diff --git a/java/com/google/gerrit/server/query/change/ChangeQueryBuilder.java b/java/com/google/gerrit/server/query/change/ChangeQueryBuilder.java index 10b3bc8a2e..61726b8479 100644 --- a/java/com/google/gerrit/server/query/change/ChangeQueryBuilder.java +++ b/java/com/google/gerrit/server/query/change/ChangeQueryBuilder.java @@ -22,6 +22,7 @@ import static java.util.stream.Collectors.toSet; import com.google.common.annotations.VisibleForTesting; import com.google.common.base.Enums; import com.google.common.base.Splitter; +import com.google.common.collect.Iterables; import com.google.common.collect.Lists; import com.google.common.primitives.Ints; import com.google.gerrit.common.data.GroupDescription; @@ -913,12 +914,10 @@ public class ChangeQueryBuilder extends QueryBuilder { return isVisible(); } Set m = args.accountResolver.findAll(who); - if (!m.isEmpty()) { - List> p = Lists.newArrayListWithCapacity(m.size()); - for (Account.Id id : m) { - return visibleto(args.userFactory.create(id)); - } - return Predicate.or(p); + if (m.size() == 1) { + return visibleto(args.userFactory.create(Iterables.getOnlyElement(m))); + } else if (m.size() > 1) { + throw error(String.format("\"%s\" resolves to multiple accounts", who)); } // If its not an account, maybe its a group? diff --git a/javatests/com/google/gerrit/server/query/change/AbstractQueryChangesTest.java b/javatests/com/google/gerrit/server/query/change/AbstractQueryChangesTest.java index 0ebbdc9fe0..bd2b3596d5 100644 --- a/javatests/com/google/gerrit/server/query/change/AbstractQueryChangesTest.java +++ b/javatests/com/google/gerrit/server/query/change/AbstractQueryChangesTest.java @@ -1710,16 +1710,43 @@ public abstract class AbstractQueryChangesTest extends GerritServerTests { assertQuery(q + " visibleto:self", change2, change1); // Second user cannot see first user's private change - Account.Id user2 = createAccount("anotheruser"); + Account.Id user2 = createAccount("user2"); assertQuery(q + " visibleto:" + user2.get(), change1); - assertQuery(q + " visibleto:anotheruser", change1); + assertQuery(q + " visibleto:user2", change1); String g1 = createGroup("group1", "Administrators"); - gApi.groups().id(g1).addMembers("anotheruser"); + gApi.groups().id(g1).addMembers("user2"); assertQuery(q + " visibleto:" + g1, change1); requestContext.setContext(newRequestContext(user2)); assertQuery("is:visible", change1); + + Account.Id user3 = createAccount("user3"); + + // Explicitly authenticate user2 and user3 so that display name gets set + AuthRequest authRequest = AuthRequest.forUser("user2"); + authRequest.setDisplayName("Another User"); + authRequest.setEmailAddress("user2@example.com"); + accountManager.authenticate(authRequest); + authRequest = AuthRequest.forUser("user3"); + authRequest.setDisplayName("Another User"); + authRequest.setEmailAddress("user3@example.com"); + accountManager.authenticate(authRequest); + + // Switch to user3 + requestContext.setContext(newRequestContext(user3)); + Change change3 = insert(repo, newChange(repo), user3); + Change change4 = insert(repo, newChangePrivate(repo), user3); + + // User3 can see both their changes and the first user's change + assertQuery(q + " visibleto:" + user3.get(), change4, change3, change1); + + // User2 cannot see user3's private change + assertQuery(q + " visibleto:" + user2.get(), change3, change1); + + // Query as user3 by display name matching user2 and user3; bad request + assertFailingQuery( + q + " visibleto:\"Another User\"", "\"Another User\" resolves to multiple accounts"); } @Test