gerrit-server/src/test/java/com/google/gerrit/server/project/ProjectControlTest.java - gerrit - Git at Google

 // Copyright (C) 2014 The Android Open Source Project
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 // http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 package com.google.gerrit.server.project;

 import static com.google.gerrit.common.data.Permission.READ;
 import static com.google.gerrit.server.group.SystemGroupBackend.REGISTERED_USERS;
 import static com.google.gerrit.server.project.Util.allow;
 import static com.google.gerrit.server.project.Util.deny;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertTrue;

 import com.google.gerrit.lifecycle.LifecycleManager;
 import com.google.gerrit.reviewdb.client.Account;
 import com.google.gerrit.reviewdb.client.Project;
 import com.google.gerrit.reviewdb.server.ReviewDb;
 import com.google.gerrit.server.IdentifiedUser;
 import com.google.gerrit.server.account.AccountManager;
 import com.google.gerrit.server.account.AuthRequest;
 import com.google.gerrit.server.git.ProjectConfig;
 import com.google.gerrit.server.schema.SchemaCreator;
 import com.google.gerrit.testutil.InMemoryDatabase;
 import com.google.gerrit.testutil.InMemoryModule;
 import com.google.gerrit.testutil.InMemoryRepositoryManager;
 import com.google.inject.Guice;
 import com.google.inject.Inject;
 import com.google.inject.Injector;
 import com.google.inject.util.Providers;

 import org.eclipse.jgit.internal.storage.dfs.InMemoryRepository;
 import org.eclipse.jgit.junit.TestRepository;
 import org.eclipse.jgit.lib.ObjectId;
 import org.eclipse.jgit.revwalk.RevCommit;
 import org.eclipse.jgit.revwalk.RevWalk;
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;

 /** Unit tests for {@link ProjectControl}. */
 public class ProjectControlTest {
   @Inject private AccountManager accountManager;
   @Inject private IdentifiedUser.GenericFactory userFactory;
   @Inject private InMemoryDatabase schemaFactory;
   @Inject private InMemoryRepositoryManager repoManager;
   @Inject private ProjectControl.GenericFactory projectControlFactory;
   @Inject private SchemaCreator schemaCreator;

   private LifecycleManager lifecycle;
   private ReviewDb db;
   private TestRepository<InMemoryRepository> repo;
   private ProjectConfig project;
   private IdentifiedUser user;

   @Before
   public void setUp() throws Exception {
     Injector injector = Guice.createInjector(new InMemoryModule());
     injector.injectMembers(this);
     lifecycle = new LifecycleManager();
     lifecycle.add(injector);
     lifecycle.start();

     db = schemaFactory.open();
     schemaCreator.create(db);
     Account.Id userId = accountManager.authenticate(AuthRequest.forUser("user"))
         .getAccountId();
     user = userFactory.create(Providers.of(db), userId);

     Project.NameKey name = new Project.NameKey("project");
     InMemoryRepository inMemoryRepo = repoManager.createRepository(name);
     project = new ProjectConfig(name);
     project.load(inMemoryRepo);
     repo = new TestRepository<>(inMemoryRepo);
   }

   @After
   public void tearDown() {
     if (repo != null) {
       repo.getRepository().close();
     }
     if (lifecycle != null) {
       lifecycle.stop();
     }
     if (db != null) {
       db.close();
     }
     InMemoryDatabase.drop(schemaFactory);
   }

   @Test
   public void canReadCommitWhenAllRefsVisible() throws Exception {
     allow(project, READ, REGISTERED_USERS, "refs/*");
     ObjectId id = repo.branch("master").commit().create();
     ProjectControl pc = newProjectControl();
     RevWalk rw = repo.getRevWalk();
     assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(id)));
   }

   @Test
   public void canReadCommitIfRefVisible() throws Exception {
     allow(project, READ, REGISTERED_USERS, "refs/heads/branch1");
     deny(project, READ, REGISTERED_USERS, "refs/heads/branch2");

     ObjectId id1 = repo.branch("branch1").commit().create();
     ObjectId id2 = repo.branch("branch2").commit().create();

     ProjectControl pc = newProjectControl();
     RevWalk rw = repo.getRevWalk();
     assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(id1)));
     assertFalse(pc.canReadCommit(db, rw, rw.parseCommit(id2)));
   }

   @Test
   public void canReadCommitIfReachableFromVisibleRef() throws Exception {
     allow(project, READ, REGISTERED_USERS, "refs/heads/branch1");
     deny(project, READ, REGISTERED_USERS, "refs/heads/branch2");

     RevCommit parent1 = repo.commit().create();
     repo.branch("branch1").commit().parent(parent1).create();

     RevCommit parent2 = repo.commit().create();
     repo.branch("branch2").commit().parent(parent2).create();

     ProjectControl pc = newProjectControl();
     RevWalk rw = repo.getRevWalk();
     assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(parent1)));
     assertFalse(pc.canReadCommit(db, rw, rw.parseCommit(parent2)));
   }

   @Test
   public void cannotReadAfterRollbackWithRestrictedRead() throws Exception {
     allow(project, READ, REGISTERED_USERS, "refs/heads/branch1");

     RevCommit parent1 = repo.commit().create();
     ObjectId id1 = repo.branch("branch1").commit().parent(parent1).create();

     ProjectControl pc = newProjectControl();
     RevWalk rw = repo.getRevWalk();
     assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(parent1)));
     assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(id1)));

     repo.branch("branch1").update(parent1);
     assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(parent1)));
     assertFalse(pc.canReadCommit(db, rw, rw.parseCommit(id1)));
   }

   @Test
   public void canReadAfterRollbackWithAllRefsVisible() throws Exception {
     allow(project, READ, REGISTERED_USERS, "refs/*");

     RevCommit parent1 = repo.commit().create();
     ObjectId id1 = repo.branch("branch1").commit().parent(parent1).create();

     ProjectControl pc = newProjectControl();
     RevWalk rw = repo.getRevWalk();
     assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(parent1)));
     assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(id1)));

     repo.branch("branch1").update(parent1);
     assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(parent1)));
     assertFalse(pc.canReadCommit(db, rw, rw.parseCommit(id1)));
   }

   private ProjectControl newProjectControl() throws Exception {
     return projectControlFactory.controlFor(project.getName(), user);
   }
 }
	// Copyright (C) 2014 The Android Open Source Project
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	package com.google.gerrit.server.project;

	import static com.google.gerrit.common.data.Permission.READ;
	import static com.google.gerrit.server.group.SystemGroupBackend.REGISTERED_USERS;
	import static com.google.gerrit.server.project.Util.allow;
	import static com.google.gerrit.server.project.Util.deny;
	import static org.junit.Assert.assertFalse;
	import static org.junit.Assert.assertTrue;

	import com.google.gerrit.lifecycle.LifecycleManager;
	import com.google.gerrit.reviewdb.client.Account;
	import com.google.gerrit.reviewdb.client.Project;
	import com.google.gerrit.reviewdb.server.ReviewDb;
	import com.google.gerrit.server.IdentifiedUser;
	import com.google.gerrit.server.account.AccountManager;
	import com.google.gerrit.server.account.AuthRequest;
	import com.google.gerrit.server.git.ProjectConfig;
	import com.google.gerrit.server.schema.SchemaCreator;
	import com.google.gerrit.testutil.InMemoryDatabase;
	import com.google.gerrit.testutil.InMemoryModule;
	import com.google.gerrit.testutil.InMemoryRepositoryManager;
	import com.google.inject.Guice;
	import com.google.inject.Inject;
	import com.google.inject.Injector;
	import com.google.inject.util.Providers;

	import org.eclipse.jgit.internal.storage.dfs.InMemoryRepository;
	import org.eclipse.jgit.junit.TestRepository;
	import org.eclipse.jgit.lib.ObjectId;
	import org.eclipse.jgit.revwalk.RevCommit;
	import org.eclipse.jgit.revwalk.RevWalk;
	import org.junit.After;
	import org.junit.Before;
	import org.junit.Test;

	/** Unit tests for {@link ProjectControl}. */
	public class ProjectControlTest {
	@Inject private AccountManager accountManager;
	@Inject private IdentifiedUser.GenericFactory userFactory;
	@Inject private InMemoryDatabase schemaFactory;
	@Inject private InMemoryRepositoryManager repoManager;
	@Inject private ProjectControl.GenericFactory projectControlFactory;
	@Inject private SchemaCreator schemaCreator;

	private LifecycleManager lifecycle;
	private ReviewDb db;
	private TestRepository<InMemoryRepository> repo;
	private ProjectConfig project;
	private IdentifiedUser user;

	@Before
	public void setUp() throws Exception {
	Injector injector = Guice.createInjector(new InMemoryModule());
	injector.injectMembers(this);
	lifecycle = new LifecycleManager();
	lifecycle.add(injector);
	lifecycle.start();

	db = schemaFactory.open();
	schemaCreator.create(db);
	Account.Id userId = accountManager.authenticate(AuthRequest.forUser("user"))
	.getAccountId();
	user = userFactory.create(Providers.of(db), userId);

	Project.NameKey name = new Project.NameKey("project");
	InMemoryRepository inMemoryRepo = repoManager.createRepository(name);
	project = new ProjectConfig(name);
	project.load(inMemoryRepo);
	repo = new TestRepository<>(inMemoryRepo);
	}

	@After
	public void tearDown() {
	if (repo != null) {
	repo.getRepository().close();
	}
	if (lifecycle != null) {
	lifecycle.stop();
	}
	if (db != null) {
	db.close();
	}
	InMemoryDatabase.drop(schemaFactory);
	}

	@Test
	public void canReadCommitWhenAllRefsVisible() throws Exception {
	allow(project, READ, REGISTERED_USERS, "refs/*");
	ObjectId id = repo.branch("master").commit().create();
	ProjectControl pc = newProjectControl();
	RevWalk rw = repo.getRevWalk();
	assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(id)));
	}

	@Test
	public void canReadCommitIfRefVisible() throws Exception {
	allow(project, READ, REGISTERED_USERS, "refs/heads/branch1");
	deny(project, READ, REGISTERED_USERS, "refs/heads/branch2");

	ObjectId id1 = repo.branch("branch1").commit().create();
	ObjectId id2 = repo.branch("branch2").commit().create();

	ProjectControl pc = newProjectControl();
	RevWalk rw = repo.getRevWalk();
	assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(id1)));
	assertFalse(pc.canReadCommit(db, rw, rw.parseCommit(id2)));
	}

	@Test
	public void canReadCommitIfReachableFromVisibleRef() throws Exception {
	allow(project, READ, REGISTERED_USERS, "refs/heads/branch1");
	deny(project, READ, REGISTERED_USERS, "refs/heads/branch2");

	RevCommit parent1 = repo.commit().create();
	repo.branch("branch1").commit().parent(parent1).create();

	RevCommit parent2 = repo.commit().create();
	repo.branch("branch2").commit().parent(parent2).create();

	ProjectControl pc = newProjectControl();
	RevWalk rw = repo.getRevWalk();
	assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(parent1)));
	assertFalse(pc.canReadCommit(db, rw, rw.parseCommit(parent2)));
	}

	@Test
	public void cannotReadAfterRollbackWithRestrictedRead() throws Exception {
	allow(project, READ, REGISTERED_USERS, "refs/heads/branch1");

	RevCommit parent1 = repo.commit().create();
	ObjectId id1 = repo.branch("branch1").commit().parent(parent1).create();

	ProjectControl pc = newProjectControl();
	RevWalk rw = repo.getRevWalk();
	assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(parent1)));
	assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(id1)));

	repo.branch("branch1").update(parent1);
	assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(parent1)));
	assertFalse(pc.canReadCommit(db, rw, rw.parseCommit(id1)));
	}

	@Test
	public void canReadAfterRollbackWithAllRefsVisible() throws Exception {
	allow(project, READ, REGISTERED_USERS, "refs/*");

	RevCommit parent1 = repo.commit().create();
	ObjectId id1 = repo.branch("branch1").commit().parent(parent1).create();

	ProjectControl pc = newProjectControl();
	RevWalk rw = repo.getRevWalk();
	assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(parent1)));
	assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(id1)));

	repo.branch("branch1").update(parent1);
	assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(parent1)));
	assertFalse(pc.canReadCommit(db, rw, rw.parseCommit(id1)));
	}

	private ProjectControl newProjectControl() throws Exception {
	return projectControlFactory.controlFor(project.getName(), user);
	}
	}