| // Copyright (C) 2014 The Android Open Source Project |
| // |
| // Licensed under the Apache License, Version 2.0 (the "License"); |
| // you may not use this file except in compliance with the License. |
| // You may obtain a copy of the License at |
| // |
| // http://www.apache.org/licenses/LICENSE-2.0 |
| // |
| // Unless required by applicable law or agreed to in writing, software |
| // distributed under the License is distributed on an "AS IS" BASIS, |
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| // See the License for the specific language governing permissions and |
| // limitations under the License. |
| |
| package com.google.gerrit.server.project; |
| |
| import static com.google.gerrit.common.data.Permission.READ; |
| import static com.google.gerrit.server.group.SystemGroupBackend.REGISTERED_USERS; |
| import static com.google.gerrit.server.project.Util.allow; |
| import static com.google.gerrit.server.project.Util.deny; |
| import static org.junit.Assert.assertFalse; |
| import static org.junit.Assert.assertTrue; |
| |
| import com.google.gerrit.lifecycle.LifecycleManager; |
| import com.google.gerrit.reviewdb.client.Account; |
| import com.google.gerrit.reviewdb.client.Project; |
| import com.google.gerrit.reviewdb.server.ReviewDb; |
| import com.google.gerrit.server.IdentifiedUser; |
| import com.google.gerrit.server.account.AccountManager; |
| import com.google.gerrit.server.account.AuthRequest; |
| import com.google.gerrit.server.git.ProjectConfig; |
| import com.google.gerrit.server.schema.SchemaCreator; |
| import com.google.gerrit.testutil.InMemoryDatabase; |
| import com.google.gerrit.testutil.InMemoryModule; |
| import com.google.gerrit.testutil.InMemoryRepositoryManager; |
| import com.google.inject.Guice; |
| import com.google.inject.Inject; |
| import com.google.inject.Injector; |
| import com.google.inject.util.Providers; |
| |
| import org.eclipse.jgit.internal.storage.dfs.InMemoryRepository; |
| import org.eclipse.jgit.junit.TestRepository; |
| import org.eclipse.jgit.lib.ObjectId; |
| import org.eclipse.jgit.revwalk.RevCommit; |
| import org.eclipse.jgit.revwalk.RevWalk; |
| import org.junit.After; |
| import org.junit.Before; |
| import org.junit.Test; |
| |
| /** Unit tests for {@link ProjectControl}. */ |
| public class ProjectControlTest { |
| @Inject private AccountManager accountManager; |
| @Inject private IdentifiedUser.GenericFactory userFactory; |
| @Inject private InMemoryDatabase schemaFactory; |
| @Inject private InMemoryRepositoryManager repoManager; |
| @Inject private ProjectControl.GenericFactory projectControlFactory; |
| @Inject private SchemaCreator schemaCreator; |
| |
| private LifecycleManager lifecycle; |
| private ReviewDb db; |
| private TestRepository<InMemoryRepository> repo; |
| private ProjectConfig project; |
| private IdentifiedUser user; |
| |
| @Before |
| public void setUp() throws Exception { |
| Injector injector = Guice.createInjector(new InMemoryModule()); |
| injector.injectMembers(this); |
| lifecycle = new LifecycleManager(); |
| lifecycle.add(injector); |
| lifecycle.start(); |
| |
| db = schemaFactory.open(); |
| schemaCreator.create(db); |
| Account.Id userId = accountManager.authenticate(AuthRequest.forUser("user")) |
| .getAccountId(); |
| user = userFactory.create(Providers.of(db), userId); |
| |
| Project.NameKey name = new Project.NameKey("project"); |
| InMemoryRepository inMemoryRepo = repoManager.createRepository(name); |
| project = new ProjectConfig(name); |
| project.load(inMemoryRepo); |
| repo = new TestRepository<>(inMemoryRepo); |
| } |
| |
| @After |
| public void tearDown() { |
| if (repo != null) { |
| repo.getRepository().close(); |
| } |
| if (lifecycle != null) { |
| lifecycle.stop(); |
| } |
| if (db != null) { |
| db.close(); |
| } |
| InMemoryDatabase.drop(schemaFactory); |
| } |
| |
| @Test |
| public void canReadCommitWhenAllRefsVisible() throws Exception { |
| allow(project, READ, REGISTERED_USERS, "refs/*"); |
| ObjectId id = repo.branch("master").commit().create(); |
| ProjectControl pc = newProjectControl(); |
| RevWalk rw = repo.getRevWalk(); |
| assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(id))); |
| } |
| |
| @Test |
| public void canReadCommitIfRefVisible() throws Exception { |
| allow(project, READ, REGISTERED_USERS, "refs/heads/branch1"); |
| deny(project, READ, REGISTERED_USERS, "refs/heads/branch2"); |
| |
| ObjectId id1 = repo.branch("branch1").commit().create(); |
| ObjectId id2 = repo.branch("branch2").commit().create(); |
| |
| ProjectControl pc = newProjectControl(); |
| RevWalk rw = repo.getRevWalk(); |
| assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(id1))); |
| assertFalse(pc.canReadCommit(db, rw, rw.parseCommit(id2))); |
| } |
| |
| @Test |
| public void canReadCommitIfReachableFromVisibleRef() throws Exception { |
| allow(project, READ, REGISTERED_USERS, "refs/heads/branch1"); |
| deny(project, READ, REGISTERED_USERS, "refs/heads/branch2"); |
| |
| RevCommit parent1 = repo.commit().create(); |
| repo.branch("branch1").commit().parent(parent1).create(); |
| |
| RevCommit parent2 = repo.commit().create(); |
| repo.branch("branch2").commit().parent(parent2).create(); |
| |
| ProjectControl pc = newProjectControl(); |
| RevWalk rw = repo.getRevWalk(); |
| assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(parent1))); |
| assertFalse(pc.canReadCommit(db, rw, rw.parseCommit(parent2))); |
| } |
| |
| @Test |
| public void cannotReadAfterRollbackWithRestrictedRead() throws Exception { |
| allow(project, READ, REGISTERED_USERS, "refs/heads/branch1"); |
| |
| RevCommit parent1 = repo.commit().create(); |
| ObjectId id1 = repo.branch("branch1").commit().parent(parent1).create(); |
| |
| ProjectControl pc = newProjectControl(); |
| RevWalk rw = repo.getRevWalk(); |
| assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(parent1))); |
| assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(id1))); |
| |
| repo.branch("branch1").update(parent1); |
| assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(parent1))); |
| assertFalse(pc.canReadCommit(db, rw, rw.parseCommit(id1))); |
| } |
| |
| @Test |
| public void canReadAfterRollbackWithAllRefsVisible() throws Exception { |
| allow(project, READ, REGISTERED_USERS, "refs/*"); |
| |
| RevCommit parent1 = repo.commit().create(); |
| ObjectId id1 = repo.branch("branch1").commit().parent(parent1).create(); |
| |
| ProjectControl pc = newProjectControl(); |
| RevWalk rw = repo.getRevWalk(); |
| assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(parent1))); |
| assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(id1))); |
| |
| repo.branch("branch1").update(parent1); |
| assertTrue(pc.canReadCommit(db, rw, rw.parseCommit(parent1))); |
| assertFalse(pc.canReadCommit(db, rw, rw.parseCommit(id1))); |
| } |
| |
| private ProjectControl newProjectControl() throws Exception { |
| return projectControlFactory.controlFor(project.getName(), user); |
| } |
| } |