Examples with GroupBackedUser com.google.gerrit.server.query.change.GroupBackedUser used on opensource projects

Example 1 with GroupBackedUser

use of com.google.gerrit.server.query.change.GroupBackedUser in project gerrit by GerritCodeReview.

the class GroupBackedUserPermissionIT method changeVisibility_changeOnInvisibleBranchNotVisible.

@Test
public void changeVisibility_changeOnInvisibleBranchNotVisible() throws Exception {
    // Create a change that is not visible to members of 'externalGroup'
    Change.Id invisibleChange = changeOperations.newChange().project(project).branch("refs/meta/config").create();
    GroupBackedUser user = new GroupBackedUser(ImmutableSet.of(ANONYMOUS_USERS, REGISTERED_USERS, externalGroup));
    AuthException thrown = assertThrows(AuthException.class, () -> permissionBackend.user(user).change(changeNotesFactory.create(project, invisibleChange)).check(ChangePermission.READ));
    assertThat(thrown).hasMessageThat().isEqualTo("read not permitted");
}

Example 2 with GroupBackedUser

use of com.google.gerrit.server.query.change.GroupBackedUser in project gerrit by GerritCodeReview.

the class GroupBackedUserPermissionIT method changeVisibility_changeOnBranchVisibleToRegisteredUsersIsVisible.

@Test
public void changeVisibility_changeOnBranchVisibleToRegisteredUsersIsVisible() throws Exception {
    Change.Id changeId = changeOperations.newChange().project(project).create();
    GroupBackedUser user = new GroupBackedUser(ImmutableSet.of(ANONYMOUS_USERS, REGISTERED_USERS, externalGroup));
    blockAnonymousRead();
    permissionBackend.user(user).change(changeNotesFactory.create(project, changeId)).check(ChangePermission.READ);
}

Example 3 with GroupBackedUser

use of com.google.gerrit.server.query.change.GroupBackedUser in project gerrit by GerritCodeReview.

the class ProjectWatch method add.

private void add(Watchers matching, Project.NameKey projectName, NotifyConfig nc) throws QueryParseException {
    logger.atFine().log("Checking watchers for notify config %s from project %s", nc, projectName);
    for (GroupReference groupRef : nc.getGroups()) {
        CurrentUser user = new GroupBackedUser(ImmutableSet.of(groupRef.getUUID()));
        if (filterMatch(user, nc.getFilter())) {
            deliverToMembers(matching.list(nc.getHeader()), groupRef.getUUID());
            logger.atFine().log("Added watchers for group %s", groupRef);
        } else {
            logger.atFine().log("The filter did not match for group %s; skip notification", groupRef);
        }
    }
    if (!nc.getAddresses().isEmpty()) {
        if (filterMatch(null, nc.getFilter())) {
            matching.list(nc.getHeader()).emails.addAll(nc.getAddresses());
            logger.atFine().log("Added watchers for these addresses: %s", nc.getAddresses());
        } else {
            logger.atFine().log("The filter did not match; skip notification for these addresses: %s", nc.getAddresses());
        }
    }
}

Example 4 with GroupBackedUser

use of com.google.gerrit.server.query.change.GroupBackedUser in project gerrit by GerritCodeReview.

the class GroupBackedUserPermissionIT method defaultRefFilter_refVisibilityIsAgnosticOfProvidedGroups.

@Test
public void defaultRefFilter_refVisibilityIsAgnosticOfProvidedGroups() throws Exception {
    GroupBackedUser user = new GroupBackedUser(ImmutableSet.of(ANONYMOUS_USERS, REGISTERED_USERS, externalGroup));
    // Check that refs/meta/config isn't visible by default
    assertThat(getVisibleRefNames(user)).containsExactly("HEAD", "refs/heads/master");
    // Grant access
    projectOperations.project(project).forUpdate().add(allow(Permission.READ).ref("refs/meta/config").group(externalGroup)).update();
    // Check that refs/meta/config became visible
    assertThat(getVisibleRefNames(user)).containsExactly("HEAD", "refs/heads/master", "refs/meta/config");
}

Example 5 with GroupBackedUser

use of com.google.gerrit.server.query.change.GroupBackedUser in project gerrit by GerritCodeReview.

the class GroupBackedUserPermissionIT method defaultRefFilter_changeVisibilityIsAgnosticOfProvidedGroups.

@Test
public void defaultRefFilter_changeVisibilityIsAgnosticOfProvidedGroups() throws Exception {
    GroupBackedUser user = new GroupBackedUser(ImmutableSet.of(ANONYMOUS_USERS, REGISTERED_USERS, externalGroup));
    Change.Id changeOnMaster = changeOperations.newChange().project(project).create();
    Change.Id changeOnRefsMetaConfig = changeOperations.newChange().project(project).branch("refs/meta/config").create();
    // Check that only the change on the default branch is visible
    assertThat(getVisibleRefNames(user)).containsExactly("HEAD", "refs/heads/master", RefNames.changeMetaRef(changeOnMaster), RefNames.patchSetRef(PatchSet.id(changeOnMaster, 1)));
    // Grant access
    projectOperations.project(project).forUpdate().add(allow(Permission.READ).ref("refs/meta/config").group(externalGroup)).update();
    // Check that both changes are visible now
    assertThat(getVisibleRefNames(user)).containsExactly("HEAD", "refs/heads/master", "refs/meta/config", RefNames.changeMetaRef(changeOnMaster), RefNames.patchSetRef(PatchSet.id(changeOnMaster, 1)), RefNames.changeMetaRef(changeOnRefsMetaConfig), RefNames.patchSetRef(PatchSet.id(changeOnRefsMetaConfig, 1)));
}