opendev/gerrit
Code Issues Proposed changes

Parse project names through custom args4j OptionHandler

Browse Source 
Instead of taking the project name as a string, parse it through
the ProjectControl.Factory and acquire the ProjectControl only if
the current user is able to see the specified project.

Change-Id: I20d303a309fcc46a651d470d91c56ca6de5ca4c5
Signed-off-by: Shawn O. Pearce <sop@google.com>
This commit is contained in:
Shawn O. Pearce
2009-08-28 17:17:38 -07:00
parent 702e4f4e08
commit 8e6eb535f3
4 changed files with 96 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/main/java/com/google/gerrit/server/ssh/SshModule.java
View File

@@ -25,8 +25,10 @@ import com.google.gerrit.server.IdentifiedUser;
import com.google.gerrit.server.RemotePeer; import com.google.gerrit.server.RemotePeer;
import com.google.gerrit.server.config.FactoryModule; import com.google.gerrit.server.config.FactoryModule;
import com.google.gerrit.server.config.GerritRequestModule; import com.google.gerrit.server.config.GerritRequestModule;
import com.google.gerrit.server.project.ProjectControl;
import com.google.gerrit.server.ssh.commands.DefaultCommandModule; import com.google.gerrit.server.ssh.commands.DefaultCommandModule;
import com.google.gerrit.server.ssh.commands.PatchSetIdHandler; import com.google.gerrit.server.ssh.commands.PatchSetIdHandler;
import com.google.gerrit.server.ssh.commands.ProjectControlHandler;
import com.google.inject.Key; import com.google.inject.Key;
import com.google.inject.Provider; import com.google.inject.Provider;
import com.google.inject.TypeLiteral; import com.google.inject.TypeLiteral;
@@ -100,6 +102,7 @@ public class SshModule extends FactoryModule {
factory(CmdLineParser.Factory.class); factory(CmdLineParser.Factory.class);
registerOptionHandler(PatchSet.Id.class, PatchSetIdHandler.class); registerOptionHandler(PatchSet.Id.class, PatchSetIdHandler.class);
registerOptionHandler(ProjectControl.class, ProjectControlHandler.class);
} }
private <T> void registerOptionHandler(Class<T> type, private <T> void registerOptionHandler(Class<T> type,

52
src/main/java/com/google/gerrit/server/ssh/commands/AbstractGitCommand.java
View File

@@ -14,12 +14,9 @@
package com.google.gerrit.server.ssh.commands; package com.google.gerrit.server.ssh.commands;
import com.google.gerrit.client.reviewdb.ApprovalCategory;
import com.google.gerrit.client.reviewdb.Project; import com.google.gerrit.client.reviewdb.Project;
import com.google.gerrit.server.GerritServer; import com.google.gerrit.server.GerritServer;
import com.google.gerrit.server.IdentifiedUser; import com.google.gerrit.server.project.ProjectControl;
import com.google.gerrit.server.project.ProjectCache;
import com.google.gerrit.server.project.ProjectState;
import com.google.gerrit.server.ssh.BaseCommand; import com.google.gerrit.server.ssh.BaseCommand;
import com.google.inject.Inject; import com.google.inject.Inject;
@@ -31,19 +28,12 @@ import java.io.IOException;
abstract class AbstractGitCommand extends BaseCommand { abstract class AbstractGitCommand extends BaseCommand {
@Argument(index = 0, metaVar = "PROJECT.git", required = true, usage = "project name") @Argument(index = 0, metaVar = "PROJECT.git", required = true, usage = "project name")
private String reqProjName; protected ProjectControl projectControl;
@Inject @Inject
protected GerritServer server; protected GerritServer server;
@Inject
private IdentifiedUser currentUser;
@Inject
private ProjectCache projectCache;
protected Repository repo; protected Repository repo;
protected ProjectState projectState;
protected Project project; protected Project project;
@Override @Override
@@ -58,38 +48,15 @@ abstract class AbstractGitCommand extends BaseCommand {
} }
private void service() throws IOException, Failure { private void service() throws IOException, Failure {
String projectName = reqProjName; project = projectControl.getProjectState().getProject();
if (projectName.endsWith(".git")) {
// Be nice and drop the trailing ".git" suffix, which we never keep
// in our database, but clients might mistakenly provide anyway.
//
projectName = projectName.substring(0, projectName.length() - 4);
}
if (projectName.startsWith("/")) {
// Be nice and drop the leading "/" if supplied by an absolute path.
// We don't have a file system hierarchy, just a flat namespace in
// the database's Project entities. We never encode these with a
// leading '/' but users might accidentally include them in Git URLs.
//
projectName = projectName.substring(1);
}
projectState = projectCache.get(new Project.NameKey(projectName));
if (projectState == null) {
throw new Failure(1, "fatal: '" + reqProjName + "': not a Gerrit project");
}
project = projectState.getProject();
if (!canPerform(ApprovalCategory.READ, (short) 1)) {
throw new Failure(1, "fatal: '" + reqProjName + "': unknown project",
new SecurityException("Account lacks Read permission"));
}
final String name = project.getName();
try { try {
repo = server.openRepository(project.getName()); repo = server.openRepository(name);
} catch (RepositoryNotFoundException e) { } catch (RepositoryNotFoundException e) {
throw new Failure(1, "fatal: '" + reqProjName + "': not a git archive", e); throw new Failure(1, "fatal: '" + name + "': not a git archive", e);
} }
try { try {
runImpl(); runImpl();
} finally { } finally {
@@ -97,10 +64,5 @@ abstract class AbstractGitCommand extends BaseCommand {
} }
} }
protected boolean canPerform(final ApprovalCategory.Id actionId,
final short val) {
return projectState.controlFor(currentUser).canPerform(actionId, val);
}
protected abstract void runImpl() throws IOException, Failure; protected abstract void runImpl() throws IOException, Failure;
} }

81
src/main/java/com/google/gerrit/server/ssh/commands/ProjectControlHandler.java Normal file
View File

@@ -0,0 +1,81 @@
// Copyright (C) 2009 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package com.google.gerrit.server.ssh.commands;
import com.google.gerrit.client.reviewdb.Project;
import com.google.gerrit.server.project.NoSuchProjectException;
import com.google.gerrit.server.project.ProjectControl;
import com.google.inject.Inject;
import com.google.inject.assistedinject.Assisted;
import org.kohsuke.args4j.CmdLineException;
import org.kohsuke.args4j.CmdLineParser;
import org.kohsuke.args4j.OptionDef;
import org.kohsuke.args4j.spi.OptionHandler;
import org.kohsuke.args4j.spi.Parameters;
import org.kohsuke.args4j.spi.Setter;
public class ProjectControlHandler extends OptionHandler<ProjectControl> {
private final ProjectControl.Factory projectControlFactory;
@SuppressWarnings("unchecked")
@Inject
public ProjectControlHandler(
final ProjectControl.Factory projectControlFactory,
@Assisted final CmdLineParser parser, @Assisted final OptionDef option,
@Assisted final Setter setter) {
super(parser, option, setter);
this.projectControlFactory = projectControlFactory;
}
@Override
public final int parseArguments(final Parameters params)
throws CmdLineException {
final String token = params.getParameter(0);
String projectName = token;
if (projectName.endsWith(".git")) {
// Be nice and drop the trailing ".git" suffix, which we never keep
// in our database, but clients might mistakenly provide anyway.
//
projectName = projectName.substring(0, projectName.length() - 4);
}
if (projectName.startsWith("/")) {
// Be nice and drop the leading "/" if supplied by an absolute path.
// We don't have a file system hierarchy, just a flat namespace in
// the database's Project entities. We never encode these with a
// leading '/' but users might accidentally include them in Git URLs.
//
projectName = projectName.substring(1);
}
final ProjectControl control;
try {
control =
projectControlFactory.validateFor(new Project.NameKey(projectName));
} catch (NoSuchProjectException e) {
throw new CmdLineException(owner, "'" + token + "': not a Gerrit project");
}
setter.addValue(control);
return 1;
}
@Override
public final String getDefaultMetaVariable() {
return "PROJECT";
}
}

6
src/main/java/com/google/gerrit/server/ssh/commands/Receive.java
View File

@@ -269,7 +269,7 @@ final class Receive extends AbstractGitCommand {
throws UnloggedFailure { throws UnloggedFailure {
for (final Account.Id id : who) { for (final Account.Id id : who) {
final IdentifiedUser user = identifiedUserFactory.create(id); final IdentifiedUser user = identifiedUserFactory.create(id);
if (!projectState.controlFor(user).isVisible()) { if (!projectControl.forUser(user).isVisible()) {
throw new UnloggedFailure(1, type + " " throw new UnloggedFailure(1, type + " "
+ user.getAccount().getFullName() + " cannot access the project"); + user.getAccount().getFullName() + " cannot access the project");
} }
@@ -1421,6 +1421,10 @@ final class Receive extends AbstractGitCommand {
} }
} }
private boolean canPerform(final ApprovalCategory.Id actionId, final short val) {
return projectControl.canPerform(actionId, val);
}
private static void reject(final ReceiveCommand cmd) { private static void reject(final ReceiveCommand cmd) {
reject(cmd, "prohibited by Gerrit"); reject(cmd, "prohibited by Gerrit");
} }