java/com/google/gerrit/httpd/rpc/project/ReviewProjectAccess.java - gerrit - Git at Google

 // Copyright (C) 2012 The Android Open Source Project
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 // http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 package com.google.gerrit.httpd.rpc.project;

 import com.google.common.base.Throwables;
 import com.google.gerrit.common.Nullable;
 import com.google.gerrit.common.data.AccessSection;
 import com.google.gerrit.common.data.GlobalCapability;
 import com.google.gerrit.common.data.PermissionRule;
 import com.google.gerrit.extensions.api.changes.AddReviewerInput;
 import com.google.gerrit.extensions.restapi.AuthException;
 import com.google.gerrit.extensions.restapi.ResourceConflictException;
 import com.google.gerrit.extensions.restapi.RestApiException;
 import com.google.gerrit.reviewdb.client.Change;
 import com.google.gerrit.reviewdb.client.PatchSet;
 import com.google.gerrit.reviewdb.client.Project;
 import com.google.gerrit.reviewdb.client.RefNames;
 import com.google.gerrit.reviewdb.server.ReviewDb;
 import com.google.gerrit.server.CurrentUser;
 import com.google.gerrit.server.Sequences;
 import com.google.gerrit.server.account.GroupBackend;
 import com.google.gerrit.server.change.ChangeInserter;
 import com.google.gerrit.server.change.ChangeResource;
 import com.google.gerrit.server.config.AllProjectsName;
 import com.google.gerrit.server.config.GerritServerConfig;
 import com.google.gerrit.server.git.meta.MetaDataUpdate;
 import com.google.gerrit.server.group.SystemGroupBackend;
 import com.google.gerrit.server.permissions.PermissionBackend;
 import com.google.gerrit.server.permissions.PermissionBackendException;
 import com.google.gerrit.server.permissions.ProjectPermission;
 import com.google.gerrit.server.permissions.RefPermission;
 import com.google.gerrit.server.project.ContributorAgreementsChecker;
 import com.google.gerrit.server.project.ProjectCache;
 import com.google.gerrit.server.project.ProjectConfig;
 import com.google.gerrit.server.restapi.change.ChangesCollection;
 import com.google.gerrit.server.restapi.change.PostReviewers;
 import com.google.gerrit.server.restapi.project.SetParent;
 import com.google.gerrit.server.update.BatchUpdate;
 import com.google.gerrit.server.update.UpdateException;
 import com.google.gerrit.server.util.time.TimeUtil;
 import com.google.gwtorm.server.OrmException;
 import com.google.inject.Inject;
 import com.google.inject.Provider;
 import com.google.inject.assistedinject.Assisted;
 import java.io.IOException;
 import java.util.List;
 import org.eclipse.jgit.errors.ConfigInvalidException;
 import org.eclipse.jgit.lib.Config;
 import org.eclipse.jgit.lib.ObjectId;
 import org.eclipse.jgit.lib.ObjectInserter;
 import org.eclipse.jgit.lib.ObjectReader;
 import org.eclipse.jgit.revwalk.RevCommit;
 import org.eclipse.jgit.revwalk.RevWalk;

 public class ReviewProjectAccess extends ProjectAccessHandler<Change.Id> {
   interface Factory {
     ReviewProjectAccess create(
         @Assisted("projectName") Project.NameKey projectName,
         @Nullable @Assisted ObjectId base,
         @Assisted List<AccessSection> sectionList,
         @Nullable @Assisted("parentProjectName") Project.NameKey parentProjectName,
         @Nullable @Assisted String message);
   }

   private final ReviewDb db;
   private final PermissionBackend permissionBackend;
   private final Sequences seq;
   private final Provider<PostReviewers> reviewersProvider;
   private final ProjectCache projectCache;
   private final ChangesCollection changes;
   private final ChangeInserter.Factory changeInserterFactory;
   private final BatchUpdate.Factory updateFactory;
   private final boolean allowProjectOwnersToChangeParent;

   @Inject
   ReviewProjectAccess(
       PermissionBackend permissionBackend,
       GroupBackend groupBackend,
       MetaDataUpdate.User metaDataUpdateFactory,
       ReviewDb db,
       Provider<PostReviewers> reviewersProvider,
       ProjectCache projectCache,
       AllProjectsName allProjects,
       ChangesCollection changes,
       ChangeInserter.Factory changeInserterFactory,
       BatchUpdate.Factory updateFactory,
       Provider<SetParent> setParent,
       Sequences seq,
       ContributorAgreementsChecker contributorAgreements,
       Provider<CurrentUser> user,
       @GerritServerConfig Config config,
       @Assisted("projectName") Project.NameKey projectName,
       @Nullable @Assisted ObjectId base,
       @Assisted List<AccessSection> sectionList,
       @Nullable @Assisted("parentProjectName") Project.NameKey parentProjectName,
       @Nullable @Assisted String message) {
     super(
         groupBackend,
         metaDataUpdateFactory,
         allProjects,
         setParent,
         user.get(),
         projectName,
         base,
         sectionList,
         parentProjectName,
         message,
         contributorAgreements,
         permissionBackend,
         false);
     this.db = db;
     this.permissionBackend = permissionBackend;
     this.seq = seq;
     this.reviewersProvider = reviewersProvider;
     this.projectCache = projectCache;
     this.changes = changes;
     this.changeInserterFactory = changeInserterFactory;
     this.updateFactory = updateFactory;
     this.allowProjectOwnersToChangeParent =
         config.getBoolean("receive", "allowProjectOwnersToChangeParent", false);
   }

   // TODO(dborowitz): Hack MetaDataUpdate so it can be created within a BatchUpdate and we can avoid
   // calling setUpdateRef(false).
   @SuppressWarnings("deprecation")
   @Override
   protected Change.Id updateProjectConfig(
       ProjectConfig config, MetaDataUpdate md, boolean parentProjectUpdate)
       throws IOException, OrmException, AuthException, PermissionBackendException,
           ConfigInvalidException, ResourceConflictException {
     PermissionBackend.ForProject perm = permissionBackend.user(user).project(config.getName());
     if (!check(perm, ProjectPermission.READ_CONFIG)) {
       throw new AuthException(RefNames.REFS_CONFIG + " not visible");
     }

     if (!check(perm, ProjectPermission.WRITE_CONFIG)
         && !check(perm.ref(RefNames.REFS_CONFIG), RefPermission.CREATE_CHANGE)) {
       throw new AuthException("cannot create change for " + RefNames.REFS_CONFIG);
     }

     projectCache.checkedGet(config.getName()).checkStatePermitsWrite();

     md.setInsertChangeId(true);
     Change.Id changeId = new Change.Id(seq.nextChangeId());
     RevCommit commit =
         config.commitToNewRef(
             md, new PatchSet.Id(changeId, Change.INITIAL_PATCH_SET_ID).toRefName());
     if (commit.getId().equals(base)) {
       return null;
     }

     try (ObjectInserter objInserter = md.getRepository().newObjectInserter();
         ObjectReader objReader = objInserter.newReader();
         RevWalk rw = new RevWalk(objReader);
         BatchUpdate bu =
             updateFactory.create(db, config.getProject().getNameKey(), user, TimeUtil.nowTs())) {
       bu.setRepository(md.getRepository(), rw, objInserter);
       bu.insertChange(
           changeInserterFactory
               .create(changeId, commit, RefNames.REFS_CONFIG)
               .setValidate(false)
               .setUpdateRef(false)); // Created by commitToNewRef.
       bu.execute();
     } catch (UpdateException | RestApiException e) {
       throw new IOException(e);
     }

     ChangeResource rsrc;
     try {
       rsrc = changes.parse(changeId);
     } catch (RestApiException e) {
       throw new IOException(e);
     }
     addProjectOwnersAsReviewers(rsrc);
     if (parentProjectUpdate && !allowProjectOwnersToChangeParent) {
       addAdministratorsAsReviewers(rsrc);
     }
     return changeId;
   }

   private void addProjectOwnersAsReviewers(ChangeResource rsrc) {
     final String projectOwners = groupBackend.get(SystemGroupBackend.PROJECT_OWNERS).getName();
     try {
       AddReviewerInput input = new AddReviewerInput();
       input.reviewer = projectOwners;
       reviewersProvider.get().apply(rsrc, input);
     } catch (Exception e) {
       // one of the owner groups is not visible to the user and this it why it
       // can't be added as reviewer
       Throwables.throwIfUnchecked(e);
     }
   }

   private void addAdministratorsAsReviewers(ChangeResource rsrc) {
     List<PermissionRule> adminRules =
         projectCache
             .getAllProjects()
             .getConfig()
             .getAccessSection(AccessSection.GLOBAL_CAPABILITIES)
             .getPermission(GlobalCapability.ADMINISTRATE_SERVER)
             .getRules();
     for (PermissionRule r : adminRules) {
       try {
         AddReviewerInput input = new AddReviewerInput();
         input.reviewer = r.getGroup().getUUID().get();
         reviewersProvider.get().apply(rsrc, input);
       } catch (Exception e) {
         // ignore
         Throwables.throwIfUnchecked(e);
       }
     }
   }

   private boolean check(PermissionBackend.ForRef perm, RefPermission p)
       throws PermissionBackendException {
     try {
       perm.check(p);
       return true;
     } catch (AuthException denied) {
       return false;
     }
   }

   private boolean check(PermissionBackend.ForProject perm, ProjectPermission p)
       throws PermissionBackendException {
     try {
       perm.check(p);
       return true;
     } catch (AuthException denied) {
       return false;
     }
   }
 }
	// Copyright (C) 2012 The Android Open Source Project
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	package com.google.gerrit.httpd.rpc.project;

	import com.google.common.base.Throwables;
	import com.google.gerrit.common.Nullable;
	import com.google.gerrit.common.data.AccessSection;
	import com.google.gerrit.common.data.GlobalCapability;
	import com.google.gerrit.common.data.PermissionRule;
	import com.google.gerrit.extensions.api.changes.AddReviewerInput;
	import com.google.gerrit.extensions.restapi.AuthException;
	import com.google.gerrit.extensions.restapi.ResourceConflictException;
	import com.google.gerrit.extensions.restapi.RestApiException;
	import com.google.gerrit.reviewdb.client.Change;
	import com.google.gerrit.reviewdb.client.PatchSet;
	import com.google.gerrit.reviewdb.client.Project;
	import com.google.gerrit.reviewdb.client.RefNames;
	import com.google.gerrit.reviewdb.server.ReviewDb;
	import com.google.gerrit.server.CurrentUser;
	import com.google.gerrit.server.Sequences;
	import com.google.gerrit.server.account.GroupBackend;
	import com.google.gerrit.server.change.ChangeInserter;
	import com.google.gerrit.server.change.ChangeResource;
	import com.google.gerrit.server.config.AllProjectsName;
	import com.google.gerrit.server.config.GerritServerConfig;
	import com.google.gerrit.server.git.meta.MetaDataUpdate;
	import com.google.gerrit.server.group.SystemGroupBackend;
	import com.google.gerrit.server.permissions.PermissionBackend;
	import com.google.gerrit.server.permissions.PermissionBackendException;
	import com.google.gerrit.server.permissions.ProjectPermission;
	import com.google.gerrit.server.permissions.RefPermission;
	import com.google.gerrit.server.project.ContributorAgreementsChecker;
	import com.google.gerrit.server.project.ProjectCache;
	import com.google.gerrit.server.project.ProjectConfig;
	import com.google.gerrit.server.restapi.change.ChangesCollection;
	import com.google.gerrit.server.restapi.change.PostReviewers;
	import com.google.gerrit.server.restapi.project.SetParent;
	import com.google.gerrit.server.update.BatchUpdate;
	import com.google.gerrit.server.update.UpdateException;
	import com.google.gerrit.server.util.time.TimeUtil;
	import com.google.gwtorm.server.OrmException;
	import com.google.inject.Inject;
	import com.google.inject.Provider;
	import com.google.inject.assistedinject.Assisted;
	import java.io.IOException;
	import java.util.List;
	import org.eclipse.jgit.errors.ConfigInvalidException;
	import org.eclipse.jgit.lib.Config;
	import org.eclipse.jgit.lib.ObjectId;
	import org.eclipse.jgit.lib.ObjectInserter;
	import org.eclipse.jgit.lib.ObjectReader;
	import org.eclipse.jgit.revwalk.RevCommit;
	import org.eclipse.jgit.revwalk.RevWalk;

	public class ReviewProjectAccess extends ProjectAccessHandler<Change.Id> {
	interface Factory {
	ReviewProjectAccess create(
	@Assisted("projectName") Project.NameKey projectName,
	@Nullable @Assisted ObjectId base,
	@Assisted List<AccessSection> sectionList,
	@Nullable @Assisted("parentProjectName") Project.NameKey parentProjectName,
	@Nullable @Assisted String message);
	}

	private final ReviewDb db;
	private final PermissionBackend permissionBackend;
	private final Sequences seq;
	private final Provider<PostReviewers> reviewersProvider;
	private final ProjectCache projectCache;
	private final ChangesCollection changes;
	private final ChangeInserter.Factory changeInserterFactory;
	private final BatchUpdate.Factory updateFactory;
	private final boolean allowProjectOwnersToChangeParent;

	@Inject
	ReviewProjectAccess(
	PermissionBackend permissionBackend,
	GroupBackend groupBackend,
	MetaDataUpdate.User metaDataUpdateFactory,
	ReviewDb db,
	Provider<PostReviewers> reviewersProvider,
	ProjectCache projectCache,
	AllProjectsName allProjects,
	ChangesCollection changes,
	ChangeInserter.Factory changeInserterFactory,
	BatchUpdate.Factory updateFactory,
	Provider<SetParent> setParent,
	Sequences seq,
	ContributorAgreementsChecker contributorAgreements,
	Provider<CurrentUser> user,
	@GerritServerConfig Config config,
	@Assisted("projectName") Project.NameKey projectName,
	@Nullable @Assisted ObjectId base,
	@Assisted List<AccessSection> sectionList,
	@Nullable @Assisted("parentProjectName") Project.NameKey parentProjectName,
	@Nullable @Assisted String message) {
	super(
	groupBackend,
	metaDataUpdateFactory,
	allProjects,
	setParent,
	user.get(),
	projectName,
	base,
	sectionList,
	parentProjectName,
	message,
	contributorAgreements,
	permissionBackend,
	false);
	this.db = db;
	this.permissionBackend = permissionBackend;
	this.seq = seq;
	this.reviewersProvider = reviewersProvider;
	this.projectCache = projectCache;
	this.changes = changes;
	this.changeInserterFactory = changeInserterFactory;
	this.updateFactory = updateFactory;
	this.allowProjectOwnersToChangeParent =
	config.getBoolean("receive", "allowProjectOwnersToChangeParent", false);
	}

	// TODO(dborowitz): Hack MetaDataUpdate so it can be created within a BatchUpdate and we can avoid
	// calling setUpdateRef(false).
	@SuppressWarnings("deprecation")
	@Override
	protected Change.Id updateProjectConfig(
	ProjectConfig config, MetaDataUpdate md, boolean parentProjectUpdate)
	throws IOException, OrmException, AuthException, PermissionBackendException,
	ConfigInvalidException, ResourceConflictException {
	PermissionBackend.ForProject perm = permissionBackend.user(user).project(config.getName());
	if (!check(perm, ProjectPermission.READ_CONFIG)) {
	throw new AuthException(RefNames.REFS_CONFIG + " not visible");
	}

	if (!check(perm, ProjectPermission.WRITE_CONFIG)
	&& !check(perm.ref(RefNames.REFS_CONFIG), RefPermission.CREATE_CHANGE)) {
	throw new AuthException("cannot create change for " + RefNames.REFS_CONFIG);
	}

	projectCache.checkedGet(config.getName()).checkStatePermitsWrite();

	md.setInsertChangeId(true);
	Change.Id changeId = new Change.Id(seq.nextChangeId());
	RevCommit commit =
	config.commitToNewRef(
	md, new PatchSet.Id(changeId, Change.INITIAL_PATCH_SET_ID).toRefName());
	if (commit.getId().equals(base)) {
	return null;
	}

	try (ObjectInserter objInserter = md.getRepository().newObjectInserter();
	ObjectReader objReader = objInserter.newReader();
	RevWalk rw = new RevWalk(objReader);
	BatchUpdate bu =
	updateFactory.create(db, config.getProject().getNameKey(), user, TimeUtil.nowTs())) {
	bu.setRepository(md.getRepository(), rw, objInserter);
	bu.insertChange(
	changeInserterFactory
	.create(changeId, commit, RefNames.REFS_CONFIG)
	.setValidate(false)
	.setUpdateRef(false)); // Created by commitToNewRef.
	bu.execute();
	} catch (UpdateException \| RestApiException e) {
	throw new IOException(e);
	}

	ChangeResource rsrc;
	try {
	rsrc = changes.parse(changeId);
	} catch (RestApiException e) {
	throw new IOException(e);
	}
	addProjectOwnersAsReviewers(rsrc);
	if (parentProjectUpdate && !allowProjectOwnersToChangeParent) {
	addAdministratorsAsReviewers(rsrc);
	}
	return changeId;
	}

	private void addProjectOwnersAsReviewers(ChangeResource rsrc) {
	final String projectOwners = groupBackend.get(SystemGroupBackend.PROJECT_OWNERS).getName();
	try {
	AddReviewerInput input = new AddReviewerInput();
	input.reviewer = projectOwners;
	reviewersProvider.get().apply(rsrc, input);
	} catch (Exception e) {
	// one of the owner groups is not visible to the user and this it why it
	// can't be added as reviewer
	Throwables.throwIfUnchecked(e);
	}
	}

	private void addAdministratorsAsReviewers(ChangeResource rsrc) {
	List<PermissionRule> adminRules =
	projectCache
	.getAllProjects()
	.getConfig()
	.getAccessSection(AccessSection.GLOBAL_CAPABILITIES)
	.getPermission(GlobalCapability.ADMINISTRATE_SERVER)
	.getRules();
	for (PermissionRule r : adminRules) {
	try {
	AddReviewerInput input = new AddReviewerInput();
	input.reviewer = r.getGroup().getUUID().get();
	reviewersProvider.get().apply(rsrc, input);
	} catch (Exception e) {
	// ignore
	Throwables.throwIfUnchecked(e);
	}
	}
	}

	private boolean check(PermissionBackend.ForRef perm, RefPermission p)
	throws PermissionBackendException {
	try {
	perm.check(p);
	return true;
	} catch (AuthException denied) {
	return false;
	}
	}

	private boolean check(PermissionBackend.ForProject perm, ProjectPermission p)
	throws PermissionBackendException {
	try {
	perm.check(p);
	return true;
	} catch (AuthException denied) {
	return false;
	}
	}
	}