opendev/gerrit
Code Issues Proposed changes

Merge "Use allow/block/deny methods to improve test readability"

Browse Source
This commit is contained in:
Edwin Kempin
2014-05-21 13:34:44 +00:00
committed by Gerrit Code Review
parent 4bd8980633 c668f4d46b
commit 0acab4a963
9 changed files with 189 additions and 171 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/git/DraftChangeBlockedIT.java
View File

@@ -15,7 +15,7 @@
package com.google.gerrit.acceptance.git; package com.google.gerrit.acceptance.git;
import static com.google.gerrit.server.group.SystemGroupBackend.ANONYMOUS_USERS; import static com.google.gerrit.server.group.SystemGroupBackend.ANONYMOUS_USERS;
import static com.google.gerrit.server.project.Util.grant; import static com.google.gerrit.server.project.Util.block;
import com.google.gerrit.acceptance.AbstractDaemonTest; import com.google.gerrit.acceptance.AbstractDaemonTest;
import com.google.gerrit.acceptance.NoHttpd; import com.google.gerrit.acceptance.NoHttpd;
@@ -49,8 +49,7 @@ public class DraftChangeBlockedIT extends AbstractDaemonTest {
@Before @Before
public void setUp() throws Exception { public void setUp() throws Exception {
ProjectConfig cfg = projectCache.checkedGet(allProjects).getConfig(); ProjectConfig cfg = projectCache.checkedGet(allProjects).getConfig();
grant(cfg, Permission.PUSH, ANONYMOUS_USERS, block(cfg, Permission.PUSH, ANONYMOUS_USERS, "refs/drafts/*");
"refs/drafts/*").setBlock();
saveProjectConfig(cfg); saveProjectConfig(cfg);
projectCache.evict(cfg.getProject()); projectCache.evict(cfg.getProject());
} }

51
gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/rest/project/CreateBranchIT.java
View File

@@ -14,18 +14,20 @@
package com.google.gerrit.acceptance.rest.project; package com.google.gerrit.acceptance.rest.project;
import static com.google.gerrit.server.group.SystemGroupBackend.ANONYMOUS_USERS;
import static com.google.gerrit.server.group.SystemGroupBackend.REGISTERED_USERS;
import static com.google.gerrit.server.project.Util.allow;
import static com.google.gerrit.server.project.Util.block;
import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertEquals;
import com.google.gerrit.acceptance.AbstractDaemonTest; import com.google.gerrit.acceptance.AbstractDaemonTest;
import com.google.gerrit.acceptance.RestResponse; import com.google.gerrit.acceptance.RestResponse;
import com.google.gerrit.common.data.AccessSection;
import com.google.gerrit.common.data.Permission; import com.google.gerrit.common.data.Permission;
import com.google.gerrit.common.data.PermissionRule;
import com.google.gerrit.reviewdb.client.Branch; import com.google.gerrit.reviewdb.client.Branch;
import com.google.gerrit.server.config.AllProjectsNameProvider; import com.google.gerrit.reviewdb.client.Project;
import com.google.gerrit.server.config.AllProjectsName;
import com.google.gerrit.server.git.MetaDataUpdate; import com.google.gerrit.server.git.MetaDataUpdate;
import com.google.gerrit.server.git.ProjectConfig; import com.google.gerrit.server.git.ProjectConfig;
import com.google.gerrit.server.group.SystemGroupBackend;
import com.google.gerrit.server.project.ProjectCache; import com.google.gerrit.server.project.ProjectCache;
import com.google.inject.Inject; import com.google.inject.Inject;
@@ -44,7 +46,7 @@ public class CreateBranchIT extends AbstractDaemonTest {
private ProjectCache projectCache; private ProjectCache projectCache;
@Inject @Inject
private AllProjectsNameProvider allProjects; private AllProjectsName allProjects;
private Branch.NameKey branch; private Branch.NameKey branch;
@@ -130,29 +132,26 @@ public class CreateBranchIT extends AbstractDaemonTest {
} }
private void blockCreateReference() throws IOException, ConfigInvalidException { private void blockCreateReference() throws IOException, ConfigInvalidException {
MetaDataUpdate md = metaDataUpdateFactory.create(allProjects.get()); ProjectConfig cfg = projectCache.checkedGet(allProjects).getConfig();
md.setMessage(String.format("Block %s", Permission.CREATE)); block(cfg, Permission.CREATE, ANONYMOUS_USERS, "refs/*");
ProjectConfig config = ProjectConfig.read(md); saveProjectConfig(allProjects, cfg);
AccessSection s = config.getAccessSection("refs/*", true); projectCache.evict(cfg.getProject());
Permission p = s.getPermission(Permission.CREATE, true);
PermissionRule rule = new PermissionRule(config.resolve(
SystemGroupBackend.getGroup(SystemGroupBackend.ANONYMOUS_USERS)));
rule.setBlock();
p.add(rule);
config.commit(md);
projectCache.evict(config.getProject());
} }
private void grantOwner() throws IOException, ConfigInvalidException { private void grantOwner() throws IOException, ConfigInvalidException {
MetaDataUpdate md = metaDataUpdateFactory.create(project); ProjectConfig cfg = projectCache.checkedGet(project).getConfig();
md.setMessage(String.format("Grant %s", Permission.OWNER)); allow(cfg, Permission.OWNER, REGISTERED_USERS, "refs/*");
ProjectConfig config = ProjectConfig.read(md); saveProjectConfig(project, cfg);
AccessSection s = config.getAccessSection("refs/*", true); projectCache.evict(cfg.getProject());
Permission p = s.getPermission(Permission.OWNER, true); }
PermissionRule rule = new PermissionRule(config.resolve(
SystemGroupBackend.getGroup(SystemGroupBackend.REGISTERED_USERS))); private void saveProjectConfig(Project.NameKey p, ProjectConfig cfg)
p.add(rule); throws IOException {
config.commit(md); MetaDataUpdate md = metaDataUpdateFactory.create(p);
projectCache.evict(config.getProject()); try {
cfg.commit(md);
} finally {
md.close();
}
} }
} }

51
gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/rest/project/DeleteBranchIT.java
View File

@@ -14,18 +14,20 @@
package com.google.gerrit.acceptance.rest.project; package com.google.gerrit.acceptance.rest.project;
import static com.google.gerrit.server.group.SystemGroupBackend.ANONYMOUS_USERS;
import static com.google.gerrit.server.group.SystemGroupBackend.REGISTERED_USERS;
import static com.google.gerrit.server.project.Util.allow;
import static com.google.gerrit.server.project.Util.block;
import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertEquals;
import com.google.gerrit.acceptance.AbstractDaemonTest; import com.google.gerrit.acceptance.AbstractDaemonTest;
import com.google.gerrit.acceptance.RestResponse; import com.google.gerrit.acceptance.RestResponse;
import com.google.gerrit.common.data.AccessSection;
import com.google.gerrit.common.data.Permission; import com.google.gerrit.common.data.Permission;
import com.google.gerrit.common.data.PermissionRule;
import com.google.gerrit.reviewdb.client.Branch; import com.google.gerrit.reviewdb.client.Branch;
import com.google.gerrit.server.config.AllProjectsNameProvider; import com.google.gerrit.reviewdb.client.Project;
import com.google.gerrit.server.config.AllProjectsName;
import com.google.gerrit.server.git.MetaDataUpdate; import com.google.gerrit.server.git.MetaDataUpdate;
import com.google.gerrit.server.git.ProjectConfig; import com.google.gerrit.server.git.ProjectConfig;
import com.google.gerrit.server.group.SystemGroupBackend;
import com.google.gerrit.server.project.ProjectCache; import com.google.gerrit.server.project.ProjectCache;
import com.google.inject.Inject; import com.google.inject.Inject;
@@ -45,7 +47,7 @@ public class DeleteBranchIT extends AbstractDaemonTest {
private ProjectCache projectCache; private ProjectCache projectCache;
@Inject @Inject
private AllProjectsNameProvider allProjects; private AllProjectsName allProjects;
private Branch.NameKey branch; private Branch.NameKey branch;
@@ -125,30 +127,25 @@ public class DeleteBranchIT extends AbstractDaemonTest {
} }
private void blockForcePush() throws IOException, ConfigInvalidException { private void blockForcePush() throws IOException, ConfigInvalidException {
MetaDataUpdate md = metaDataUpdateFactory.create(allProjects.get()); ProjectConfig cfg = projectCache.checkedGet(allProjects).getConfig();
md.setMessage(String.format("Block force %s", Permission.PUSH)); block(cfg, Permission.PUSH, ANONYMOUS_USERS, "refs/heads/*").setForce(true);
ProjectConfig config = ProjectConfig.read(md); saveProjectConfig(allProjects, cfg);
AccessSection s = config.getAccessSection("refs/heads/*", true); projectCache.evict(cfg.getProject());
Permission p = s.getPermission(Permission.PUSH, true);
PermissionRule rule = new PermissionRule(config.resolve(
SystemGroupBackend.getGroup(SystemGroupBackend.ANONYMOUS_USERS)));
rule.setForce(true);
rule.setBlock();
p.add(rule);
config.commit(md);
projectCache.evict(config.getProject());
} }
private void grantOwner() throws IOException, ConfigInvalidException { private void grantOwner() throws IOException, ConfigInvalidException {
MetaDataUpdate md = metaDataUpdateFactory.create(project); ProjectConfig cfg = projectCache.checkedGet(project).getConfig();
md.setMessage(String.format("Grant %s", Permission.OWNER)); allow(cfg, Permission.OWNER, REGISTERED_USERS, "refs/*");
ProjectConfig config = ProjectConfig.read(md); saveProjectConfig(project, cfg);
AccessSection s = config.getAccessSection("refs/*", true); projectCache.evict(cfg.getProject());
Permission p = s.getPermission(Permission.OWNER, true); }
PermissionRule rule = new PermissionRule(config.resolve(
SystemGroupBackend.getGroup(SystemGroupBackend.REGISTERED_USERS))); private void saveProjectConfig(Project.NameKey p, ProjectConfig cfg) throws IOException {
p.add(rule); MetaDataUpdate md = metaDataUpdateFactory.create(p);
config.commit(md); try {
projectCache.evict(config.getProject()); cfg.commit(md);
} finally {
md.close();
}
} }
} }

29
gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/rest/project/ListBranchesIT.java
View File

@@ -16,19 +16,18 @@ package com.google.gerrit.acceptance.rest.project;
import static com.google.gerrit.acceptance.GitUtil.createProject; import static com.google.gerrit.acceptance.GitUtil.createProject;
import static com.google.gerrit.acceptance.rest.project.BranchAssert.assertBranches; import static com.google.gerrit.acceptance.rest.project.BranchAssert.assertBranches;
import static com.google.gerrit.server.group.SystemGroupBackend.REGISTERED_USERS;
import static com.google.gerrit.server.project.Util.block;
import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertEquals;
import com.google.common.collect.Lists; import com.google.common.collect.Lists;
import com.google.gerrit.acceptance.AbstractDaemonTest; import com.google.gerrit.acceptance.AbstractDaemonTest;
import com.google.gerrit.acceptance.PushOneCommit; import com.google.gerrit.acceptance.PushOneCommit;
import com.google.gerrit.acceptance.RestResponse; import com.google.gerrit.acceptance.RestResponse;
import com.google.gerrit.common.data.AccessSection;
import com.google.gerrit.common.data.Permission; import com.google.gerrit.common.data.Permission;
import com.google.gerrit.common.data.PermissionRule;
import com.google.gerrit.reviewdb.client.Project; import com.google.gerrit.reviewdb.client.Project;
import com.google.gerrit.server.git.MetaDataUpdate; import com.google.gerrit.server.git.MetaDataUpdate;
import com.google.gerrit.server.git.ProjectConfig; import com.google.gerrit.server.git.ProjectConfig;
import com.google.gerrit.server.group.SystemGroupBackend;
import com.google.gerrit.server.project.ListBranches.BranchInfo; import com.google.gerrit.server.project.ListBranches.BranchInfo;
import com.google.gerrit.server.project.ProjectCache; import com.google.gerrit.server.project.ProjectCache;
import com.google.gson.reflect.TypeToken; import com.google.gson.reflect.TypeToken;
@@ -142,17 +141,10 @@ public class ListBranchesIT extends AbstractDaemonTest {
private void blockRead(Project.NameKey project, String ref) private void blockRead(Project.NameKey project, String ref)
throws RepositoryNotFoundException, IOException, ConfigInvalidException { throws RepositoryNotFoundException, IOException, ConfigInvalidException {
MetaDataUpdate md = metaDataUpdateFactory.create(project); ProjectConfig cfg = projectCache.checkedGet(project).getConfig();
md.setMessage("Grant submit on " + ref); block(cfg, Permission.READ, REGISTERED_USERS, ref);
ProjectConfig config = ProjectConfig.read(md); saveProjectConfig(project, cfg);
AccessSection s = config.getAccessSection(ref, true); projectCache.evict(cfg.getProject());
Permission p = s.getPermission(Permission.READ, true);
PermissionRule rule = new PermissionRule(config.resolve(
SystemGroupBackend.getGroup(SystemGroupBackend.REGISTERED_USERS)));
rule.setBlock();
p.add(rule);
config.commit(md);
projectCache.evict(config.getProject());
} }
private static List<BranchInfo> toBranchInfoList(RestResponse r) private static List<BranchInfo> toBranchInfoList(RestResponse r)
@@ -168,4 +160,13 @@ public class ListBranchesIT extends AbstractDaemonTest {
PushOneCommit push = pushFactory.create(db, admin.getIdent()); PushOneCommit push = pushFactory.create(db, admin.getIdent());
return push.to(git, ref); return push.to(git, ref);
} }
private void saveProjectConfig(Project.NameKey p, ProjectConfig cfg) throws IOException {
MetaDataUpdate md = metaDataUpdateFactory.create(p);
try {
cfg.commit(md);
} finally {
md.close();
}
}
} }

4
gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/server/project/CustomLabelIT.java
View File

@@ -15,8 +15,8 @@
package com.google.gerrit.acceptance.server.project; package com.google.gerrit.acceptance.server.project;
import static com.google.gerrit.server.group.SystemGroupBackend.ANONYMOUS_USERS; import static com.google.gerrit.server.group.SystemGroupBackend.ANONYMOUS_USERS;
import static com.google.gerrit.server.project.Util.allow;
import static com.google.gerrit.server.project.Util.category; import static com.google.gerrit.server.project.Util.category;
import static com.google.gerrit.server.project.Util.grant;
import static com.google.gerrit.server.project.Util.value; import static com.google.gerrit.server.project.Util.value;
import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNotNull;
@@ -64,7 +64,7 @@ public class CustomLabelIT extends AbstractDaemonTest {
ProjectConfig cfg = projectCache.checkedGet(allProjects).getConfig(); ProjectConfig cfg = projectCache.checkedGet(allProjects).getConfig();
AccountGroup.UUID anonymousUsers = AccountGroup.UUID anonymousUsers =
SystemGroupBackend.getGroup(ANONYMOUS_USERS).getUUID(); SystemGroupBackend.getGroup(ANONYMOUS_USERS).getUUID();
grant(cfg, Permission.forLabel(Q.getName()), -1, 1, anonymousUsers, allow(cfg, Permission.forLabel(Q.getName()), -1, 1, anonymousUsers,
"refs/heads/*"); "refs/heads/*");
saveProjectConfig(cfg); saveProjectConfig(cfg);
} }

6
gerrit-server/src/test/java/com/google/gerrit/rules/GerritCommonTest.java
View File

@@ -15,8 +15,8 @@
package com.google.gerrit.rules; package com.google.gerrit.rules;
import static com.google.gerrit.common.data.Permission.LABEL; import static com.google.gerrit.common.data.Permission.LABEL;
import static com.google.gerrit.server.project.Util.allow;
import static com.google.gerrit.server.project.Util.category; import static com.google.gerrit.server.project.Util.category;
import static com.google.gerrit.server.project.Util.grant;
import static com.google.gerrit.server.project.Util.value; import static com.google.gerrit.server.project.Util.value;
import com.google.gerrit.common.data.LabelType; import com.google.gerrit.common.data.LabelType;
@@ -74,8 +74,8 @@ public class GerritCommonTest extends PrologTestCase {
local.getLabelSections().put(V.getName(), V); local.getLabelSections().put(V.getName(), V);
local.getLabelSections().put(Q.getName(), Q); local.getLabelSections().put(Q.getName(), Q);
util.add(local); util.add(local);
grant(local, LABEL + V.getName(), -1, +1, SystemGroupBackend.REGISTERED_USERS, "refs/heads/*"); allow(local, LABEL + V.getName(), -1, +1, SystemGroupBackend.REGISTERED_USERS, "refs/heads/*");
grant(local, LABEL + Q.getName(), -1, +1, SystemGroupBackend.REGISTERED_USERS, "refs/heads/master"); allow(local, LABEL + Q.getName(), -1, +1, SystemGroupBackend.REGISTERED_USERS, "refs/heads/master");
} }
@Override @Override

12
gerrit-server/src/test/java/com/google/gerrit/server/git/LabelNormalizerTest.java
View File

@@ -16,8 +16,8 @@ package com.google.gerrit.server.git;
import static com.google.gerrit.common.data.Permission.forLabel; import static com.google.gerrit.common.data.Permission.forLabel;
import static com.google.gerrit.server.group.SystemGroupBackend.REGISTERED_USERS; import static com.google.gerrit.server.group.SystemGroupBackend.REGISTERED_USERS;
import static com.google.gerrit.server.project.Util.allow;
import static com.google.gerrit.server.project.Util.category; import static com.google.gerrit.server.project.Util.category;
import static com.google.gerrit.server.project.Util.grant;
import static com.google.gerrit.server.project.Util.value; import static com.google.gerrit.server.project.Util.value;
import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertEquals;
@@ -133,8 +133,8 @@ public class LabelNormalizerTest {
@Test @Test
public void normalizeByPermission() throws Exception { public void normalizeByPermission() throws Exception {
ProjectConfig pc = loadAllProjects(); ProjectConfig pc = loadAllProjects();
grant(pc, forLabel("Code-Review"), -1, 1, REGISTERED_USERS, "refs/heads/*"); allow(pc, forLabel("Code-Review"), -1, 1, REGISTERED_USERS, "refs/heads/*");
grant(pc, forLabel("Verified"), -1, 1, REGISTERED_USERS, "refs/heads/*"); allow(pc, forLabel("Verified"), -1, 1, REGISTERED_USERS, "refs/heads/*");
save(pc); save(pc);
PatchSetApproval cr = psa(userId, "Code-Review", 2); PatchSetApproval cr = psa(userId, "Code-Review", 2);
@@ -149,8 +149,8 @@ public class LabelNormalizerTest {
@Test @Test
public void normalizeByType() throws Exception { public void normalizeByType() throws Exception {
ProjectConfig pc = loadAllProjects(); ProjectConfig pc = loadAllProjects();
grant(pc, forLabel("Code-Review"), -5, 5, REGISTERED_USERS, "refs/heads/*"); allow(pc, forLabel("Code-Review"), -5, 5, REGISTERED_USERS, "refs/heads/*");
grant(pc, forLabel("Verified"), -5, 5, REGISTERED_USERS, "refs/heads/*"); allow(pc, forLabel("Verified"), -5, 5, REGISTERED_USERS, "refs/heads/*");
save(pc); save(pc);
PatchSetApproval cr = psa(userId, "Code-Review", 5); PatchSetApproval cr = psa(userId, "Code-Review", 5);
@@ -176,7 +176,7 @@ public class LabelNormalizerTest {
@Test @Test
public void explicitZeroVoteOnNonEmptyRangeIsPresent() throws Exception { public void explicitZeroVoteOnNonEmptyRangeIsPresent() throws Exception {
ProjectConfig pc = loadAllProjects(); ProjectConfig pc = loadAllProjects();
grant(pc, forLabel("Code-Review"), -1, 1, REGISTERED_USERS, "refs/heads/*"); allow(pc, forLabel("Code-Review"), -1, 1, REGISTERED_USERS, "refs/heads/*");
save(pc); save(pc);
PatchSetApproval cr = psa(userId, "Code-Review", 0); PatchSetApproval cr = psa(userId, "Code-Review", 0);

173
gerrit-server/src/test/java/com/google/gerrit/server/project/RefControlTest.java
View File

@@ -25,8 +25,10 @@ import static com.google.gerrit.server.group.SystemGroupBackend.CHANGE_OWNER;
import static com.google.gerrit.server.group.SystemGroupBackend.REGISTERED_USERS; import static com.google.gerrit.server.group.SystemGroupBackend.REGISTERED_USERS;
import static com.google.gerrit.server.project.Util.ADMIN; import static com.google.gerrit.server.project.Util.ADMIN;
import static com.google.gerrit.server.project.Util.DEVS; import static com.google.gerrit.server.project.Util.DEVS;
import static com.google.gerrit.server.project.Util.allow;
import static com.google.gerrit.server.project.Util.block;
import static com.google.gerrit.server.project.Util.deny;
import static com.google.gerrit.server.project.Util.doNotInherit; import static com.google.gerrit.server.project.Util.doNotInherit;
import static com.google.gerrit.server.project.Util.grant;
import static com.google.gerrit.testutil.InMemoryRepositoryManager.newRepository; import static com.google.gerrit.testutil.InMemoryRepositoryManager.newRepository;
import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue; import static org.junit.Assert.assertTrue;
@@ -68,7 +70,7 @@ public class RefControlTest {
@Test @Test
public void testOwnerProject() { public void testOwnerProject() {
grant(local, OWNER, ADMIN, "refs/*"); allow(local, OWNER, ADMIN, "refs/*");
ProjectControl uBlah = util.user(local, DEVS); ProjectControl uBlah = util.user(local, DEVS);
ProjectControl uAdmin = util.user(local, DEVS, ADMIN); ProjectControl uAdmin = util.user(local, DEVS, ADMIN);
@@ -79,8 +81,8 @@ public class RefControlTest {
@Test @Test
public void testBranchDelegation1() { public void testBranchDelegation1() {
grant(local, OWNER, ADMIN, "refs/*"); allow(local, OWNER, ADMIN, "refs/*");
grant(local, OWNER, DEVS, "refs/heads/x/*"); allow(local, OWNER, DEVS, "refs/heads/x/*");
ProjectControl uDev = util.user(local, DEVS); ProjectControl uDev = util.user(local, DEVS);
assertFalse("not owner", uDev.isOwner()); assertFalse("not owner", uDev.isOwner());
@@ -96,9 +98,9 @@ public class RefControlTest {
@Test @Test
public void testBranchDelegation2() { public void testBranchDelegation2() {
grant(local, OWNER, ADMIN, "refs/*"); allow(local, OWNER, ADMIN, "refs/*");
grant(local, OWNER, DEVS, "refs/heads/x/*"); allow(local, OWNER, DEVS, "refs/heads/x/*");
grant(local, OWNER, fixers, "refs/heads/x/y/*"); allow(local, OWNER, fixers, "refs/heads/x/y/*");
doNotInherit(local, OWNER, "refs/heads/x/y/*"); doNotInherit(local, OWNER, "refs/heads/x/y/*");
ProjectControl uDev = util.user(local, DEVS); ProjectControl uDev = util.user(local, DEVS);
@@ -125,9 +127,9 @@ public class RefControlTest {
@Test @Test
public void testInheritRead_SingleBranchDeniesUpload() { public void testInheritRead_SingleBranchDeniesUpload() {
grant(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*"); allow(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*");
grant(util.getParentConfig(), PUSH, REGISTERED_USERS, "refs/for/refs/*"); allow(util.getParentConfig(), PUSH, REGISTERED_USERS, "refs/for/refs/*");
grant(local, READ, REGISTERED_USERS, "refs/heads/foobar"); allow(local, READ, REGISTERED_USERS, "refs/heads/foobar");
doNotInherit(local, READ, "refs/heads/foobar"); doNotInherit(local, READ, "refs/heads/foobar");
doNotInherit(local, PUSH, "refs/for/refs/heads/foobar"); doNotInherit(local, PUSH, "refs/for/refs/heads/foobar");
@@ -143,9 +145,8 @@ public class RefControlTest {
@Test @Test
public void testBlockPushDrafts() { public void testBlockPushDrafts() {
grant(util.getParentConfig(), PUSH, REGISTERED_USERS, "refs/for/refs/*"); allow(util.getParentConfig(), PUSH, REGISTERED_USERS, "refs/for/refs/*");
grant(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/drafts/*") block(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/drafts/*");
.setBlock();
ProjectControl u = util.user(local); ProjectControl u = util.user(local);
assertTrue("can upload refs/heads/master", assertTrue("can upload refs/heads/master",
@@ -156,9 +157,8 @@ public class RefControlTest {
@Test @Test
public void testBlockPushDraftsUnblockAdmin() { public void testBlockPushDraftsUnblockAdmin() {
grant(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/drafts/*") block(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/drafts/*");
.setBlock(); allow(util.getParentConfig(), PUSH, ADMIN, "refs/drafts/*");
grant(util.getParentConfig(), PUSH, ADMIN, "refs/drafts/*");
assertTrue("push is blocked for anonymous to refs/drafts/master", assertTrue("push is blocked for anonymous to refs/drafts/master",
util.user(local).controlForRef("refs/drafts/refs/heads/master") util.user(local).controlForRef("refs/drafts/refs/heads/master")
@@ -170,9 +170,9 @@ public class RefControlTest {
@Test @Test
public void testInheritRead_SingleBranchDoesNotOverrideInherited() { public void testInheritRead_SingleBranchDoesNotOverrideInherited() {
grant(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*"); allow(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*");
grant(util.getParentConfig(), PUSH, REGISTERED_USERS, "refs/for/refs/*"); allow(util.getParentConfig(), PUSH, REGISTERED_USERS, "refs/for/refs/*");
grant(local, READ, REGISTERED_USERS, "refs/heads/foobar"); allow(local, READ, REGISTERED_USERS, "refs/heads/foobar");
ProjectControl u = util.user(local); ProjectControl u = util.user(local);
assertTrue("can upload", u.canPushToAtLeastOneRef() == Capable.OK); assertTrue("can upload", u.canPushToAtLeastOneRef() == Capable.OK);
@@ -186,21 +186,21 @@ public class RefControlTest {
@Test @Test
public void testInheritDuplicateSections() throws Exception { public void testInheritDuplicateSections() throws Exception {
grant(util.getParentConfig(), READ, ADMIN, "refs/*"); allow(util.getParentConfig(), READ, ADMIN, "refs/*");
grant(local, READ, DEVS, "refs/heads/*"); allow(local, READ, DEVS, "refs/heads/*");
local.getProject().setParentName(util.getParentConfig().getProject().getName()); local.getProject().setParentName(util.getParentConfig().getProject().getName());
assertTrue("a can read", util.user(local, "a", ADMIN).isVisible()); assertTrue("a can read", util.user(local, "a", ADMIN).isVisible());
local = new ProjectConfig(new Project.NameKey("local")); local = new ProjectConfig(new Project.NameKey("local"));
local.load(newRepository(localKey)); local.load(newRepository(localKey));
grant(local, READ, DEVS, "refs/*"); allow(local, READ, DEVS, "refs/*");
assertTrue("d can read", util.user(local, "d", DEVS).isVisible()); assertTrue("d can read", util.user(local, "d", DEVS).isVisible());
} }
@Test @Test
public void testInheritRead_OverrideWithDeny() { public void testInheritRead_OverrideWithDeny() {
grant(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*"); allow(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*");
grant(local, READ, REGISTERED_USERS, "refs/*").setDeny(); deny(local, READ, REGISTERED_USERS, "refs/*");
ProjectControl u = util.user(local); ProjectControl u = util.user(local);
assertFalse("can't read", u.isVisible()); assertFalse("can't read", u.isVisible());
@@ -208,8 +208,8 @@ public class RefControlTest {
@Test @Test
public void testInheritRead_AppendWithDenyOfRef() { public void testInheritRead_AppendWithDenyOfRef() {
grant(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*"); allow(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*");
grant(local, READ, REGISTERED_USERS, "refs/heads/*").setDeny(); deny(local, READ, REGISTERED_USERS, "refs/heads/*");
ProjectControl u = util.user(local); ProjectControl u = util.user(local);
assertTrue("can read", u.isVisible()); assertTrue("can read", u.isVisible());
@@ -220,9 +220,9 @@ public class RefControlTest {
@Test @Test
public void testInheritRead_OverridesAndDeniesOfRef() { public void testInheritRead_OverridesAndDeniesOfRef() {
grant(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*"); allow(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*");
grant(local, READ, REGISTERED_USERS, "refs/*").setDeny(); deny(local, READ, REGISTERED_USERS, "refs/*");
grant(local, READ, REGISTERED_USERS, "refs/heads/*"); allow(local, READ, REGISTERED_USERS, "refs/heads/*");
ProjectControl u = util.user(local); ProjectControl u = util.user(local);
assertTrue("can read", u.isVisible()); assertTrue("can read", u.isVisible());
@@ -233,9 +233,9 @@ public class RefControlTest {
@Test @Test
public void testInheritSubmit_OverridesAndDeniesOfRef() { public void testInheritSubmit_OverridesAndDeniesOfRef() {
grant(util.getParentConfig(), SUBMIT, REGISTERED_USERS, "refs/*"); allow(util.getParentConfig(), SUBMIT, REGISTERED_USERS, "refs/*");
grant(local, SUBMIT, REGISTERED_USERS, "refs/*").setDeny(); deny(local, SUBMIT, REGISTERED_USERS, "refs/*");
grant(local, SUBMIT, REGISTERED_USERS, "refs/heads/*"); allow(local, SUBMIT, REGISTERED_USERS, "refs/heads/*");
ProjectControl u = util.user(local); ProjectControl u = util.user(local);
assertFalse("can't submit", u.controlForRef("refs/foobar").canSubmit()); assertFalse("can't submit", u.controlForRef("refs/foobar").canSubmit());
@@ -245,9 +245,9 @@ public class RefControlTest {
@Test @Test
public void testCannotUploadToAnyRef() { public void testCannotUploadToAnyRef() {
grant(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*"); allow(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*");
grant(local, READ, DEVS, "refs/heads/*"); allow(local, READ, DEVS, "refs/heads/*");
grant(local, PUSH, DEVS, "refs/for/refs/heads/*"); allow(local, PUSH, DEVS, "refs/for/refs/heads/*");
ProjectControl u = util.user(local); ProjectControl u = util.user(local);
assertFalse("cannot upload", u.canPushToAtLeastOneRef() == Capable.OK); assertFalse("cannot upload", u.canPushToAtLeastOneRef() == Capable.OK);
@@ -257,7 +257,7 @@ public class RefControlTest {
@Test @Test
public void testUsernamePatternNonRegex() { public void testUsernamePatternNonRegex() {
grant(local, READ, DEVS, "refs/sb/${username}/heads/*"); allow(local, READ, DEVS, "refs/sb/${username}/heads/*");
ProjectControl u = util.user(local, "u", DEVS), d = util.user(local, "d", DEVS); ProjectControl u = util.user(local, "u", DEVS), d = util.user(local, "d", DEVS);
assertFalse("u can't read", u.controlForRef("refs/sb/d/heads/foobar").isVisible()); assertFalse("u can't read", u.controlForRef("refs/sb/d/heads/foobar").isVisible());
@@ -266,7 +266,7 @@ public class RefControlTest {
@Test @Test
public void testUsernamePatternWithRegex() { public void testUsernamePatternWithRegex() {
grant(local, READ, DEVS, "^refs/sb/${username}/heads/.*"); allow(local, READ, DEVS, "^refs/sb/${username}/heads/.*");
ProjectControl u = util.user(local, "d.v", DEVS), d = util.user(local, "dev", DEVS); ProjectControl u = util.user(local, "d.v", DEVS), d = util.user(local, "dev", DEVS);
assertFalse("u can't read", u.controlForRef("refs/sb/dev/heads/foobar").isVisible()); assertFalse("u can't read", u.controlForRef("refs/sb/dev/heads/foobar").isVisible());
@@ -275,7 +275,7 @@ public class RefControlTest {
@Test @Test
public void testUsernameEmailPatternWithRegex() { public void testUsernameEmailPatternWithRegex() {
grant(local, READ, DEVS, "^refs/sb/${username}/heads/.*"); allow(local, READ, DEVS, "^refs/sb/${username}/heads/.*");
ProjectControl u = util.user(local, "d.v@ger-rit.org", DEVS); ProjectControl u = util.user(local, "d.v@ger-rit.org", DEVS);
ProjectControl d = util.user(local, "dev@ger-rit.org", DEVS); ProjectControl d = util.user(local, "dev@ger-rit.org", DEVS);
@@ -287,8 +287,8 @@ public class RefControlTest {
@Test @Test
public void testSortWithRegex() { public void testSortWithRegex() {
grant(local, READ, DEVS, "^refs/heads/.*"); allow(local, READ, DEVS, "^refs/heads/.*");
grant(util.getParentConfig(), READ, ANONYMOUS_USERS, "^refs/heads/.*-QA-.*"); allow(util.getParentConfig(), READ, ANONYMOUS_USERS, "^refs/heads/.*-QA-.*");
ProjectControl u = util.user(local, DEVS), d = util.user(local, DEVS); ProjectControl u = util.user(local, DEVS), d = util.user(local, DEVS);
assertTrue("u can read", u.controlForRef("refs/heads/foo-QA-bar").isVisible()); assertTrue("u can read", u.controlForRef("refs/heads/foo-QA-bar").isVisible());
@@ -297,17 +297,17 @@ public class RefControlTest {
@Test @Test
public void testBlockRule_ParentBlocksChild() { public void testBlockRule_ParentBlocksChild() {
grant(local, PUSH, DEVS, "refs/tags/*"); allow(local, PUSH, DEVS, "refs/tags/*");
grant(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/tags/*").setBlock(); block(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/tags/*");
ProjectControl u = util.user(local, DEVS); ProjectControl u = util.user(local, DEVS);
assertFalse("u can't update tag", u.controlForRef("refs/tags/V10").canUpdate()); assertFalse("u can't update tag", u.controlForRef("refs/tags/V10").canUpdate());
} }
@Test @Test
public void testBlockRule_ParentBlocksChildEvenIfAlreadyBlockedInChild() { public void testBlockRule_ParentBlocksChildEvenIfAlreadyBlockedInChild() {
grant(local, PUSH, DEVS, "refs/tags/*"); allow(local, PUSH, DEVS, "refs/tags/*");
grant(local, PUSH, ANONYMOUS_USERS, "refs/tags/*").setBlock(); block(local, PUSH, ANONYMOUS_USERS, "refs/tags/*");
grant(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/tags/*").setBlock(); block(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/tags/*");
ProjectControl u = util.user(local, DEVS); ProjectControl u = util.user(local, DEVS);
assertFalse("u can't update tag", u.controlForRef("refs/tags/V10").canUpdate()); assertFalse("u can't update tag", u.controlForRef("refs/tags/V10").canUpdate());
@@ -315,8 +315,8 @@ public class RefControlTest {
@Test @Test
public void testBlockLabelRange_ParentBlocksChild() { public void testBlockLabelRange_ParentBlocksChild() {
grant(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*"); allow(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*");
grant(util.getParentConfig(), LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*").setBlock(); block(util.getParentConfig(), LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*");
ProjectControl u = util.user(local, DEVS); ProjectControl u = util.user(local, DEVS);
@@ -329,10 +329,10 @@ public class RefControlTest {
@Test @Test
public void testBlockLabelRange_ParentBlocksChildEvenIfAlreadyBlockedInChild() { public void testBlockLabelRange_ParentBlocksChildEvenIfAlreadyBlockedInChild() {
grant(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*"); allow(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*");
grant(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*").setBlock(); block(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*");
grant(util.getParentConfig(), LABEL + "Code-Review", -2, +2, DEVS, block(util.getParentConfig(), LABEL + "Code-Review", -2, +2, DEVS,
"refs/heads/*").setBlock(); "refs/heads/*");
ProjectControl u = util.user(local, DEVS); ProjectControl u = util.user(local, DEVS);
@@ -346,8 +346,8 @@ public class RefControlTest {
@Test @Test
public void testUnblockNoForce() { public void testUnblockNoForce() {
grant(local, PUSH, ANONYMOUS_USERS, "refs/heads/*").setBlock(); block(local, PUSH, ANONYMOUS_USERS, "refs/heads/*");
grant(local, PUSH, DEVS, "refs/heads/*"); allow(local, PUSH, DEVS, "refs/heads/*");
ProjectControl u = util.user(local, DEVS); ProjectControl u = util.user(local, DEVS);
assertTrue("u can push", u.controlForRef("refs/heads/master").canUpdate()); assertTrue("u can push", u.controlForRef("refs/heads/master").canUpdate());
@@ -355,10 +355,9 @@ public class RefControlTest {
@Test @Test
public void testUnblockForce() { public void testUnblockForce() {
PermissionRule r = grant(local, PUSH, ANONYMOUS_USERS, "refs/heads/*"); PermissionRule r = block(local, PUSH, ANONYMOUS_USERS, "refs/heads/*");
r.setBlock();
r.setForce(true); r.setForce(true);
grant(local, PUSH, DEVS, "refs/heads/*").setForce(true); allow(local, PUSH, DEVS, "refs/heads/*").setForce(true);
ProjectControl u = util.user(local, DEVS); ProjectControl u = util.user(local, DEVS);
assertTrue("u can force push", u.controlForRef("refs/heads/master").canForceUpdate()); assertTrue("u can force push", u.controlForRef("refs/heads/master").canForceUpdate());
@@ -366,10 +365,9 @@ public class RefControlTest {
@Test @Test
public void testUnblockForceWithAllowNoForce_NotPossible() { public void testUnblockForceWithAllowNoForce_NotPossible() {
PermissionRule r = grant(local, PUSH, ANONYMOUS_USERS, "refs/heads/*"); PermissionRule r = block(local, PUSH, ANONYMOUS_USERS, "refs/heads/*");
r.setBlock();
r.setForce(true); r.setForce(true);
grant(local, PUSH, DEVS, "refs/heads/*"); allow(local, PUSH, DEVS, "refs/heads/*");
ProjectControl u = util.user(local, DEVS); ProjectControl u = util.user(local, DEVS);
assertFalse("u can't force push", u.controlForRef("refs/heads/master").canForceUpdate()); assertFalse("u can't force push", u.controlForRef("refs/heads/master").canForceUpdate());
@@ -377,8 +375,8 @@ public class RefControlTest {
@Test @Test
public void testUnblockMoreSpecificRef_Fails() { public void testUnblockMoreSpecificRef_Fails() {
grant(local, PUSH, ANONYMOUS_USERS, "refs/heads/*").setBlock(); block(local, PUSH, ANONYMOUS_USERS, "refs/heads/*");
grant(local, PUSH, DEVS, "refs/heads/master"); allow(local, PUSH, DEVS, "refs/heads/master");
ProjectControl u = util.user(local, DEVS); ProjectControl u = util.user(local, DEVS);
assertFalse("u can't push", u.controlForRef("refs/heads/master").canUpdate()); assertFalse("u can't push", u.controlForRef("refs/heads/master").canUpdate());
@@ -386,8 +384,8 @@ public class RefControlTest {
@Test @Test
public void testUnblockLargerScope_Fails() { public void testUnblockLargerScope_Fails() {
grant(local, PUSH, ANONYMOUS_USERS, "refs/heads/master").setBlock(); block(local, PUSH, ANONYMOUS_USERS, "refs/heads/master");
grant(local, PUSH, DEVS, "refs/heads/*"); allow(local, PUSH, DEVS, "refs/heads/*");
ProjectControl u = util.user(local, DEVS); ProjectControl u = util.user(local, DEVS);
assertFalse("u can't push", u.controlForRef("refs/heads/master").canUpdate()); assertFalse("u can't push", u.controlForRef("refs/heads/master").canUpdate());
@@ -395,8 +393,8 @@ public class RefControlTest {
@Test @Test
public void testUnblockInLocal_Fails() { public void testUnblockInLocal_Fails() {
grant(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/heads/*").setBlock(); block(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/heads/*");
grant(local, PUSH, fixers, "refs/heads/*"); allow(local, PUSH, fixers, "refs/heads/*");
ProjectControl f = util.user(local, fixers); ProjectControl f = util.user(local, fixers);
assertFalse("u can't push", f.controlForRef("refs/heads/master").canUpdate()); assertFalse("u can't push", f.controlForRef("refs/heads/master").canUpdate());
@@ -404,9 +402,9 @@ public class RefControlTest {
@Test @Test
public void testUnblockInParentBlockInLocal() { public void testUnblockInParentBlockInLocal() {
grant(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/heads/*").setBlock(); block(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/heads/*");
grant(util.getParentConfig(), PUSH, DEVS, "refs/heads/*"); allow(util.getParentConfig(), PUSH, DEVS, "refs/heads/*");
grant(local, PUSH, DEVS, "refs/heads/*").setBlock(); block(local, PUSH, DEVS, "refs/heads/*");
ProjectControl d = util.user(local, DEVS); ProjectControl d = util.user(local, DEVS);
assertFalse("u can't push", d.controlForRef("refs/heads/master").canUpdate()); assertFalse("u can't push", d.controlForRef("refs/heads/master").canUpdate());
@@ -414,8 +412,8 @@ public class RefControlTest {
@Test @Test
public void testUnblockVisibilityByREGISTEREDUsers() { public void testUnblockVisibilityByREGISTEREDUsers() {
grant(local, READ, ANONYMOUS_USERS, "refs/heads/*").setBlock(); block(local, READ, ANONYMOUS_USERS, "refs/heads/*");
grant(local, READ, REGISTERED_USERS, "refs/heads/*"); allow(local, READ, REGISTERED_USERS, "refs/heads/*");
ProjectControl u = util.user(local, REGISTERED_USERS); ProjectControl u = util.user(local, REGISTERED_USERS);
assertTrue("u can read", u.controlForRef("refs/heads/master").isVisibleByRegisteredUsers()); assertTrue("u can read", u.controlForRef("refs/heads/master").isVisibleByRegisteredUsers());
@@ -423,8 +421,8 @@ public class RefControlTest {
@Test @Test
public void testUnblockInLocalVisibilityByRegisteredUsers_Fails() { public void testUnblockInLocalVisibilityByRegisteredUsers_Fails() {
grant(util.getParentConfig(), READ, ANONYMOUS_USERS, "refs/heads/*").setBlock(); block(util.getParentConfig(), READ, ANONYMOUS_USERS, "refs/heads/*");
grant(local, READ, REGISTERED_USERS, "refs/heads/*"); allow(local, READ, REGISTERED_USERS, "refs/heads/*");
ProjectControl u = util.user(local, REGISTERED_USERS); ProjectControl u = util.user(local, REGISTERED_USERS);
assertFalse("u can't read", u.controlForRef("refs/heads/master").isVisibleByRegisteredUsers()); assertFalse("u can't read", u.controlForRef("refs/heads/master").isVisibleByRegisteredUsers());
@@ -432,8 +430,8 @@ public class RefControlTest {
@Test @Test
public void testUnblockForceEditTopicName() { public void testUnblockForceEditTopicName() {
grant(local, EDIT_TOPIC_NAME, ANONYMOUS_USERS, "refs/heads/*").setBlock(); block(local, EDIT_TOPIC_NAME, ANONYMOUS_USERS, "refs/heads/*");
grant(local, EDIT_TOPIC_NAME, DEVS, "refs/heads/*").setForce(true); allow(local, EDIT_TOPIC_NAME, DEVS, "refs/heads/*").setForce(true);
ProjectControl u = util.user(local, DEVS); ProjectControl u = util.user(local, DEVS);
assertTrue("u can edit topic name", u.controlForRef("refs/heads/master") assertTrue("u can edit topic name", u.controlForRef("refs/heads/master")
@@ -442,9 +440,8 @@ public class RefControlTest {
@Test @Test
public void testUnblockInLocalForceEditTopicName_Fails() { public void testUnblockInLocalForceEditTopicName_Fails() {
grant(util.getParentConfig(), EDIT_TOPIC_NAME, ANONYMOUS_USERS, "refs/heads/*") block(util.getParentConfig(), EDIT_TOPIC_NAME, ANONYMOUS_USERS, "refs/heads/*");
.setBlock(); allow(local, EDIT_TOPIC_NAME, DEVS, "refs/heads/*").setForce(true);
grant(local, EDIT_TOPIC_NAME, DEVS, "refs/heads/*").setForce(true);
ProjectControl u = util.user(local, REGISTERED_USERS); ProjectControl u = util.user(local, REGISTERED_USERS);
assertFalse("u can't edit topic name", u.controlForRef("refs/heads/master") assertFalse("u can't edit topic name", u.controlForRef("refs/heads/master")
@@ -453,8 +450,8 @@ public class RefControlTest {
@Test @Test
public void testUnblockRange() { public void testUnblockRange() {
grant(local, LABEL + "Code-Review", -1, +1, ANONYMOUS_USERS, "refs/heads/*").setBlock(); block(local, LABEL + "Code-Review", -1, +1, ANONYMOUS_USERS, "refs/heads/*");
grant(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*"); allow(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*");
ProjectControl u = util.user(local, DEVS); ProjectControl u = util.user(local, DEVS);
PermissionRange range = u.controlForRef("refs/heads/master").getRange(LABEL + "Code-Review"); PermissionRange range = u.controlForRef("refs/heads/master").getRange(LABEL + "Code-Review");
@@ -464,8 +461,8 @@ public class RefControlTest {
@Test @Test
public void testUnblockRangeOnMoreSpecificRef_Fails() { public void testUnblockRangeOnMoreSpecificRef_Fails() {
grant(local, LABEL + "Code-Review", -1, +1, ANONYMOUS_USERS, "refs/heads/*").setBlock(); block(local, LABEL + "Code-Review", -1, +1, ANONYMOUS_USERS, "refs/heads/*");
grant(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/master"); allow(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/master");
ProjectControl u = util.user(local, DEVS); ProjectControl u = util.user(local, DEVS);
PermissionRange range = u.controlForRef("refs/heads/master").getRange(LABEL + "Code-Review"); PermissionRange range = u.controlForRef("refs/heads/master").getRange(LABEL + "Code-Review");
@@ -475,8 +472,8 @@ public class RefControlTest {
@Test @Test
public void testUnblockRangeOnLargerScope_Fails() { public void testUnblockRangeOnLargerScope_Fails() {
grant(local, LABEL + "Code-Review", -1, +1, ANONYMOUS_USERS, "refs/heads/master").setBlock(); block(local, LABEL + "Code-Review", -1, +1, ANONYMOUS_USERS, "refs/heads/master");
grant(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*"); allow(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*");
ProjectControl u = util.user(local, DEVS); ProjectControl u = util.user(local, DEVS);
PermissionRange range = u.controlForRef("refs/heads/master").getRange(LABEL + "Code-Review"); PermissionRange range = u.controlForRef("refs/heads/master").getRange(LABEL + "Code-Review");
@@ -486,9 +483,9 @@ public class RefControlTest {
@Test @Test
public void testUnblockInLocalRange_Fails() { public void testUnblockInLocalRange_Fails() {
grant(util.getParentConfig(), LABEL + "Code-Review", -1, 1, ANONYMOUS_USERS, block(util.getParentConfig(), LABEL + "Code-Review", -1, 1, ANONYMOUS_USERS,
"refs/heads/*").setBlock(); "refs/heads/*");
grant(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*"); allow(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*");
ProjectControl u = util.user(local, DEVS); ProjectControl u = util.user(local, DEVS);
PermissionRange range = PermissionRange range =
@@ -498,7 +495,7 @@ public class RefControlTest {
} }
public void testUnblockRangeForChangeOwner() { public void testUnblockRangeForChangeOwner() {
grant(local, LABEL + "Code-Review", -2, +2, CHANGE_OWNER, "refs/heads/*"); allow(local, LABEL + "Code-Review", -2, +2, CHANGE_OWNER, "refs/heads/*");
ProjectControl u = util.user(local, DEVS); ProjectControl u = util.user(local, DEVS);
PermissionRange range = u.controlForRef("refs/heads/master") PermissionRange range = u.controlForRef("refs/heads/master")
@@ -508,7 +505,7 @@ public class RefControlTest {
} }
public void testUnblockRangeForNotChangeOwner() { public void testUnblockRangeForNotChangeOwner() {
grant(local, LABEL + "Code-Review", -2, +2, CHANGE_OWNER, "refs/heads/*"); allow(local, LABEL + "Code-Review", -2, +2, CHANGE_OWNER, "refs/heads/*");
ProjectControl u = util.user(local, DEVS); ProjectControl u = util.user(local, DEVS);
PermissionRange range = u.controlForRef("refs/heads/master") PermissionRange range = u.controlForRef("refs/heads/master")

29
gerrit-server/src/test/java/com/google/gerrit/server/project/Util.java
View File

@@ -100,7 +100,7 @@ public class Util {
return new PermissionRule(group); return new PermissionRule(group);
} }
static public PermissionRule grant(ProjectConfig project, static public PermissionRule allow(ProjectConfig project,
String permissionName, int min, int max, AccountGroup.UUID group, String permissionName, int min, int max, AccountGroup.UUID group,
String ref) { String ref) {
PermissionRule rule = newRule(project, group); PermissionRule rule = newRule(project, group);
@@ -109,11 +109,36 @@ public class Util {
return grant(project, permissionName, rule, ref); return grant(project, permissionName, rule, ref);
} }
static public PermissionRule grant(ProjectConfig project, static public PermissionRule block(ProjectConfig project,
String permissionName, int min, int max, AccountGroup.UUID group,
String ref) {
PermissionRule rule = newRule(project, group);
rule.setMin(min);
rule.setMax(max);
PermissionRule r = grant(project, permissionName, rule, ref);
r.setBlock();
return r;
}
static public PermissionRule allow(ProjectConfig project,
String permissionName, AccountGroup.UUID group, String ref) { String permissionName, AccountGroup.UUID group, String ref) {
return grant(project, permissionName, newRule(project, group), ref); return grant(project, permissionName, newRule(project, group), ref);
} }
static public PermissionRule block(ProjectConfig project,
String permissionName, AccountGroup.UUID group, String ref) {
PermissionRule r = grant(project, permissionName, newRule(project, group), ref);
r.setBlock();
return r;
}
static public PermissionRule deny(ProjectConfig project,
String permissionName, AccountGroup.UUID group, String ref) {
PermissionRule r = grant(project, permissionName, newRule(project, group), ref);
r.setDeny();
return r;
}
static public void doNotInherit(ProjectConfig project, String permissionName, static public void doNotInherit(ProjectConfig project, String permissionName,
String ref) { String ref) {
project.getAccessSection(ref, true) // project.getAccessSection(ref, true) //