use of org.eclipse.jgit.internal.storage.dfs.InMemoryRepository in project gerrit by GerritCodeReview.
the class AccountIT method cannotDeleteUserBranch.
@Test
@Sandboxed
public void cannotDeleteUserBranch() throws Exception {
grant(allUsers, RefNames.REFS_USERS + "${" + RefPattern.USERID_SHARDED + "}", Permission.DELETE, true, REGISTERED_USERS);
TestRepository<InMemoryRepository> allUsersRepo = cloneProject(allUsers);
String userRef = RefNames.refsUsers(admin.id);
PushResult r = deleteRef(allUsersRepo, userRef);
RemoteRefUpdate refUpdate = r.getRemoteUpdate(userRef);
assertThat(refUpdate.getStatus()).isEqualTo(RemoteRefUpdate.Status.REJECTED_OTHER_REASON);
assertThat(refUpdate.getMessage()).contains("Not allowed to delete user branch.");
try (Repository repo = repoManager.openRepository(allUsers)) {
assertThat(repo.exactRef(userRef)).isNotNull();
}
}
use of org.eclipse.jgit.internal.storage.dfs.InMemoryRepository in project gerrit by GerritCodeReview.
the class AccountIT method pushWatchConfigToUserBranch.
@Test
public void pushWatchConfigToUserBranch() throws Exception {
TestRepository<InMemoryRepository> allUsersRepo = cloneProject(allUsers);
fetch(allUsersRepo, RefNames.refsUsers(admin.id) + ":userRef");
allUsersRepo.reset("userRef");
Config wc = new Config();
wc.setString(WatchConfig.PROJECT, project.get(), WatchConfig.KEY_NOTIFY, WatchConfig.NotifyValue.create(null, EnumSet.of(NotifyType.ALL_COMMENTS)).toString());
PushOneCommit push = pushFactory.create(db, admin.getIdent(), allUsersRepo, "Add project watch", WatchConfig.WATCH_CONFIG, wc.toText());
push.to(RefNames.REFS_USERS_SELF).assertOkStatus();
accountIndexedCounter.assertReindexOf(admin);
String invalidNotifyValue = "]invalid[";
wc.setString(WatchConfig.PROJECT, project.get(), WatchConfig.KEY_NOTIFY, invalidNotifyValue);
push = pushFactory.create(db, admin.getIdent(), allUsersRepo, "Add invalid project watch", WatchConfig.WATCH_CONFIG, wc.toText());
PushOneCommit.Result r = push.to(RefNames.REFS_USERS_SELF);
r.assertErrorStatus("invalid watch configuration");
r.assertMessage(String.format("%s: Invalid project watch of account %d for project %s: %s", WatchConfig.WATCH_CONFIG, admin.getId().get(), project.get(), invalidNotifyValue));
}
use of org.eclipse.jgit.internal.storage.dfs.InMemoryRepository in project gerrit by GerritCodeReview.
the class ChangeIT method setPrivateByOwner.
@Test
public void setPrivateByOwner() throws Exception {
TestRepository<InMemoryRepository> userRepo = cloneProject(project, user);
PushOneCommit.Result result = pushFactory.create(db, user.getIdent(), userRepo).to("refs/for/master");
setApiUser(user);
String changeId = result.getChangeId();
assertThat(gApi.changes().id(changeId).get().isPrivate).isNull();
gApi.changes().id(changeId).setPrivate(true, null);
ChangeInfo info = gApi.changes().id(changeId).get();
assertThat(info.isPrivate).isTrue();
assertThat(Iterables.getLast(info.messages).message).isEqualTo("Set private");
assertThat(Iterables.getLast(info.messages).tag).contains(ChangeMessagesUtil.TAG_SET_PRIVATE);
gApi.changes().id(changeId).setPrivate(false, null);
info = gApi.changes().id(changeId).get();
assertThat(info.isPrivate).isNull();
assertThat(Iterables.getLast(info.messages).message).isEqualTo("Unset private");
assertThat(Iterables.getLast(info.messages).tag).contains(ChangeMessagesUtil.TAG_UNSET_PRIVATE);
String msg = "This is a security fix that must not be public.";
gApi.changes().id(changeId).setPrivate(true, msg);
info = gApi.changes().id(changeId).get();
assertThat(info.isPrivate).isTrue();
assertThat(Iterables.getLast(info.messages).message).isEqualTo("Set private\n\n" + msg);
assertThat(Iterables.getLast(info.messages).tag).contains(ChangeMessagesUtil.TAG_SET_PRIVATE);
msg = "After this security fix has been released we can make it public now.";
gApi.changes().id(changeId).setPrivate(false, msg);
info = gApi.changes().id(changeId).get();
assertThat(info.isPrivate).isNull();
assertThat(Iterables.getLast(info.messages).message).isEqualTo("Unset private\n\n" + msg);
assertThat(Iterables.getLast(info.messages).tag).contains(ChangeMessagesUtil.TAG_UNSET_PRIVATE);
}
use of org.eclipse.jgit.internal.storage.dfs.InMemoryRepository in project gerrit by GerritCodeReview.
the class ChangeIT method administratorCanSetUserChangePrivate.
@Test
public void administratorCanSetUserChangePrivate() throws Exception {
TestRepository<InMemoryRepository> userRepo = cloneProject(project, user);
PushOneCommit.Result result = pushFactory.create(db, user.getIdent(), userRepo).to("refs/for/master");
String changeId = result.getChangeId();
assertThat(gApi.changes().id(changeId).get().isPrivate).isNull();
gApi.changes().id(changeId).setPrivate(true, null);
setApiUser(user);
ChangeInfo info = gApi.changes().id(changeId).get();
assertThat(info.isPrivate).isTrue();
}
use of org.eclipse.jgit.internal.storage.dfs.InMemoryRepository in project gerrit by GerritCodeReview.
the class ChangeIT method addReviewerThatCannotSeeChange.
@Test
public void addReviewerThatCannotSeeChange() throws Exception {
// create hidden project that is only visible to administrators
Project.NameKey p = createProject("p");
ProjectConfig cfg = projectCache.checkedGet(p).getConfig();
Util.allow(cfg, Permission.READ, groupCache.get(new AccountGroup.NameKey("Administrators")).getGroupUUID(), "refs/*");
Util.block(cfg, Permission.READ, REGISTERED_USERS, "refs/*");
saveProjectConfig(p, cfg);
// create change
TestRepository<InMemoryRepository> repo = cloneProject(p, admin);
PushOneCommit push = pushFactory.create(db, admin.getIdent(), repo);
PushOneCommit.Result result = push.to("refs/for/master");
result.assertOkStatus();
// check the user cannot see the change
setApiUser(user);
try {
gApi.changes().id(result.getChangeId()).get();
fail("Expected ResourceNotFoundException");
} catch (ResourceNotFoundException e) {
// Expected.
}
// try to add user as reviewer
setApiUser(admin);
AddReviewerInput in = new AddReviewerInput();
in.reviewer = user.email;
AddReviewerResult r = gApi.changes().id(result.getChangeId()).addReviewer(in);
assertThat(r.input).isEqualTo(user.email);
assertThat(r.error).contains("does not have permission to see this change");
assertThat(r.reviewers).isNull();
}
Aggregations