blob: 00e8fa42b4885e83e93745b5677079d1f03f635a [file] [log] [blame]
// Copyright (C) 2021 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package com.google.gerrit.pgm;
import com.google.common.flogger.FluentLogger;
import com.google.gerrit.extensions.config.FactoryModule;
import com.google.gerrit.lifecycle.LifecycleManager;
import com.google.gerrit.pgm.init.api.ConsoleUI;
import com.google.gerrit.pgm.util.SiteProgram;
import com.google.gerrit.server.account.externalids.ExternalId;
import com.google.gerrit.server.account.externalids.ExternalIds;
import com.google.gerrit.server.account.externalids.storage.notedb.DisabledExternalIdCache;
import com.google.gerrit.server.account.externalids.storage.notedb.ExternalIdCaseSensitivityMigrator;
import com.google.gerrit.server.account.externalids.storage.notedb.ExternalIdNoteDbReadStorageModule;
import com.google.gerrit.server.account.externalids.storage.notedb.ExternalIdNoteDbWriteStorageModule;
import com.google.gerrit.server.config.GerritServerConfig;
import com.google.gerrit.server.extensions.events.GitReferenceUpdated;
import com.google.gerrit.server.git.meta.MetaDataUpdate;
import com.google.gerrit.server.index.account.AccountSchemaDefinitions;
import com.google.gerrit.server.schema.NoteDbSchemaVersionCheck;
import com.google.inject.Inject;
import com.google.inject.Injector;
import com.google.inject.Key;
import com.google.inject.assistedinject.FactoryModuleBuilder;
import java.io.IOException;
import java.util.Collection;
import org.eclipse.jgit.errors.ConfigInvalidException;
import org.eclipse.jgit.lib.Config;
import org.eclipse.jgit.lib.ProgressMonitor;
import org.eclipse.jgit.lib.TextProgressMonitor;
import org.eclipse.jgit.storage.file.FileBasedConfig;
import org.eclipse.jgit.util.FS;
import org.kohsuke.args4j.Option;
/**
* Changes the case sensitivity of `username:` and `gerrit:` external IDs by recomputing the SHA-1
* sums used as note names.
*/
public class ChangeExternalIdCaseSensitivity extends SiteProgram {
private static final FluentLogger logger = FluentLogger.forEnclosingClass();
@Option(name = "--batch", usage = "Don't ask for confirmation before migrating.")
private boolean batch;
@Option(name = "--dryrun", usage = "Do a dryrun of the migration.")
private boolean dryrun;
private final LifecycleManager manager = new LifecycleManager();
private final TextProgressMonitor monitor = new TextProgressMonitor();
private Config globalConfig;
private boolean isUserNameCaseInsensitive;
private ConsoleUI ui;
@Inject private ExternalIds externalIds;
@Inject private ExternalIdCaseSensitivityMigrator.Factory migratorFactory;
@Override
public int run() throws Exception {
mustHaveValidSite();
ui = ConsoleUI.getInstance(batch);
Injector dbInjector = createDbInjector();
manager.add(dbInjector, dbInjector.createChildInjector(NoteDbSchemaVersionCheck.module()));
dbInjector
.createChildInjector(
new FactoryModule() {
@Override
protected void configure() {
bind(GitReferenceUpdated.class).toInstance(GitReferenceUpdated.DISABLED);
install(
new FactoryModuleBuilder()
.build(ExternalIdCaseSensitivityMigrator.Factory.class));
factory(MetaDataUpdate.InternalFactory.class);
install(new ExternalIdNoteDbReadStorageModule());
install(new ExternalIdNoteDbWriteStorageModule());
// The ChangeExternalIdCaseSensitivity program needs to access all external IDs only
// once to update them. After the update they are not accessed again. Hence the
// LocalUsernamesToLowerCase program doesn't benefit from caching external IDs and
// the external ID cache can be disabled.
install(DisabledExternalIdCache.module());
}
})
.injectMembers(this);
globalConfig = dbInjector.getInstance(Key.get(Config.class, GerritServerConfig.class));
this.isUserNameCaseInsensitive =
globalConfig.getBoolean("auth", "userNameCaseInsensitive", false);
String message =
"auth.userNameCaseInsensitive is set to %b. "
+ "External IDs will be migrated to be case %ssensitive. Continue?";
if (!ui.yesno(
true, message, isUserNameCaseInsensitive, isUserNameCaseInsensitive ? "" : "in")) {
return 0;
}
Collection<ExternalId> todo = externalIds.all();
monitor.beginTask("Converting external ID note names", todo.size());
manager.start();
try {
migratorFactory
.create(!isUserNameCaseInsensitive, dryrun)
.migrate(todo, () -> monitor.update(1));
} finally {
manager.stop();
monitor.endTask();
}
int exitCode;
if (!dryrun) {
updateGerritConfig();
exitCode = reindexAccounts();
} else {
exitCode = 0;
}
return exitCode;
}
private void updateGerritConfig() throws IOException, ConfigInvalidException {
logger.atInfo().log("Setting auth.userNameCaseInsensitive to true in gerrit.config.");
FileBasedConfig config =
new FileBasedConfig(
globalConfig, getSitePath().resolve("etc/gerrit.config").toFile(), FS.DETECTED);
config.load();
config.setBoolean("auth", null, "userNameCaseInsensitive", !isUserNameCaseInsensitive);
config.save();
}
private int reindexAccounts() throws Exception {
monitor.beginTask("Reindex accounts", ProgressMonitor.UNKNOWN);
String[] reindexArgs = {
"--site-path", getSitePath().toString(), "--index", AccountSchemaDefinitions.NAME
};
logger.atInfo().log(
"Migration complete, reindexing accounts with: reindex %s", String.join(" ", reindexArgs));
Reindex reindexPgm = new Reindex();
int exitCode = reindexPgm.main(reindexArgs);
monitor.endTask();
return exitCode;
}
}