Merge "Improve documentation about project creation" into stable-2.9
diff --git a/Documentation/cmd-create-project.txt b/Documentation/cmd-create-project.txt
index b66f18a..b665f9c 100644
--- a/Documentation/cmd-create-project.txt
+++ b/Documentation/cmd-create-project.txt
@@ -113,7 +113,7 @@
link:config-gerrit.html#repository.name.defaultSubmitType[
repository.<name>.defaultSubmitType] is set to a different value.
For more details see link:project-setup.html#submit_type[
-Change Submit Actions].
+Submit Types].
--use-content-merge::
If enabled, Gerrit will try to perform a 3-way merge of text
diff --git a/Documentation/cmd-set-project.txt b/Documentation/cmd-set-project.txt
index c568e9c..adfc364 100644
--- a/Documentation/cmd-set-project.txt
+++ b/Documentation/cmd-set-project.txt
@@ -57,7 +57,7 @@
+
For more details see
-link:project-setup.html#submit_type[Change Submit Actions].
+link:project-setup.html#submit_type[Submit Types].
--content-merge::
If enabled, Gerrit will try to perform a 3-way merge of text
diff --git a/Documentation/config-gerrit.txt b/Documentation/config-gerrit.txt
index e4e38c0..27feee2 100644
--- a/Documentation/config-gerrit.txt
+++ b/Documentation/config-gerrit.txt
@@ -422,12 +422,16 @@
[[auth.gitBasicAuth]]auth.gitBasicAuth::
+
If true then Git over HTTP and HTTP/S traffic is authenticated using
-standard BasicAuth and credentials validated using the same auth
-method configured for Gerrit Web UI.
+standard BasicAuth and the credentials are validated using the same
+auth method as configured for the Gerrit Web UI.
+
-This parameter only affects git over http traffic. If set to false
-then Gerrit will authenticate through DIGEST authentication and
-the randomly generated HTTP password in Gerrit DB.
+This parameter affects git over HTTP traffic and access to the REST
+API. If set to false then Gerrit will authenticate through DIGEST
+authentication and the randomly generated HTTP password in the Gerrit
+database.
++
+When `auth.type` is `LDAP`, service users that only exist in the Gerrit
+database are still authenticated by their HTTP passwords.
+
By default this is set to false.
diff --git a/Documentation/project-setup.txt b/Documentation/project-setup.txt
index 838e77d..2280356 100644
--- a/Documentation/project-setup.txt
+++ b/Documentation/project-setup.txt
@@ -45,7 +45,7 @@
====
[[submit_type]]
-== Change Submit Action
+== Submit Type
The method Gerrit uses to submit a change to a project can be
modified by any project owner through the project console, `Projects` >
diff --git a/gerrit-gwtui/src/main/java/com/google/gerrit/client/admin/ProjectInfoScreen.java b/gerrit-gwtui/src/main/java/com/google/gerrit/client/admin/ProjectInfoScreen.java
index b3f0f65..2b50cac 100644
--- a/gerrit-gwtui/src/main/java/com/google/gerrit/client/admin/ProjectInfoScreen.java
+++ b/gerrit-gwtui/src/main/java/com/google/gerrit/client/admin/ProjectInfoScreen.java
@@ -184,6 +184,13 @@
private void initProjectOptions() {
grid.addHeader(new SmallHeading(Util.C.headingProjectOptions()));
+ state = new ListBox();
+ for (final Project.State stateValue : Project.State.values()) {
+ state.addItem(Util.toLongString(stateValue), stateValue.name());
+ }
+ saveEnabler.listenTo(state);
+ grid.add(Util.C.headingProjectState(), state);
+
submitType = new ListBox();
for (final Project.SubmitType type : Project.SubmitType.values()) {
submitType.addItem(Util.toLongString(type), type.name());
@@ -197,13 +204,6 @@
saveEnabler.listenTo(submitType);
grid.add(Util.C.headingProjectSubmitType(), submitType);
- state = new ListBox();
- for (final Project.State stateValue : Project.State.values()) {
- state.addItem(Util.toLongString(stateValue), stateValue.name());
- }
- saveEnabler.listenTo(state);
- grid.add(Util.C.headingProjectState(), state);
-
contentMerge = newInheritedBooleanBox();
saveEnabler.listenTo(contentMerge);
grid.add(Util.C.useContentMerge(), contentMerge);
diff --git a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java
index 763075e..0e41ef7 100644
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java
@@ -25,6 +25,7 @@
import com.google.gerrit.server.account.AccountState;
import com.google.gerrit.server.account.AuthRequest;
import com.google.gerrit.server.account.AuthResult;
+import com.google.gerrit.server.auth.NoSuchUserException;
import com.google.gerrit.server.config.AuthConfig;
import com.google.inject.Inject;
import com.google.inject.Provider;
@@ -147,6 +148,18 @@
ws.setAccessPathOk(AccessPath.GIT, true);
ws.setAccessPathOk(AccessPath.REST_API, true);
return true;
+ } catch (NoSuchUserException e) {
+ if (password.equals(who.getPassword(who.getUserName()))) {
+ WebSession ws = session.get();
+ ws.setUserAccountId(who.getAccount().getId());
+ ws.setAccessPathOk(AccessPath.GIT, true);
+ ws.setAccessPathOk(AccessPath.REST_API, true);
+ return true;
+ } else {
+ log.warn("Authentication failed for " + username, e);
+ rsp.sendError(SC_UNAUTHORIZED);
+ return false;
+ }
} catch (AccountException e) {
log.warn("Authentication failed for " + username, e);
rsp.sendError(SC_UNAUTHORIZED);
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/auth/NoSuchUserException.java b/gerrit-server/src/main/java/com/google/gerrit/server/auth/NoSuchUserException.java
new file mode 100644
index 0000000..acb90b9
--- /dev/null
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/auth/NoSuchUserException.java
@@ -0,0 +1,26 @@
+// Copyright (C) 2014 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.google.gerrit.server.auth;
+
+import com.google.gerrit.server.account.AccountException;
+
+/** The user does not exist on the authentication server */
+public class NoSuchUserException extends AccountException {
+ private static final long serialVersionUID = 1L;
+
+ public NoSuchUserException(String username) {
+ super(String.format("No such user: %s", username));
+ }
+}
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/Helper.java b/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/Helper.java
index 63ef2e6..afefe6f 100644
--- a/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/Helper.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/Helper.java
@@ -20,6 +20,7 @@
import com.google.gerrit.common.data.ParameterizedString;
import com.google.gerrit.reviewdb.client.AccountGroup;
import com.google.gerrit.server.account.AccountException;
+import com.google.gerrit.server.auth.NoSuchUserException;
import com.google.gerrit.server.config.ConfigUtil;
import com.google.gerrit.server.config.GerritServerConfig;
import com.google.gerrit.util.ssl.BlindSSLSocketFactory;
@@ -178,7 +179,7 @@
switch (res.size()) {
case 0:
- throw new AccountException("No such user:" + username);
+ throw new NoSuchUserException(username);
case 1:
return res.get(0);
diff --git a/plugins/BUCK b/plugins/BUCK
index 16c65da..480cd4c 100644
--- a/plugins/BUCK
+++ b/plugins/BUCK
@@ -4,6 +4,7 @@
'download-commands',
'replication',
'reviewnotes',
+ 'singleusergroup'
]
# buck audit parses and resolves all deps even if not reachable
