Don't use #test(Permission) when #check(permission) is expected

By design, the result of #test(permission) should only considered as a hint and they might be more permissive than reality. This method should be used by some cases, e.g. rendering UI, where the unreliable results are acceptable. However, there are lots of #test usages which should have been #check. This is not a problem for DefaultPermissionBackend because both #check and #test go the same method in the end. But it is a problem for other permission backend implementations because #test and #check could be different there. This CL replaces those #test with #check. It should be a no-op and should't change existing behaviors. Change-Id: Ie2cc7adb81ccde4591daff35bacca74f97bc3e25
2018-07-04 16:44:57 +02:00
parent 5a92e22f4c
commit 2530d60b49
25 changed files with 313 additions and 132 deletions
--- a/java/com/google/gerrit/server/restapi/change/PostReviewers.java
+++ b/java/com/google/gerrit/server/restapi/change/PostReviewers.java
@@ -352,14 +352,17 @@ public class PostReviewers
      NotifyHandling notify,
      ListMultimap<RecipientType, Account.Id> accountsToNotify)
      throws PermissionBackendException {
-    if (!permissionBackend
-        .user(anonymousProvider.get())
-        .change(rsrc.getNotes())
-        .database(dbProvider)
-        .test(ChangePermission.READ)) {
+    try {
+      permissionBackend
+          .user(anonymousProvider.get())
+          .change(rsrc.getNotes())
+          .database(dbProvider)
+          .check(ChangePermission.READ);
+    } catch (AuthException e) {
      return fail(
          reviewer, MessageFormat.format(ChangeMessages.get().reviewerCantSeeChange, reviewer));
    }
+
    if (!migration.readChanges()) {
      // addByEmail depends on NoteDb.
      return fail(