AbstractDaemonTest: Add convenience methods to access groups
This saves some boilerplate code in the tests. Change-Id: If533b5fdb9f24e45995ca241f16a393578d61fbc Signed-off-by: Edwin Kempin <ekempin@google.com>
This commit is contained in:
Edwin Kempin
@@ -921,9 +921,7 @@ public abstract class AbstractDaemonTest {
|
||||
|
||||
protected void grant(Project.NameKey project, String ref, String permission, boolean force)
|
||||
throws RepositoryNotFoundException, IOException, ConfigInvalidException {
|
||||
InternalGroup adminGroup =
|
||||
groupCache.get(new AccountGroup.NameKey("Administrators")).orElse(null);
|
||||
grant(project, ref, permission, force, adminGroup.getGroupUUID());
|
||||
grant(project, ref, permission, force, adminGroupUuid());
|
||||
}
|
||||
|
||||
protected void grant(
|
||||
@@ -1125,8 +1123,7 @@ public abstract class AbstractDaemonTest {
|
||||
String g = createGroup("cla-test-group");
|
||||
GroupApi groupApi = gApi.groups().id(g);
|
||||
groupApi.description("CLA test group");
|
||||
InternalGroup caGroup =
|
||||
groupCache.get(new AccountGroup.UUID(groupApi.detail().id)).orElse(null);
|
||||
InternalGroup caGroup = group(new AccountGroup.UUID(groupApi.detail().id));
|
||||
GroupReference groupRef = new GroupReference(caGroup.getGroupUUID(), caGroup.getName());
|
||||
PermissionRule rule = new PermissionRule(groupRef);
|
||||
rule.setAction(PermissionRule.Action.ALLOW);
|
||||
@@ -1357,15 +1354,48 @@ public abstract class AbstractDaemonTest {
|
||||
assertThat(rule.getMax()).isEqualTo(expectedMax);
|
||||
}
|
||||
|
||||
protected InternalGroup group(AccountGroup.UUID groupUuid) {
|
||||
InternalGroup group = groupCache.get(groupUuid).orElse(null);
|
||||
assertThat(group).named(groupUuid.get()).isNotNull();
|
||||
return group;
|
||||
}
|
||||
|
||||
protected GroupReference groupRef(AccountGroup.UUID groupUuid) {
|
||||
GroupDescription.Basic groupDescription = groupBackend.get(groupUuid);
|
||||
return new GroupReference(groupDescription.getGroupUUID(), groupDescription.getName());
|
||||
}
|
||||
|
||||
protected InternalGroup group(String groupName) {
|
||||
InternalGroup group = groupCache.get(new AccountGroup.NameKey(groupName)).orElse(null);
|
||||
assertThat(group).named(groupName).isNotNull();
|
||||
return group;
|
||||
}
|
||||
|
||||
protected GroupReference groupRef(String groupName) {
|
||||
InternalGroup group = groupCache.get(new AccountGroup.NameKey(groupName)).orElse(null);
|
||||
assertThat(group).isNotNull();
|
||||
return new GroupReference(group.getGroupUUID(), group.getName());
|
||||
}
|
||||
|
||||
protected GroupReference groupRef(AccountGroup.UUID groupUuid) {
|
||||
GroupDescription.Basic groupDescription = groupBackend.get(groupUuid);
|
||||
return new GroupReference(groupDescription.getGroupUUID(), groupDescription.getName());
|
||||
protected AccountGroup.UUID groupUuid(String groupName) {
|
||||
return group(groupName).getGroupUUID();
|
||||
}
|
||||
|
||||
protected InternalGroup adminGroup() {
|
||||
return group("Administrators");
|
||||
}
|
||||
|
||||
protected GroupReference adminGroupRef() {
|
||||
return groupRef("Administrators");
|
||||
}
|
||||
|
||||
protected AccountGroup.UUID adminGroupUuid() {
|
||||
return groupUuid("Administrators");
|
||||
}
|
||||
|
||||
protected void assertGroupDoesNotExist(String groupName) {
|
||||
InternalGroup group = groupCache.get(new AccountGroup.NameKey(groupName)).orElse(null);
|
||||
assertThat(group).named(groupName).isNull();
|
||||
}
|
||||
|
||||
protected void assertNotifyTo(TestAccount expected) {
|
||||
|
||||
@@ -80,7 +80,6 @@ import com.google.gerrit.gpg.Fingerprint;
|
||||
import com.google.gerrit.gpg.PublicKeyStore;
|
||||
import com.google.gerrit.gpg.testing.TestKey;
|
||||
import com.google.gerrit.reviewdb.client.Account;
|
||||
import com.google.gerrit.reviewdb.client.AccountGroup;
|
||||
import com.google.gerrit.reviewdb.client.Change;
|
||||
import com.google.gerrit.reviewdb.client.Project;
|
||||
import com.google.gerrit.reviewdb.client.RefNames;
|
||||
@@ -95,7 +94,6 @@ import com.google.gerrit.server.account.externalids.ExternalId;
|
||||
import com.google.gerrit.server.account.externalids.ExternalIds;
|
||||
import com.google.gerrit.server.account.externalids.ExternalIdsUpdate;
|
||||
import com.google.gerrit.server.git.ProjectConfig;
|
||||
import com.google.gerrit.server.group.InternalGroup;
|
||||
import com.google.gerrit.server.index.account.AccountIndexer;
|
||||
import com.google.gerrit.server.index.account.StalenessChecker;
|
||||
import com.google.gerrit.server.mail.Address;
|
||||
@@ -1087,11 +1085,9 @@ public class AccountIT extends AbstractDaemonTest {
|
||||
String userRef = RefNames.refsUsers(foo.id);
|
||||
accountIndexedCounter.clear();
|
||||
|
||||
InternalGroup adminGroup =
|
||||
groupCache.get(new AccountGroup.NameKey("Administrators")).orElse(null);
|
||||
grant(allUsers, userRef, Permission.PUSH, false, adminGroup.getGroupUUID());
|
||||
grantLabel("Code-Review", -2, 2, allUsers, userRef, false, adminGroup.getGroupUUID(), false);
|
||||
grant(allUsers, userRef, Permission.SUBMIT, false, adminGroup.getGroupUUID());
|
||||
grant(allUsers, userRef, Permission.PUSH, false, adminGroupUuid());
|
||||
grantLabel("Code-Review", -2, 2, allUsers, userRef, false, adminGroupUuid(), false);
|
||||
grant(allUsers, userRef, Permission.SUBMIT, false, adminGroupUuid());
|
||||
|
||||
TestRepository<InMemoryRepository> allUsersRepo = cloneProject(allUsers);
|
||||
fetch(allUsersRepo, userRef + ":userRef");
|
||||
@@ -1292,9 +1288,7 @@ public class AccountIT extends AbstractDaemonTest {
|
||||
String userRef = RefNames.refsUsers(foo.id);
|
||||
accountIndexedCounter.clear();
|
||||
|
||||
InternalGroup adminGroup =
|
||||
groupCache.get(new AccountGroup.NameKey("Administrators")).orElse(null);
|
||||
grant(allUsers, userRef, Permission.PUSH, false, adminGroup.getGroupUUID());
|
||||
grant(allUsers, userRef, Permission.PUSH, false, adminGroupUuid());
|
||||
|
||||
TestRepository<InMemoryRepository> allUsersRepo = cloneProject(allUsers, foo);
|
||||
fetch(allUsersRepo, userRef + ":userRef");
|
||||
@@ -1355,9 +1349,7 @@ public class AccountIT extends AbstractDaemonTest {
|
||||
String userRef = RefNames.refsUsers(foo.id);
|
||||
accountIndexedCounter.clear();
|
||||
|
||||
InternalGroup adminGroup =
|
||||
groupCache.get(new AccountGroup.NameKey("Administrators")).orElse(null);
|
||||
grant(allUsers, userRef, Permission.PUSH, false, adminGroup.getGroupUUID());
|
||||
grant(allUsers, userRef, Permission.PUSH, false, adminGroupUuid());
|
||||
|
||||
TestRepository<InMemoryRepository> allUsersRepo = cloneProject(allUsers);
|
||||
fetch(allUsersRepo, userRef + ":userRef");
|
||||
@@ -1817,7 +1809,7 @@ public class AccountIT extends AbstractDaemonTest {
|
||||
|
||||
assertPermissions(
|
||||
allUsers,
|
||||
groupRef("Administrators"),
|
||||
adminGroupRef(),
|
||||
RefNames.REFS_USERS_DEFAULT,
|
||||
true,
|
||||
Permission.READ,
|
||||
|
||||
@@ -1228,11 +1228,7 @@ public class ChangeIT extends AbstractDaemonTest {
|
||||
// create hidden project that is only visible to administrators
|
||||
Project.NameKey p = createProject("p");
|
||||
ProjectConfig cfg = projectCache.checkedGet(p).getConfig();
|
||||
Util.allow(
|
||||
cfg,
|
||||
Permission.READ,
|
||||
groupCache.get(new AccountGroup.NameKey("Administrators")).orElse(null).getGroupUUID(),
|
||||
"refs/*");
|
||||
Util.allow(cfg, Permission.READ, adminGroupUuid(), "refs/*");
|
||||
Util.block(cfg, Permission.READ, REGISTERED_USERS, "refs/*");
|
||||
saveProjectConfig(p, cfg);
|
||||
|
||||
@@ -1305,11 +1301,7 @@ public class ChangeIT extends AbstractDaemonTest {
|
||||
// create hidden project that is only visible to administrators
|
||||
Project.NameKey p = createProject("p");
|
||||
ProjectConfig cfg = projectCache.checkedGet(p).getConfig();
|
||||
Util.allow(
|
||||
cfg,
|
||||
Permission.READ,
|
||||
groupCache.get(new AccountGroup.NameKey("Administrators")).orElse(null).getGroupUUID(),
|
||||
"refs/*");
|
||||
Util.allow(cfg, Permission.READ, adminGroupUuid(), "refs/*");
|
||||
Util.block(cfg, Permission.READ, REGISTERED_USERS, "refs/*");
|
||||
saveProjectConfig(p, cfg);
|
||||
|
||||
@@ -1352,11 +1344,7 @@ public class ChangeIT extends AbstractDaemonTest {
|
||||
// create hidden project that is only visible to administrators
|
||||
Project.NameKey p = createProject("p");
|
||||
ProjectConfig cfg = projectCache.checkedGet(p).getConfig();
|
||||
Util.allow(
|
||||
cfg,
|
||||
Permission.READ,
|
||||
groupCache.get(new AccountGroup.NameKey("Administrators")).orElse(null).getGroupUUID(),
|
||||
"refs/*");
|
||||
Util.allow(cfg, Permission.READ, adminGroupUuid(), "refs/*");
|
||||
Util.block(cfg, Permission.READ, REGISTERED_USERS, "refs/*");
|
||||
saveProjectConfig(p, cfg);
|
||||
|
||||
|
||||
@@ -261,7 +261,7 @@ public class GroupsIT extends AbstractDaemonTest {
|
||||
public void createGroup() throws Exception {
|
||||
String newGroupName = name("newGroup");
|
||||
GroupInfo g = gApi.groups().create(newGroupName).get();
|
||||
assertGroupInfo(getFromCache(newGroupName), g);
|
||||
assertGroupInfo(group(newGroupName), g);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -321,7 +321,7 @@ public class GroupsIT extends AbstractDaemonTest {
|
||||
in.name = name("newGroup");
|
||||
in.description = "Test description";
|
||||
in.visibleToAll = true;
|
||||
in.ownerId = getFromCache("Administrators").getGroupUUID().get();
|
||||
in.ownerId = adminGroupUuid().get();
|
||||
GroupInfo g = gApi.groups().create(in).detail();
|
||||
assertThat(g.description).isEqualTo(in.description);
|
||||
assertThat(g.options.visibleToAll).isEqualTo(in.visibleToAll);
|
||||
@@ -347,7 +347,7 @@ public class GroupsIT extends AbstractDaemonTest {
|
||||
|
||||
@Test
|
||||
public void getGroup() throws Exception {
|
||||
InternalGroup adminGroup = getFromCache("Administrators");
|
||||
InternalGroup adminGroup = adminGroup();
|
||||
testGetGroup(adminGroup.getGroupUUID().get(), adminGroup);
|
||||
testGetGroup(adminGroup.getName(), adminGroup);
|
||||
testGetGroup(adminGroup.getId().get(), adminGroup);
|
||||
@@ -454,7 +454,7 @@ public class GroupsIT extends AbstractDaemonTest {
|
||||
String newName = name("Name2");
|
||||
gApi.groups().id(group.id).name(newName);
|
||||
|
||||
assertThat(getFromCache(name)).isNull();
|
||||
assertGroupDoesNotExist(name);
|
||||
exception.expect(ResourceNotFoundException.class);
|
||||
gApi.groups().id(name).get();
|
||||
}
|
||||
@@ -512,7 +512,7 @@ public class GroupsIT extends AbstractDaemonTest {
|
||||
public void groupOwner() throws Exception {
|
||||
String name = name("group");
|
||||
GroupInfo info = gApi.groups().create(name).get();
|
||||
String adminUUID = getFromCache("Administrators").getGroupUUID().get();
|
||||
String adminUUID = adminGroupUuid().get();
|
||||
String registeredUUID = SystemGroupBackend.REGISTERED_USERS.get();
|
||||
|
||||
// get owner
|
||||
@@ -685,8 +685,7 @@ public class GroupsIT extends AbstractDaemonTest {
|
||||
Arrays.asList(createGroup("test-child1", parent), createGroup("test-child2", parent));
|
||||
|
||||
// By UUID
|
||||
List<GroupInfo> owned =
|
||||
gApi.groups().list().withOwnedBy(getFromCache(parent).getGroupUUID().get()).get();
|
||||
List<GroupInfo> owned = gApi.groups().list().withOwnedBy(groupUuid(parent).get()).get();
|
||||
assertThat(owned.stream().map(g -> g.name).collect(toList()))
|
||||
.containsExactlyElementsIn(children);
|
||||
|
||||
@@ -712,7 +711,7 @@ public class GroupsIT extends AbstractDaemonTest {
|
||||
in.name = newGroupName;
|
||||
in.description = "a hidden group";
|
||||
in.visibleToAll = false;
|
||||
in.ownerId = getFromCache("Administrators").getGroupUUID().get();
|
||||
in.ownerId = adminGroupUuid().get();
|
||||
gApi.groups().create(in);
|
||||
|
||||
setApiUser(user);
|
||||
@@ -782,7 +781,7 @@ public class GroupsIT extends AbstractDaemonTest {
|
||||
|
||||
@Test
|
||||
public void allGroupInfoFieldsSetCorrectly() throws Exception {
|
||||
InternalGroup adminGroup = getFromCache("Administrators");
|
||||
InternalGroup adminGroup = adminGroup();
|
||||
Map<String, GroupInfo> groups = gApi.groups().list().addGroup(adminGroup.getName()).getAsMap();
|
||||
assertThat(groups).hasSize(1);
|
||||
assertThat(groups).containsKey("Administrators");
|
||||
@@ -1006,12 +1005,7 @@ public class GroupsIT extends AbstractDaemonTest {
|
||||
assume().that(groupsInNoteDb()).isTrue();
|
||||
|
||||
grant(allUsers, RefNames.REFS_GROUPS + "*", Permission.DELETE, true, REGISTERED_USERS);
|
||||
|
||||
InternalGroup adminGroup =
|
||||
groupCache.get(new AccountGroup.NameKey("Administrators")).orElse(null);
|
||||
assertThat(adminGroup).isNotNull();
|
||||
String groupRef = RefNames.refsGroups(adminGroup.getGroupUUID());
|
||||
|
||||
String groupRef = RefNames.refsGroups(adminGroupUuid());
|
||||
TestRepository<InMemoryRepository> allUsersRepo = cloneProject(allUsers);
|
||||
PushResult r = deleteRef(allUsersRepo, groupRef);
|
||||
RemoteRefUpdate refUpdate = r.getRemoteUpdate(groupRef);
|
||||
@@ -1224,10 +1218,6 @@ public class GroupsIT extends AbstractDaemonTest {
|
||||
assertThat(gApi.groups().id(group).includedGroups()).isEmpty();
|
||||
}
|
||||
|
||||
private InternalGroup getFromCache(String name) throws Exception {
|
||||
return groupCache.get(new AccountGroup.NameKey(name)).orElse(null);
|
||||
}
|
||||
|
||||
private void assertBadRequest(ListRequest req) throws Exception {
|
||||
try {
|
||||
req.get();
|
||||
|
||||
@@ -25,7 +25,6 @@ import com.google.gerrit.extensions.api.config.AccessCheckInput;
|
||||
import com.google.gerrit.extensions.restapi.BadRequestException;
|
||||
import com.google.gerrit.extensions.restapi.RestApiException;
|
||||
import com.google.gerrit.extensions.restapi.UnprocessableEntityException;
|
||||
import com.google.gerrit.reviewdb.client.AccountGroup;
|
||||
import com.google.gerrit.reviewdb.client.Project;
|
||||
import com.google.gerrit.server.group.InternalGroup;
|
||||
import com.google.gerrit.server.group.SystemGroupBackend;
|
||||
@@ -46,8 +45,7 @@ public class CheckAccessIT extends AbstractDaemonTest {
|
||||
normalProject = createProject("normal");
|
||||
secretProject = createProject("secret");
|
||||
secretRefProject = createProject("secretRef");
|
||||
privilegedGroup =
|
||||
groupCache.get(new AccountGroup.NameKey(createGroup("privilegedGroup"))).orElse(null);
|
||||
privilegedGroup = group(createGroup("privilegedGroup"));
|
||||
|
||||
privilegedUser = accountCreator.create("privilegedUser", "snowden@nsa.gov", "Ed Snowden");
|
||||
gApi.groups().id(privilegedGroup.getGroupUUID().get()).addMembers(privilegedUser.username);
|
||||
|
||||
@@ -94,12 +94,8 @@ public class RefAdvertisementIT extends AbstractDaemonTest {
|
||||
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
admins = groupCache.get(new AccountGroup.NameKey("Administrators")).orElse(null).getGroupUUID();
|
||||
nonInteractiveUsers =
|
||||
groupCache
|
||||
.get(new AccountGroup.NameKey("Non-Interactive Users"))
|
||||
.orElse(null)
|
||||
.getGroupUUID();
|
||||
admins = adminGroupUuid();
|
||||
nonInteractiveUsers = groupUuid("Non-Interactive Users");
|
||||
setUpPermissions();
|
||||
setUpChanges();
|
||||
}
|
||||
|
||||
@@ -56,9 +56,9 @@ public class SuggestReviewersIT extends AbstractDaemonTest {
|
||||
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
group1 = group("users1");
|
||||
group2 = group("users2");
|
||||
group3 = group("users3");
|
||||
group1 = newGroup("users1");
|
||||
group2 = newGroup("users2");
|
||||
group3 = newGroup("users3");
|
||||
|
||||
user1 = user("user1", "First1 Last1", group1);
|
||||
user2 = user("user2", "First2 Last2", group2);
|
||||
@@ -235,8 +235,8 @@ public class SuggestReviewersIT extends AbstractDaemonTest {
|
||||
@GerritConfig(name = "addreviewer.maxAllowed", value = "2")
|
||||
@GerritConfig(name = "addreviewer.maxWithoutConfirmation", value = "1")
|
||||
public void suggestReviewersGroupSizeConsiderations() throws Exception {
|
||||
InternalGroup largeGroup = group("large");
|
||||
InternalGroup mediumGroup = group("medium");
|
||||
InternalGroup largeGroup = newGroup("large");
|
||||
InternalGroup mediumGroup = newGroup("medium");
|
||||
|
||||
// Both groups have Administrator as a member. Add two users to large
|
||||
// group to push it past maxAllowed, and one to medium group to push it
|
||||
@@ -425,9 +425,9 @@ public class SuggestReviewersIT extends AbstractDaemonTest {
|
||||
return gApi.changes().id(changeId).suggestReviewers(query).withLimit(n).get();
|
||||
}
|
||||
|
||||
private InternalGroup group(String name) throws Exception {
|
||||
private InternalGroup newGroup(String name) throws Exception {
|
||||
GroupInfo group = createGroupFactory.create(name(name)).apply(TopLevelResource.INSTANCE, null);
|
||||
return groupCache.get(new AccountGroup.UUID(group.id)).orElse(null);
|
||||
return group(new AccountGroup.UUID(group.id));
|
||||
}
|
||||
|
||||
private TestAccount user(String name, String fullName, String emailName, InternalGroup... groups)
|
||||
|
||||
@@ -15,25 +15,20 @@
|
||||
package com.google.gerrit.acceptance.rest.config;
|
||||
|
||||
import static com.google.common.truth.Truth.assertThat;
|
||||
import static com.google.common.truth.Truth.assertWithMessage;
|
||||
import static com.google.gerrit.server.group.SystemGroupBackend.REGISTERED_USERS;
|
||||
|
||||
import com.google.gerrit.acceptance.AbstractDaemonTest;
|
||||
import com.google.gerrit.acceptance.RestResponse;
|
||||
import com.google.gerrit.common.data.GlobalCapability;
|
||||
import com.google.gerrit.reviewdb.client.AccountGroup;
|
||||
import com.google.gerrit.server.config.ListCaches.CacheInfo;
|
||||
import com.google.gerrit.server.group.InternalGroup;
|
||||
import org.junit.Test;
|
||||
|
||||
public class FlushCacheIT extends AbstractDaemonTest {
|
||||
|
||||
@Test
|
||||
public void flushCache() throws Exception {
|
||||
InternalGroup group = groupCache.get(new AccountGroup.NameKey("Administrators")).orElse(null);
|
||||
assertWithMessage("Precondition: The group 'Administrators' was loaded by the group cache")
|
||||
.that(group)
|
||||
.isNotNull();
|
||||
// access the admin group once so that it is loaded into the group cache
|
||||
adminGroup();
|
||||
|
||||
RestResponse r = adminRestSession.get("/config/server/caches/groups_byname");
|
||||
CacheInfo result = newGson().fromJson(r.getReader(), CacheInfo.class);
|
||||
|
||||
@@ -36,12 +36,10 @@ import com.google.gerrit.extensions.common.ChangeInfo;
|
||||
import com.google.gerrit.extensions.restapi.AuthException;
|
||||
import com.google.gerrit.extensions.restapi.BadRequestException;
|
||||
import com.google.gerrit.extensions.restapi.ResourceNotFoundException;
|
||||
import com.google.gerrit.reviewdb.client.AccountGroup;
|
||||
import com.google.gerrit.reviewdb.client.Project;
|
||||
import com.google.gerrit.reviewdb.client.RefNames;
|
||||
import com.google.gerrit.server.config.AllProjectsNameProvider;
|
||||
import com.google.gerrit.server.git.ProjectConfig;
|
||||
import com.google.gerrit.server.group.InternalGroup;
|
||||
import com.google.gerrit.server.group.SystemGroupBackend;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
@@ -396,14 +394,11 @@ public class AccessIT extends AbstractDaemonTest {
|
||||
|
||||
@Test
|
||||
public void addNonGlobalCapabilityToGlobalCapabilities() throws Exception {
|
||||
InternalGroup adminGroup =
|
||||
groupCache.get(new AccountGroup.NameKey("Administrators")).orElse(null);
|
||||
|
||||
ProjectAccessInput accessInput = newProjectAccessInput();
|
||||
AccessSectionInfo accessSectionInfo = newAccessSectionInfo();
|
||||
|
||||
PermissionInfo permissionInfo = newPermissionInfo();
|
||||
permissionInfo.rules.put(adminGroup.getGroupUUID().get(), null);
|
||||
permissionInfo.rules.put(adminGroupUuid().get(), null);
|
||||
accessSectionInfo.permissions.put(Permission.PUSH, permissionInfo);
|
||||
|
||||
accessInput.add.put(AccessSection.GLOBAL_CAPABILITIES, accessSectionInfo);
|
||||
@@ -426,14 +421,11 @@ public class AccessIT extends AbstractDaemonTest {
|
||||
|
||||
@Test
|
||||
public void removeGlobalCapabilityAsAdmin() throws Exception {
|
||||
InternalGroup adminGroup =
|
||||
groupCache.get(new AccountGroup.NameKey("Administrators")).orElse(null);
|
||||
|
||||
ProjectAccessInput accessInput = newProjectAccessInput();
|
||||
AccessSectionInfo accessSectionInfo = newAccessSectionInfo();
|
||||
|
||||
PermissionInfo permissionInfo = newPermissionInfo();
|
||||
permissionInfo.rules.put(adminGroup.getGroupUUID().get(), null);
|
||||
permissionInfo.rules.put(adminGroupUuid().get(), null);
|
||||
accessSectionInfo.permissions.put(GlobalCapability.ACCESS_DATABASE, permissionInfo);
|
||||
|
||||
// Add and validate first as removing existing privileges such as
|
||||
|
||||
@@ -32,7 +32,6 @@ import com.google.gerrit.reviewdb.client.Account;
|
||||
import com.google.gerrit.reviewdb.client.AccountGroup;
|
||||
import com.google.gerrit.reviewdb.client.Branch;
|
||||
import com.google.gerrit.reviewdb.client.RefNames;
|
||||
import com.google.gerrit.server.group.InternalGroup;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
@@ -107,12 +106,9 @@ public class CreateBranchIT extends AbstractDaemonTest {
|
||||
public void createGroupBranch_Conflict() throws Exception {
|
||||
allow(allUsers, RefNames.REFS_GROUPS + "*", Permission.CREATE, REGISTERED_USERS);
|
||||
allow(allUsers, RefNames.REFS_GROUPS + "*", Permission.PUSH, REGISTERED_USERS);
|
||||
InternalGroup adminGroup =
|
||||
groupCache.get(new AccountGroup.NameKey("Administrators")).orElse(null);
|
||||
assertThat(adminGroup).isNotNull();
|
||||
assertCreateFails(
|
||||
new Branch.NameKey(allUsers, RefNames.refsGroups(new AccountGroup.UUID("foo"))),
|
||||
RefNames.refsGroups(adminGroup.getGroupUUID()),
|
||||
RefNames.refsGroups(adminGroupUuid()),
|
||||
ResourceConflictException.class,
|
||||
"Not allowed to create group branch.");
|
||||
}
|
||||
|
||||
@@ -326,10 +326,6 @@ public class CreateProjectIT extends AbstractDaemonTest {
|
||||
}
|
||||
}
|
||||
|
||||
private AccountGroup.UUID groupUuid(String groupName) {
|
||||
return groupCache.get(new AccountGroup.NameKey(groupName)).orElse(null).getGroupUUID();
|
||||
}
|
||||
|
||||
private void assertHead(String projectName, String expectedRef) throws Exception {
|
||||
try (Repository repo = repoManager.openRepository(new Project.NameKey(projectName))) {
|
||||
assertThat(repo.exactRef(Constants.HEAD).getTarget().getName()).isEqualTo(expectedRef);
|
||||
|
||||
@@ -29,10 +29,8 @@ import com.google.gerrit.extensions.restapi.AuthException;
|
||||
import com.google.gerrit.extensions.restapi.IdString;
|
||||
import com.google.gerrit.extensions.restapi.ResourceConflictException;
|
||||
import com.google.gerrit.extensions.restapi.ResourceNotFoundException;
|
||||
import com.google.gerrit.reviewdb.client.AccountGroup;
|
||||
import com.google.gerrit.reviewdb.client.Branch;
|
||||
import com.google.gerrit.reviewdb.client.RefNames;
|
||||
import com.google.gerrit.server.group.InternalGroup;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
@@ -145,13 +143,9 @@ public class DeleteBranchIT extends AbstractDaemonTest {
|
||||
allow(allUsers, RefNames.REFS_GROUPS + "*", Permission.CREATE, REGISTERED_USERS);
|
||||
allow(allUsers, RefNames.REFS_GROUPS + "*", Permission.PUSH, REGISTERED_USERS);
|
||||
|
||||
InternalGroup adminGroup =
|
||||
groupCache.get(new AccountGroup.NameKey("Administrators")).orElse(null);
|
||||
assertThat(adminGroup).isNotNull();
|
||||
|
||||
exception.expect(ResourceConflictException.class);
|
||||
exception.expectMessage("Not allowed to delete group branch.");
|
||||
branch(new Branch.NameKey(allUsers, RefNames.refsGroups(adminGroup.getGroupUUID()))).delete();
|
||||
branch(new Branch.NameKey(allUsers, RefNames.refsGroups(adminGroupUuid()))).delete();
|
||||
}
|
||||
|
||||
private void blockForcePush() throws Exception {
|
||||
|
||||
Reference in New Issue
Block a user