Examples with ProjectConfig com.google.gerrit.server.git.ProjectConfig used on opensource projects

Example 31 with ProjectConfig

use of com.google.gerrit.server.git.ProjectConfig in project gerrit by GerritCodeReview.

the class AbstractDaemonTest method blockForgeCommitter.

protected void blockForgeCommitter(Project.NameKey project, String ref) throws Exception {
    ProjectConfig cfg = projectCache.checkedGet(project).getConfig();
    Util.block(cfg, Permission.FORGE_COMMITTER, REGISTERED_USERS, ref);
    saveProjectConfig(project, cfg);
}

Example 32 with ProjectConfig

use of com.google.gerrit.server.git.ProjectConfig in project gerrit by GerritCodeReview.

the class AbstractDaemonTest method allowGlobalCapabilities.

protected void allowGlobalCapabilities(AccountGroup.UUID id, Iterable<String> capabilityNames) throws Exception {
    ProjectConfig cfg = projectCache.checkedGet(allProjects).getConfig();
    for (String capabilityName : capabilityNames) {
        Util.allow(cfg, capabilityName, id);
    }
    saveProjectConfig(allProjects, cfg);
}

Example 33 with ProjectConfig

use of com.google.gerrit.server.git.ProjectConfig in project gerrit by GerritCodeReview.

the class ProjectAccessFactory method call.

@Override
public ProjectAccess call() throws NoSuchProjectException, IOException, ConfigInvalidException, PermissionBackendException {
    ProjectControl pc = checkProjectControl();
    // Load the current configuration from the repository, ensuring its the most
    // recent version available. If it differs from what was in the project
    // state, force a cache flush now.
    //
    ProjectConfig config;
    try (MetaDataUpdate md = metaDataUpdateFactory.create(projectName)) {
        config = ProjectConfig.read(md);
        if (config.updateGroupNames(groupBackend)) {
            md.setMessage("Update group names\n");
            config.commit(md);
            projectCache.evict(config.getProject());
            pc = checkProjectControl();
        } else if (config.getRevision() != null && !config.getRevision().equals(pc.getProjectState().getConfig().getRevision())) {
            projectCache.evict(config.getProject());
            pc = checkProjectControl();
        }
    }
    final RefControl metaConfigControl = pc.controlForRef(RefNames.REFS_CONFIG);
    List<AccessSection> local = new ArrayList<>();
    Set<String> ownerOf = new HashSet<>();
    Map<AccountGroup.UUID, Boolean> visibleGroups = new HashMap<>();
    for (AccessSection section : config.getAccessSections()) {
        String name = section.getName();
        if (AccessSection.GLOBAL_CAPABILITIES.equals(name)) {
            if (pc.isOwner()) {
                local.add(section);
                ownerOf.add(name);
            } else if (metaConfigControl.isVisible()) {
                local.add(section);
            }
        } else if (RefConfigSection.isValid(name)) {
            RefControl rc = pc.controlForRef(name);
            if (rc.isOwner()) {
                local.add(section);
                ownerOf.add(name);
            } else if (metaConfigControl.isVisible()) {
                local.add(section);
            } else if (rc.isVisible()) {
                // Filter the section to only add rules describing groups that
                // are visible to the current-user. This includes any group the
                // user is a member of, as well as groups they own or that
                // are visible to all users.
                AccessSection dst = null;
                for (Permission srcPerm : section.getPermissions()) {
                    Permission dstPerm = null;
                    for (PermissionRule srcRule : srcPerm.getRules()) {
                        AccountGroup.UUID group = srcRule.getGroup().getUUID();
                        if (group == null) {
                            continue;
                        }
                        Boolean canSeeGroup = visibleGroups.get(group);
                        if (canSeeGroup == null) {
                            try {
                                canSeeGroup = groupControlFactory.controlFor(group).isVisible();
                            } catch (NoSuchGroupException e) {
                                canSeeGroup = Boolean.FALSE;
                            }
                            visibleGroups.put(group, canSeeGroup);
                        }
                        if (canSeeGroup) {
                            if (dstPerm == null) {
                                if (dst == null) {
                                    dst = new AccessSection(name);
                                    local.add(dst);
                                }
                                dstPerm = dst.getPermission(srcPerm.getName(), true);
                            }
                            dstPerm.add(srcRule);
                        }
                    }
                }
            }
        }
    }
    if (ownerOf.isEmpty() && pc.isOwnerAnyRef()) {
        // Special case: If the section list is empty, this project has no current
        // access control information. Rely on what ProjectControl determines
        // is ownership, which probably means falling back to site administrators.
        ownerOf.add(AccessSection.ALL);
    }
    final ProjectAccess detail = new ProjectAccess();
    detail.setProjectName(projectName);
    if (config.getRevision() != null) {
        detail.setRevision(config.getRevision().name());
    }
    detail.setInheritsFrom(config.getProject().getParent(allProjectsName));
    if (projectName.equals(allProjectsName)) {
        if (pc.isOwner()) {
            ownerOf.add(AccessSection.GLOBAL_CAPABILITIES);
        }
    }
    detail.setLocal(local);
    detail.setOwnerOf(ownerOf);
    detail.setCanUpload(metaConfigControl.isVisible() && (pc.isOwner() || metaConfigControl.canUpload()));
    detail.setConfigVisible(pc.isOwner() || metaConfigControl.isVisible());
    detail.setGroupInfo(buildGroupInfo(local));
    detail.setLabelTypes(pc.getLabelTypes());
    detail.setFileHistoryLinks(getConfigFileLogLinks(projectName.get()));
    return detail;
}

Example 34 with ProjectConfig

use of com.google.gerrit.server.git.ProjectConfig in project gerrit by GerritCodeReview.

the class AbstractDaemonTest method grant.

protected void grant(Project.NameKey project, String ref, String permission, boolean force, AccountGroup.UUID groupUUID) throws RepositoryNotFoundException, IOException, ConfigInvalidException {
    try (MetaDataUpdate md = metaDataUpdateFactory.create(project)) {
        md.setMessage(String.format("Grant %s on %s", permission, ref));
        ProjectConfig config = ProjectConfig.read(md);
        AccessSection s = config.getAccessSection(ref, true);
        Permission p = s.getPermission(permission, true);
        PermissionRule rule = Util.newRule(config, groupUUID);
        rule.setForce(force);
        p.add(rule);
        config.commit(md);
        projectCache.evict(config.getProject());
    }
}

Example 35 with ProjectConfig

use of com.google.gerrit.server.git.ProjectConfig in project gerrit by GerritCodeReview.

the class AbstractDaemonTest method removeGlobalCapabilities.

protected void removeGlobalCapabilities(AccountGroup.UUID id, Iterable<String> capabilityNames) throws Exception {
    ProjectConfig cfg = projectCache.checkedGet(allProjects).getConfig();
    for (String capabilityName : capabilityNames) {
        Util.remove(cfg, capabilityName, id);
    }
    saveProjectConfig(allProjects, cfg);
}