use of com.google.gerrit.server.util.ManualRequestContext in project gerrit by GerritCodeReview.
the class GerritServer method checkNoteDbState.
private void checkNoteDbState() throws Exception {
NoteDbMode mode = NoteDbMode.get();
if (mode != NoteDbMode.CHECK && mode != NoteDbMode.PRIMARY) {
return;
}
NoteDbChecker checker = testInjector.getInstance(NoteDbChecker.class);
OneOffRequestContext oneOffRequestContext = testInjector.getInstance(OneOffRequestContext.class);
try (ManualRequestContext ctx = oneOffRequestContext.open()) {
if (mode == NoteDbMode.CHECK) {
checker.rebuildAndCheckAllChanges();
} else if (mode == NoteDbMode.PRIMARY) {
checker.assertNoReviewDbChanges(desc.testDescription());
}
}
}
use of com.google.gerrit.server.util.ManualRequestContext in project gerrit by GerritCodeReview.
the class SubmitRequirementsEvaluatorImpl method evaluateRequirement.
@Override
public SubmitRequirementResult evaluateRequirement(SubmitRequirement sr, ChangeData cd) {
try (ManualRequestContext ignored = requestContext.open()) {
// Use a request context to execute predicates as an internal user with expanded visibility.
// This is so that the evaluation does not depend on who is running the current request (e.g.
// a "ownerin" predicate with group that is not visible to the person making this request).
Optional<SubmitRequirementExpressionResult> applicabilityResult = sr.applicabilityExpression().isPresent() ? Optional.of(evaluateExpression(sr.applicabilityExpression().get(), cd)) : Optional.empty();
Optional<SubmitRequirementExpressionResult> submittabilityResult = Optional.empty();
Optional<SubmitRequirementExpressionResult> overrideResult = Optional.empty();
if (!sr.applicabilityExpression().isPresent() || SubmitRequirementResult.assertPass(applicabilityResult)) {
submittabilityResult = Optional.of(evaluateExpression(sr.submittabilityExpression(), cd));
overrideResult = sr.overrideExpression().isPresent() ? Optional.of(evaluateExpression(sr.overrideExpression().get(), cd)) : Optional.empty();
}
return SubmitRequirementResult.builder().legacy(Optional.of(false)).submitRequirement(sr).patchSetCommitId(cd.currentPatchSet().commitId()).submittabilityExpressionResult(submittabilityResult).applicabilityExpressionResult(applicabilityResult).overrideExpressionResult(overrideResult).build();
}
}
use of com.google.gerrit.server.util.ManualRequestContext in project gerrit by GerritCodeReview.
the class AbstractQueryChangesTest method visible.
@Test
public void visible() throws Exception {
TestRepository<Repo> repo = createProject("repo");
Change change1 = insert(repo, newChange(repo));
Change change2 = insert(repo, newChangePrivate(repo));
String q = "project:repo";
// Bad request for query with non-existent user
assertThatQueryException(q + " visibleto:notexisting");
// Current user can see all changes
assertQuery(q, change2, change1);
assertQuery(q + " visibleto:self", change2, change1);
// Second user cannot see first user's private change
Account.Id user2 = createAccount("user2");
assertQuery(q + " visibleto:" + user2.get(), change1);
assertQuery(q + " visibleto:user2", change1);
String g1 = createGroup("group1", "Administrators");
gApi.groups().id(g1).addMembers("user2");
// By default when a group is created without any permission granted,
// nothing is visible to it; having members or not has nothing to do with it
assertQuery(q + " visibleto:" + g1);
// change is visible to group ONLY when access is granted
grant(Project.nameKey("repo"), "refs/*", Permission.READ, false, AccountGroup.uuid(gApi.groups().id(g1).get().id));
assertQuery(q + " visibleto:" + g1, change1);
// Both changes are visible to InternalUser
try (ManualRequestContext ctx = oneOffRequestContext.open()) {
assertQuery(q, change2, change1);
}
requestContext.setContext(newRequestContext(user2));
assertQuery("is:visible", change1);
Account.Id user3 = createAccount("user3");
// Explicitly authenticate user2 and user3 so that display name gets set
AuthRequest authRequest = authRequestFactory.createForUser("user2");
authRequest.setDisplayName("Another User");
authRequest.setEmailAddress("user2@example.com");
accountManager.authenticate(authRequest);
authRequest = authRequestFactory.createForUser("user3");
authRequest.setDisplayName("Another User");
authRequest.setEmailAddress("user3@example.com");
accountManager.authenticate(authRequest);
// Switch to user3
requestContext.setContext(newRequestContext(user3));
Change change3 = insert(repo, newChange(repo), user3);
Change change4 = insert(repo, newChangePrivate(repo), user3);
// User3 can see both their changes and the first user's change
assertQuery(q + " visibleto:" + user3.get(), change4, change3, change1);
// User2 cannot see user3's private change
assertQuery(q + " visibleto:" + user2.get(), change3, change1);
// Query as user3 by display name matching user2 and user3; bad request
assertFailingQuery(q + " visibleto:\"Another User\"", "\"Another User\" resolves to multiple accounts");
}
use of com.google.gerrit.server.util.ManualRequestContext in project gerrit by GerritCodeReview.
the class AbstractQueryGroupsTest method createAccount.
private Account.Id createAccount(String username, String fullName, String email, boolean active) throws Exception {
try (ManualRequestContext ctx = oneOffRequestContext.open()) {
Account.Id id = accountManager.authenticate(AuthRequest.forUser(username)).getAccountId();
if (email != null) {
accountManager.link(id, AuthRequest.forEmail(email));
}
Account a = db.accounts().get(id);
a.setFullName(fullName);
a.setPreferredEmail(email);
a.setActive(active);
db.accounts().update(ImmutableList.of(a));
accountCache.evict(id);
return id;
}
}
use of com.google.gerrit.server.util.ManualRequestContext in project gerrit by GerritCodeReview.
the class LsUserRefs method run.
@Override
protected void run() throws Failure {
enableGracefulStop();
Account.Id userAccountId;
try {
userAccountId = accountResolver.resolve(userName).asUnique().account().id();
} catch (UnprocessableEntityException e) {
stdout.println(e.getMessage());
stdout.flush();
return;
} catch (StorageException | IOException | ConfigInvalidException e) {
throw die(e);
}
Project.NameKey projectName = projectState.getNameKey();
try (Repository repo = repoManager.openRepository(projectName);
ManualRequestContext ctx = requestContext.openAs(userAccountId)) {
try {
Collection<Ref> refsMap = permissionBackend.user(ctx.getUser()).project(projectName).filter(repo.getRefDatabase().getRefs(), repo, RefFilterOptions.defaults());
for (Ref ref : refsMap) {
if (!onlyRefsHeads || ref.getName().startsWith(RefNames.REFS_HEADS)) {
stdout.println(ref);
}
}
} catch (IOException | PermissionBackendException e) {
throw new Failure(1, "fatal: Error reading refs: '" + projectName, e);
}
} catch (RepositoryNotFoundException e) {
throw die("'" + projectName + "': not a git archive", e);
} catch (IOException e) {
throw die("Error opening: '" + projectName, e);
}
}
Aggregations