* changes:
Replace canUpload with CREATE_CHANGE
Convert GetAccess and canAddRefs to PermissionBackend
Convert forge author, committer, server to PermissionBackend
Push option bypass-review disables validation
* changes:
Remove superfluous final in gerrit/server/patch/
Remove superfluous final from server/query/change
Remove superfluous final from server/query/
Remove superfluous final from gerrit/httpd/
Remove unneeded final modifiers from gerrit-server/src/main/java/com/google/gerrit/server/git/*.
Check RefPermission.CREATE_CHANGE before creating a change, instead of
relying on the legacy RefControl.canUpload(). This delegates creation
decisions through the PermissionBackend.
Change-Id: Ic76e96ca6079a179ae65fa2de436fb6df929b6d9
Introduce a new ProjectPermission CREATE_REF which supports hinting if
the user may be permitted to create references within the project.
This is similar to RefPermission CREATE_CHANGE where the parent scope
may be needed to test support for creation of a child.
Unlike CREATE_CHANGE, application code does still check RefPermission
CREATE during operations on the actual proposed reference name.
Change-Id: I02204500265cb97c4fb92f40f01b6c738c06b5b1
Add RefPermission BYPASS_REVIEW which can be selectively requested
with a push option, for example:
git push -o bypass-review origin master
When set this option skips validating the new commits if the user has
BYPASS_REVIEW permission in the PermissionBackend. For the default
backend this is a set of permissions that must all be present in order
to use this option.
Gerrit still ignores the bypass-review option on refs/meta/config (as
it must validate the configuration parses), and on the refs/for/ magic
branch, where it needs to update code reviews.
Change-Id: I80ad4785226de7113f0bf6812c7709ba2c6ec73c
GetReflog uses Repository#getReflogReader, but this is not implemented
by DfsRepository which is used in the test framework. As a result, calls
to this API method from tests results in UnsupportedOperationException.
Modify GetReflog to catch the UOE and rethrow as MethodNotAllowed, so
we get a graceful failure rather than "internal server error".
In the tests, expect MethodNotAllowed, with a TODO to rework when/if
the implementation of getReflogReader is done in DfsRepository.
Change-Id: I0d0d718ca4e4ecf2c544ea6e912397c20e2fd7e3
Some plugins implement Prolog predicates that need to get accounts.
E.g. the find-owners plugin has a Prolog predicate that loads the
accounts for all approvals on a change.
SubmitRuleEvaluator sets ReviewDb as a stored value in the Prolog
environment and hence Prolog predicates in plugins have access to it.
When accounts are moved to NoteDb accounts are no longer accessible
through ReviewDb. Hence the Prolog predicates need a different way to
get accounts. For this we make the AccountCache available by setting it
as a stored value in the Prolog environment.
Using the account cache instead of accessing the database should also
improve performance of Prolog predicates that need to access accounts.
Change-Id: I363a8ee0400622b4cc25d44f1d6fc876c951d412
Signed-off-by: Edwin Kempin <ekempin@google.com>
This change extends the existing cherry-pick endpoints to allow
users to specify the base commit of the cherry-pick destination.
If the base commit represents a visible change revision on the
destination branch, the change status must be either 'New' or
'Merged'.
Alternatively, the base commit can be a merged commit on the
destination branch with no change associated with it.
Change-Id: I6721a2d88f4b73058dc1abf3e85c4184e46088c5
Having this method allows us to implement loading all accounts from
NoteDb later.
Change-Id: Ifc1d1113f0687ae599a7cbad56cd50ae1c9a3608
Signed-off-by: Edwin Kempin <ekempin@google.com>
We use ScheduledThreadPoolExecutor#terminated to manage cleanup of
WorkQueue. Callers of unregisterWorkQueue should just delete the call.
Change-Id: I0208c8643bd71eb287ff553f80e7ffe547f3ffbe
* changes:
Highlight hunks which are due to rebase on PolyGerrit
Copy due_to_rebase to subgroups in gr-diff-processor
Move diff tests from RevisionIT to RevisionDiffIT
Mark hunks which are present due to a rebase when diffing patch sets
The registration of PluginModule and PluginRestApiModule needs to be
decoupled because they are conceptually separate, even if one (PluginModule)
needs to happen before the other (PluginRestApiModule).
This is a pre-requisite for the next change I87da6ac6 where the PluginModule
registration needs to be moved around without necessarily having an impact
on the PluginRestApiModule.
Change-Id: I80fee34e5bda5afb480c8d103e6e83b8ae11c8eb
The ExternalIdCache allows to get external IDs by account and by email.
So far in memory it only held a Multimap for external IDs by account.
When external IDs by email were requested it iterated over all external
IDs from the map looking for matches by email. Instead of iterating over
all external IDs each time external IDs by email are requested we now
have a seperate Multimap to store external IDs by email. This improves
lookup times by email at the cost of additional memory for caching
external IDs by email. Once lookup of external IDs by email is efficient
we can get rid of the AccountByEmailCache and rather lookup accounts by
email through the ExternalIdCache. This will be implemented in a
follow-up commit.
Change-Id: I33b4bc5d6e710eafbf136782a14e0d819edd74e0
Signed-off-by: Edwin Kempin <ekempin@google.com>
So far it only checks that preferred emails are backed by
corresponding external IDs. E.g. change I2b3c5c9d assumes that each
preferred email exists as external ID.
Change-Id: I824caa34545b1ba147fb71ede503104ba1d5481c
Signed-off-by: Edwin Kempin <ekempin@google.com>
The diff between two patch sets contains hunks which weren't
introduced by either patch set if a rebase occurred between those
patch sets. Previous optimizations for this case simply omitted all
files which aren't touched by either of the patch sets.
This change goes one step further: All hunks which can clearly be
identified as being introduced by a rebase are marked. In case of
doubt (e.g. they overlap with a regular hunk), they aren't marked.
To be consistent with the previous behavior, we exclude all files from
the result which only contain hunks due to rebase. In some cases (e.g.
a patch set touches 'fileA' but all identified hunks were introduced
by the rebase), this rule can be stricter than the previously mentioned
(as the previous rule would still show file 'fileA' but we exclude it
now).
Hunks which are introduced by a rebase are identified by computing
the diff between the parents of the two patch sets and transforming
the result to differences in terms of treeA of patch set A and treeB
of patch set B. This follows a suggestion which was posted as a comment
(https://gerrit-review.googlesource.com/c/33091/5//COMMIT_MSG#7) in
change I63d3a21ad4f.
As we always determine which hunks are introduced by a rebase when
two commits are explicitly specified which don't share a common
parent, we will determine those hunks even when we compute the
diff between the parents of the patch sets provided that those
parents fulfill the condition of being separated by a rebase. Those
situations should be rare and hence we refrain from adding
optimizations for this case for the moment.
Bug: Issue 217
Change-Id: If06381d506d360f0e3d24d078dcb54692698e766
By default the first user that logs in to Gerrit automatically becomes
administrator. This is useful to bootstrap the authentication database.
However in automated server setups it should be controlled explicitly
who becomes admin and then it makes sense to disable this functionality.
The default behaviour (make the first user admin) is not changed.
Change-Id: Ic9778824e96ce4f61d974412aaaa6b40e6b465ba
Signed-off-by: Edwin Kempin <ekempin@google.com>
At Google we need to use these classes in a context where reindex is not
possible. Hence reindexing for the classes must be optional.
Change-Id: Id1017853982c6ca4e1cfa024f73d20dffad82bd6
Signed-off-by: Edwin Kempin <ekempin@google.com>
The account cache holds AccountState instances which contain the
external IDs of the accounts. Hence an account must be evicted from the
account cache when its external IDs are updated. At the moment it's the
responsibility of the caller to do the account eviction, but it can
easily be forgotten and it's more convenient if ExternalIdsUpdate takes
care of it. For some scenarios this may result in a few more cache
evictions (e.g. account creation), but for most operations the number of
account evictions should stay the same.
After updating external IDs the corresponding accounts also need to be
reindexed, but this is automatically done when accounts are evicted from
the account cache.
Change-Id: I1af02c7576eea81bb229a4663cb1e067ab137784
Signed-off-by: Edwin Kempin <ekempin@google.com>
AccountCache#get returns an empty AccountState instance for missing
accounts. Rather use AccountCache#getOrNull and don't index missing
accounts.
Change-Id: I6984e3c9cfc452fb8991031e1a5283a6792b4d96
Signed-off-by: Edwin Kempin <ekempin@google.com>
AccountCache#get returns an empty AccountState instance to represent a
missing account. Add a new AccountCache#getOrNull method that returns
null if an account is missing so that callers can special-case
non-existing accounts.
Change-Id: I51dcca79a4ec3ec71a09c9ec0da51fda03e19928
Signed-off-by: Edwin Kempin <ekempin@google.com>
Some callers make wrong assumptions about these methods. Documenting
these methods can help to avoid confusion.
Change-Id: I23b9f69c9e18c8de201f53d2a2db1f1e3aa7075c
Signed-off-by: Edwin Kempin <ekempin@google.com>
This commit fixes a bug that would falsely copy CCs as reviewers when
reverting a change.
Bug: Issue 6337
Change-Id: I7c659b4eb2aa98385d5e12c0323e645b1a5daf46
Previously, we have sent an initial email to CCs added upon push, but
have not persisted them. This change adds logic and tests to do so.
CCs have native support in NoteDb and legacy support in ReviewDb where
they are added as reviewers instead. This mirrors what we do in
PostReviewers and PostReview.
Change-Id: I4177526707141ffe676a5e4db534aeb740b7d53f
Previously, we used the change id to identify a change from an inbound
email. This is error prone as the change id as such isn't unique without
a project and a branch (triplet). This change replaces this use with the
change number instead, which is unique by itself.
Bug: Issue 6449
Change-Id: I4f9696f48c2136d47ae94f59bf96a148ae598ebb
The database indexes that were only needed to support these methods are
deleted.
Change-Id: Iefc47c2dbe404453636d347c4fc2f3bc9a5c1cd4
Signed-off-by: Edwin Kempin <ekempin@google.com>
