Cleanup check for 'Create Group' capability
This should be done only once, inside of the common PerformCreateGroup object and not by both the HTTP and SSH interface glue. Change-Id: I6f774fe318412a7220206b99d7279d5b061355ad
This commit is contained in:
Shawn O. Pearce
@@ -47,12 +47,6 @@ class CreateGroup extends Handler<AccountGroup.Id> {
|
||||
@Override
|
||||
public AccountGroup.Id call() throws OrmException, NameAlreadyUsedException,
|
||||
PermissionDeniedException {
|
||||
if (!user.getCapabilities().canCreateGroup()) {
|
||||
throw new PermissionDeniedException(String.format(
|
||||
"%s does not have \"Create Group\" capability.",
|
||||
user.getUserName()));
|
||||
}
|
||||
|
||||
final PerformCreateGroup performCreateGroup = performCreateGroupFactory.create();
|
||||
final Account.Id me = user.getAccountId();
|
||||
return performCreateGroup.createGroup(groupName, null, false, null, Collections.singleton(me), null);
|
||||
|
||||
@@ -15,6 +15,7 @@
|
||||
package com.google.gerrit.server.account;
|
||||
|
||||
import com.google.gerrit.common.errors.NameAlreadyUsedException;
|
||||
import com.google.gerrit.common.errors.PermissionDeniedException;
|
||||
import com.google.gerrit.reviewdb.Account;
|
||||
import com.google.gerrit.reviewdb.AccountGroup;
|
||||
import com.google.gerrit.reviewdb.AccountGroupInclude;
|
||||
@@ -79,13 +80,20 @@ public class PerformCreateGroup {
|
||||
* error
|
||||
* @throws NameAlreadyUsedException is thrown in case a group with the given
|
||||
* name already exists
|
||||
* @throws PermissionDeniedException user cannot create a group.
|
||||
*/
|
||||
public AccountGroup.Id createGroup(final String groupName,
|
||||
final String groupDescription, final boolean visibleToAll,
|
||||
final AccountGroup.Id ownerGroupId,
|
||||
final Collection<? extends Account.Id> initialMembers,
|
||||
final Collection<? extends AccountGroup.Id> initialGroups)
|
||||
throws OrmException, NameAlreadyUsedException {
|
||||
throws OrmException, NameAlreadyUsedException, PermissionDeniedException {
|
||||
if (!currentUser.getCapabilities().canCreateGroup()) {
|
||||
throw new PermissionDeniedException(String.format(
|
||||
"%s does not have \"Create Group\" capability.",
|
||||
currentUser.getUserName()));
|
||||
}
|
||||
|
||||
final AccountGroup.Id groupId =
|
||||
new AccountGroup.Id(db.nextAccountGroupId());
|
||||
final AccountGroup.NameKey nameKey = new AccountGroup.NameKey(groupName);
|
||||
|
||||
@@ -15,12 +15,11 @@
|
||||
package com.google.gerrit.sshd.commands;
|
||||
|
||||
import com.google.gerrit.common.errors.NameAlreadyUsedException;
|
||||
import com.google.gerrit.common.errors.PermissionDeniedException;
|
||||
import com.google.gerrit.reviewdb.Account;
|
||||
import com.google.gerrit.reviewdb.AccountGroup;
|
||||
import com.google.gerrit.server.IdentifiedUser;
|
||||
import com.google.gerrit.server.account.PerformCreateGroup;
|
||||
import com.google.gerrit.sshd.BaseCommand;
|
||||
import com.google.gwtorm.client.OrmException;
|
||||
import com.google.inject.Inject;
|
||||
|
||||
import org.apache.sshd.server.Environment;
|
||||
@@ -62,9 +61,6 @@ final class CreateGroupCommand extends BaseCommand {
|
||||
initialGroups.add(id);
|
||||
}
|
||||
|
||||
@Inject
|
||||
private IdentifiedUser currentUser;
|
||||
|
||||
@Inject
|
||||
private PerformCreateGroup.Factory performCreateGroupFactory;
|
||||
|
||||
@@ -73,27 +69,21 @@ final class CreateGroupCommand extends BaseCommand {
|
||||
startThread(new CommandRunnable() {
|
||||
@Override
|
||||
public void run() throws Exception {
|
||||
if (!currentUser.getCapabilities().canCreateGroup()) {
|
||||
String msg = String.format(
|
||||
"fatal: %s does not have \"Create Group\" capability.",
|
||||
currentUser.getUserName());
|
||||
throw new UnloggedFailure(BaseCommand.STATUS_NOT_ADMIN, msg);
|
||||
}
|
||||
|
||||
parseCommandLine();
|
||||
createGroup();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private void createGroup() throws OrmException, UnloggedFailure {
|
||||
final PerformCreateGroup performCreateGroup =
|
||||
performCreateGroupFactory.create();
|
||||
try {
|
||||
performCreateGroup.createGroup(groupName, groupDescription, visibleToAll,
|
||||
ownerGroupId, initialMembers, initialGroups);
|
||||
performCreateGroupFactory.create().createGroup(groupName,
|
||||
groupDescription,
|
||||
visibleToAll,
|
||||
ownerGroupId,
|
||||
initialMembers,
|
||||
initialGroups);
|
||||
} catch (PermissionDeniedException e) {
|
||||
throw die(e);
|
||||
|
||||
} catch (NameAlreadyUsedException e) {
|
||||
throw die(e);
|
||||
}
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user