opendev/gerrit
Code Issues Proposed changes
Files
20a3c80765d7cd77f0576ed99fee47a21d1e9ac7
gerrit/java/com/google/gerrit/server/ApprovalsUtil.java
Changcheng Xiao 2530d60b49 Don't use #test(Permission) when #check(permission) is expected 
By design, the result of #test(permission) should only considered as a
hint and they might be more permissive than reality. This method should
be used by some cases, e.g. rendering UI, where the unreliable results
are acceptable.

However, there are lots of #test usages which should have been #check.
This is not a problem for DefaultPermissionBackend because both #check
and #test go the same method in the end. But it is a problem for other
permission backend implementations because #test and #check could be
different there.

This CL replaces those #test with #check. It should be a no-op and
should't change existing behaviors.

Change-Id: Ie2cc7adb81ccde4591daff35bacca74f97bc3e25
2018-07-10 10:24:17 +02:00

466 lines
16 KiB
Java
Raw Blame History

// Copyright (C) 2009 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package com.google.gerrit.server;
import static com.google.common.base.Preconditions.checkArgument;
import static com.google.gerrit.server.notedb.ReviewerStateInternal.CC;
import static com.google.gerrit.server.notedb.ReviewerStateInternal.REVIEWER;
import static java.util.Comparator.comparing;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableListMultimap;
import com.google.common.collect.Iterables;
import com.google.common.collect.ListMultimap;
import com.google.common.collect.Lists;
import com.google.common.collect.Ordering;
import com.google.common.collect.Sets;
import com.google.common.flogger.FluentLogger;
import com.google.common.primitives.Shorts;
import com.google.gerrit.common.Nullable;
import com.google.gerrit.common.data.LabelType;
import com.google.gerrit.common.data.LabelTypes;
import com.google.gerrit.extensions.restapi.AuthException;
import com.google.gerrit.extensions.restapi.BadRequestException;
import com.google.gerrit.extensions.restapi.RestApiException;
import com.google.gerrit.reviewdb.client.Account;
import com.google.gerrit.reviewdb.client.Change;
import com.google.gerrit.reviewdb.client.LabelId;
import com.google.gerrit.reviewdb.client.PatchSet;
import com.google.gerrit.reviewdb.client.PatchSetApproval;
import com.google.gerrit.reviewdb.client.PatchSetInfo;
import com.google.gerrit.reviewdb.server.ReviewDb;
import com.google.gerrit.server.notedb.ChangeNotes;
import com.google.gerrit.server.notedb.ChangeUpdate;
import com.google.gerrit.server.notedb.NotesMigration;
import com.google.gerrit.server.notedb.ReviewerStateInternal;
import com.google.gerrit.server.permissions.ChangePermission;
import com.google.gerrit.server.permissions.LabelPermission;
import com.google.gerrit.server.permissions.PermissionBackend;
import com.google.gerrit.server.permissions.PermissionBackendException;
import com.google.gerrit.server.project.ProjectCache;
import com.google.gerrit.server.util.LabelVote;
import com.google.gwtorm.server.OrmException;
import com.google.inject.Inject;
import com.google.inject.Singleton;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import org.eclipse.jgit.lib.Config;
import org.eclipse.jgit.revwalk.RevWalk;
/**
* Utility functions to manipulate patchset approvals.
*
* <p>Approvals are overloaded, they represent both approvals and reviewers which should be CCed on
* a change. To ensure that reviewers are not lost there must always be an approval on each patchset
* for each reviewer, even if the reviewer hasn't actually given a score to the change. To mark the
* "no score" case, a dummy approval, which may live in any of the available categories, with a
* score of 0 is used.
*
* <p>The methods in this class only modify the gwtorm database.
*/
@Singleton
public class ApprovalsUtil {
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
private static final Ordering<PatchSetApproval> SORT_APPROVALS =
Ordering.from(comparing(PatchSetApproval::getGranted));
public static List<PatchSetApproval> sortApprovals(Iterable<PatchSetApproval> approvals) {
return SORT_APPROVALS.sortedCopy(approvals);
}
public static PatchSetApproval newApproval(
PatchSet.Id psId, CurrentUser user, LabelId labelId, int value, Date when) {
PatchSetApproval psa =
new PatchSetApproval(
new PatchSetApproval.Key(psId, user.getAccountId(), labelId),
Shorts.checkedCast(value),
when);
user.updateRealAccountId(psa::setRealAccountId);
return psa;
}
private static Iterable<PatchSetApproval> filterApprovals(
Iterable<PatchSetApproval> psas, Account.Id accountId) {
return Iterables.filter(psas, a -> Objects.equals(a.getAccountId(), accountId));
}
private final NotesMigration migration;
private final ApprovalCopier copier;
private final PermissionBackend permissionBackend;
private final ProjectCache projectCache;
@VisibleForTesting
@Inject
public ApprovalsUtil(
NotesMigration migration,
ApprovalCopier copier,
PermissionBackend permissionBackend,
ProjectCache projectCache) {
this.migration = migration;
this.copier = copier;
this.permissionBackend = permissionBackend;
this.projectCache = projectCache;
}
/**
* Get all reviewers for a change.
*
* @param db review database.
* @param notes change notes.
* @return reviewers for the change.
* @throws OrmException if reviewers for the change could not be read.
*/
public ReviewerSet getReviewers(ReviewDb db, ChangeNotes notes) throws OrmException {
if (!migration.readChanges()) {
return ReviewerSet.fromApprovals(db.patchSetApprovals().byChange(notes.getChangeId()));
}
return notes.load().getReviewers();
}
/**
* Get all reviewers and CCed accounts for a change.
*
* @param allApprovals all approvals to consider; must all belong to the same change.
* @return reviewers for the change.
* @throws OrmException if reviewers for the change could not be read.
*/
public ReviewerSet getReviewers(ChangeNotes notes, Iterable<PatchSetApproval> allApprovals)
throws OrmException {
if (!migration.readChanges()) {
return ReviewerSet.fromApprovals(allApprovals);
}
return notes.load().getReviewers();
}
/**
* Get updates to reviewer set. Always returns empty list for ReviewDb.
*
* @param notes change notes.
* @return reviewer updates for the change.
* @throws OrmException if reviewer updates for the change could not be read.
*/
public List<ReviewerStatusUpdate> getReviewerUpdates(ChangeNotes notes) throws OrmException {
if (!migration.readChanges()) {
return ImmutableList.of();
}
return notes.load().getReviewerUpdates();
}
public List<PatchSetApproval> addReviewers(
ReviewDb db,
ChangeUpdate update,
LabelTypes labelTypes,
Change change,
PatchSet ps,
PatchSetInfo info,
Iterable<Account.Id> wantReviewers,
Collection<Account.Id> existingReviewers)
throws OrmException {
return addReviewers(
db,
update,
labelTypes,
change,
ps.getId(),
info.getAuthor().getAccount(),
info.getCommitter().getAccount(),
wantReviewers,
existingReviewers);
}
public List<PatchSetApproval> addReviewers(
ReviewDb db,
ChangeNotes notes,
ChangeUpdate update,
LabelTypes labelTypes,
Change change,
Iterable<Account.Id> wantReviewers)
throws OrmException {
PatchSet.Id psId = change.currentPatchSetId();
Collection<Account.Id> existingReviewers;
if (migration.readChanges()) {
// If using NoteDB, we only want reviewers in the REVIEWER state.
existingReviewers = notes.load().getReviewers().byState(REVIEWER);
} else {
// Prior to NoteDB, we gather all reviewers regardless of state.
existingReviewers = getReviewers(db, notes).all();
}
// Existing reviewers should include pending additions in the REVIEWER
// state, taken from ChangeUpdate.
existingReviewers = Lists.newArrayList(existingReviewers);
for (Map.Entry<Account.Id, ReviewerStateInternal> entry : update.getReviewers().entrySet()) {
if (entry.getValue() == REVIEWER) {
existingReviewers.add(entry.getKey());
}
}
return addReviewers(
db, update, labelTypes, change, psId, null, null, wantReviewers, existingReviewers);
}
private List<PatchSetApproval> addReviewers(
ReviewDb db,
ChangeUpdate update,
LabelTypes labelTypes,
Change change,
PatchSet.Id psId,
Account.Id authorId,
Account.Id committerId,
Iterable<Account.Id> wantReviewers,
Collection<Account.Id> existingReviewers)
throws OrmException {
List<LabelType> allTypes = labelTypes.getLabelTypes();
if (allTypes.isEmpty()) {
return ImmutableList.of();
}
Set<Account.Id> need = Sets.newLinkedHashSet(wantReviewers);
if (authorId != null && canSee(db, update.getNotes(), authorId)) {
need.add(authorId);
}
if (committerId != null && canSee(db, update.getNotes(), committerId)) {
need.add(committerId);
}
need.remove(change.getOwner());
need.removeAll(existingReviewers);
if (need.isEmpty()) {
return ImmutableList.of();
}
List<PatchSetApproval> cells = Lists.newArrayListWithCapacity(need.size());
LabelId labelId = Iterables.getLast(allTypes).getLabelId();
for (Account.Id account : need) {
cells.add(
new PatchSetApproval(
new PatchSetApproval.Key(psId, account, labelId), (short) 0, update.getWhen()));
update.putReviewer(account, REVIEWER);
}
db.patchSetApprovals().upsert(cells);
return Collections.unmodifiableList(cells);
}
private boolean canSee(ReviewDb db, ChangeNotes notes, Account.Id accountId) {
try {
if (!projectCache.checkedGet(notes.getProjectName()).statePermitsRead()) {
return false;
}
permissionBackend
.absentUser(accountId)
.change(notes)
.database(db)
.check(ChangePermission.READ);
return true;
} catch (AuthException e) {
return false;
} catch (IOException | PermissionBackendException e) {
logger.atWarning().withCause(e).log(
"Failed to check if account %d can see change %d",
accountId.get(), notes.getChangeId().get());
return false;
}
}
/**
* Adds accounts to a change as reviewers in the CC state.
*
* @param notes change notes.
* @param update change update.
* @param wantCCs accounts to CC.
* @return whether a change was made.
* @throws OrmException
*/
public Collection<Account.Id> addCcs(
ChangeNotes notes, ChangeUpdate update, Collection<Account.Id> wantCCs) throws OrmException {
return addCcs(update, wantCCs, notes.load().getReviewers());
}
private Collection<Account.Id> addCcs(
ChangeUpdate update, Collection<Account.Id> wantCCs, ReviewerSet existingReviewers) {
Set<Account.Id> need = new LinkedHashSet<>(wantCCs);
need.removeAll(existingReviewers.all());
need.removeAll(update.getReviewers().keySet());
for (Account.Id account : need) {
update.putReviewer(account, CC);
}
return need;
}
/**
* Adds approvals to ChangeUpdate for a new patch set, and writes to ReviewDb.
*
* @param db review database.
* @param update change update.
* @param labelTypes label types for the containing project.
* @param ps patch set being approved.
* @param user user adding approvals.
* @param approvals approvals to add.
* @throws RestApiException
* @throws OrmException
*/
public Iterable<PatchSetApproval> addApprovalsForNewPatchSet(
ReviewDb db,
ChangeUpdate update,
LabelTypes labelTypes,
PatchSet ps,
CurrentUser user,
Map<String, Short> approvals)
throws RestApiException, OrmException, PermissionBackendException {
Account.Id accountId = user.getAccountId();
checkArgument(
accountId.equals(ps.getUploader()),
"expected user %s to match patch set uploader %s",
accountId,
ps.getUploader());
if (approvals.isEmpty()) {
return ImmutableList.of();
}
checkApprovals(approvals, permissionBackend.user(user).database(db).change(update.getNotes()));
List<PatchSetApproval> cells = new ArrayList<>(approvals.size());
Date ts = update.getWhen();
for (Map.Entry<String, Short> vote : approvals.entrySet()) {
LabelType lt = labelTypes.byLabel(vote.getKey());
cells.add(newApproval(ps.getId(), user, lt.getLabelId(), vote.getValue(), ts));
}
for (PatchSetApproval psa : cells) {
update.putApproval(psa.getLabel(), psa.getValue());
}
db.patchSetApprovals().insert(cells);
return cells;
}
public static void checkLabel(LabelTypes labelTypes, String name, Short value)
throws BadRequestException {
LabelType label = labelTypes.byLabel(name);
if (label == null) {
throw new BadRequestException(String.format("label \"%s\" is not a configured label", name));
}
if (label.getValue(value) == null) {
throw new BadRequestException(
String.format("label \"%s\": %d is not a valid value", name, value));
}
}
private static void checkApprovals(
Map<String, Short> approvals, PermissionBackend.ForChange forChange)
throws AuthException, PermissionBackendException {
for (Map.Entry<String, Short> vote : approvals.entrySet()) {
String name = vote.getKey();
Short value = vote.getValue();
try {
forChange.check(new LabelPermission.WithValue(name, value));
} catch (AuthException e) {
throw new AuthException(
String.format("applying label \"%s\": %d is restricted", name, value));
}
}
}
public ListMultimap<PatchSet.Id, PatchSetApproval> byChange(ReviewDb db, ChangeNotes notes)
throws OrmException {
if (!migration.readChanges()) {
ImmutableListMultimap.Builder<PatchSet.Id, PatchSetApproval> result =
ImmutableListMultimap.builder();
for (PatchSetApproval psa : db.patchSetApprovals().byChange(notes.getChangeId())) {
result.put(psa.getPatchSetId(), psa);
}
return result.build();
}
return notes.load().getApprovals();
}
public Iterable<PatchSetApproval> byPatchSet(
ReviewDb db,
ChangeNotes notes,
PatchSet.Id psId,
@Nullable RevWalk rw,
@Nullable Config repoConfig)
throws OrmException {
if (!migration.readChanges()) {
return sortApprovals(db.patchSetApprovals().byPatchSet(psId));
}
return copier.getForPatchSet(db, notes, psId, rw, repoConfig);
}
public Iterable<PatchSetApproval> byPatchSetUser(
ReviewDb db,
ChangeNotes notes,
PatchSet.Id psId,
Account.Id accountId,
@Nullable RevWalk rw,
@Nullable Config repoConfig)
throws OrmException {
if (!migration.readChanges()) {
return sortApprovals(db.patchSetApprovals().byPatchSetUser(psId, accountId));
}
return filterApprovals(byPatchSet(db, notes, psId, rw, repoConfig), accountId);
}
public PatchSetApproval getSubmitter(ReviewDb db, ChangeNotes notes, PatchSet.Id c) {
if (c == null) {
return null;
}
try {
// Submit approval is never copied, so bypass expensive byPatchSet call.
return getSubmitter(c, byChange(db, notes).get(c));
} catch (OrmException e) {
return null;
}
}
public static PatchSetApproval getSubmitter(PatchSet.Id c, Iterable<PatchSetApproval> approvals) {
if (c == null) {
return null;
}
PatchSetApproval submitter = null;
for (PatchSetApproval a : approvals) {
if (a.getPatchSetId().equals(c) && a.getValue() > 0 && a.isLegacySubmit()) {
if (submitter == null || a.getGranted().compareTo(submitter.getGranted()) > 0) {
submitter = a;
}
}
}
return submitter;
}
public static String renderMessageWithApprovals(
int patchSetId, Map<String, Short> n, Map<String, PatchSetApproval> c) {
StringBuilder msgs = new StringBuilder("Uploaded patch set " + patchSetId);
if (!n.isEmpty()) {
boolean first = true;
for (Map.Entry<String, Short> e : n.entrySet()) {
if (c.containsKey(e.getKey()) && c.get(e.getKey()).getValue() == e.getValue()) {
continue;
}
if (first) {
msgs.append(":");
first = false;
}
msgs.append(" ").append(LabelVote.create(e.getKey(), e.getValue()).format());
}
}
return msgs.toString();
}
}
View Git Blame Copy Permalink