Don't inject CurrentUser to ChangeIsVisibleToPredicate

CurrentUser is not set to IdentifiedUser in ReceiveCommits when using HTTP. This causes ISE when pushing to refs/for/target%submit over HTTP when Anonymous Users cannot read target. Tests: * Run submit on push tests in both SSH and HTTP. * Block READ for Anonymous Users in submit on push tests. Bug: Issue 12561 Change-Id: I1c79f18a65ad9816a182dc00e403dc93c3e748b6
2020-04-08 14:59:17 +02:00
parent 11d634d273
commit 91c3b647c7
9 changed files with 101 additions and 14 deletions
--- a/java/com/google/gerrit/server/query/change/ChangeIsVisibleToPredicate.java
+++ b/java/com/google/gerrit/server/query/change/ChangeIsVisibleToPredicate.java
@@ -30,12 +30,17 @@ import com.google.gerrit.server.project.ProjectCache;
 import com.google.gerrit.server.project.ProjectState;
 import com.google.inject.Inject;
 import com.google.inject.Provider;
+import com.google.inject.assistedinject.Assisted;
 import java.io.IOException;
 import org.eclipse.jgit.errors.RepositoryNotFoundException;

 public class ChangeIsVisibleToPredicate extends IsVisibleToPredicate<ChangeData> {
  private static final FluentLogger logger = FluentLogger.forEnclosingClass();

+  public interface Factory {
+    ChangeIsVisibleToPredicate forUser(CurrentUser user);
+  }
+
  protected final ChangeNotes.Factory notesFactory;
  protected final CurrentUser user;
  protected final PermissionBackend permissionBackend;
@@ -45,10 +50,10 @@ public class ChangeIsVisibleToPredicate extends IsVisibleToPredicate<ChangeData>
  @Inject
  public ChangeIsVisibleToPredicate(
      ChangeNotes.Factory notesFactory,
-      CurrentUser user,
      PermissionBackend permissionBackend,
      ProjectCache projectCache,
-      Provider<AnonymousUser> anonymousUserProvider) {
+      Provider<AnonymousUser> anonymousUserProvider,
+      @Assisted CurrentUser user) {
    super(ChangeQueryBuilder.FIELD_VISIBLETO, IndexUtils.describe(user));
    this.notesFactory = notesFactory;
    this.user = user;
--- a/java/com/google/gerrit/server/query/change/ChangeQueryBuilder.java
+++ b/java/com/google/gerrit/server/query/change/ChangeQueryBuilder.java
@@ -989,10 +989,10 @@ public class ChangeQueryBuilder extends QueryBuilder<ChangeData, ChangeQueryBuil
  public Predicate<ChangeData> visibleto(CurrentUser user) {
    return new ChangeIsVisibleToPredicate(
        args.notesFactory,
-        user,
        args.permissionBackend,
        args.projectCache,
-        args.anonymousUserProvider);
+        args.anonymousUserProvider,
+        user);
  }

  public Predicate<ChangeData> isVisible() throws QueryParseException {
--- a/java/com/google/gerrit/server/query/change/ChangeQueryProcessor.java
+++ b/java/com/google/gerrit/server/query/change/ChangeQueryProcessor.java
@@ -147,10 +147,10 @@ public class ChangeQueryProcessor extends QueryProcessor<ChangeData>
        pred,
        new ChangeIsVisibleToPredicate(
            notesFactory,
-            userProvider.get(),
            permissionBackend,
            projectCache,
-            anonymousUserProvider),
+            anonymousUserProvider,
+            userProvider.get()),
        start);
  }