Check canEditTopicName with PermissionBackend

Change-Id: Iaa731018ea2a0aaf2a44e684d9b232769117ef1a

gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/api/change/ChangeIT.java

@@ -1737,7 +1737,7 @@ public class ChangeIT extends AbstractDaemonTest {
     assertThat(gApi.changes().id(r.getChangeId()).topic()).isEqualTo("");
     setApiUser(user);
     exception.expect(AuthException.class);
-    exception.expectMessage("changing topic not permitted");
+    exception.expectMessage("edit topic name not permitted");
     gApi.changes().id(r.getChangeId()).topic("mytopic");
   }
 

gerrit-server/src/main/java/com/google/gerrit/server/api/changes/ChangeApiImpl.java

@@ -74,6 +74,7 @@ import com.google.gerrit.server.change.Reviewers;
 import com.google.gerrit.server.change.Revisions;
 import com.google.gerrit.server.change.SubmittedTogether;
 import com.google.gerrit.server.change.SuggestChangeReviewers;
+import com.google.gerrit.server.permissions.PermissionBackendException;
 import com.google.gerrit.server.project.InvalidChangeOperationException;
 import com.google.gerrit.server.update.UpdateException;
 import com.google.gwtorm.server.OrmException;
@@ -386,7 +387,7 @@ class ChangeApiImpl implements ChangeApi {
     in.topic = topic;
     try {
       putTopic.apply(change, in);
-    } catch (UpdateException e) {
+    } catch (UpdateException | PermissionBackendException e) {
       throw new RestApiException("Cannot set topic", e);
     }
   }

gerrit-server/src/main/java/com/google/gerrit/server/change/ChangeResource.java

@@ -29,6 +29,7 @@ import com.google.gerrit.server.CurrentUser;
 import com.google.gerrit.server.IdentifiedUser;
 import com.google.gerrit.server.StarredChangesUtil;
 import com.google.gerrit.server.notedb.ChangeNotes;
+import com.google.gerrit.server.permissions.PermissionBackend;
 import com.google.gerrit.server.project.ChangeControl;
 import com.google.gerrit.server.project.ProjectState;
 import com.google.gwtorm.server.OrmException;
@@ -53,15 +54,24 @@ public class ChangeResource implements RestResource, HasETag {
     ChangeResource create(ChangeControl ctl);
   }
 
+  private final PermissionBackend permissionBackend;
   private final StarredChangesUtil starredChangesUtil;
   private final ChangeControl control;
 
   @Inject
-  ChangeResource(StarredChangesUtil starredChangesUtil, @Assisted ChangeControl control) {
+  ChangeResource(
+      PermissionBackend permissionBackend,
+      StarredChangesUtil starredChangesUtil,
+      @Assisted ChangeControl control) {
+    this.permissionBackend = permissionBackend;
     this.starredChangesUtil = starredChangesUtil;
     this.control = control;
   }
 
+  public PermissionBackend.ForChange permissions() {
+    return permissionBackend.user(getControl().getUser()).change(getNotes());
+  }
+
   public ChangeControl getControl() {
     return control;
   }

gerrit-server/src/main/java/com/google/gerrit/server/change/PutTopic.java

@@ -16,7 +16,6 @@ package com.google.gerrit.server.change;
 
 import com.google.common.base.Strings;
 import com.google.gerrit.common.TimeUtil;
-import com.google.gerrit.extensions.restapi.AuthException;
 import com.google.gerrit.extensions.restapi.DefaultInput;
 import com.google.gerrit.extensions.restapi.Response;
 import com.google.gerrit.extensions.restapi.RestApiException;
@@ -29,7 +28,8 @@ import com.google.gerrit.server.ChangeMessagesUtil;
 import com.google.gerrit.server.change.PutTopic.Input;
 import com.google.gerrit.server.extensions.events.TopicEdited;
 import com.google.gerrit.server.notedb.ChangeUpdate;
-import com.google.gerrit.server.project.ChangeControl;
+import com.google.gerrit.server.permissions.ChangePermission;
+import com.google.gerrit.server.permissions.PermissionBackendException;
 import com.google.gerrit.server.update.BatchUpdate;
 import com.google.gerrit.server.update.BatchUpdateOp;
 import com.google.gerrit.server.update.ChangeContext;
@@ -65,16 +65,13 @@ public class PutTopic implements RestModifyView<ChangeResource, Input>, UiAction
 
   @Override
   public Response<String> apply(ChangeResource req, Input input)
-      throws UpdateException, RestApiException {
+      throws UpdateException, RestApiException, PermissionBackendException {
-    ChangeControl ctl = req.getControl();
+    req.permissions().check(ChangePermission.EDIT_TOPIC_NAME);
-    if (!ctl.canEditTopicName()) {
-      throw new AuthException("changing topic not permitted");
-    }
 
     Op op = new Op(input != null ? input : new Input());
     try (BatchUpdate u =
         batchUpdateFactory.create(
-            dbProvider.get(), req.getChange().getProject(), ctl.getUser(), TimeUtil.nowTs())) {
+            dbProvider.get(), req.getChange().getProject(), req.getUser(), TimeUtil.nowTs())) {
       u.addOp(req.getId(), op);
       u.execute();
     }
@@ -129,9 +126,9 @@ public class PutTopic implements RestModifyView<ChangeResource, Input>, UiAction
   }
 
   @Override
-  public UiAction.Description getDescription(ChangeResource resource) {
+  public UiAction.Description getDescription(ChangeResource rsrc) {
     return new UiAction.Description()
         .setLabel("Edit Topic")
-        .setVisible(resource.getControl().canEditTopicName());
+        .setVisible(rsrc.permissions().testOrFalse(ChangePermission.EDIT_TOPIC_NAME));
   }
 }

gerrit-server/src/main/java/com/google/gerrit/server/project/ChangeControl.java

@@ -432,7 +432,7 @@ public class ChangeControl {
   }
 
   /** Can this user edit the topic name? */
-  public boolean canEditTopicName() {
+  private boolean canEditTopicName() {
     if (getChange().getStatus().isOpen()) {
       return isOwner() // owner (aka creator) of the change can edit topic
           || getRefControl().isOwner() // branch owner can edit topic

gerrit-server/src/main/java/com/google/gerrit/server/project/RefControl.java

@@ -442,7 +442,7 @@ public class RefControl {
   }
 
   /** @return true if this user can edit topic names. */
-  public boolean canEditTopicName() {
+  boolean canEditTopicName() {
     return canPerform(Permission.EDIT_TOPIC_NAME);
   }