gerrit/gerrit-server/src/main/java/com/google/gerrit/server/project/RemoveReviewerControl.java

// Copyright (C) 2017 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package com.google.gerrit.server.project;

import com.google.gerrit.extensions.restapi.AuthException;
import com.google.gerrit.reviewdb.client.Account;
import com.google.gerrit.reviewdb.client.Change;
import com.google.gerrit.reviewdb.client.PatchSetApproval;
import com.google.gerrit.reviewdb.server.ReviewDb;
import com.google.gerrit.server.CurrentUser;
import com.google.gerrit.server.notedb.ChangeNotes;
import com.google.gerrit.server.permissions.ChangePermission;
import com.google.gerrit.server.permissions.PermissionBackend;
import com.google.gerrit.server.permissions.PermissionBackendException;
import com.google.gerrit.server.query.change.ChangeData;
import com.google.gwtorm.server.OrmException;
import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;

@Singleton
public class RemoveReviewerControl {
  private final PermissionBackend permissionBackend;
  private final Provider<ReviewDb> dbProvider;
  private final ChangeControl.GenericFactory changeControlFactory;

  @Inject
  RemoveReviewerControl(
      PermissionBackend permissionBackend,
      Provider<ReviewDb> dbProvider,
      ChangeControl.GenericFactory changeControlFactory) {
    this.permissionBackend = permissionBackend;
    this.dbProvider = dbProvider;
    this.changeControlFactory = changeControlFactory;
  }

  /** @throws AuthException if this user is not allowed to remove this approval. */
  public void checkRemoveReviewer(
      ChangeNotes notes, CurrentUser currentUser, PatchSetApproval approval)
      throws PermissionBackendException, AuthException, NoSuchChangeException, OrmException {
    if (canRemoveReviewerWithoutPermissionCheck(
        notes.getChange(), currentUser, approval.getAccountId(), approval.getValue())) {
      return;
    }

    permissionBackend
        .user(currentUser)
        .change(notes)
        .database(dbProvider)
        .check(ChangePermission.REMOVE_REVIEWER);
  }

  /** @return true if the user is allowed to remove this reviewer. */
  public boolean testRemoveReviewer(
      ChangeData cd, CurrentUser currentUser, Account.Id reviewer, int value)
      throws PermissionBackendException, NoSuchChangeException, OrmException {
    if (canRemoveReviewerWithoutPermissionCheck(cd.change(), currentUser, reviewer, value)) {
      return true;
    }
    return permissionBackend
        .user(currentUser)
        .change(cd)
        .database(dbProvider)
        .test(ChangePermission.REMOVE_REVIEWER);
  }

  private boolean canRemoveReviewerWithoutPermissionCheck(
      Change change, CurrentUser currentUser, Account.Id reviewer, int value)
      throws NoSuchChangeException, OrmException {
    if (!change.getStatus().isOpen()) {
      return false;
    }

    if (currentUser.isIdentifiedUser()) {
      Account.Id aId = currentUser.getAccountId();
      if (aId.equals(reviewer)) {
        return true; // A user can always remove themselves.
      } else if (aId.equals(change.getOwner()) && 0 <= value) {
        return true; // The change owner may remove any zero or positive score.
      }
    }

    // Users with the remove reviewer permission, the branch owner, project
    // owner and site admin can remove anyone
    ChangeControl changeControl =
        changeControlFactory.controlFor(dbProvider.get(), change, currentUser);
    if (changeControl.getRefControl().isOwner() // branch owner
        || changeControl.getProjectControl().isOwner() // project owner
        || changeControl.getProjectControl().isAdmin()) { // project admin
      return true;
    }
    return false;
  }
}