opendev/gerrit
Code Issues Proposed changes

Convert PutAssignee to PermissionBackend

Browse Source 
Use check(ChangePermission.READ) to ensure the assignee can
read the change. It's assumed crazy to assign a change to a
user that is not able to read the change. For a draft change
this may require adding them to the reviewer list first to
ensure they have the necessary read permission.

Change-Id: I4fc278c6bdf739bb603b2c8bd490f3480ba99663
This commit is contained in:
Shawn Pearce
2017-02-23 22:56:59 -08:00
committed by David Pursehouse
parent e6fce3ae7c
commit 88200f3907
2 changed files with 10 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/rest/change/AssigneeIT.java
View File

@@ -147,7 +147,7 @@ public class AssigneeIT extends AbstractDaemonTest {
testRepo.reset(RefNames.REFS_CONFIG);
PushOneCommit.Result r = createChange("refs/for/refs/meta/config");
exception.expect(AuthException.class);
exception.expectMessage("is not visible to");
exception.expectMessage("read not permitted");
setAssignee(r, user.email);
}

16
gerrit-server/src/main/java/com/google/gerrit/server/change/PutAssignee.java
View File

@@ -14,6 +14,7 @@
package com.google.gerrit.server.change;
import com.google.common.base.Strings;
import com.google.gerrit.common.TimeUtil;
import com.google.gerrit.extensions.api.changes.AddReviewerInput;
import com.google.gerrit.extensions.api.changes.AssigneeInput;
@@ -74,18 +75,19 @@ public class PutAssignee
PermissionBackendException {
rsrc.permissions().check(ChangePermission.EDIT_ASSIGNEE);
if (input.assignee == null || input.assignee.trim().isEmpty()) {
input.assignee = Strings.nullToEmpty(input.assignee).trim();
if (input.assignee.isEmpty()) {
throw new BadRequestException("missing assignee field");
}
IdentifiedUser assignee = accounts.parse(input.assignee.trim());
IdentifiedUser assignee = accounts.parse(input.assignee);
if (!assignee.getAccount().isActive()) {
throw new UnprocessableEntityException(
String.format("Account of %s is not active", input.assignee));
throw new UnprocessableEntityException(input.assignee + " is not active");
}
if (!rsrc.getControl().forUser(assignee).isRefVisible()) {
throw new AuthException(
String.format("Change %s is not visible to %s.", rsrc.getId(), input.assignee));
try {
rsrc.permissions().database(db).user(assignee).check(ChangePermission.READ);
} catch (AuthException e) {
throw new AuthException("read not permitted for " + input.assignee);
}
try (BatchUpdate bu =