opendev/gerrit
Code Issues Proposed changes

Merge branch 'stable-2.8'

Browse Source 
* stable-2.8:
  ReceiveCommits: Fix PUSH permission check for draft changes
  Don't allow project owners to create branches if create is blocked
  Add acceptance test for branch creation
  Wrong button is passed to revert action handler

Conflicts:
	gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/git/BUCK
	gerrit-server/src/test/java/com/google/gerrit/server/project/RefControlTest.java

Change-Id: I11e4b0c846fa60b1bec67c4ca90de3d8fce6df8c
This commit is contained in:
Shawn Pearce 2014-01-27 17:28:07 -08:00
commit afb1efb683
8 changed files with 354 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Documentation/access-control.txt
View File

@ -399,6 +399,14 @@ of adding individual reviewers before making the change public to all. The
change page will have a 'Publish' button which allows you to convert individual change page will have a 'Publish' button which allows you to convert individual
draft patch sets of a change into public patch sets for review. draft patch sets of a change into public patch sets for review.
To block push permission to `refs/drafts/*` the following permission rule can
be configured:
====
[access "refs/drafts/*"]
push = block group Anonymous Users
====
[[access_categories]] [[access_categories]]
== Access Categories == Access Categories

2
gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/git/BUCK
View File

@ -1,7 +1,7 @@
include_defs('//gerrit-acceptance-tests/tests.defs') include_defs('//gerrit-acceptance-tests/tests.defs')
acceptance_tests( acceptance_tests(
srcs = ['SubmitOnPushIT.java'], srcs = ['DraftChangeBlockedIT.java', 'SubmitOnPushIT.java'],
deps = ['//gerrit-acceptance-tests:lib'], deps = ['//gerrit-acceptance-tests:lib'],
) )

114
gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/git/DraftChangeBlockedIT.java Normal file
View File

@ -0,0 +1,114 @@
// Copyright (C) 2014 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package com.google.gerrit.acceptance.git;
import static com.google.gerrit.acceptance.GitUtil.cloneProject;
import static com.google.gerrit.acceptance.GitUtil.createProject;
import static com.google.gerrit.server.group.SystemGroupBackend.ANONYMOUS_USERS;
import static com.google.gerrit.server.project.Util.grant;
import com.google.gerrit.acceptance.AbstractDaemonTest;
import com.google.gerrit.acceptance.AccountCreator;
import com.google.gerrit.acceptance.PushOneCommit;
import com.google.gerrit.acceptance.SshSession;
import com.google.gerrit.common.data.Permission;
import com.google.gerrit.reviewdb.client.Project;
import com.google.gerrit.reviewdb.server.ReviewDb;
import com.google.gerrit.server.config.AllProjectsName;
import com.google.gerrit.server.git.MetaDataUpdate;
import com.google.gerrit.server.git.ProjectConfig;
import com.google.gerrit.server.project.ProjectCache;
import com.google.gwtorm.server.OrmException;
import com.google.gwtorm.server.SchemaFactory;
import com.google.inject.Inject;
import org.eclipse.jgit.api.Git;
import org.eclipse.jgit.api.errors.GitAPIException;
import org.junit.Before;
import org.junit.Test;
import java.io.IOException;
public class DraftChangeBlockedIT extends AbstractDaemonTest {
@Inject
private AccountCreator accounts;
@Inject
private SchemaFactory<ReviewDb> reviewDbProvider;
@Inject
private ProjectCache projectCache;
@Inject
private AllProjectsName allProjects;
@Inject
private MetaDataUpdate.Server metaDataUpdateFactory;
@Inject
private PushOneCommit.Factory pushFactory;
private Project.NameKey project;
private Git git;
private ReviewDb db;
@Before
public void setUp() throws Exception {
ProjectConfig cfg = projectCache.checkedGet(allProjects).getConfig();
grant(cfg, Permission.PUSH, ANONYMOUS_USERS,
"refs/drafts/*").setBlock();
saveProjectConfig(cfg);
project = new Project.NameKey("p");
SshSession sshSession = new SshSession(server, admin);
createProject(sshSession, project.get());
db = reviewDbProvider.open();
git = cloneProject(sshSession.getUrl() + "/" + project.get());
sshSession.close();
}
@Test
public void testPushDraftChange_Blocked() throws GitAPIException,
OrmException, IOException {
// create draft by pushing to 'refs/drafts/'
PushOneCommit.Result r = pushTo("refs/drafts/master");
r.assertErrorStatus("cannot upload drafts");
}
@Test
public void testPushDraftChangeMagic_Blocked() throws GitAPIException,
OrmException, IOException {
// create draft by using 'draft' option
PushOneCommit.Result r = pushTo("refs/for/master%draft");
r.assertErrorStatus("cannot upload drafts");
}
private PushOneCommit.Result pushTo(String ref) throws GitAPIException,
IOException {
PushOneCommit push = pushFactory.create(db, admin.getIdent());
return push.to(git, ref);
}
private void saveProjectConfig(ProjectConfig cfg) throws IOException {
MetaDataUpdate md = metaDataUpdateFactory.create(allProjects);
try {
cfg.commit(md);
} finally {
md.close();
}
}
}

181
gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/rest/project/CreateBranchIT.java Normal file
View File

@ -0,0 +1,181 @@
// Copyright (C) 2014 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package com.google.gerrit.acceptance.rest.project;
import static com.google.gerrit.acceptance.GitUtil.createProject;
import static org.junit.Assert.assertEquals;
import com.google.gerrit.acceptance.AbstractDaemonTest;
import com.google.gerrit.acceptance.RestResponse;
import com.google.gerrit.acceptance.RestSession;
import com.google.gerrit.acceptance.SshSession;
import com.google.gerrit.acceptance.TestAccount;
import com.google.gerrit.common.data.AccessSection;
import com.google.gerrit.common.data.Permission;
import com.google.gerrit.common.data.PermissionRule;
import com.google.gerrit.reviewdb.client.Branch;
import com.google.gerrit.reviewdb.client.Project;
import com.google.gerrit.server.account.GroupCache;
import com.google.gerrit.server.config.AllProjectsNameProvider;
import com.google.gerrit.server.git.MetaDataUpdate;
import com.google.gerrit.server.git.ProjectConfig;
import com.google.gerrit.server.group.SystemGroupBackend;
import com.google.gerrit.server.project.ProjectCache;
import com.google.inject.Inject;
import org.apache.http.HttpStatus;
import org.eclipse.jgit.errors.ConfigInvalidException;
import org.junit.Before;
import org.junit.Test;
import java.io.IOException;
public class CreateBranchIT extends AbstractDaemonTest {
@Inject
private MetaDataUpdate.Server metaDataUpdateFactory;
@Inject
private ProjectCache projectCache;
@Inject
private GroupCache groupCache;
@Inject
private AllProjectsNameProvider allProjects;
private RestSession userSession;
private Project.NameKey project;
private Branch.NameKey branch;
@Before
public void setUp() throws Exception {
TestAccount user = accounts.create("user", "user@example.com", "User");
userSession = new RestSession(server, user);
project = new Project.NameKey("p");
branch = new Branch.NameKey(project, "test");
SshSession sshSession = new SshSession(server, admin);
try {
createProject(sshSession, project.get(), null, true);
} finally {
sshSession.close();
}
}
@Test
public void createBranch_Forbidden() throws IOException {
RestResponse r =
userSession.put("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_FORBIDDEN, r.getStatusCode());
}
@Test
public void createBranchByAdmin() throws IOException {
RestResponse r =
adminSession.put("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_CREATED, r.getStatusCode());
r.consume();
r = adminSession.get("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_OK, r.getStatusCode());
}
@Test
public void branchAlreadyExists_Conflict() throws IOException {
RestResponse r =
adminSession.put("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_CREATED, r.getStatusCode());
r.consume();
r = adminSession.put("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_CONFLICT, r.getStatusCode());
}
@Test
public void createBranchByProjectOwner() throws IOException,
ConfigInvalidException {
grantOwner();
RestResponse r =
userSession.put("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_CREATED, r.getStatusCode());
r.consume();
r = adminSession.get("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_OK, r.getStatusCode());
}
@Test
public void createBranchByAdminCreateReferenceBlocked() throws IOException,
ConfigInvalidException {
blockCreateReference();
RestResponse r =
adminSession.put("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_CREATED, r.getStatusCode());
r.consume();
r = adminSession.get("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_OK, r.getStatusCode());
}
@Test
public void createBranchByProjectOwnerCreateReferenceBlocked_Forbidden()
throws IOException, ConfigInvalidException {
grantOwner();
blockCreateReference();
RestResponse r =
userSession.put("/projects/" + project.get()
+ "/branches/" + branch.getShortName());
assertEquals(HttpStatus.SC_FORBIDDEN, r.getStatusCode());
}
private void blockCreateReference() throws IOException, ConfigInvalidException {
MetaDataUpdate md = metaDataUpdateFactory.create(allProjects.get());
md.setMessage(String.format("Block %s", Permission.CREATE));
ProjectConfig config = ProjectConfig.read(md);
AccessSection s = config.getAccessSection("refs/*", true);
Permission p = s.getPermission(Permission.CREATE, true);
PermissionRule rule = new PermissionRule(config.resolve(
SystemGroupBackend.getGroup(SystemGroupBackend.ANONYMOUS_USERS)));
rule.setBlock();
p.add(rule);
config.commit(md);
projectCache.evict(config.getProject());
}
private void grantOwner() throws IOException, ConfigInvalidException {
MetaDataUpdate md = metaDataUpdateFactory.create(project);
md.setMessage(String.format("Grant %s", Permission.OWNER));
ProjectConfig config = ProjectConfig.read(md);
AccessSection s = config.getAccessSection("refs/*", true);
Permission p = s.getPermission(Permission.OWNER, true);
PermissionRule rule = new PermissionRule(config.resolve(
SystemGroupBackend.getGroup(SystemGroupBackend.REGISTERED_USERS)));
p.add(rule);
config.commit(md);
projectCache.evict(config.getProject());
}
}

2
gerrit-gwtui/src/main/java/com/google/gerrit/client/change/Actions.java
View File

@ -193,7 +193,7 @@ class Actions extends Composite {
@UiHandler("revert") @UiHandler("revert")
void onRevert(ClickEvent e) { void onRevert(ClickEvent e) {
RevertAction.call(cherrypick, changeId, revision, project, subject); RevertAction.call(revert, changeId, revision, project, subject);
} }
private static void a2b(NativeMap<ActionInfo> actions, String a, Button b) { private static void a2b(NativeMap<ActionInfo> actions, String a, Button b) {

10
gerrit-server/src/main/java/com/google/gerrit/server/git/ReceiveCommits.java
View File

@ -50,6 +50,7 @@ import com.google.gerrit.common.ChangeHooks;
import com.google.gerrit.common.Nullable; import com.google.gerrit.common.Nullable;
import com.google.gerrit.common.data.Capable; import com.google.gerrit.common.data.Capable;
import com.google.gerrit.common.data.LabelTypes; import com.google.gerrit.common.data.LabelTypes;
import com.google.gerrit.common.data.Permission;
import com.google.gerrit.common.data.PermissionRule; import com.google.gerrit.common.data.PermissionRule;
import com.google.gerrit.extensions.registration.DynamicMap; import com.google.gerrit.extensions.registration.DynamicMap;
import com.google.gerrit.extensions.registration.DynamicMap.Entry; import com.google.gerrit.extensions.registration.DynamicMap.Entry;
@ -1177,6 +1178,15 @@ public class ReceiveCommits {
reject(cmd, "project is read only"); reject(cmd, "project is read only");
return; return;
} }
if (magicBranch.isDraft()
&& projectControl.controlForRef("refs/drafts/" + ref)
.isBlocked(Permission.PUSH)) {
errors.put(Error.CODE_REVIEW, ref);
reject(cmd, "cannot upload drafts");
return;
}
if (!magicBranch.ctl.canUpload()) { if (!magicBranch.ctl.canUpload()) {
errors.put(Error.CODE_REVIEW, ref); errors.put(Error.CODE_REVIEW, ref);
reject(cmd, "cannot upload review"); reject(cmd, "cannot upload review");

14
gerrit-server/src/main/java/com/google/gerrit/server/project/RefControl.java
View File

@ -246,7 +246,8 @@ public class RefControl {
} }
if (object instanceof RevCommit) { if (object instanceof RevCommit) {
return owner return getCurrentUser().getCapabilities().canAdministrateServer()
|| (owner && !isBlocked(Permission.CREATE))
|| (canPerform(Permission.CREATE) && projectControl.canReadCommit(rw, || (canPerform(Permission.CREATE) && projectControl.canReadCommit(rw,
(RevCommit) object)); (RevCommit) object));
} else if (object instanceof RevTag) { } else if (object instanceof RevTag) {
@ -472,6 +473,15 @@ public class RefControl {
/** True if the user has this permission. Works only for non labels. */ /** True if the user has this permission. Works only for non labels. */
boolean canPerform(String permissionName) { boolean canPerform(String permissionName) {
return doCanPerform(permissionName, false);
}
/** True if the user is blocked from using this permission. */
public boolean isBlocked(String permissionName) {
return !doCanPerform(permissionName, true);
}
private boolean doCanPerform(String permissionName, boolean blockOnly) {
List<PermissionRule> access = access(permissionName); List<PermissionRule> access = access(permissionName);
Set<ProjectRef> allows = Sets.newHashSet(); Set<ProjectRef> allows = Sets.newHashSet();
Set<ProjectRef> blocks = Sets.newHashSet(); Set<ProjectRef> blocks = Sets.newHashSet();
@ -483,7 +493,7 @@ public class RefControl {
} }
} }
blocks.removeAll(allows); blocks.removeAll(allows);
return blocks.isEmpty() && !allows.isEmpty(); return blocks.isEmpty() && (!allows.isEmpty() || blockOnly);
} }
/** True if the user has force this permission. Works only for non labels. */ /** True if the user has force this permission. Works only for non labels. */

27
gerrit-server/src/test/java/com/google/gerrit/server/project/RefControlTest.java
View File

@ -141,6 +141,33 @@ public class RefControlTest {
u.controlForRef("refs/heads/foobar").canUpload()); u.controlForRef("refs/heads/foobar").canUpload());
} }
@Test
public void testBlockPushDrafts() {
grant(util.getParentConfig(), PUSH, REGISTERED_USERS, "refs/for/refs/*");
grant(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/drafts/*")
.setBlock();
ProjectControl u = util.user(local);
assertTrue("can upload refs/heads/master",
u.controlForRef("refs/heads/master").canUpload());
assertTrue("push is blocked to refs/drafts/master",
u.controlForRef("refs/drafts/refs/heads/master").isBlocked(PUSH));
}
@Test
public void testBlockPushDraftsUnblockAdmin() {
grant(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/drafts/*")
.setBlock();
grant(util.getParentConfig(), PUSH, ADMIN, "refs/drafts/*");
assertTrue("push is blocked for anonymous to refs/drafts/master",
util.user(local).controlForRef("refs/drafts/refs/heads/master")
.isBlocked(PUSH));
assertFalse("push is blocked for admin refs/drafts/master",
util.user(local, "a", ADMIN).controlForRef("refs/drafts/refs/heads/master")
.isBlocked(PUSH));
}
@Test @Test
public void testInheritRead_SingleBranchDoesNotOverrideInherited() { public void testInheritRead_SingleBranchDoesNotOverrideInherited() {
grant(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*"); grant(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*");