java/com/google/gerrit/server/project/RemoveReviewerControl.java - gerrit - Git at Google

 // Copyright (C) 2017 The Android Open Source Project
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 // http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 package com.google.gerrit.server.project;

 import com.google.gerrit.extensions.restapi.AuthException;
 import com.google.gerrit.reviewdb.client.Account;
 import com.google.gerrit.reviewdb.client.Change;
 import com.google.gerrit.reviewdb.client.PatchSetApproval;
 import com.google.gerrit.reviewdb.server.ReviewDb;
 import com.google.gerrit.server.CurrentUser;
 import com.google.gerrit.server.notedb.ChangeNotes;
 import com.google.gerrit.server.permissions.ChangePermission;
 import com.google.gerrit.server.permissions.GlobalPermission;
 import com.google.gerrit.server.permissions.PermissionBackend;
 import com.google.gerrit.server.permissions.PermissionBackendException;
 import com.google.gerrit.server.permissions.RefPermission;
 import com.google.gerrit.server.query.change.ChangeData;
 import com.google.gwtorm.server.OrmException;
 import com.google.inject.Inject;
 import com.google.inject.Provider;
 import com.google.inject.Singleton;

 @Singleton
 public class RemoveReviewerControl {
   private final PermissionBackend permissionBackend;
   private final Provider<ReviewDb> dbProvider;

   @Inject
   RemoveReviewerControl(PermissionBackend permissionBackend, Provider<ReviewDb> dbProvider) {
     this.permissionBackend = permissionBackend;
     this.dbProvider = dbProvider;
   }

   /**
    * Checks if removing the given reviewer and patch set approval is OK.
    *
    * @throws AuthException if this user is not allowed to remove this approval.
    * @throws PermissionBackendException on failure of permission checks.
    */
   public void checkRemoveReviewer(
       ChangeNotes notes, CurrentUser currentUser, PatchSetApproval approval)
       throws PermissionBackendException, AuthException {
     checkRemoveReviewer(notes, currentUser, approval.getAccountId(), approval.getValue());
   }

   /**
    * Checks if removing the given reviewer is OK. Does not check if removing any approvals the
    * reviewer might have given is OK.
    *
    * @throws AuthException if this user is not allowed to remove this approval.
    * @throws PermissionBackendException on failure of permission checks.
    */
   public void checkRemoveReviewer(ChangeNotes notes, CurrentUser currentUser, Account.Id reviewer)
       throws PermissionBackendException, AuthException {
     checkRemoveReviewer(notes, currentUser, reviewer, 0);
   }

   /** @return true if the user is allowed to remove this reviewer. */
   public boolean testRemoveReviewer(
       ChangeData cd, CurrentUser currentUser, Account.Id reviewer, int value)
       throws PermissionBackendException, OrmException {
     if (canRemoveReviewerWithoutPermissionCheck(
         permissionBackend, cd.change(), currentUser, reviewer, value)) {
       return true;
     }
     return permissionBackend
         .user(currentUser)
         .change(cd)
         .database(dbProvider)
         .test(ChangePermission.REMOVE_REVIEWER);
   }

   private void checkRemoveReviewer(
       ChangeNotes notes, CurrentUser currentUser, Account.Id reviewer, int val)
       throws PermissionBackendException, AuthException {
     if (canRemoveReviewerWithoutPermissionCheck(
         permissionBackend, notes.getChange(), currentUser, reviewer, val)) {
       return;
     }

     permissionBackend
         .user(currentUser)
         .change(notes)
         .database(dbProvider)
         .check(ChangePermission.REMOVE_REVIEWER);
   }

   private static boolean canRemoveReviewerWithoutPermissionCheck(
       PermissionBackend permissionBackend,
       Change change,
       CurrentUser currentUser,
       Account.Id reviewer,
       int value)
       throws PermissionBackendException {
     if (change.getStatus().equals(Change.Status.MERGED)) {
       return false;
     }

     if (currentUser.isIdentifiedUser()) {
       Account.Id aId = currentUser.getAccountId();
       if (aId.equals(reviewer)) {
         return true; // A user can always remove themselves.
       } else if (aId.equals(change.getOwner()) && 0 <= value) {
         return true; // The change owner may remove any zero or positive score.
       }
     }

     // Users with the remove reviewer permission, the branch owner, project
     // owner and site admin can remove anyone
     PermissionBackend.WithUser withUser = permissionBackend.user(currentUser);
     PermissionBackend.ForProject forProject = withUser.project(change.getProject());
     if (check(forProject.ref(change.getDest().get()), RefPermission.WRITE_CONFIG)
         || check(withUser, GlobalPermission.ADMINISTRATE_SERVER)) {
       return true;
     }
     return false;
   }

   private static boolean check(PermissionBackend.ForRef forRef, RefPermission perm)
       throws PermissionBackendException {
     try {
       forRef.check(perm);
       return true;
     } catch (AuthException e) {
       return false;
     }
   }

   private static boolean check(PermissionBackend.WithUser withUser, GlobalPermission perm)
       throws PermissionBackendException {
     try {
       withUser.check(perm);
       return true;
     } catch (AuthException e) {
       return false;
     }
   }
 }
	// Copyright (C) 2017 The Android Open Source Project
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	package com.google.gerrit.server.project;

	import com.google.gerrit.extensions.restapi.AuthException;
	import com.google.gerrit.reviewdb.client.Account;
	import com.google.gerrit.reviewdb.client.Change;
	import com.google.gerrit.reviewdb.client.PatchSetApproval;
	import com.google.gerrit.reviewdb.server.ReviewDb;
	import com.google.gerrit.server.CurrentUser;
	import com.google.gerrit.server.notedb.ChangeNotes;
	import com.google.gerrit.server.permissions.ChangePermission;
	import com.google.gerrit.server.permissions.GlobalPermission;
	import com.google.gerrit.server.permissions.PermissionBackend;
	import com.google.gerrit.server.permissions.PermissionBackendException;
	import com.google.gerrit.server.permissions.RefPermission;
	import com.google.gerrit.server.query.change.ChangeData;
	import com.google.gwtorm.server.OrmException;
	import com.google.inject.Inject;
	import com.google.inject.Provider;
	import com.google.inject.Singleton;

	@Singleton
	public class RemoveReviewerControl {
	private final PermissionBackend permissionBackend;
	private final Provider<ReviewDb> dbProvider;

	@Inject
	RemoveReviewerControl(PermissionBackend permissionBackend, Provider<ReviewDb> dbProvider) {
	this.permissionBackend = permissionBackend;
	this.dbProvider = dbProvider;
	}

	/**
	* Checks if removing the given reviewer and patch set approval is OK.
	*
	* @throws AuthException if this user is not allowed to remove this approval.
	* @throws PermissionBackendException on failure of permission checks.
	*/
	public void checkRemoveReviewer(
	ChangeNotes notes, CurrentUser currentUser, PatchSetApproval approval)
	throws PermissionBackendException, AuthException {
	checkRemoveReviewer(notes, currentUser, approval.getAccountId(), approval.getValue());
	}

	/**
	* Checks if removing the given reviewer is OK. Does not check if removing any approvals the
	* reviewer might have given is OK.
	*
	* @throws AuthException if this user is not allowed to remove this approval.
	* @throws PermissionBackendException on failure of permission checks.
	*/
	public void checkRemoveReviewer(ChangeNotes notes, CurrentUser currentUser, Account.Id reviewer)
	throws PermissionBackendException, AuthException {
	checkRemoveReviewer(notes, currentUser, reviewer, 0);
	}

	/** @return true if the user is allowed to remove this reviewer. */
	public boolean testRemoveReviewer(
	ChangeData cd, CurrentUser currentUser, Account.Id reviewer, int value)
	throws PermissionBackendException, OrmException {
	if (canRemoveReviewerWithoutPermissionCheck(
	permissionBackend, cd.change(), currentUser, reviewer, value)) {
	return true;
	}
	return permissionBackend
	.user(currentUser)
	.change(cd)
	.database(dbProvider)
	.test(ChangePermission.REMOVE_REVIEWER);
	}

	private void checkRemoveReviewer(
	ChangeNotes notes, CurrentUser currentUser, Account.Id reviewer, int val)
	throws PermissionBackendException, AuthException {
	if (canRemoveReviewerWithoutPermissionCheck(
	permissionBackend, notes.getChange(), currentUser, reviewer, val)) {
	return;
	}

	permissionBackend
	.user(currentUser)
	.change(notes)
	.database(dbProvider)
	.check(ChangePermission.REMOVE_REVIEWER);
	}

	private static boolean canRemoveReviewerWithoutPermissionCheck(
	PermissionBackend permissionBackend,
	Change change,
	CurrentUser currentUser,
	Account.Id reviewer,
	int value)
	throws PermissionBackendException {
	if (change.getStatus().equals(Change.Status.MERGED)) {
	return false;
	}

	if (currentUser.isIdentifiedUser()) {
	Account.Id aId = currentUser.getAccountId();
	if (aId.equals(reviewer)) {
	return true; // A user can always remove themselves.
	} else if (aId.equals(change.getOwner()) && 0 <= value) {
	return true; // The change owner may remove any zero or positive score.
	}
	}

	// Users with the remove reviewer permission, the branch owner, project
	// owner and site admin can remove anyone
	PermissionBackend.WithUser withUser = permissionBackend.user(currentUser);
	PermissionBackend.ForProject forProject = withUser.project(change.getProject());
	if (check(forProject.ref(change.getDest().get()), RefPermission.WRITE_CONFIG)
	\|\| check(withUser, GlobalPermission.ADMINISTRATE_SERVER)) {
	return true;
	}
	return false;
	}

	private static boolean check(PermissionBackend.ForRef forRef, RefPermission perm)
	throws PermissionBackendException {
	try {
	forRef.check(perm);
	return true;
	} catch (AuthException e) {
	return false;
	}
	}

	private static boolean check(PermissionBackend.WithUser withUser, GlobalPermission perm)
	throws PermissionBackendException {
	try {
	withUser.check(perm);
	return true;
	} catch (AuthException e) {
	return false;
	}
	}
	}