GET /accounts/{id}/groups
Obtain the list of groups a target user is a member of from
within the user resource, rather than /groups/?user={id} query.
This is a different projection of essentially the same data,
but I think it makes sense to allow a user to ask for their
groups within their account.
A nice benefit is we can now ask /accounts/self/groups to see
our own groups at any time, whereas /groups/?user={id} does not
accept self as an argument.
Unlike /groups/?user={id} query any user can see a subset of
another user's groups if two things are true:
- The caller can see the other user.
Often true when both users have a group in common.
- The caller can see the group.
True when the caller is an owner of that group, or
the group is visible to everyone.
- The caller can see the members of the group.
True if the caller is an owner, or the group
is visible to everyone.
Change-Id: I43d43f2f774dafb1f77fd047b50b6fa050f82d07
This commit is contained in:
Shawn Pearce
@@ -24,7 +24,6 @@ import com.google.gerrit.reviewdb.client.AccountGroup;
|
||||
import com.google.gerrit.reviewdb.client.AccountGroupIncludeByUuid;
|
||||
import com.google.gerrit.reviewdb.server.ReviewDb;
|
||||
import com.google.gerrit.server.account.GroupControl;
|
||||
import com.google.gerrit.server.group.GetGroup.GroupInfo;
|
||||
import com.google.gwtorm.server.OrmException;
|
||||
import com.google.inject.Inject;
|
||||
import com.google.inject.Provider;
|
||||
@@ -63,7 +62,7 @@ public class ListIncludedGroups implements RestReadView<GroupResource> {
|
||||
try {
|
||||
GroupControl i = controlFactory.controlFor(u.getIncludeUUID());
|
||||
if (ownerOfParent || i.isVisible()) {
|
||||
included.add(new GetGroup.GroupInfo(i.getGroup()));
|
||||
included.add(new GroupInfo(i.getGroup()));
|
||||
}
|
||||
} catch (NoSuchGroupException notFound) {
|
||||
log.warn(String.format("Group %s no longer available, included into ",
|
||||
|
||||
Reference in New Issue
Block a user