Added the emailReviewers as a global capability

This adds functionality to deny the emailing of reviewers to certain groups. This will replace the emailOnlyAuthors flag on the AccountGroup. Change-Id: If3697e88df50e0b0256b5b6a1ea810343124b96f
2012-04-10 13:41:19 -07:00
parent 7a9bb6adc8
commit d9488f0c37
5 changed files with 62 additions and 16 deletions
--- a/gerrit-server/src/main/java/com/google/gerrit/server/account/CapabilityControl.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/CapabilityControl.java
@@ -15,11 +15,14 @@
 package com.google.gerrit.server.account;

 import com.google.common.base.Function;
+import com.google.common.base.Predicate;
+import com.google.common.base.Predicates;
 import com.google.common.collect.Iterables;
 import com.google.gerrit.common.data.GlobalCapability;
 import com.google.gerrit.common.data.GroupReference;
 import com.google.gerrit.common.data.PermissionRange;
 import com.google.gerrit.common.data.PermissionRule;
+import com.google.gerrit.common.data.PermissionRule.Action;
 import com.google.gerrit.reviewdb.client.AccountGroup;
 import com.google.gerrit.server.CurrentUser;
 import com.google.gerrit.server.PeerDaemonUser;
@@ -45,6 +48,7 @@ public class CapabilityControl {
  private final Map<String, List<PermissionRule>> effective;

  private Boolean canAdministrateServer;
+  private Boolean canEmailReviewers;

  @Inject
  CapabilityControl(ProjectCache projectCache, @Assisted CurrentUser currentUser) {
@@ -62,7 +66,7 @@ public class CapabilityControl {
  public boolean canAdministrateServer() {
    if (canAdministrateServer == null) {
      canAdministrateServer = user instanceof PeerDaemonUser
-          || matchAny(capabilities.administrateServer);
+          || matchAny(capabilities.administrateServer, ALLOWED_RULE);
    }
    return canAdministrateServer;
  }
@@ -85,6 +89,17 @@ public class CapabilityControl {
      || canAdministrateServer();
  }

+  /** @return true if the user can email reviewers. */
+  public boolean canEmailReviewers() {
+    if (canEmailReviewers == null) {
+      canEmailReviewers =
+          matchAny(capabilities.emailReviewers, ALLOWED_RULE)
+          || !matchAny(capabilities.emailReviewers, Predicates.not(ALLOWED_RULE));
+
+    }
+    return canEmailReviewers;
+  }
+
  /** @return true if the user can kill any running task. */
  public boolean canKillTask() {
    return canPerform(GlobalCapability.KILL_TASK)
@@ -222,8 +237,16 @@ public class CapabilityControl {
    return mine;
  }

-  private boolean matchAny(List<PermissionRule> rules) {
-    Iterable<AccountGroup.UUID> ids = Iterables.transform(rules,
+  private static final Predicate<PermissionRule> ALLOWED_RULE = new Predicate<PermissionRule>() {
+    @Override
+    public boolean apply(PermissionRule rule) {
+      return rule.getAction() == Action.ALLOW;
+    }
+  };
+
+  private boolean matchAny(Iterable<PermissionRule> rules, Predicate<PermissionRule> predicate) {
+    Iterable<AccountGroup.UUID> ids = Iterables.transform(
+        Iterables.filter(rules, predicate),
        new Function<PermissionRule, AccountGroup.UUID>() {
          @Override
          public AccountGroup.UUID apply(PermissionRule rule) {