google.gerrit.entities.Account) AccountGroup(com.google.gerrit.entities.AccountGroup) GroupInfo(com.google.gerrit.extensions.common.GroupInfo) ArrayList(java.util.ArrayList) IdentifiedUser(com.google.gerrit.server.IdentifiedUser) NoSuchGroupException(com.google.gerrit.exceptions.NoSuchGroupException)

Example 12 with GroupControl

use of com.google.gerrit.server.account.GroupControl in project gerrit by GerritCodeReview.

the class DeleteIncludedGroups method apply.

@Override
public Response<?> apply(GroupResource resource, Input input) throws AuthException, MethodNotAllowedException, UnprocessableEntityException, OrmException {
    AccountGroup internalGroup = resource.toAccountGroup();
    if (internalGroup == null) {
        throw new MethodNotAllowedException();
    }
    input = Input.init(input);
    final GroupControl control = resource.getControl();
    final Map<AccountGroup.UUID, AccountGroupById> includedGroups = getIncludedGroups(internalGroup.getId());
    final List<AccountGroupById> toRemove = new ArrayList<>();
    for (final String includedGroup : input.groups) {
        GroupDescription.Basic d = groupsCollection.parse(includedGroup);
        if (!control.canRemoveGroup()) {
            throw new AuthException(String.format("Cannot delete group: %s", d.getName()));
        }
        AccountGroupById g = includedGroups.remove(d.getGroupUUID());
        if (g != null) {
            toRemove.add(g);
        }
    }
    if (!toRemove.isEmpty()) {
        writeAudits(toRemove);
        db.get().accountGroupById().delete(toRemove);
        for (final AccountGroupById g : toRemove) {
            groupIncludeCache.evictParentGroupsOf(g.getIncludeUUID());
        }
        groupIncludeCache.evictSubgroupsOf(internalGroup.getGroupUUID());
    }
    return Response.none();
}
Also used : GroupControl(com.google.gerrit.server.account.GroupControl) GroupDescription(com.google.gerrit.common.data.GroupDescription) MethodNotAllowedException(com.google.gerrit.extensions.restapi.MethodNotAllowedException) AccountGroup(com.google.gerrit.reviewdb.client.AccountGroup) ArrayList(java.util.ArrayList) AuthException(com.google.gerrit.extensions.restapi.AuthException) AccountGroupById(com.google.gerrit.reviewdb.client.AccountGroupById)

Example 13 with GroupControl

use of com.google.gerrit.server.account.GroupControl in project gerrit by GerritCodeReview.

the class AddIncludedGroups method apply.

@Override
public List<GroupInfo> apply(GroupResource resource, Input input) throws MethodNotAllowedException, AuthException, UnprocessableEntityException, OrmException {
    AccountGroup group = resource.toAccountGroup();
    if (group == null) {
        throw new MethodNotAllowedException();
    }
    input = Input.init(input);
    GroupControl control = resource.getControl();
    Map<AccountGroup.UUID, AccountGroupById> newIncludedGroups = new HashMap<>();
    List<GroupInfo> result = new ArrayList<>();
    Account.Id me = control.getUser().getAccountId();
    for (String includedGroup : input.groups) {
        GroupDescription.Basic d = groupsCollection.parse(includedGroup);
        if (!control.canAddGroup()) {
            throw new AuthException(String.format("Cannot add group: %s", d.getName()));
        }
        if (!newIncludedGroups.containsKey(d.getGroupUUID())) {
            AccountGroupById.Key agiKey = new AccountGroupById.Key(group.getId(), d.getGroupUUID());
            AccountGroupById agi = db.get().accountGroupById().get(agiKey);
            if (agi == null) {
                agi = new AccountGroupById(agiKey);
                newIncludedGroups.put(d.getGroupUUID(), agi);
            }
        }
        result.add(json.format(d));
    }
    if (!newIncludedGroups.isEmpty()) {
        auditService.dispatchAddGroupsToGroup(me, newIncludedGroups.values());
        db.get().accountGroupById().insert(newIncludedGroups.values());
        for (AccountGroupById agi : newIncludedGroups.values()) {
            groupIncludeCache.evictParentGroupsOf(agi.getIncludeUUID());
        }
        groupIncludeCache.evictSubgroupsOf(group.getGroupUUID());
    }
    return result;
}
Also used : Account(com.google.gerrit.reviewdb.client.Account) MethodNotAllowedException(com.google.gerrit.extensions.restapi.MethodNotAllowedException) HashMap(java.util.HashMap) GroupInfo(com.google.gerrit.extensions.common.GroupInfo) ArrayList(java.util.ArrayList) AuthException(com.google.gerrit.extensions.restapi.AuthException) GroupControl(com.google.gerrit.server.account.GroupControl) GroupDescription(com.google.gerrit.common.data.GroupDescription) AccountGroup(com.google.gerrit.reviewdb.client.AccountGroup) AccountGroupById(com.google.gerrit.reviewdb.client.AccountGroupById)

Example 14 with GroupControl

use of com.google.gerrit.server.account.GroupControl in project gerrit by GerritCodeReview.

the class AddMembers method apply.

@Override
public List<AccountInfo> apply(GroupResource resource, Input input) throws AuthException, MethodNotAllowedException, UnprocessableEntityException, OrmException, IOException {
    AccountGroup internalGroup = resource.toAccountGroup();
    if (internalGroup == null) {
        throw new MethodNotAllowedException();
    }
    input = Input.init(input);
    GroupControl control = resource.getControl();
    Set<Account.Id> newMemberIds = new HashSet<>();
    for (String nameOrEmailOrId : input.members) {
        Account a = findAccount(nameOrEmailOrId);
        if (!a.isActive()) {
            throw new UnprocessableEntityException(String.format("Account Inactive: %s", nameOrEmailOrId));
        }
        if (!control.canAddMember()) {
            throw new AuthException("Cannot add member: " + a.getFullName());
        }
        newMemberIds.add(a.getId());
    }
    addMembers(internalGroup.getId(), newMemberIds);
    return toAccountInfoList(newMemberIds);
}
Also used : GroupControl(com.google.gerrit.server.account.GroupControl) Account(com.google.gerrit.reviewdb.client.Account) UnprocessableEntityException(com.google.gerrit.extensions.restapi.UnprocessableEntityException) MethodNotAllowedException(com.google.gerrit.extensions.restapi.MethodNotAllowedException) AccountGroup(com.google.gerrit.reviewdb.client.AccountGroup) AuthException(com.google.gerrit.extensions.restapi.AuthException) HashSet(java.util.HashSet)

Example 15 with GroupControl

use of com.google.gerrit.server.account.GroupControl in project gerrit by GerritCodeReview.

the class AddMembers method apply.

@Override
public Response<List<AccountInfo>> apply(GroupResource resource, Input input) throws AuthException, NotInternalGroupException, UnprocessableEntityException, IOException, ConfigInvalidException, ResourceNotFoundException, PermissionBackendException {
    GroupDescription.Internal internalGroup = resource.asInternalGroup().orElseThrow(NotInternalGroupException::new);
    input = Input.init(input);
    GroupControl control = resource.getControl();
    if (!control.canAddMember()) {
        throw new AuthException("Cannot add members to group " + internalGroup.getName());
    }
    Set<Account.Id> newMemberIds = new LinkedHashSet<>();
    for (String nameOrEmailOrId : input.members) {
        Account a = findAccount(nameOrEmailOrId);
        if (!a.isActive()) {
            throw new UnprocessableEntityException(String.format("Account Inactive: %s", nameOrEmailOrId));
        }
        newMemberIds.add(a.id());
    }
    AccountGroup.UUID groupUuid = internalGroup.getGroupUUID();
    try {
        addMembers(groupUuid, newMemberIds);
    } catch (NoSuchGroupException e) {
        throw new ResourceNotFoundException(String.format("Group %s not found", groupUuid), e);
    }
    return Response.ok(toAccountInfoList(newMemberIds));
}
Also used : LinkedHashSet(java.util.LinkedHashSet) Account(com.google.gerrit.entities.Account) UnprocessableEntityException(com.google.gerrit.extensions.restapi.UnprocessableEntityException) AuthException(com.google.gerrit.extensions.restapi.AuthException) IdString(com.google.gerrit.extensions.restapi.IdString) NoSuchGroupException(com.google.gerrit.exceptions.NoSuchGroupException) GroupDescription(com.google.gerrit.entities.GroupDescription) GroupControl(com.google.gerrit.server.account.GroupControl) AccountGroup(com.google.gerrit.entities.AccountGroup) ExternalId(com.google.gerrit.server.account.externalids.ExternalId) ResourceNotFoundException(com.google.gerrit.extensions.restapi.ResourceNotFoundException)

Aggregations

GroupControl (com.google.gerrit.server.account.GroupControl)19 AuthException (com.google.gerrit.extensions.restapi.AuthException)10 ArrayList (java.util.ArrayList)9 AccountGroup (com.google.gerrit.entities.AccountGroup)7 NoSuchGroupException (com.google.gerrit.exceptions.NoSuchGroupException)7 GroupDescription (com.google.gerrit.entities.GroupDescription)6 GroupInfo (com.google.gerrit.extensions.common.GroupInfo)6 ResourceNotFoundException (com.google.gerrit.extensions.restapi.ResourceNotFoundException)6 AccountGroup (com.google.gerrit.reviewdb.client.AccountGroup)6 MethodNotAllowedException (com.google.gerrit.extensions.restapi.MethodNotAllowedException)5 GroupResource (com.google.gerrit.server.group.GroupResource)4 HashSet (java.util.HashSet)4 GroupDescription (com.google.gerrit.common.data.GroupDescription)3 NoSuchGroupException (com.google.gerrit.common.errors.NoSuchGroupException)3 Account (com.google.gerrit.reviewdb.client.Account)3 AccountGroupById (com.google.gerrit.reviewdb.client.AccountGroupById)3 IdentifiedUser (com.google.gerrit.server.IdentifiedUser)3 Account (com.google.gerrit.entities.Account)2 AgreementInfo (com.google.gerrit.extensions.common.AgreementInfo)2 IdString (com.google.gerrit.extensions.restapi.IdString)2