Convert administrateServer to PermissionBackend

Leave a poorly named backdoor in CapabilityControl for the existing ProjectControl, RefControl, ChangeControl and GroupControl to test administrator permission. Update test expecting a failure when administateServer is not granted. Change-Id: I0f523dbf26506ea53c38ffb02aeef74f3cf18ba6
2017-02-20 16:21:48 -08:00
parent 79ce708c38
commit 29d4523608
28 changed files with 258 additions and 114 deletions
--- a/gerrit-server/src/main/java/com/google/gerrit/server/api/accounts/AccountApiImpl.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/api/accounts/AccountApiImpl.java
@@ -255,7 +255,7 @@ public class AccountApiImpl implements AccountApi {
  public DiffPreferencesInfo getDiffPreferences() throws RestApiException {
    try {
      return getDiffPreferences.apply(account);
-    } catch (IOException | ConfigInvalidException e) {
+    } catch (IOException | ConfigInvalidException | PermissionBackendException e) {
      throw new RestApiException("Cannot query diff preferences", e);
    }
  }
@@ -291,7 +291,7 @@ public class AccountApiImpl implements AccountApi {
  public List<ProjectWatchInfo> getWatchedProjects() throws RestApiException {
    try {
      return getWatchedProjects.apply(account);
-    } catch (OrmException | IOException | ConfigInvalidException e) {
+    } catch (OrmException | IOException | ConfigInvalidException | PermissionBackendException e) {
      throw new RestApiException("Cannot get watched projects", e);
    }
  }
@@ -301,7 +301,7 @@ public class AccountApiImpl implements AccountApi {
      throws RestApiException {
    try {
      return postWatchedProjects.apply(account, in);
-    } catch (OrmException | IOException | ConfigInvalidException e) {
+    } catch (OrmException | IOException | ConfigInvalidException | PermissionBackendException e) {
      throw new RestApiException("Cannot update watched projects", e);
    }
  }
@@ -310,7 +310,7 @@ public class AccountApiImpl implements AccountApi {
  public void deleteWatchedProjects(List<ProjectWatchInfo> in) throws RestApiException {
    try {
      deleteWatchedProjects.apply(account, in);
-    } catch (OrmException | IOException | ConfigInvalidException e) {
+    } catch (OrmException | IOException | ConfigInvalidException | PermissionBackendException e) {
      throw new RestApiException("Cannot delete watched projects", e);
    }
  }
@@ -421,7 +421,7 @@ public class AccountApiImpl implements AccountApi {
    in.raw = RawInputUtil.create(key);
    try {
      return addSshKey.apply(account, in).value();
-    } catch (OrmException | IOException | ConfigInvalidException e) {
+    } catch (OrmException | IOException | ConfigInvalidException | PermissionBackendException e) {
      throw new RestApiException("Cannot add SSH key", e);
    }
  }
--- a/gerrit-server/src/main/java/com/google/gerrit/server/api/projects/ProjectApiImpl.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/api/projects/ProjectApiImpl.java
@@ -300,7 +300,7 @@ public class ProjectApiImpl implements ProjectApi {
  public ProjectAccessInfo access(ProjectAccessInput p) throws RestApiException {
    try {
      return setAccess.apply(checkExists(), p);
-    } catch (IOException e) {
+    } catch (IOException | PermissionBackendException e) {
      throw new RestApiException("Cannot put access rights", e);
    }
  }