opendev/gerrit
Code Issues Proposed changes

Merge changes I9ec71290,I6c20de69

Browse Source 
* changes:
  Don't allow project owners to delete branches if force push is blocked
  Add acceptance test for testing branch deletion via REST
This commit is contained in:
Shawn Pearce
2013-10-16 18:29:04 +00:00
committed by Gerrit Code Review
parent 0e78dd70fa 40bd574102
commit 98aa6d3825
2 changed files with 207 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

188
gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/rest/project/DeleteBranchIT.java Normal file
View File

@@ -0,0 +1,188 @@
// Copyright (C) 2013 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package com.google.gerrit.acceptance.rest.project;
import static com.google.gerrit.acceptance.git.GitUtil.createProject;
import static com.google.gerrit.acceptance.git.GitUtil.initSsh;
import static org.junit.Assert.assertEquals;
import com.google.gerrit.acceptance.AbstractDaemonTest;
import com.google.gerrit.acceptance.AccountCreator;
import com.google.gerrit.acceptance.RestResponse;
import com.google.gerrit.acceptance.RestSession;
import com.google.gerrit.acceptance.SshSession;
import com.google.gerrit.acceptance.TestAccount;
import com.google.gerrit.common.data.AccessSection;
import com.google.gerrit.common.data.Permission;
import com.google.gerrit.common.data.PermissionRule;
import com.google.gerrit.reviewdb.client.AccountGroup;
import com.google.gerrit.reviewdb.client.Branch;
import com.google.gerrit.reviewdb.client.Project;
import com.google.gerrit.server.account.GroupCache;
import com.google.gerrit.server.config.AllProjectsNameProvider;
import com.google.gerrit.server.git.MetaDataUpdate;
import com.google.gerrit.server.git.ProjectConfig;
import com.google.gerrit.server.project.ProjectCache;
import com.google.inject.Inject;
import org.apache.http.HttpStatus;
import org.eclipse.jgit.errors.ConfigInvalidException;
import org.junit.Before;
import org.junit.Test;
import java.io.IOException;
public class DeleteBranchIT extends AbstractDaemonTest {
@Inject
private AccountCreator accounts;
@Inject
private MetaDataUpdate.Server metaDataUpdateFactory;
@Inject
private ProjectCache projectCache;
@Inject
private GroupCache groupCache;
@Inject
private AllProjectsNameProvider allProjects;
private RestSession adminSession;
private RestSession userSession;
private Project.NameKey project;
private Branch.NameKey branch;
@Before
public void setUp() throws Exception {
TestAccount admin = accounts.admin();
adminSession = new RestSession(server, admin);
TestAccount user = accounts.create("user", "user@example.com", "User");
userSession = new RestSession(server, user);
project = new Project.NameKey("p");
branch = new Branch.NameKey(project, "test");
initSsh(admin);
SshSession sshSession = new SshSession(server, admin);
try {
createProject(sshSession, project.get(), null, true);
} finally {
sshSession.close();
}
adminSession.put("/projects/" + project.get()
+ "/branches/" + branch.getShortName()).consume();
}
@Test
public void deleteBranch_Forbidden() throws IOException {
RestResponse r =
userSession.delete("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_FORBIDDEN, r.getStatusCode());
r.consume();
}
@Test
public void deleteBranchByAdmin() throws IOException {
RestResponse r =
adminSession.delete("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_NO_CONTENT, r.getStatusCode());
r.consume();
r = adminSession.get("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_NOT_FOUND, r.getStatusCode());
r.consume();
}
@Test
public void deleteBranchByProjectOwner() throws IOException,
ConfigInvalidException {
grantOwner();
RestResponse r =
userSession.delete("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_NO_CONTENT, r.getStatusCode());
r.consume();
r = userSession.get("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_NOT_FOUND, r.getStatusCode());
r.consume();
}
@Test
public void deleteBranchByAdminForcePushBlocked() throws IOException,
ConfigInvalidException {
blockForcePush();
RestResponse r =
adminSession.delete("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_NO_CONTENT, r.getStatusCode());
r.consume();
r = adminSession.get("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_NOT_FOUND, r.getStatusCode());
r.consume();
}
@Test
public void deleteBranchByProjectOwnerForcePushBlocked_Forbidden()
throws IOException, ConfigInvalidException {
grantOwner();
blockForcePush();
RestResponse r =
userSession.delete("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_FORBIDDEN, r.getStatusCode());
r.consume();
}
private void blockForcePush() throws IOException, ConfigInvalidException {
MetaDataUpdate md = metaDataUpdateFactory.create(allProjects.get());
md.setMessage(String.format("Block force %s", Permission.PUSH));
ProjectConfig config = ProjectConfig.read(md);
AccessSection s = config.getAccessSection("refs/heads/*", true);
Permission p = s.getPermission(Permission.PUSH, true);
AccountGroup adminGroup = groupCache.get(new AccountGroup.NameKey("Anonymous Users"));
PermissionRule rule = new PermissionRule(config.resolve(adminGroup));
rule.setForce(true);
rule.setBlock();
p.add(rule);
config.commit(md);
projectCache.evict(config.getProject());
}
private void grantOwner() throws IOException, ConfigInvalidException {
MetaDataUpdate md = metaDataUpdateFactory.create(project);
md.setMessage(String.format("Grant %s", Permission.OWNER));
ProjectConfig config = ProjectConfig.read(md);
AccessSection s = config.getAccessSection("refs/*", true);
Permission p = s.getPermission(Permission.OWNER, true);
AccountGroup adminGroup = groupCache.get(new AccountGroup.NameKey("Registered Users"));
PermissionRule rule = new PermissionRule(config.resolve(adminGroup));
p.add(rule);
config.commit(md);
projectCache.evict(config.getProject());
}
}

20
gerrit-server/src/main/java/com/google/gerrit/server/project/RefControl.java
View File

@@ -308,7 +308,9 @@ public class RefControl {
case REST_API:
case JSON_RPC:
case SSH_COMMAND:
return isOwner() || canPushWithForce();
return getCurrentUser().getCapabilities().canAdministrateServer()
|| (isOwner() && !isForceBlocked(Permission.PUSH))
|| canPushWithForce();
case GIT:
return canPushWithForce();
@@ -496,6 +498,22 @@ public class RefControl {
return blocks.isEmpty() && !allows.isEmpty();
}
/** True if for this permission force is blocked for the user. Works only for non labels. */
private boolean isForceBlocked(String permissionName) {
List<PermissionRule> access = access(permissionName);
Set<ProjectRef> allows = Sets.newHashSet();
Set<ProjectRef> blocks = Sets.newHashSet();
for (PermissionRule rule : access) {
if (rule.isBlock()) {
blocks.add(relevant.getRuleProps(rule));
} else if (rule.getForce()) {
allows.add(relevant.getRuleProps(rule));
}
}
blocks.removeAll(allows);
return !blocks.isEmpty();
}
/** Rules for the given permission, or the empty list. */
private List<PermissionRule> access(String permissionName) {
List<PermissionRule> rules = effective.get(permissionName);