introduce the viewAccess global capability.

This capability can be assigned separately so users can run check.access
without having to be admin.

Change-Id: I29a7c8d637a606ce9f7cf353ba242b1c43c2682b
This commit is contained in:
Han-Wen Nienhuys 2018-04-17 14:35:10 +02:00 committed by Edwin Kempin
parent cd80425b54
commit a0ce3bb311
10 changed files with 21 additions and 3 deletions

View File

@ -1380,6 +1380,13 @@ allows the granted group to
link:cmd-stream-events.html[stream Gerrit events via ssh].
[[capability_viewAccess]]
=== View Access
Allow checking access rights for arbitrary (user, project) pairs,
using the link:rest-api-projects.html#check-access[check.access]
endpoint
[[capability_viewAllAccounts]]
=== View All Accounts

View File

@ -1311,7 +1311,7 @@ a link:#change-info[ChangeInfo] entity describing the resulting change.
--
Runs access checks for other users. This requires the
link:access-control.html#capability_administrateServer[Administrate Server]
link:access-control.html#capability_viewAccess[View Access]
global capability.
Input for the access checks that should be run must be provided in

View File

@ -114,6 +114,9 @@ public class GlobalCapability {
/** Can view all pending tasks in the queue (not just the filtered set). */
public static final String VIEW_QUEUE = "viewQueue";
/** Can query permissions for any (project, user) pair */
public static final String VIEW_ACCESS = "viewAccess";
private static final List<String> NAMES_ALL;
private static final List<String> NAMES_LC;
private static final String[] RANGE_NAMES = {
@ -143,6 +146,7 @@ public class GlobalCapability {
NAMES_ALL.add(VIEW_CONNECTIONS);
NAMES_ALL.add(VIEW_PLUGINS);
NAMES_ALL.add(VIEW_QUEUE);
NAMES_ALL.add(VIEW_ACCESS);
NAMES_LC = new ArrayList<>(NAMES_ALL.size());
for (String name : NAMES_ALL) {

View File

@ -43,4 +43,5 @@ public class CapabilityConstants extends TranslationBundle {
public String viewConnections;
public String viewPlugins;
public String viewQueue;
public String viewAccess;
}

View File

@ -170,6 +170,7 @@ public class DefaultPermissionBackend extends PermissionBackend {
case VIEW_ALL_ACCOUNTS:
case VIEW_CONNECTIONS:
case VIEW_PLUGINS:
case VIEW_ACCESS:
return has(globalPermissionName(perm)) || isAdmin();
case ACCESS_DATABASE:

View File

@ -58,6 +58,7 @@ public class DefaultPermissionMappings {
.put(GlobalPermission.VIEW_CONNECTIONS, GlobalCapability.VIEW_CONNECTIONS)
.put(GlobalPermission.VIEW_PLUGINS, GlobalCapability.VIEW_PLUGINS)
.put(GlobalPermission.VIEW_QUEUE, GlobalCapability.VIEW_QUEUE)
.put(GlobalPermission.VIEW_ACCESS, GlobalCapability.VIEW_ACCESS)
.build();
static {

View File

@ -50,7 +50,8 @@ public enum GlobalPermission implements GlobalOrPluginPermission {
VIEW_CACHES,
VIEW_CONNECTIONS,
VIEW_PLUGINS,
VIEW_QUEUE;
VIEW_QUEUE,
VIEW_ACCESS;
private static final Logger log = LoggerFactory.getLogger(GlobalPermission.class);

View File

@ -68,7 +68,8 @@ public class CheckAccess implements RestModifyView<ProjectResource, AccessCheckI
public AccessCheckInfo apply(ProjectResource rsrc, AccessCheckInput input)
throws OrmException, PermissionBackendException, RestApiException, IOException,
ConfigInvalidException {
permissionBackend.user(rsrc.getUser()).check(GlobalPermission.ADMINISTRATE_SERVER);
permissionBackend.user(rsrc.getUser()).check(GlobalPermission.VIEW_ACCESS);
rsrc.getProjectState().checkStatePermitsRead();
if (input == null) {

View File

@ -36,6 +36,7 @@ class CapabilityInfo {
public boolean viewConnections;
public boolean viewPlugins;
public boolean viewQueue;
public boolean viewAccess;
static class QueryLimit {
short min;

View File

@ -19,3 +19,4 @@ viewCaches = View Caches
viewConnections = View Connections
viewPlugins = View Plugins
viewQueue = View Queue
viewAccess = View Access