Refactor: Make static methods in SystemGroupBackend non-static
In a follow-up change we want to make the names of the system groups configurable. This means we need to get GerritServerConfig injected into SystemGroupBackend and use the configured system group names when we create the GroupReference's. For the callers this means that SystemGroupBackend must be injected now. Change-Id: Ia50ea0cd2837c3518a3c6ed84d4612606ccaa8a3 Signed-off-by: Edwin Kempin <ekempin@google.com>
This commit is contained in:
parent
97f74f081d
commit
42686d785c
@ -83,6 +83,7 @@ import com.google.gerrit.server.config.GerritServerConfig;
|
||||
import com.google.gerrit.server.git.GitRepositoryManager;
|
||||
import com.google.gerrit.server.git.MetaDataUpdate;
|
||||
import com.google.gerrit.server.git.ProjectConfig;
|
||||
import com.google.gerrit.server.group.SystemGroupBackend;
|
||||
import com.google.gerrit.server.index.change.ChangeIndex;
|
||||
import com.google.gerrit.server.index.change.ChangeIndexCollection;
|
||||
import com.google.gerrit.server.index.change.ChangeIndexer;
|
||||
@ -245,6 +246,9 @@ public abstract class AbstractDaemonTest {
|
||||
@Inject
|
||||
protected ChangeResource.Factory changeResourceFactory;
|
||||
|
||||
@Inject
|
||||
protected SystemGroupBackend systemGroupBackend;
|
||||
|
||||
@Inject
|
||||
private EventRecorder.Factory eventRecorderFactory;
|
||||
|
||||
|
@ -98,7 +98,6 @@ import com.google.gerrit.server.config.AnonymousCowardNameProvider;
|
||||
import com.google.gerrit.server.git.BatchUpdate;
|
||||
import com.google.gerrit.server.git.ChangeMessageModifier;
|
||||
import com.google.gerrit.server.git.ProjectConfig;
|
||||
import com.google.gerrit.server.group.SystemGroupBackend;
|
||||
import com.google.gerrit.server.notedb.NoteDbChangeState.PrimaryStorage;
|
||||
import com.google.gerrit.server.project.ChangeControl;
|
||||
import com.google.gerrit.server.project.Util;
|
||||
@ -1231,7 +1230,7 @@ public class ChangeIT extends AbstractDaemonTest {
|
||||
cfg.getLabelSections().put(verified.getName(), verified);
|
||||
|
||||
AccountGroup.UUID registeredUsers =
|
||||
SystemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
systemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
String heads = RefNames.REFS_HEADS + "*";
|
||||
Util.allow(cfg, Permission.forLabel(Util.verified().getName()), -1, 1,
|
||||
registeredUsers, heads);
|
||||
@ -1526,9 +1525,9 @@ public class ChangeIT extends AbstractDaemonTest {
|
||||
cfg.getLabelSections().put(verified.getName(), verified);
|
||||
String heads = "refs/heads/*";
|
||||
AccountGroup.UUID owners =
|
||||
SystemGroupBackend.getGroup(CHANGE_OWNER).getUUID();
|
||||
systemGroupBackend.getGroup(CHANGE_OWNER).getUUID();
|
||||
AccountGroup.UUID registered =
|
||||
SystemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
systemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
Util.allow(cfg,
|
||||
Permission.forLabel(verified.getName()), -1, 1, owners, heads);
|
||||
Util.allow(cfg,
|
||||
@ -1825,7 +1824,7 @@ public class ChangeIT extends AbstractDaemonTest {
|
||||
cfg.getLabelSections().put(custom2.getName(), custom2);
|
||||
String heads = "refs/heads/*";
|
||||
AccountGroup.UUID anon =
|
||||
SystemGroupBackend.getGroup(ANONYMOUS_USERS).getUUID();
|
||||
systemGroupBackend.getGroup(ANONYMOUS_USERS).getUUID();
|
||||
Util.allow(cfg, Permission.forLabel("Verified"), -1, 1, anon, heads);
|
||||
Util.allow(cfg, Permission.forLabel("Custom1"), -1, 1, anon, heads);
|
||||
Util.allow(cfg, Permission.forLabel("Custom2"), -1, 1, anon, heads);
|
||||
@ -2391,7 +2390,7 @@ public class ChangeIT extends AbstractDaemonTest {
|
||||
LabelType verified = Util.verified();
|
||||
cfg.getLabelSections().put(verified.getName(), verified);
|
||||
AccountGroup.UUID registeredUsers =
|
||||
SystemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
systemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
String heads = RefNames.REFS_HEADS + "*";
|
||||
Util.allow(cfg, Permission.forLabel(verified.getName()), -1, 1,
|
||||
registeredUsers, heads);
|
||||
@ -2453,7 +2452,7 @@ public class ChangeIT extends AbstractDaemonTest {
|
||||
LabelType verified = Util.verified();
|
||||
cfg.getLabelSections().put(verified.getName(), verified);
|
||||
AccountGroup.UUID registeredUsers =
|
||||
SystemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
systemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
String heads = RefNames.REFS_HEADS + "*";
|
||||
Util.allow(cfg, Permission.forLabel(verified.getName()), -1, 1,
|
||||
registeredUsers, heads);
|
||||
@ -2548,7 +2547,7 @@ public class ChangeIT extends AbstractDaemonTest {
|
||||
// Allow user to approve
|
||||
ProjectConfig cfg = projectCache.checkedGet(project).getConfig();
|
||||
AccountGroup.UUID registeredUsers =
|
||||
SystemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
systemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
String heads = RefNames.REFS_HEADS + "*";
|
||||
Util.allow(cfg, Permission.forLabel(Util.codeReview().getName()), -2, 2,
|
||||
registeredUsers, heads);
|
||||
|
@ -45,7 +45,6 @@ import com.google.gerrit.extensions.common.CommitInfo;
|
||||
import com.google.gerrit.reviewdb.client.AccountGroup;
|
||||
import com.google.gerrit.reviewdb.client.RefNames;
|
||||
import com.google.gerrit.server.git.ProjectConfig;
|
||||
import com.google.gerrit.server.group.SystemGroupBackend;
|
||||
import com.google.gerrit.server.project.Util;
|
||||
|
||||
import org.eclipse.jgit.junit.TestRepository;
|
||||
@ -82,7 +81,7 @@ public class StickyApprovalsIT extends AbstractDaemonTest {
|
||||
cfg.getLabelSections().put(verified.getName(), verified);
|
||||
|
||||
AccountGroup.UUID registeredUsers =
|
||||
SystemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
systemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
String heads = RefNames.REFS_HEADS + "*";
|
||||
Util.allow(cfg, Permission.forLabel(Util.codeReview().getName()), -2, 2,
|
||||
registeredUsers, heads);
|
||||
|
@ -53,7 +53,6 @@ import com.google.gerrit.reviewdb.client.AccountGroup;
|
||||
import com.google.gerrit.reviewdb.client.Change;
|
||||
import com.google.gerrit.reviewdb.client.PatchSet;
|
||||
import com.google.gerrit.server.git.ProjectConfig;
|
||||
import com.google.gerrit.server.group.SystemGroupBackend;
|
||||
import com.google.gerrit.server.mail.Address;
|
||||
import com.google.gerrit.server.project.Util;
|
||||
import com.google.gerrit.server.query.change.ChangeData;
|
||||
@ -106,7 +105,7 @@ public abstract class AbstractPushForReview extends AbstractDaemonTest {
|
||||
patchSetLock = Util.patchSetLock();
|
||||
cfg.getLabelSections().put(patchSetLock.getName(), patchSetLock);
|
||||
AccountGroup.UUID anonymousUsers =
|
||||
SystemGroupBackend.getGroup(ANONYMOUS_USERS).getUUID();
|
||||
systemGroupBackend.getGroup(ANONYMOUS_USERS).getUUID();
|
||||
Util.allow(cfg, Permission.forLabel(patchSetLock.getName()), 0, 1, anonymousUsers,
|
||||
"refs/heads/*");
|
||||
saveProjectConfig(cfg);
|
||||
@ -534,7 +533,7 @@ public abstract class AbstractPushForReview extends AbstractDaemonTest {
|
||||
value(-1, "Negative"));
|
||||
ProjectConfig config = projectCache.checkedGet(project).getConfig();
|
||||
AccountGroup.UUID anon =
|
||||
SystemGroupBackend.getGroup(ANONYMOUS_USERS).getUUID();
|
||||
systemGroupBackend.getGroup(ANONYMOUS_USERS).getUUID();
|
||||
String heads = "refs/heads/*";
|
||||
Util.allow(config, Permission.forLabel("Custom-Label"), -1, 1, anon, heads);
|
||||
config.getLabelSections().put(Q.getName(), Q);
|
||||
|
@ -59,7 +59,6 @@ import com.google.gerrit.server.ChangeMessagesUtil;
|
||||
import com.google.gerrit.server.CommentsUtil;
|
||||
import com.google.gerrit.server.account.AccountControl;
|
||||
import com.google.gerrit.server.git.ProjectConfig;
|
||||
import com.google.gerrit.server.group.SystemGroupBackend;
|
||||
import com.google.gerrit.server.project.Util;
|
||||
import com.google.gerrit.server.query.change.ChangeData;
|
||||
import com.google.inject.Inject;
|
||||
@ -611,7 +610,7 @@ public class ImpersonationIT extends AbstractDaemonTest {
|
||||
String forCodeReviewAs = Permission.forLabelAs(codeReviewType.getName());
|
||||
String heads = "refs/heads/*";
|
||||
AccountGroup.UUID uuid =
|
||||
SystemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
systemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
Util.allow(cfg, forCodeReviewAs, -1, 1, uuid, heads);
|
||||
saveProjectConfig(project, cfg);
|
||||
}
|
||||
@ -620,7 +619,7 @@ public class ImpersonationIT extends AbstractDaemonTest {
|
||||
ProjectConfig cfg = projectCache.checkedGet(project).getConfig();
|
||||
String heads = "refs/heads/*";
|
||||
AccountGroup.UUID uuid =
|
||||
SystemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
systemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
Util.allow(cfg, Permission.SUBMIT_AS, uuid, heads);
|
||||
Util.allow(cfg, Permission.SUBMIT, uuid, heads);
|
||||
LabelType codeReviewType = Util.codeReview();
|
||||
@ -639,14 +638,14 @@ public class ImpersonationIT extends AbstractDaemonTest {
|
||||
private void allowRunAs() throws Exception {
|
||||
ProjectConfig cfg = projectCache.checkedGet(allProjects).getConfig();
|
||||
Util.allow(cfg, GlobalCapability.RUN_AS,
|
||||
SystemGroupBackend.getGroup(ANONYMOUS_USERS).getUUID());
|
||||
systemGroupBackend.getGroup(ANONYMOUS_USERS).getUUID());
|
||||
saveProjectConfig(allProjects, cfg);
|
||||
}
|
||||
|
||||
private void removeRunAs() throws Exception {
|
||||
ProjectConfig cfg = projectCache.checkedGet(allProjects).getConfig();
|
||||
Util.remove(cfg, GlobalCapability.RUN_AS,
|
||||
SystemGroupBackend.getGroup(ANONYMOUS_USERS).getUUID());
|
||||
systemGroupBackend.getGroup(ANONYMOUS_USERS).getUUID());
|
||||
saveProjectConfig(allProjects, cfg);
|
||||
}
|
||||
|
||||
|
@ -84,7 +84,7 @@ public class ChangeOwnerIT extends AbstractDaemonTest {
|
||||
AccessSection s = config.getAccessSection("refs/heads/*", true);
|
||||
Permission p = s.getPermission(LABEL + "Code-Review", true);
|
||||
PermissionRule rule = new PermissionRule(config
|
||||
.resolve(SystemGroupBackend.getGroup(SystemGroupBackend.CHANGE_OWNER)));
|
||||
.resolve(systemGroupBackend.getGroup(SystemGroupBackend.CHANGE_OWNER)));
|
||||
rule.setMin(-2);
|
||||
rule.setMax(+2);
|
||||
p.add(rule);
|
||||
|
@ -33,7 +33,6 @@ import com.google.gerrit.extensions.restapi.RestApiException;
|
||||
import com.google.gerrit.reviewdb.client.AccountGroup;
|
||||
import com.google.gerrit.reviewdb.client.Branch;
|
||||
import com.google.gerrit.server.git.ProjectConfig;
|
||||
import com.google.gerrit.server.group.SystemGroupBackend;
|
||||
import com.google.gerrit.server.project.Util;
|
||||
|
||||
import org.eclipse.jgit.junit.TestRepository;
|
||||
@ -166,7 +165,7 @@ public class MoveChangeIT extends AbstractDaemonTest {
|
||||
new Branch.NameKey(r.getChange().change().getProject(), "blocked_branch");
|
||||
createBranch(newBranch);
|
||||
block(Permission.PUSH,
|
||||
SystemGroupBackend.getGroup(REGISTERED_USERS).getUUID(),
|
||||
systemGroupBackend.getGroup(REGISTERED_USERS).getUUID(),
|
||||
"refs/for/" + newBranch.get());
|
||||
exception.expect(AuthException.class);
|
||||
exception.expectMessage("Move not permitted");
|
||||
@ -181,7 +180,7 @@ public class MoveChangeIT extends AbstractDaemonTest {
|
||||
new Branch.NameKey(r.getChange().change().getProject(), "moveTest");
|
||||
createBranch(newBranch);
|
||||
block(Permission.ABANDON,
|
||||
SystemGroupBackend.getGroup(REGISTERED_USERS).getUUID(),
|
||||
systemGroupBackend.getGroup(REGISTERED_USERS).getUUID(),
|
||||
r.getChange().change().getDest().get());
|
||||
setApiUser(user);
|
||||
exception.expect(AuthException.class);
|
||||
@ -228,7 +227,7 @@ public class MoveChangeIT extends AbstractDaemonTest {
|
||||
LabelType patchSetLock = Util.patchSetLock();
|
||||
cfg.getLabelSections().put(patchSetLock.getName(), patchSetLock);
|
||||
AccountGroup.UUID registeredUsers =
|
||||
SystemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
systemGroupBackend.getGroup(REGISTERED_USERS).getUUID();
|
||||
Util.allow(cfg, Permission.forLabel(patchSetLock.getName()), 0, 1, registeredUsers,
|
||||
"refs/heads/*");
|
||||
saveProjectConfig(cfg);
|
||||
|
@ -33,7 +33,6 @@ import com.google.gerrit.extensions.registration.DynamicSet;
|
||||
import com.google.gerrit.extensions.registration.RegistrationHandle;
|
||||
import com.google.gerrit.reviewdb.client.AccountGroup;
|
||||
import com.google.gerrit.server.git.ProjectConfig;
|
||||
import com.google.gerrit.server.group.SystemGroupBackend;
|
||||
import com.google.gerrit.server.project.Util;
|
||||
import com.google.inject.Inject;
|
||||
|
||||
@ -63,7 +62,7 @@ public class CommentAddedEventIT extends AbstractDaemonTest {
|
||||
public void setUp() throws Exception {
|
||||
ProjectConfig cfg = projectCache.checkedGet(project).getConfig();
|
||||
AccountGroup.UUID anonymousUsers =
|
||||
SystemGroupBackend.getGroup(ANONYMOUS_USERS).getUUID();
|
||||
systemGroupBackend.getGroup(ANONYMOUS_USERS).getUUID();
|
||||
Util.allow(cfg, Permission.forLabel(label.getName()), -1, 1, anonymousUsers,
|
||||
"refs/heads/*");
|
||||
Util.allow(cfg, Permission.forLabel(pLabel.getName()), 0, 1, anonymousUsers,
|
||||
|
@ -68,7 +68,6 @@ import com.google.gerrit.server.git.BatchUpdate.ChangeContext;
|
||||
import com.google.gerrit.server.git.ProjectConfig;
|
||||
import com.google.gerrit.server.git.RepoRefCache;
|
||||
import com.google.gerrit.server.git.UpdateException;
|
||||
import com.google.gerrit.server.group.SystemGroupBackend;
|
||||
import com.google.gerrit.server.notedb.ChangeBundle;
|
||||
import com.google.gerrit.server.notedb.ChangeBundleReader;
|
||||
import com.google.gerrit.server.notedb.ChangeNotes;
|
||||
@ -1349,14 +1348,14 @@ public class ChangeRebuilderIT extends AbstractDaemonTest {
|
||||
private void allowRunAs() throws Exception {
|
||||
ProjectConfig cfg = projectCache.checkedGet(allProjects).getConfig();
|
||||
Util.allow(cfg, GlobalCapability.RUN_AS,
|
||||
SystemGroupBackend.getGroup(REGISTERED_USERS).getUUID());
|
||||
systemGroupBackend.getGroup(REGISTERED_USERS).getUUID());
|
||||
saveProjectConfig(allProjects, cfg);
|
||||
}
|
||||
|
||||
private void removeRunAs() throws Exception {
|
||||
ProjectConfig cfg = projectCache.checkedGet(allProjects).getConfig();
|
||||
Util.remove(cfg, GlobalCapability.RUN_AS,
|
||||
SystemGroupBackend.getGroup(REGISTERED_USERS).getUUID());
|
||||
systemGroupBackend.getGroup(REGISTERED_USERS).getUUID());
|
||||
saveProjectConfig(allProjects, cfg);
|
||||
}
|
||||
|
||||
|
@ -35,7 +35,6 @@ import com.google.gerrit.extensions.registration.RegistrationHandle;
|
||||
import com.google.gerrit.extensions.restapi.ResourceConflictException;
|
||||
import com.google.gerrit.reviewdb.client.AccountGroup;
|
||||
import com.google.gerrit.server.git.ProjectConfig;
|
||||
import com.google.gerrit.server.group.SystemGroupBackend;
|
||||
import com.google.gerrit.server.project.Util;
|
||||
import com.google.inject.Inject;
|
||||
|
||||
@ -65,7 +64,7 @@ public class CustomLabelIT extends AbstractDaemonTest {
|
||||
public void setUp() throws Exception {
|
||||
ProjectConfig cfg = projectCache.checkedGet(project).getConfig();
|
||||
AccountGroup.UUID anonymousUsers =
|
||||
SystemGroupBackend.getGroup(ANONYMOUS_USERS).getUUID();
|
||||
systemGroupBackend.getGroup(ANONYMOUS_USERS).getUUID();
|
||||
Util.allow(cfg, Permission.forLabel(label.getName()), -1, 1, anonymousUsers,
|
||||
"refs/heads/*");
|
||||
Util.allow(cfg, Permission.forLabel(P.getName()), 0, 1, anonymousUsers,
|
||||
|
@ -42,6 +42,7 @@ public class CapabilityCollection {
|
||||
CapabilityCollection create(@Nullable AccessSection section);
|
||||
}
|
||||
|
||||
private final SystemGroupBackend systemGroupBackend;
|
||||
private final ImmutableMap<String, ImmutableList<PermissionRule>> permissions;
|
||||
|
||||
public final ImmutableList<PermissionRule> administrateServer;
|
||||
@ -52,8 +53,11 @@ public class CapabilityCollection {
|
||||
|
||||
@Inject
|
||||
CapabilityCollection(
|
||||
SystemGroupBackend systemGroupBackend,
|
||||
@AdministrateServerGroups ImmutableSet<GroupReference> admins,
|
||||
@Assisted @Nullable AccessSection section) {
|
||||
this.systemGroupBackend = systemGroupBackend;
|
||||
|
||||
if (section == null) {
|
||||
section = new AccessSection(AccessSection.GLOBAL_CAPABILITIES);
|
||||
}
|
||||
@ -119,12 +123,10 @@ public class CapabilityCollection {
|
||||
return r != null ? r : ImmutableList.<PermissionRule> of();
|
||||
}
|
||||
|
||||
private static final GroupReference anonymous = SystemGroupBackend
|
||||
.getGroup(SystemGroupBackend.ANONYMOUS_USERS);
|
||||
|
||||
private static void configureDefaults(Map<String, List<PermissionRule>> out,
|
||||
private void configureDefaults(Map<String, List<PermissionRule>> out,
|
||||
AccessSection section) {
|
||||
configureDefault(out, section, GlobalCapability.QUERY_LIMIT, anonymous);
|
||||
configureDefault(out, section, GlobalCapability.QUERY_LIMIT,
|
||||
systemGroupBackend.getGroup(SystemGroupBackend.ANONYMOUS_USERS));
|
||||
}
|
||||
|
||||
private static void configureDefault(Map<String, List<PermissionRule>> out,
|
||||
|
@ -73,6 +73,7 @@ public class CreateGroup implements RestModifyView<TopLevelResource, GroupInput>
|
||||
private final GroupJson json;
|
||||
private final DynamicSet<GroupCreationValidationListener> groupCreationValidationListeners;
|
||||
private final AddMembers addMembers;
|
||||
private final SystemGroupBackend systemGroupBackend;
|
||||
private final boolean defaultVisibleToAll;
|
||||
private final String name;
|
||||
|
||||
@ -86,6 +87,7 @@ public class CreateGroup implements RestModifyView<TopLevelResource, GroupInput>
|
||||
GroupJson json,
|
||||
DynamicSet<GroupCreationValidationListener> groupCreationValidationListeners,
|
||||
AddMembers addMembers,
|
||||
SystemGroupBackend systemGroupBackend,
|
||||
@GerritServerConfig Config cfg,
|
||||
@Assisted String name) {
|
||||
this.self = self;
|
||||
@ -96,6 +98,7 @@ public class CreateGroup implements RestModifyView<TopLevelResource, GroupInput>
|
||||
this.json = json;
|
||||
this.groupCreationValidationListeners = groupCreationValidationListeners;
|
||||
this.addMembers = addMembers;
|
||||
this.systemGroupBackend = systemGroupBackend;
|
||||
this.defaultVisibleToAll = cfg.getBoolean("groups", "newGroupsVisibleToAll", false);
|
||||
this.name = name;
|
||||
}
|
||||
@ -169,7 +172,7 @@ public class CreateGroup implements RestModifyView<TopLevelResource, GroupInput>
|
||||
throws OrmException, ResourceConflictException, IOException {
|
||||
|
||||
// Do not allow creating groups with the same name as system groups
|
||||
for (String name : SystemGroupBackend.getNames()) {
|
||||
for (String name : systemGroupBackend.getNames()) {
|
||||
if (name.toLowerCase(Locale.US).equals(
|
||||
createGroupArgs.getGroupName().toLowerCase(Locale.US))) {
|
||||
throw new ResourceConflictException("group '" + name
|
||||
|
@ -17,6 +17,7 @@ package com.google.gerrit.server.group;
|
||||
import static com.google.common.base.Preconditions.checkNotNull;
|
||||
import static java.util.stream.Collectors.toSet;
|
||||
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.gerrit.common.data.GroupDescription;
|
||||
@ -27,6 +28,8 @@ import com.google.gerrit.server.account.AbstractGroupBackend;
|
||||
import com.google.gerrit.server.account.GroupMembership;
|
||||
import com.google.gerrit.server.account.ListGroupMembership;
|
||||
import com.google.gerrit.server.project.ProjectControl;
|
||||
import com.google.inject.Inject;
|
||||
import com.google.inject.Singleton;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
@ -38,6 +41,7 @@ import java.util.Set;
|
||||
import java.util.SortedMap;
|
||||
import java.util.TreeMap;
|
||||
|
||||
@Singleton
|
||||
public class SystemGroupBackend extends AbstractGroupBackend {
|
||||
public static final String SYSTEM_GROUP_SCHEME = "global:";
|
||||
|
||||
@ -57,8 +61,6 @@ public class SystemGroupBackend extends AbstractGroupBackend {
|
||||
public static final AccountGroup.UUID CHANGE_OWNER =
|
||||
new AccountGroup.UUID(SYSTEM_GROUP_SCHEME + "Change-Owner");
|
||||
|
||||
private static final SortedMap<String, GroupReference> names;
|
||||
private static final ImmutableMap<AccountGroup.UUID, GroupReference> uuids;
|
||||
private static final AccountGroup.UUID[] all = {
|
||||
ANONYMOUS_USERS,
|
||||
REGISTERED_USERS,
|
||||
@ -66,7 +68,24 @@ public class SystemGroupBackend extends AbstractGroupBackend {
|
||||
CHANGE_OWNER,
|
||||
};
|
||||
|
||||
static {
|
||||
public static boolean isSystemGroup(AccountGroup.UUID uuid) {
|
||||
return uuid.get().startsWith(SYSTEM_GROUP_SCHEME);
|
||||
}
|
||||
|
||||
public static boolean isAnonymousOrRegistered(GroupReference ref) {
|
||||
return isAnonymousOrRegistered(ref.getUUID());
|
||||
}
|
||||
|
||||
public static boolean isAnonymousOrRegistered(AccountGroup.UUID uuid) {
|
||||
return ANONYMOUS_USERS.equals(uuid) || REGISTERED_USERS.equals(uuid);
|
||||
}
|
||||
|
||||
private final SortedMap<String, GroupReference> names;
|
||||
private final ImmutableMap<AccountGroup.UUID, GroupReference> uuids;
|
||||
|
||||
@Inject
|
||||
@VisibleForTesting
|
||||
public SystemGroupBackend() {
|
||||
SortedMap<String, GroupReference> n = new TreeMap<>();
|
||||
ImmutableMap.Builder<AccountGroup.UUID, GroupReference> u =
|
||||
ImmutableMap.builder();
|
||||
@ -82,23 +101,11 @@ public class SystemGroupBackend extends AbstractGroupBackend {
|
||||
uuids = u.build();
|
||||
}
|
||||
|
||||
public static boolean isSystemGroup(AccountGroup.UUID uuid) {
|
||||
return uuid.get().startsWith(SYSTEM_GROUP_SCHEME);
|
||||
}
|
||||
|
||||
public static boolean isAnonymousOrRegistered(GroupReference ref) {
|
||||
return isAnonymousOrRegistered(ref.getUUID());
|
||||
}
|
||||
|
||||
public static boolean isAnonymousOrRegistered(AccountGroup.UUID uuid) {
|
||||
return ANONYMOUS_USERS.equals(uuid) || REGISTERED_USERS.equals(uuid);
|
||||
}
|
||||
|
||||
public static GroupReference getGroup(AccountGroup.UUID uuid) {
|
||||
public GroupReference getGroup(AccountGroup.UUID uuid) {
|
||||
return checkNotNull(uuids.get(uuid), "group %s not found", uuid.get());
|
||||
}
|
||||
|
||||
public static Set<String> getNames() {
|
||||
public Set<String> getNames() {
|
||||
return names.values().stream().map(r -> r.getName()).collect(toSet());
|
||||
}
|
||||
|
||||
|
@ -70,14 +70,15 @@ public class AllProjectsCreator {
|
||||
AllProjectsCreator(
|
||||
GitRepositoryManager mgr,
|
||||
AllProjectsName allProjectsName,
|
||||
SystemGroupBackend systemGroupBackend,
|
||||
@GerritPersonIdent PersonIdent serverUser) {
|
||||
this.mgr = mgr;
|
||||
this.allProjectsName = allProjectsName;
|
||||
this.serverUser = serverUser;
|
||||
|
||||
this.anonymous = SystemGroupBackend.getGroup(ANONYMOUS_USERS);
|
||||
this.registered = SystemGroupBackend.getGroup(REGISTERED_USERS);
|
||||
this.owners = SystemGroupBackend.getGroup(PROJECT_OWNERS);
|
||||
this.anonymous = systemGroupBackend.getGroup(ANONYMOUS_USERS);
|
||||
this.registered = systemGroupBackend.getGroup(REGISTERED_USERS);
|
||||
this.owners = systemGroupBackend.getGroup(PROJECT_OWNERS);
|
||||
}
|
||||
|
||||
public AllProjectsCreator setAdministrators(GroupReference admin) {
|
||||
|
@ -54,11 +54,12 @@ public class AllUsersCreator {
|
||||
AllUsersCreator(
|
||||
GitRepositoryManager mgr,
|
||||
AllUsersName allUsersName,
|
||||
SystemGroupBackend systemGroupBackend,
|
||||
@GerritPersonIdent PersonIdent serverUser) {
|
||||
this.mgr = mgr;
|
||||
this.allUsersName = allUsersName;
|
||||
this.serverUser = serverUser;
|
||||
this.registered = SystemGroupBackend.getGroup(REGISTERED_USERS);
|
||||
this.registered = systemGroupBackend.getGroup(REGISTERED_USERS);
|
||||
}
|
||||
|
||||
public AllUsersCreator setAdministrators(GroupReference admin) {
|
||||
|
@ -25,6 +25,7 @@ import com.google.gerrit.server.config.AllUsersName;
|
||||
import com.google.gerrit.server.config.AnonymousCowardName;
|
||||
import com.google.gerrit.server.config.SitePaths;
|
||||
import com.google.gerrit.server.git.GitRepositoryManager;
|
||||
import com.google.gerrit.server.group.SystemGroupBackend;
|
||||
import com.google.gwtorm.server.OrmException;
|
||||
import com.google.gwtorm.server.SchemaFactory;
|
||||
import com.google.inject.AbstractModule;
|
||||
@ -82,6 +83,7 @@ public class SchemaUpdater {
|
||||
AllUsersName.class,
|
||||
GitRepositoryManager.class,
|
||||
SitePaths.class,
|
||||
SystemGroupBackend.class,
|
||||
}) {
|
||||
rebind(parent, Key.get(c));
|
||||
}
|
||||
|
@ -58,6 +58,7 @@ public class Schema_125 extends SchemaVersion {
|
||||
private final GitRepositoryManager repoManager;
|
||||
private final AllUsersName allUsersName;
|
||||
private final AllProjectsName allProjectsName;
|
||||
private final SystemGroupBackend systemGroupBackend;
|
||||
private final PersonIdent serverUser;
|
||||
|
||||
@Inject
|
||||
@ -65,11 +66,13 @@ public class Schema_125 extends SchemaVersion {
|
||||
GitRepositoryManager repoManager,
|
||||
AllUsersName allUsersName,
|
||||
AllProjectsName allProjectsName,
|
||||
SystemGroupBackend systemGroupBackend,
|
||||
@GerritPersonIdent PersonIdent serverUser) {
|
||||
super(prior);
|
||||
this.repoManager = repoManager;
|
||||
this.allUsersName = allUsersName;
|
||||
this.allProjectsName = allProjectsName;
|
||||
this.systemGroupBackend = systemGroupBackend;
|
||||
this.serverUser = serverUser;
|
||||
}
|
||||
|
||||
@ -82,7 +85,7 @@ public class Schema_125 extends SchemaVersion {
|
||||
|
||||
config.getAccessSection(RefNames.REFS_USERS + "*", true)
|
||||
.remove(new Permission(Permission.READ));
|
||||
GroupReference registered = SystemGroupBackend.getGroup(REGISTERED_USERS);
|
||||
GroupReference registered = systemGroupBackend.getGroup(REGISTERED_USERS);
|
||||
AccessSection users = config.getAccessSection(
|
||||
RefNames.REFS_USERS + "${" + RefPattern.USERID_SHARDED + "}", true);
|
||||
grant(config, users, Permission.READ, true, registered);
|
||||
|
@ -46,16 +46,19 @@ public class Schema_126 extends SchemaVersion {
|
||||
|
||||
private final GitRepositoryManager repoManager;
|
||||
private final AllUsersName allUsersName;
|
||||
private final SystemGroupBackend systemGroupBackend;
|
||||
private final PersonIdent serverUser;
|
||||
|
||||
@Inject
|
||||
Schema_126(Provider<Schema_125> prior,
|
||||
GitRepositoryManager repoManager,
|
||||
AllUsersName allUsersName,
|
||||
SystemGroupBackend systemGroupBackend,
|
||||
@GerritPersonIdent PersonIdent serverUser) {
|
||||
super(prior);
|
||||
this.repoManager = repoManager;
|
||||
this.allUsersName = allUsersName;
|
||||
this.systemGroupBackend = systemGroupBackend;
|
||||
this.serverUser = serverUser;
|
||||
}
|
||||
|
||||
@ -70,7 +73,7 @@ public class Schema_126 extends SchemaVersion {
|
||||
RefNames.REFS_USERS + "${" + RefPattern.USERID_SHARDED + "}";
|
||||
config.remove(config.getAccessSection(refsUsersShardedId));
|
||||
|
||||
GroupReference registered = SystemGroupBackend.getGroup(REGISTERED_USERS);
|
||||
GroupReference registered = systemGroupBackend.getGroup(REGISTERED_USERS);
|
||||
AccessSection users = config.getAccessSection(refsUsersShardedId, true);
|
||||
grant(config, users, Permission.READ, false, true, registered);
|
||||
grant(config, users, Permission.PUSH, false, true, registered);
|
||||
|
@ -44,16 +44,19 @@ public class Schema_128 extends SchemaVersion {
|
||||
|
||||
private final GitRepositoryManager repoManager;
|
||||
private final AllProjectsName allProjectsName;
|
||||
private final SystemGroupBackend systemGroupBackend;
|
||||
private final PersonIdent serverUser;
|
||||
|
||||
@Inject
|
||||
Schema_128(Provider<Schema_127> prior,
|
||||
GitRepositoryManager repoManager,
|
||||
AllProjectsName allProjectsName,
|
||||
SystemGroupBackend systemGroupBackend,
|
||||
@GerritPersonIdent PersonIdent serverUser) {
|
||||
super(prior);
|
||||
this.repoManager = repoManager;
|
||||
this.allProjectsName = allProjectsName;
|
||||
this.systemGroupBackend = systemGroupBackend;
|
||||
this.serverUser = serverUser;
|
||||
}
|
||||
|
||||
@ -64,7 +67,7 @@ public class Schema_128 extends SchemaVersion {
|
||||
allProjectsName, git)) {
|
||||
ProjectConfig config = ProjectConfig.read(md);
|
||||
|
||||
GroupReference registered = SystemGroupBackend.getGroup(REGISTERED_USERS);
|
||||
GroupReference registered = systemGroupBackend.getGroup(REGISTERED_USERS);
|
||||
AccessSection refsFor = config.getAccessSection("refs/for/*", true);
|
||||
grant(config, refsFor, Permission.ADD_PATCH_SET,
|
||||
false, false, registered);
|
||||
|
@ -49,16 +49,19 @@ public class Schema_135 extends SchemaVersion {
|
||||
|
||||
private final GitRepositoryManager repoManager;
|
||||
private final AllProjectsName allProjectsName;
|
||||
private final SystemGroupBackend systemGroupBackend;
|
||||
private final PersonIdent serverUser;
|
||||
|
||||
@Inject
|
||||
Schema_135(Provider<Schema_134> prior,
|
||||
GitRepositoryManager repoManager,
|
||||
AllProjectsName allProjectsName,
|
||||
SystemGroupBackend systemGroupBackend,
|
||||
@GerritPersonIdent PersonIdent serverUser) {
|
||||
super(prior);
|
||||
this.repoManager = repoManager;
|
||||
this.allProjectsName = allProjectsName;
|
||||
this.systemGroupBackend = systemGroupBackend;
|
||||
this.serverUser = serverUser;
|
||||
}
|
||||
|
||||
@ -81,7 +84,7 @@ public class Schema_135 extends SchemaVersion {
|
||||
.getRules()
|
||||
.stream()
|
||||
.map(PermissionRule::getGroup),
|
||||
Stream.of(SystemGroupBackend.getGroup(PROJECT_OWNERS)))
|
||||
Stream.of(systemGroupBackend.getGroup(PROJECT_OWNERS)))
|
||||
.filter(g -> createRefsMetaConfigPermission.getRule(g) == null)
|
||||
.collect(toSet());
|
||||
|
||||
|
@ -29,6 +29,7 @@ import com.google.gerrit.server.config.AnonymousCowardNameProvider;
|
||||
import com.google.gerrit.server.config.GerritServerConfig;
|
||||
import com.google.gerrit.server.config.SitePaths;
|
||||
import com.google.gerrit.server.git.GitRepositoryManager;
|
||||
import com.google.gerrit.server.group.SystemGroupBackend;
|
||||
import com.google.gerrit.testutil.InMemoryDatabase;
|
||||
import com.google.gerrit.testutil.InMemoryH2Type;
|
||||
import com.google.gerrit.testutil.InMemoryRepositoryManager;
|
||||
@ -109,6 +110,8 @@ public class SchemaUpdaterTest {
|
||||
.toProvider(AnonymousCowardNameProvider.class);
|
||||
|
||||
bind(DataSourceType.class).to(InMemoryH2Type.class);
|
||||
|
||||
bind(SystemGroupBackend.class);
|
||||
}
|
||||
}).getInstance(SchemaUpdater.class);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user