introduce the viewAccess global capability.

This capability can be assigned separately so users can run check.access without having to be admin. Change-Id: I29a7c8d637a606ce9f7cf353ba242b1c43c2682b
2018-04-17 14:35:10 +02:00 · 2018-04-17 14:35:10 +02:00 · a0ce3bb311
commit a0ce3bb311
parent cd80425b54
10 changed files with 21 additions and 3 deletions
--- a/Documentation/access-control.txt
+++ b/Documentation/access-control.txt
@ -1380,6 +1380,13 @@ allows the granted group to
 link:cmd-stream-events.html[stream Gerrit events via ssh].


+[[capability_viewAccess]]
+=== View Access
+
+Allow checking access rights for arbitrary (user, project) pairs,
+using the link:rest-api-projects.html#check-access[check.access]
+endpoint
+
 [[capability_viewAllAccounts]]
 === View All Accounts

--- a/Documentation/rest-api-projects.txt
+++ b/Documentation/rest-api-projects.txt
@ -1311,7 +1311,7 @@ a link:#change-info[ChangeInfo] entity describing the resulting change.
 --

 Runs access checks for other users. This requires the
-link:access-control.html#capability_administrateServer[Administrate Server]
+link:access-control.html#capability_viewAccess[View Access]
 global capability.

 Input for the access checks that should be run must be provided in
--- a/java/com/google/gerrit/common/data/GlobalCapability.java
+++ b/java/com/google/gerrit/common/data/GlobalCapability.java
@ -114,6 +114,9 @@ public class GlobalCapability {
  /** Can view all pending tasks in the queue (not just the filtered set). */
  public static final String VIEW_QUEUE = "viewQueue";

+  /** Can query permissions for any (project, user) pair */
+  public static final String VIEW_ACCESS = "viewAccess";
+
  private static final List<String> NAMES_ALL;
  private static final List<String> NAMES_LC;
  private static final String[] RANGE_NAMES = {
@ -143,6 +146,7 @@ public class GlobalCapability {
    NAMES_ALL.add(VIEW_CONNECTIONS);
    NAMES_ALL.add(VIEW_PLUGINS);
    NAMES_ALL.add(VIEW_QUEUE);
+    NAMES_ALL.add(VIEW_ACCESS);

    NAMES_LC = new ArrayList<>(NAMES_ALL.size());
    for (String name : NAMES_ALL) {
--- a/java/com/google/gerrit/server/config/CapabilityConstants.java
+++ b/java/com/google/gerrit/server/config/CapabilityConstants.java
@ -43,4 +43,5 @@ public class CapabilityConstants extends TranslationBundle {
  public String viewConnections;
  public String viewPlugins;
  public String viewQueue;
+  public String viewAccess;
 }
--- a/java/com/google/gerrit/server/permissions/DefaultPermissionBackend.java
+++ b/java/com/google/gerrit/server/permissions/DefaultPermissionBackend.java
@ -170,6 +170,7 @@ public class DefaultPermissionBackend extends PermissionBackend {
        case VIEW_ALL_ACCOUNTS:
        case VIEW_CONNECTIONS:
        case VIEW_PLUGINS:
+        case VIEW_ACCESS:
          return has(globalPermissionName(perm)) || isAdmin();

        case ACCESS_DATABASE:
--- a/java/com/google/gerrit/server/permissions/DefaultPermissionMappings.java
+++ b/java/com/google/gerrit/server/permissions/DefaultPermissionMappings.java
@ -58,6 +58,7 @@ public class DefaultPermissionMappings {
          .put(GlobalPermission.VIEW_CONNECTIONS, GlobalCapability.VIEW_CONNECTIONS)
          .put(GlobalPermission.VIEW_PLUGINS, GlobalCapability.VIEW_PLUGINS)
          .put(GlobalPermission.VIEW_QUEUE, GlobalCapability.VIEW_QUEUE)
+          .put(GlobalPermission.VIEW_ACCESS, GlobalCapability.VIEW_ACCESS)
          .build();

  static {
--- a/java/com/google/gerrit/server/permissions/GlobalPermission.java
+++ b/java/com/google/gerrit/server/permissions/GlobalPermission.java
@ -50,7 +50,8 @@ public enum GlobalPermission implements GlobalOrPluginPermission {
  VIEW_CACHES,
  VIEW_CONNECTIONS,
  VIEW_PLUGINS,
-  VIEW_QUEUE;
+  VIEW_QUEUE,
+  VIEW_ACCESS;

  private static final Logger log = LoggerFactory.getLogger(GlobalPermission.class);

--- a/java/com/google/gerrit/server/restapi/project/CheckAccess.java
+++ b/java/com/google/gerrit/server/restapi/project/CheckAccess.java
@ -68,7 +68,8 @@ public class CheckAccess implements RestModifyView<ProjectResource, AccessCheckI
  public AccessCheckInfo apply(ProjectResource rsrc, AccessCheckInput input)
      throws OrmException, PermissionBackendException, RestApiException, IOException,
          ConfigInvalidException {
-    permissionBackend.user(rsrc.getUser()).check(GlobalPermission.ADMINISTRATE_SERVER);
+    permissionBackend.user(rsrc.getUser()).check(GlobalPermission.VIEW_ACCESS);
+
    rsrc.getProjectState().checkStatePermitsRead();

    if (input == null) {
--- a/javatests/com/google/gerrit/acceptance/rest/account/CapabilityInfo.java
+++ b/javatests/com/google/gerrit/acceptance/rest/account/CapabilityInfo.java
@ -36,6 +36,7 @@ class CapabilityInfo {
  public boolean viewConnections;
  public boolean viewPlugins;
  public boolean viewQueue;
+  public boolean viewAccess;

  static class QueryLimit {
    short min;
--- a/resources/com/google/gerrit/server/config/CapabilityConstants.properties
+++ b/resources/com/google/gerrit/server/config/CapabilityConstants.properties
@ -19,3 +19,4 @@ viewCaches = View Caches
 viewConnections = View Connections
 viewPlugins = View Plugins
 viewQueue = View Queue
+viewAccess = View Access