Disallow publish change edit when user has not signed CLA
Bug: issue 3504 Change-Id: I4b3b5607e8742c90ceb68e87c571df076cd82dad
This commit is contained in:

committed by
David Ostrovsky

parent
0573f65bff
commit
d1a1699dd1
@@ -29,6 +29,7 @@ import com.google.gerrit.common.data.Permission;
|
|||||||
import com.google.gerrit.common.data.PermissionRule;
|
import com.google.gerrit.common.data.PermissionRule;
|
||||||
import com.google.gerrit.extensions.api.GerritApi;
|
import com.google.gerrit.extensions.api.GerritApi;
|
||||||
import com.google.gerrit.extensions.api.changes.RevisionApi;
|
import com.google.gerrit.extensions.api.changes.RevisionApi;
|
||||||
|
import com.google.gerrit.extensions.client.InheritableBoolean;
|
||||||
import com.google.gerrit.extensions.client.ListChangesOption;
|
import com.google.gerrit.extensions.client.ListChangesOption;
|
||||||
import com.google.gerrit.extensions.common.ChangeInfo;
|
import com.google.gerrit.extensions.common.ChangeInfo;
|
||||||
import com.google.gerrit.extensions.common.EditInfo;
|
import com.google.gerrit.extensions.common.EditInfo;
|
||||||
@@ -307,6 +308,15 @@ public abstract class AbstractDaemonTest {
|
|||||||
saveProjectConfig(allProjects, cfg);
|
saveProjectConfig(allProjects, cfg);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected void setUseContributorAgreements(InheritableBoolean value)
|
||||||
|
throws Exception {
|
||||||
|
MetaDataUpdate md = metaDataUpdateFactory.create(project);
|
||||||
|
ProjectConfig config = ProjectConfig.read(md);
|
||||||
|
config.getProject().setUseContributorAgreements(value);
|
||||||
|
config.commit(md);
|
||||||
|
projectCache.evict(config.getProject());
|
||||||
|
}
|
||||||
|
|
||||||
protected void deny(String permission, AccountGroup.UUID id, String ref)
|
protected void deny(String permission, AccountGroup.UUID id, String ref)
|
||||||
throws Exception {
|
throws Exception {
|
||||||
ProjectConfig cfg = projectCache.checkedGet(project).getConfig();
|
ProjectConfig cfg = projectCache.checkedGet(project).getConfig();
|
||||||
|
@@ -21,6 +21,7 @@ import static com.google.gerrit.acceptance.GitUtil.createProject;
|
|||||||
import static java.nio.charset.StandardCharsets.UTF_8;
|
import static java.nio.charset.StandardCharsets.UTF_8;
|
||||||
import static java.util.concurrent.TimeUnit.MILLISECONDS;
|
import static java.util.concurrent.TimeUnit.MILLISECONDS;
|
||||||
import static java.util.concurrent.TimeUnit.SECONDS;
|
import static java.util.concurrent.TimeUnit.SECONDS;
|
||||||
|
import static org.apache.http.HttpStatus.SC_FORBIDDEN;
|
||||||
import static org.apache.http.HttpStatus.SC_CONFLICT;
|
import static org.apache.http.HttpStatus.SC_CONFLICT;
|
||||||
import static org.apache.http.HttpStatus.SC_NOT_FOUND;
|
import static org.apache.http.HttpStatus.SC_NOT_FOUND;
|
||||||
import static org.apache.http.HttpStatus.SC_NO_CONTENT;
|
import static org.apache.http.HttpStatus.SC_NO_CONTENT;
|
||||||
@@ -35,6 +36,7 @@ import com.google.gerrit.acceptance.PushOneCommit;
|
|||||||
import com.google.gerrit.acceptance.RestResponse;
|
import com.google.gerrit.acceptance.RestResponse;
|
||||||
import com.google.gerrit.acceptance.RestSession;
|
import com.google.gerrit.acceptance.RestSession;
|
||||||
import com.google.gerrit.extensions.api.changes.ReviewInput;
|
import com.google.gerrit.extensions.api.changes.ReviewInput;
|
||||||
|
import com.google.gerrit.extensions.client.InheritableBoolean;
|
||||||
import com.google.gerrit.extensions.client.ListChangesOption;
|
import com.google.gerrit.extensions.client.ListChangesOption;
|
||||||
import com.google.gerrit.extensions.common.ApprovalInfo;
|
import com.google.gerrit.extensions.common.ApprovalInfo;
|
||||||
import com.google.gerrit.extensions.common.ChangeInfo;
|
import com.google.gerrit.extensions.common.ChangeInfo;
|
||||||
@@ -187,6 +189,22 @@ public class ChangeEditIT extends AbstractDaemonTest {
|
|||||||
assertThat(edit.isPresent()).isFalse();
|
assertThat(edit.isPresent()).isFalse();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void publishEditRestWithoutCLA() throws Exception {
|
||||||
|
setUseContributorAgreements(InheritableBoolean.TRUE);
|
||||||
|
PatchSet oldCurrentPatchSet = getCurrentPatchSet(changeId);
|
||||||
|
assertThat(modifier.createEdit(change, oldCurrentPatchSet)).isEqualTo(
|
||||||
|
RefUpdate.Result.NEW);
|
||||||
|
assertThat(
|
||||||
|
modifier.modifyFile(editUtil.byChange(change).get(), FILE_NAME,
|
||||||
|
RestSession.newRawInput(CONTENT_NEW))).isEqualTo(RefUpdate.Result.FORCED);
|
||||||
|
RestResponse r = adminSession.post(urlPublish());
|
||||||
|
assertThat(r.getStatusCode()).isEqualTo(SC_FORBIDDEN);
|
||||||
|
setUseContributorAgreements(InheritableBoolean.FALSE);
|
||||||
|
r = adminSession.post(urlPublish());
|
||||||
|
assertThat(r.getStatusCode()).isEqualTo(SC_NO_CONTENT);
|
||||||
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void rebaseEdit() throws Exception {
|
public void rebaseEdit() throws Exception {
|
||||||
assertThat(modifier.createEdit(change, ps)).isEqualTo(RefUpdate.Result.NEW);
|
assertThat(modifier.createEdit(change, ps)).isEqualTo(RefUpdate.Result.NEW);
|
||||||
|
@@ -15,6 +15,7 @@
|
|||||||
package com.google.gerrit.server.change;
|
package com.google.gerrit.server.change;
|
||||||
|
|
||||||
import com.google.common.base.Optional;
|
import com.google.common.base.Optional;
|
||||||
|
import com.google.gerrit.common.data.Capable;
|
||||||
import com.google.gerrit.extensions.registration.DynamicMap;
|
import com.google.gerrit.extensions.registration.DynamicMap;
|
||||||
import com.google.gerrit.extensions.restapi.AcceptsPost;
|
import com.google.gerrit.extensions.restapi.AcceptsPost;
|
||||||
import com.google.gerrit.extensions.restapi.AuthException;
|
import com.google.gerrit.extensions.restapi.AuthException;
|
||||||
@@ -85,6 +86,12 @@ public class PublishChangeEdit implements
|
|||||||
public Response<?> apply(ChangeResource rsrc, Publish.Input in)
|
public Response<?> apply(ChangeResource rsrc, Publish.Input in)
|
||||||
throws AuthException, ResourceConflictException, NoSuchChangeException,
|
throws AuthException, ResourceConflictException, NoSuchChangeException,
|
||||||
IOException, InvalidChangeOperationException, OrmException {
|
IOException, InvalidChangeOperationException, OrmException {
|
||||||
|
Capable r =
|
||||||
|
rsrc.getControl().getProjectControl().canPushToAtLeastOneRef();
|
||||||
|
if (r != Capable.OK) {
|
||||||
|
throw new AuthException(r.getMessage());
|
||||||
|
}
|
||||||
|
|
||||||
Optional<ChangeEdit> edit = editUtil.byChange(rsrc.getChange());
|
Optional<ChangeEdit> edit = editUtil.byChange(rsrc.getChange());
|
||||||
if (!edit.isPresent()) {
|
if (!edit.isPresent()) {
|
||||||
throw new ResourceConflictException(String.format(
|
throw new ResourceConflictException(String.format(
|
||||||
|
Reference in New Issue
Block a user