Google Git
Sign in
gerrit / gerrit / d4a2865f205ab46971658206e58a8f731ca7f18c
commitd4a2865f205ab46971658206e58a8f731ca7f18c[log] [tgz]
authorEdwin Kempin <ekempin@google.com>Mon Mar 27 12:03:58 2023 +0200
committerEdwin Kempin <ekempin@google.com>Tue Mar 28 07:34:04 2023 +0000
tree187d5ff87c23c1006f5c5b837df50e2f0aa13ce2
parent1a96d08aef59b4ed98acb3bca3e6c9f422facac2 [diff]
Add global capability that allows to view secondary emails

If users have multiple emails only the preferred email is visible to
other users. This means when users change their preferred email, the new
preferred email becomes visible while the old preferred email stops to
be visible.

This can be a problem for bots that operate on emails, as emails can
suddenly become non-visible. E.g. if all users have a corporate email
and optionally other emails, a bot that uses the corporate emails (e.g.
to auto-assign reviewers on changes) stops working when users change
their preferred email to a non-corporate email, as this makes the
corporate email non-visible. Now, with the new View Secondary Emails
global capability it's possible to allow the bot to view all emails, so
that this is no longer a problem.

This became an issue now after change I799bf1c57 fixed an issue that
allowed users to resolve secondary emails although they should not have
been able to see them.

So far the only work-around was to assign the bot the Modify Account
global capability that allows to view secondary emails too, but this
capability is too broad as it also allows to modify all accounts.

So basically the new View Secondary Emails capability is just a subset
of the existing Modify Account capability: both capabilities allow to
see secondary emails of other accounts, but the Modify Account
capability allows in addition to modify accounts.

The Modify Account global capability continues allowing to view
secondary emails. This means having the Modify Account capability
implies having the View Secondary Emails capability.

Having the permission to view secondary emails of other accounts,
doesn't change anything about account visibility, but it only allows
resolving secondary emails to visible accounts. This means if a
secondary email is used as account identifier in the REST API it can
only be resolved if the account is visible and the calling user can see
secondary emails.

If a user asks for secondary emails of an account (e.g. a REST call to
list all emails of an account, or querying accounts with
ListAccountsOption ALL_EMAILS), but the user cannot see secondary emails
we return "view secondary emails not permitted" as the error message now
(before the error message was "modify account not permitted"). The new
error message should be easier to understand.

Bug: Google b/272679324
Release-Notes: Added global capability that allows to view secondary emails
Signed-off-by: Edwin Kempin <ekempin@google.com>
Change-Id: Iec901ec050974ed62bc74c9df5f8ca88c2956fae
17 files changed
tree: 187d5ff87c23c1006f5c5b837df50e2f0aa13ce2
  1. .settings/
  2. .ts-out/
  3. antlr3/
  4. contrib/
  5. Documentation/
  6. e2e-tests/
  7. java/
  8. javatests/
  9. lib/
  10. modules/
  11. plugins/
  12. polygerrit-ui/
  13. prolog/
  14. prologtests/
  15. proto/
  16. resources/
  17. tools/
  18. webapp/
  19. polymer-bridges
  20. .bazelignore
  21. .bazelproject
  22. .bazelrc
  23. .bazelversion
  24. .editorconfig
  25. .git-blame-ignore-revs
  26. .gitignore
  27. .gitmodules
  28. .gitreview
  29. .mailmap
  30. .pydevproject
  31. .zuul.yaml
  32. BUILD
  33. COPYING
  34. INSTALL
  35. Jenkinsfile
  36. package.json
  37. README.md
  38. SUBMITTING_PATCHES
  39. version.bzl
  40. web-dev-server.config.mjs
  41. WORKSPACE
  42. yarn.lock
README.md

Gerrit Code Review

Gerrit is a code review and project management tool for Git based projects.

Build Status Maven Central

Objective

Gerrit makes reviews easier by showing changes in a side-by-side display, and allowing inline comments to be added by any reviewer.

Gerrit simplifies Git based project maintainership by permitting any authorized user to submit changes to the master Git repository, rather than requiring all approved changes to be merged in by hand by the project maintainer.

Documentation

For information about how to install and use Gerrit, refer to the documentation.

Source

Our canonical Git repository is located on googlesource.com. There is a mirror of the repository on Github.

Reporting bugs

Please report bugs on the issue tracker.

Contribute

Gerrit is the work of hundreds of contributors. We appreciate your help!

Please read the contribution guidelines.

Note that we do not accept Pull Requests via the Github mirror.

Getting in contact

The Developer Mailing list is repo-discuss on Google Groups.

License

Gerrit is provided under the Apache License 2.0.

Build

Install Bazel and run the following:

    git clone --recurse-submodules https://gerrit.googlesource.com/gerrit
    cd gerrit && bazel build release

Install binary packages (Deb/Rpm)

The instruction how to configure GerritForge/BinTray repositories is here

On Debian/Ubuntu run:

    apt-get update && apt-get install gerrit=<version>-<release>

NOTE: release is a counter that starts with 1 and indicates the number of packages that have been released with the same version of the software.

On CentOS/RedHat run:

    yum clean all && yum install gerrit-<version>[-<release>]

On Fedora run:

    dnf clean all && dnf install gerrit-<version>[-<release>]

Use pre-built Gerrit images on Docker

Docker images of Gerrit are available on DockerHub

To run a CentOS 8 based Gerrit image:

    docker run -p 8080:8080 gerritcodereview/gerrit[:version]-centos8

To run a Ubuntu 20.04 based Gerrit image:

    docker run -p 8080:8080 gerritcodereview/gerrit[:version]-ubuntu20

NOTE: release is optional. Last released package of the version is installed if the release number is omitted.