Merge changes I86a8c524,Icd3b72b1,I178b0395 * changes: Expose the history of all reviewers ever on a change Move Change out of AbstractChangeNotes Store draft PatchLineComments in Git notes
diff --git a/Documentation/access-control.txt b/Documentation/access-control.txt index 8ff2eb6..2f92714 100644 --- a/Documentation/access-control.txt +++ b/Documentation/access-control.txt
@@ -1208,6 +1208,12 @@ a replication task or a user initiated task such as an upload-pack or receive-pack. +[[capability_modifyAccount]] +=== Modify Account + +Allow to link:cmd-set-account.html[modify accounts over the ssh prompt]. +This capability allows the granted group members to modify any user account +setting. [[capability_priority]] === Priority
diff --git a/Documentation/cmd-set-account.txt b/Documentation/cmd-set-account.txt index 897d6889..9d6f8bc 100644 --- a/Documentation/cmd-set-account.txt +++ b/Documentation/cmd-set-account.txt
@@ -9,7 +9,8 @@ [--add-email <EMAIL>] [--delete-email <EMAIL> | ALL] \ [--add-ssh-key - | <KEY>] \ [--delete-ssh-key - | <KEY> | ALL] \ - [--http-password <PASSWORD>] <USER> + [--http-password <PASSWORD>] \ + [--clear-http-password] <USER> -- == DESCRIPTION @@ -21,7 +22,15 @@ verification step we force within the UI. == ACCESS -Caller must be a member of the privileged 'Administrators' group. +Caller must be a member of the privileged 'Administrators' group, +or have been granted +link:access-control.html#capability_modifyAccount[the 'Modify Account' global capability]. + +To set the HTTP password for the user account (option --http-password) or +to clear the HTTP password (option --clear-http-password) caller must be +a member of the privileged 'Administrators' group, or have been granted +link:access-control.html#capability_generateHttpPassword[the 'Generate HTTP Password' global capability] +in addition to 'Modify Account' global capability. == SCRIPTING This command is intended to be used in scripts. @@ -77,6 +86,9 @@ --http-password:: Set the HTTP password for the user account. +--clear-http-password:: + Clear the HTTP password for the user account. + == EXAMPLES Add an email and SSH key to `watcher`'s account:
diff --git a/ReleaseNotes/ReleaseNotes-2.9.txt b/ReleaseNotes/ReleaseNotes-2.9.txt index ff307b2..e54f15a 100644 --- a/ReleaseNotes/ReleaseNotes-2.9.txt +++ b/ReleaseNotes/ReleaseNotes-2.9.txt
@@ -20,8 +20,8 @@ link:ReleaseNotes-2.8.6.1.html[Gerrit 2.8.6.1]. These bug fixes are *not* listed in these release notes. -Schema Change -------------- +Important Notes +--------------- *WARNING:* This release contains schema changes. To upgrade: @@ -117,7 +117,7 @@ Global ^^^^^^ -* Project links by default link to the project dashboard +* Project links by default link to the project dashboard. New Change Screen @@ -164,7 +164,7 @@ currently viewed patch set and the total number of patch sets, in the form: "current patch set/number of patch sets". -* The currently viewed patch set is displayed in the `Patch Sets` title +* The currently viewed patch set is displayed in the `Patch Sets` title. * Keyboard shortcuts to navigate to next/previous patch set. @@ -224,7 +224,7 @@ link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/config-gerrit.html#change.largeChange[ configured]. -* Support to drill down into dashboard section +* Support to drill down into dashboard section. + Clicking on the section title executes the query of this section without the `limit` operator. @@ -263,6 +263,8 @@ Secondary Index ~~~~~~~~~~~~~~~ +* Support for query via the SQL index is removed. The usage of +a secondary index is now mandatory. * New `--recheck-mergeable` option on the link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/pgm-reindex.html[ @@ -349,28 +351,25 @@ Search ~~~~~~ -* Support for query via the SQL index is removed. The usage of -a secondary index is now mandatory. - * New link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/user-search.html#mergeable[ -is:mergeable] search operator +is:mergeable] search operator. + Finds changes that have no merge conflicts and can be merged into the destination branch. * link:http://code.google.com/p/gerrit/issues/detail?id=2163[Issue 2163]: New link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/user-search.html#parentproject[ -parentproject] search operator +parentproject] search operator. + Finds changes in the specified project or in one of its child projects. * link:http://code.google.com/p/gerrit/issues/detail?id=2162[Issue 2162]: New link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/user-search.html#conflicts[ -conflicts] search operator +conflicts] search operator. + Finds changes that conflict with the specified change. -* New operators for absolute last-updated-on search +* New operators for absolute last-updated-on search. ** link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/user-search.html#before_until[ before / until] ** link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/user-search.html#after_since[ @@ -378,7 +377,7 @@ * Support exact match on file parts in link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/user-search.html#file[ -file] operator +file] operator. * Query shortcuts ** `o` = `owner` @@ -408,13 +407,13 @@ that allows to search in the documentation. * link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/user-review-ui.html[ -Documentation of the new review UI] +Documentation of the new review UI]. * link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/intro-project-owner.html[ -New Project Owner Guide] +New Project Owner Guide]. * link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/index.html[ -Newly structured documentation index] +Newly structured documentation index]. Configuration @@ -478,32 +477,32 @@ ^^^^^^^^^^^^^^^^ -* Extension point to provide a "Message Of The Day" +* Extension point to provide a "Message Of The Day". * Validation for ** link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/config-validation.html#new-project-validation[ -project creation] +project creation]. ** link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/config-validation.html#new-group-validation[ -group creation] +group creation]. * link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/dev-plugins.html#init_step[ -Init steps can do initialization after the site is created] +Init steps can do initialization after the site is created]. ** The `All-Projects` `project.config` can be read and edited * link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/dev-plugins.html#receive-pack[ -Initialization of ReceivePack] +Initialization of ReceivePack]. * link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/dev-plugins.html#post-receive-hook[ -Registration of PostReceiveHooks] +Registration of PostReceiveHooks]. * link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/dev-plugins.html#root-level-commands[ -Registration of root level commands] +Registration of root level commands]. * link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/dev-plugins.html#multiple-commands[ -Multiple SSH commands can be bound to the same class] +Multiple SSH commands can be bound to the same class]. * link:https://gerrit-documentation.storage.googleapis.com/Documentation/2.9/config-gerrit.html#database.dataSourceInterceptorClass[ -DataSource Interception] +DataSource Interception]. JavaScript Plugins @@ -517,7 +516,7 @@ ** Gerrit.on(\'showchange\', f) * `change_plugins` element on the new change screen that allows to -insert arbitrary HTML fragments from plugins +insert arbitrary HTML fragments from plugins. Bug Fixes @@ -600,9 +599,9 @@ Secondary Index ~~~~~~~~~~~~~~~ -* Fix Online Reindexing +* Fix Online Reindexing. -* Fix for full-text search with Lucene +* Fix for full-text search with Lucene. + The full-text search was using a fuzzy query which used the edit distance to find terms in the index close to the provided search term. @@ -631,7 +630,7 @@ Fix parsing of label name on `review` command. * link:http://code.google.com/p/gerrit/issues/detail?id=2440[Issue 2440]: -Clarify for review command when `--verified` can be used +Clarify for review command when `--verified` can be used. Plugins @@ -650,7 +649,7 @@ * link:http://code.google.com/p/gerrit/issues/detail?id=2382[Issue 2382]: -Clean left over data migration after removal of TrackingIds table +Clean left over data migration after removal of TrackingIds table. Upgrades @@ -685,7 +684,7 @@ Replication ~~~~~~~~~~~ -* Default push refSpec is changed to `refs/*:refs/*` (non-forced push) +* Default push refSpec is changed to `refs/*:refs/*` (non-forced push). + The default push refSpec for the replication plugin has changed from `forced` to `non-forced` push (was `+refs/*:refs/*` and now is `refs/*:refs/*`). This change @@ -694,14 +693,14 @@ all changes on the slaves, you need to add a `push=+refs/*:refs/*` configuration entry for each replication target. -* Support replication of HEAD updates +* Support replication of HEAD updates. -* Stream events for ref replication +* Stream events for ref replication. -* Replications failed due to "failed to lock" errors are retried +* Replications failed due to "failed to lock" errors are retried. * Configuration changes can be detected and replication is -automatically restarted +automatically restarted. Issue Tracker System plugins ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/VERSION b/VERSION index ca9c860..b05afb0 100644 --- a/VERSION +++ b/VERSION
@@ -2,4 +2,4 @@ # Used by :api_install and :api_deploy targets # when talking to the destination repository. # -GERRIT_VERSION = '2.10-SNAPSHOT' +GERRIT_VERSION = '2.11-SNAPSHOT'
diff --git a/gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/rest/account/CapabilityInfo.java b/gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/rest/account/CapabilityInfo.java index adbf10a..7a2f569 100644 --- a/gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/rest/account/CapabilityInfo.java +++ b/gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/rest/account/CapabilityInfo.java
@@ -24,6 +24,7 @@ public boolean flushCaches; public boolean generateHttpPassword; public boolean killTask; + public boolean modifyAccount; public boolean priority; public QueryLimit queryLimit; public boolean runAs;
diff --git a/gerrit-common/src/main/java/com/google/gerrit/common/data/GlobalCapability.java b/gerrit-common/src/main/java/com/google/gerrit/common/data/GlobalCapability.java index d9ad274..fccf3b3 100644 --- a/gerrit-common/src/main/java/com/google/gerrit/common/data/GlobalCapability.java +++ b/gerrit-common/src/main/java/com/google/gerrit/common/data/GlobalCapability.java
@@ -38,6 +38,9 @@ /** Can create any account on the server. */ public static final String CREATE_ACCOUNT = "createAccount"; + /** Can modify any account on the server. */ + public static final String MODIFY_ACCOUNT = "modifyAccount"; + /** Can create any group on the server. */ public static final String CREATE_GROUP = "createGroup"; @@ -106,7 +109,9 @@ NAMES_ALL.add(CREATE_PROJECT); NAMES_ALL.add(EMAIL_REVIEWERS); NAMES_ALL.add(FLUSH_CACHES); + NAMES_ALL.add(GENERATE_HTTP_PASSWORD); NAMES_ALL.add(KILL_TASK); + NAMES_ALL.add(MODIFY_ACCOUNT); NAMES_ALL.add(PRIORITY); NAMES_ALL.add(QUERY_LIMIT); NAMES_ALL.add(RUN_AS);
diff --git a/gerrit-extension-api/pom.xml b/gerrit-extension-api/pom.xml index 0b74bc7..a0d9455 100644 --- a/gerrit-extension-api/pom.xml +++ b/gerrit-extension-api/pom.xml
@@ -2,7 +2,7 @@ <modelVersion>4.0.0</modelVersion> <groupId>com.google.gerrit</groupId> <artifactId>gerrit-extension-api</artifactId> - <version>2.10-SNAPSHOT</version> + <version>2.11-SNAPSHOT</version> <packaging>jar</packaging> <name>Gerrit Code Review - Extension API</name> <description>API for Gerrit Extensions</description>
diff --git a/gerrit-plugin-api/pom.xml b/gerrit-plugin-api/pom.xml index 8439532..40767e0 100644 --- a/gerrit-plugin-api/pom.xml +++ b/gerrit-plugin-api/pom.xml
@@ -2,7 +2,7 @@ <modelVersion>4.0.0</modelVersion> <groupId>com.google.gerrit</groupId> <artifactId>gerrit-plugin-api</artifactId> - <version>2.10-SNAPSHOT</version> + <version>2.11-SNAPSHOT</version> <packaging>jar</packaging> <name>Gerrit Code Review - Plugin API</name> <description>API for Gerrit Plugins</description>
diff --git a/gerrit-plugin-archetype/pom.xml b/gerrit-plugin-archetype/pom.xml index 404f0d9..b117b29 100644 --- a/gerrit-plugin-archetype/pom.xml +++ b/gerrit-plugin-archetype/pom.xml
@@ -20,7 +20,7 @@ <groupId>com.google.gerrit</groupId> <artifactId>gerrit-plugin-archetype</artifactId> - <version>2.10-SNAPSHOT</version> + <version>2.11-SNAPSHOT</version> <name>Gerrit Code Review - Plugin Archetype</name> <description>Maven Archetype for Gerrit Plugins</description> <url>http://code.google.com/p/gerrit/</url>
diff --git a/gerrit-plugin-gwt-archetype/pom.xml b/gerrit-plugin-gwt-archetype/pom.xml index 38b223a..a7f2bbf 100644 --- a/gerrit-plugin-gwt-archetype/pom.xml +++ b/gerrit-plugin-gwt-archetype/pom.xml
@@ -20,7 +20,7 @@ <groupId>com.google.gerrit</groupId> <artifactId>gerrit-plugin-gwt-archetype</artifactId> - <version>2.10-SNAPSHOT</version> + <version>2.11-SNAPSHOT</version> <name>Gerrit Code Review - Web UI GWT Plugin Archetype</name> <description>Maven Archetype for Gerrit Web UI GWT Plugins</description> <url>http://code.google.com/p/gerrit/</url>
diff --git a/gerrit-plugin-gwtui/pom.xml b/gerrit-plugin-gwtui/pom.xml index 444b792..fd6fc9b 100644 --- a/gerrit-plugin-gwtui/pom.xml +++ b/gerrit-plugin-gwtui/pom.xml
@@ -2,7 +2,7 @@ <modelVersion>4.0.0</modelVersion> <groupId>com.google.gerrit</groupId> <artifactId>gerrit-plugin-gwtui</artifactId> - <version>2.10-SNAPSHOT</version> + <version>2.11-SNAPSHOT</version> <packaging>jar</packaging> <name>Gerrit Code Review - Plugin GWT UI</name> <description>Common Classes for Gerrit GWT UI Plugins</description>
diff --git a/gerrit-plugin-js-archetype/pom.xml b/gerrit-plugin-js-archetype/pom.xml index 9da4e89..796df19 100644 --- a/gerrit-plugin-js-archetype/pom.xml +++ b/gerrit-plugin-js-archetype/pom.xml
@@ -20,7 +20,7 @@ <groupId>com.google.gerrit</groupId> <artifactId>gerrit-plugin-js-archetype</artifactId> - <version>2.10-SNAPSHOT</version> + <version>2.11-SNAPSHOT</version> <name>Gerrit Code Review - Web UI JavaScript Plugin Archetype</name> <description>Maven Archetype for Gerrit Web UI JavaScript Plugins</description> <url>http://code.google.com/p/gerrit/</url>
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/AddSshKey.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/AddSshKey.java index 3c21d17..58c674c 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/AddSshKey.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/AddSshKey.java
@@ -63,7 +63,7 @@ public Response<SshKeyInfo> apply(AccountResource rsrc, Input input) throws AuthException, BadRequestException, OrmException, IOException { if (self.get() != rsrc.getUser() - && !self.get().getCapabilities().canAdministrateServer()) { + && !self.get().getCapabilities().canModifyAccount()) { throw new AuthException("not allowed to add SSH keys"); } return apply(rsrc.getUser(), input);
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/CapabilityControl.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/CapabilityControl.java index f0f22b5..631256a 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/CapabilityControl.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/CapabilityControl.java
@@ -110,6 +110,12 @@ || canAdministrateServer(); } + /** @return true if the user can modify an account for another user. */ + public boolean canModifyAccount() { + return canPerform(GlobalCapability.MODIFY_ACCOUNT) + || canAdministrateServer(); + } + /** @return true if the user can view all accounts. */ public boolean canViewAllAccounts() { return canPerform(GlobalCapability.VIEW_ALL_ACCOUNTS)
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/CreateEmail.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/CreateEmail.java index 4be8067..26beadc 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/CreateEmail.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/CreateEmail.java
@@ -85,7 +85,7 @@ ResourceNotFoundException, OrmException, EmailException, MethodNotAllowedException { if (self.get() != rsrc.getUser() - && !self.get().getCapabilities().canAdministrateServer()) { + && !self.get().getCapabilities().canModifyAccount()) { throw new AuthException("not allowed to add email address"); } @@ -98,8 +98,8 @@ } if (input.noConfirmation - && !self.get().getCapabilities().canAdministrateServer()) { - throw new AuthException("must be administrator to use no_confirmation"); + && !self.get().getCapabilities().canModifyAccount()) { + throw new AuthException("not allowed to use no_confirmation"); } return apply(rsrc.getUser(), input);
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/DeleteActive.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/DeleteActive.java index 52ab651..abdaf23 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/DeleteActive.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/DeleteActive.java
@@ -29,7 +29,7 @@ import java.util.Collections; -@RequiresCapability(GlobalCapability.ADMINISTRATE_SERVER) +@RequiresCapability(GlobalCapability.MODIFY_ACCOUNT) @Singleton public class DeleteActive implements RestModifyView<AccountResource, Input> { public static class Input {
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/DeleteEmail.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/DeleteEmail.java index 6048586..f1e02bd 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/DeleteEmail.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/DeleteEmail.java
@@ -55,7 +55,7 @@ throws AuthException, ResourceNotFoundException, ResourceConflictException, MethodNotAllowedException, OrmException { if (self.get() != rsrc.getUser() - && !self.get().getCapabilities().canAdministrateServer()) { + && !self.get().getCapabilities().canModifyAccount()) { throw new AuthException("not allowed to delete email address"); } return apply(rsrc.getUser(), rsrc.getEmail());
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/GetCapabilities.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/GetCapabilities.java index 47047ed..4ac65ec 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/GetCapabilities.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/GetCapabilities.java
@@ -20,7 +20,9 @@ import static com.google.gerrit.common.data.GlobalCapability.CREATE_PROJECT; import static com.google.gerrit.common.data.GlobalCapability.EMAIL_REVIEWERS; import static com.google.gerrit.common.data.GlobalCapability.FLUSH_CACHES; +import static com.google.gerrit.common.data.GlobalCapability.GENERATE_HTTP_PASSWORD; import static com.google.gerrit.common.data.GlobalCapability.KILL_TASK; +import static com.google.gerrit.common.data.GlobalCapability.MODIFY_ACCOUNT; import static com.google.gerrit.common.data.GlobalCapability.PRIORITY; import static com.google.gerrit.common.data.GlobalCapability.RUN_GC; import static com.google.gerrit.common.data.GlobalCapability.STREAM_EVENTS; @@ -113,7 +115,9 @@ have.put(CREATE_PROJECT, cc.canCreateProject()); have.put(EMAIL_REVIEWERS, cc.canEmailReviewers()); have.put(FLUSH_CACHES, cc.canFlushCaches()); + have.put(GENERATE_HTTP_PASSWORD, cc.canGenerateHttpPassword()); have.put(KILL_TASK, cc.canKillTask()); + have.put(MODIFY_ACCOUNT, cc.canModifyAccount()); have.put(RUN_GC, cc.canRunGC()); have.put(STREAM_EVENTS, cc.canStreamEvents()); have.put(VIEW_ALL_ACCOUNTS, cc.canViewAllAccounts());
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/GetEmails.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/GetEmails.java index 64991e6..bf9c9ec 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/GetEmails.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/GetEmails.java
@@ -40,7 +40,7 @@ public List<EmailInfo> apply(AccountResource rsrc) throws AuthException, OrmException { if (self.get() != rsrc.getUser() - && !self.get().getCapabilities().canAdministrateServer()) { + && !self.get().getCapabilities().canModifyAccount()) { throw new AuthException("not allowed to list email addresses"); }
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/GetHttpPassword.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/GetHttpPassword.java index c49ab98..e080015 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/GetHttpPassword.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/GetHttpPassword.java
@@ -36,7 +36,7 @@ public String apply(AccountResource rsrc) throws AuthException, ResourceNotFoundException { if (self.get() != rsrc.getUser() - && !self.get().getCapabilities().canAdministrateServer()) { + && !self.get().getCapabilities().canGenerateHttpPassword()) { throw new AuthException("not allowed to get http password"); } AccountState s = rsrc.getUser().state();
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/GetSshKeys.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/GetSshKeys.java index 9266c3a..6846470 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/GetSshKeys.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/GetSshKeys.java
@@ -45,7 +45,7 @@ public List<SshKeyInfo> apply(AccountResource rsrc) throws AuthException, OrmException { if (self.get() != rsrc.getUser() - && !self.get().getCapabilities().canAdministrateServer()) { + && !self.get().getCapabilities().canModifyAccount()) { throw new AuthException("not allowed to get SSH keys"); } return apply(rsrc.getUser());
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/PutActive.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/PutActive.java index 69d16d8..c7a63e5 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/PutActive.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/PutActive.java
@@ -29,7 +29,7 @@ import java.util.Collections; -@RequiresCapability(GlobalCapability.ADMINISTRATE_SERVER) +@RequiresCapability(GlobalCapability.MODIFY_ACCOUNT) @Singleton public class PutActive implements RestModifyView<AccountResource, Input> { public static class Input {
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/PutHttpPassword.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/PutHttpPassword.java index 3903050..93b35c6 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/PutHttpPassword.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/PutHttpPassword.java
@@ -86,14 +86,14 @@ } else if (input.httpPassword == null) { if (self.get() != rsrc.getUser() - && !self.get().getCapabilities().canAdministrateServer()) { + && !self.get().getCapabilities().canGenerateHttpPassword()) { throw new AuthException("not allowed to clear HTTP password"); } newPassword = null; } else { - if (!self.get().getCapabilities().canAdministrateServer()) { + if (!self.get().getCapabilities().canGenerateHttpPassword()) { throw new AuthException("not allowed to set HTTP password directly, " - + "need to be Gerrit administrator"); + + "requires the Generate HTTP Password permission"); } newPassword = input.httpPassword; }
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/PutName.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/PutName.java index 554bae7..601ee76 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/PutName.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/PutName.java
@@ -64,7 +64,7 @@ throws AuthException, MethodNotAllowedException, ResourceNotFoundException, OrmException { if (self.get() != rsrc.getUser() - && !self.get().getCapabilities().canAdministrateServer()) { + && !self.get().getCapabilities().canModifyAccount()) { throw new AuthException("not allowed to change name"); } return apply(rsrc.getUser(), input);
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/PutPreferred.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/PutPreferred.java index 7ac987d..c49e3be 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/PutPreferred.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/PutPreferred.java
@@ -52,7 +52,7 @@ public Response<String> apply(AccountResource.Email rsrc, Input input) throws AuthException, ResourceNotFoundException, OrmException { if (self.get() != rsrc.getUser() - && !self.get().getCapabilities().canAdministrateServer()) { + && !self.get().getCapabilities().canModifyAccount()) { throw new AuthException("not allowed to set preferred email address"); } return apply(rsrc.getUser(), rsrc.getEmail());
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/SetDiffPreferences.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/SetDiffPreferences.java index 9b971e4..08386b2 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/SetDiffPreferences.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/SetDiffPreferences.java
@@ -68,8 +68,8 @@ public DiffPreferencesInfo apply(AccountResource rsrc, Input input) throws AuthException, OrmException { if (self.get() != rsrc.getUser() - && !self.get().getCapabilities().canAdministrateServer()) { - throw new AuthException("restricted to administrator"); + && !self.get().getCapabilities().canModifyAccount()) { + throw new AuthException("restricted to members of Modify Accounts"); } if (input == null) { input = new Input();
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/SetPreferences.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/SetPreferences.java index c3cc636..d9e64da 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/SetPreferences.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/SetPreferences.java
@@ -95,8 +95,8 @@ throws AuthException, ResourceNotFoundException, OrmException, IOException, ConfigInvalidException { if (self.get() != rsrc.getUser() - && !self.get().getCapabilities().canAdministrateServer()) { - throw new AuthException("restricted to administrator"); + && !self.get().getCapabilities().canModifyAccount()) { + throw new AuthException("restricted to members of Modify Accounts"); } if (i == null) { i = new Input();
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/SshKeys.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/SshKeys.java index b94158f..b35c03e 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/SshKeys.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/SshKeys.java
@@ -55,7 +55,7 @@ public AccountResource.SshKey parse(AccountResource rsrc, IdString id) throws ResourceNotFoundException, OrmException { if (self.get() != rsrc.getUser() - && !self.get().getCapabilities().canAdministrateServer()) { + && !self.get().getCapabilities().canModifyAccount()) { throw new ResourceNotFoundException(); } return parse(rsrc.getUser(), id);
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/change/PostReview.java b/gerrit-server/src/main/java/com/google/gerrit/server/change/PostReview.java index 2764048..9a2a81e 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/change/PostReview.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/change/PostReview.java
@@ -353,7 +353,7 @@ throw new OrmException("could not load PatchList for this patchset", e); } RevId patchSetCommit = new RevId(ObjectId.toString(patchList.getNewId())); - RevId baseCommit = new RevId(ObjectId.toString(patchList.getOldId()));; + RevId baseCommit = new RevId(ObjectId.toString(patchList.getOldId())); for (Map.Entry<String, List<CommentInput>> ent : in.entrySet()) { String path = ent.getKey();
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/changedetail/RebaseChange.java b/gerrit-server/src/main/java/com/google/gerrit/server/changedetail/RebaseChange.java index f0b027a..11e5938 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/changedetail/RebaseChange.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/changedetail/RebaseChange.java
@@ -185,7 +185,7 @@ if (patchSetAncestors.size() > 1) { throw new IOException( - "Cannot rebase a change with multiple parents. Parents commits: " + "Cannot rebase a change with multiple parents. Parent commits: " + patchSetAncestors.toString()); } if (patchSetAncestors.size() == 0) {
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/config/CapabilityConstants.java b/gerrit-server/src/main/java/com/google/gerrit/server/config/CapabilityConstants.java index 289173b..3805a0e 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/config/CapabilityConstants.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/config/CapabilityConstants.java
@@ -29,7 +29,9 @@ public String createProject; public String emailReviewers; public String flushCaches; + public String generateHttpPassword; public String killTask; + public String modifyAccount; public String priority; public String queryLimit; public String runAs;
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/schema/Schema_98.java b/gerrit-server/src/main/java/com/google/gerrit/server/schema/Schema_98.java index 1a70a15..aea5abc 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/schema/Schema_98.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/schema/Schema_98.java
@@ -34,7 +34,7 @@ + "reviewCategoryStrategy"); Statement stmt = ((JdbcSchema) db).getConnection().createStatement(); try { - stmt.executeUpdate("UPDATE ACCOUNTS SET " + stmt.executeUpdate("UPDATE accounts SET " + "REVIEW_CATEGORY_STRATEGY='NAME' " + "WHERE (SHOW_USER_IN_REVIEW='Y')"); } finally {
diff --git a/gerrit-server/src/main/resources/com/google/gerrit/server/config/CapabilityConstants.properties b/gerrit-server/src/main/resources/com/google/gerrit/server/config/CapabilityConstants.properties index 9eb7d9b..056da87 100644 --- a/gerrit-server/src/main/resources/com/google/gerrit/server/config/CapabilityConstants.properties +++ b/gerrit-server/src/main/resources/com/google/gerrit/server/config/CapabilityConstants.properties
@@ -5,7 +5,9 @@ createProject = Create Project emailReviewers = Email Reviewers flushCaches = Flush Caches +generateHttpPassword = Generate HTTP Password killTask = Kill Task +modifyAccount = Modify Account priority = Priority queryLimit = Query Limit runAs = Run As
diff --git a/gerrit-server/src/test/java/com/google/gerrit/server/project/RefControlTest.java b/gerrit-server/src/test/java/com/google/gerrit/server/project/RefControlTest.java index 7963ce4..664ab4e 100644 --- a/gerrit-server/src/test/java/com/google/gerrit/server/project/RefControlTest.java +++ b/gerrit-server/src/test/java/com/google/gerrit/server/project/RefControlTest.java
@@ -55,6 +55,8 @@ private final AccountGroup.UUID fixers = new AccountGroup.UUID("test.fixers"); private Project.NameKey localKey = new Project.NameKey("local"); private ProjectConfig local; + private Project.NameKey parentKey = new Project.NameKey("parent"); + private ProjectConfig parent; private final Util util; public RefControlTest() { @@ -63,9 +65,14 @@ @Before public void setUp() throws Exception { + parent = new ProjectConfig(parentKey); + parent.load(newRepository(parentKey)); + util.add(parent); + local = new ProjectConfig(localKey); local.load(newRepository(localKey)); util.add(local); + local.getProject().setParentName(parentKey); } @Test @@ -127,8 +134,8 @@ @Test public void testInheritRead_SingleBranchDeniesUpload() { - allow(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*"); - allow(util.getParentConfig(), PUSH, REGISTERED_USERS, "refs/for/refs/*"); + allow(parent, READ, REGISTERED_USERS, "refs/*"); + allow(parent, PUSH, REGISTERED_USERS, "refs/for/refs/*"); allow(local, READ, REGISTERED_USERS, "refs/heads/foobar"); doNotInherit(local, READ, "refs/heads/foobar"); doNotInherit(local, PUSH, "refs/for/refs/heads/foobar"); @@ -145,8 +152,8 @@ @Test public void testBlockPushDrafts() { - allow(util.getParentConfig(), PUSH, REGISTERED_USERS, "refs/for/refs/*"); - block(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/drafts/*"); + allow(parent, PUSH, REGISTERED_USERS, "refs/for/refs/*"); + block(parent, PUSH, ANONYMOUS_USERS, "refs/drafts/*"); ProjectControl u = util.user(local); assertTrue("can upload refs/heads/master", @@ -157,8 +164,8 @@ @Test public void testBlockPushDraftsUnblockAdmin() { - block(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/drafts/*"); - allow(util.getParentConfig(), PUSH, ADMIN, "refs/drafts/*"); + block(parent, PUSH, ANONYMOUS_USERS, "refs/drafts/*"); + allow(parent, PUSH, ADMIN, "refs/drafts/*"); assertTrue("push is blocked for anonymous to refs/drafts/master", util.user(local).controlForRef("refs/drafts/refs/heads/master") @@ -170,8 +177,8 @@ @Test public void testInheritRead_SingleBranchDoesNotOverrideInherited() { - allow(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*"); - allow(util.getParentConfig(), PUSH, REGISTERED_USERS, "refs/for/refs/*"); + allow(parent, READ, REGISTERED_USERS, "refs/*"); + allow(parent, PUSH, REGISTERED_USERS, "refs/for/refs/*"); allow(local, READ, REGISTERED_USERS, "refs/heads/foobar"); ProjectControl u = util.user(local); @@ -186,20 +193,20 @@ @Test public void testInheritDuplicateSections() throws Exception { - allow(util.getParentConfig(), READ, ADMIN, "refs/*"); + allow(parent, READ, ADMIN, "refs/*"); allow(local, READ, DEVS, "refs/heads/*"); - local.getProject().setParentName(util.getParentConfig().getProject().getName()); assertTrue("a can read", util.user(local, "a", ADMIN).isVisible()); - local = new ProjectConfig(new Project.NameKey("local")); + local = new ProjectConfig(localKey); local.load(newRepository(localKey)); + local.getProject().setParentName(parentKey); allow(local, READ, DEVS, "refs/*"); assertTrue("d can read", util.user(local, "d", DEVS).isVisible()); } @Test public void testInheritRead_OverrideWithDeny() { - allow(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*"); + allow(parent, READ, REGISTERED_USERS, "refs/*"); deny(local, READ, REGISTERED_USERS, "refs/*"); ProjectControl u = util.user(local); @@ -208,7 +215,7 @@ @Test public void testInheritRead_AppendWithDenyOfRef() { - allow(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*"); + allow(parent, READ, REGISTERED_USERS, "refs/*"); deny(local, READ, REGISTERED_USERS, "refs/heads/*"); ProjectControl u = util.user(local); @@ -220,7 +227,7 @@ @Test public void testInheritRead_OverridesAndDeniesOfRef() { - allow(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*"); + allow(parent, READ, REGISTERED_USERS, "refs/*"); deny(local, READ, REGISTERED_USERS, "refs/*"); allow(local, READ, REGISTERED_USERS, "refs/heads/*"); @@ -233,7 +240,7 @@ @Test public void testInheritSubmit_OverridesAndDeniesOfRef() { - allow(util.getParentConfig(), SUBMIT, REGISTERED_USERS, "refs/*"); + allow(parent, SUBMIT, REGISTERED_USERS, "refs/*"); deny(local, SUBMIT, REGISTERED_USERS, "refs/*"); allow(local, SUBMIT, REGISTERED_USERS, "refs/heads/*"); @@ -245,7 +252,7 @@ @Test public void testCannotUploadToAnyRef() { - allow(util.getParentConfig(), READ, REGISTERED_USERS, "refs/*"); + allow(parent, READ, REGISTERED_USERS, "refs/*"); allow(local, READ, DEVS, "refs/heads/*"); allow(local, PUSH, DEVS, "refs/for/refs/heads/*"); @@ -288,7 +295,7 @@ @Test public void testSortWithRegex() { allow(local, READ, DEVS, "^refs/heads/.*"); - allow(util.getParentConfig(), READ, ANONYMOUS_USERS, "^refs/heads/.*-QA-.*"); + allow(parent, READ, ANONYMOUS_USERS, "^refs/heads/.*-QA-.*"); ProjectControl u = util.user(local, DEVS), d = util.user(local, DEVS); assertTrue("u can read", u.controlForRef("refs/heads/foo-QA-bar").isVisible()); @@ -298,7 +305,7 @@ @Test public void testBlockRule_ParentBlocksChild() { allow(local, PUSH, DEVS, "refs/tags/*"); - block(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/tags/*"); + block(parent, PUSH, ANONYMOUS_USERS, "refs/tags/*"); ProjectControl u = util.user(local, DEVS); assertFalse("u can't update tag", u.controlForRef("refs/tags/V10").canUpdate()); } @@ -307,7 +314,7 @@ public void testBlockRule_ParentBlocksChildEvenIfAlreadyBlockedInChild() { allow(local, PUSH, DEVS, "refs/tags/*"); block(local, PUSH, ANONYMOUS_USERS, "refs/tags/*"); - block(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/tags/*"); + block(parent, PUSH, ANONYMOUS_USERS, "refs/tags/*"); ProjectControl u = util.user(local, DEVS); assertFalse("u can't update tag", u.controlForRef("refs/tags/V10").canUpdate()); @@ -316,7 +323,7 @@ @Test public void testBlockLabelRange_ParentBlocksChild() { allow(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*"); - block(util.getParentConfig(), LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*"); + block(parent, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*"); ProjectControl u = util.user(local, DEVS); @@ -331,7 +338,7 @@ public void testBlockLabelRange_ParentBlocksChildEvenIfAlreadyBlockedInChild() { allow(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*"); block(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*"); - block(util.getParentConfig(), LABEL + "Code-Review", -2, +2, DEVS, + block(parent, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*"); ProjectControl u = util.user(local, DEVS); @@ -393,7 +400,7 @@ @Test public void testUnblockInLocal_Fails() { - block(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/heads/*"); + block(parent, PUSH, ANONYMOUS_USERS, "refs/heads/*"); allow(local, PUSH, fixers, "refs/heads/*"); ProjectControl f = util.user(local, fixers); @@ -402,8 +409,8 @@ @Test public void testUnblockInParentBlockInLocal() { - block(util.getParentConfig(), PUSH, ANONYMOUS_USERS, "refs/heads/*"); - allow(util.getParentConfig(), PUSH, DEVS, "refs/heads/*"); + block(parent, PUSH, ANONYMOUS_USERS, "refs/heads/*"); + allow(parent, PUSH, DEVS, "refs/heads/*"); block(local, PUSH, DEVS, "refs/heads/*"); ProjectControl d = util.user(local, DEVS); @@ -411,7 +418,7 @@ } @Test - public void testUnblockVisibilityByREGISTEREDUsers() { + public void testUnblockVisibilityByRegisteredUsers() { block(local, READ, ANONYMOUS_USERS, "refs/heads/*"); allow(local, READ, REGISTERED_USERS, "refs/heads/*"); @@ -421,7 +428,7 @@ @Test public void testUnblockInLocalVisibilityByRegisteredUsers_Fails() { - block(util.getParentConfig(), READ, ANONYMOUS_USERS, "refs/heads/*"); + block(parent, READ, ANONYMOUS_USERS, "refs/heads/*"); allow(local, READ, REGISTERED_USERS, "refs/heads/*"); ProjectControl u = util.user(local, REGISTERED_USERS); @@ -440,7 +447,7 @@ @Test public void testUnblockInLocalForceEditTopicName_Fails() { - block(util.getParentConfig(), EDIT_TOPIC_NAME, ANONYMOUS_USERS, "refs/heads/*"); + block(parent, EDIT_TOPIC_NAME, ANONYMOUS_USERS, "refs/heads/*"); allow(local, EDIT_TOPIC_NAME, DEVS, "refs/heads/*").setForce(true); ProjectControl u = util.user(local, REGISTERED_USERS); @@ -483,7 +490,7 @@ @Test public void testUnblockInLocalRange_Fails() { - block(util.getParentConfig(), LABEL + "Code-Review", -1, 1, ANONYMOUS_USERS, + block(parent, LABEL + "Code-Review", -1, 1, ANONYMOUS_USERS, "refs/heads/*"); allow(local, LABEL + "Code-Review", -2, +2, DEVS, "refs/heads/*");
diff --git a/gerrit-server/src/test/java/com/google/gerrit/server/project/Util.java b/gerrit-server/src/test/java/com/google/gerrit/server/project/Util.java index c0f35ba..ac1e0d7 100644 --- a/gerrit-server/src/test/java/com/google/gerrit/server/project/Util.java +++ b/gerrit-server/src/test/java/com/google/gerrit/server/project/Util.java
@@ -180,17 +180,19 @@ private final PermissionCollection.Factory sectionSorter; private final GitRepositoryManager repoManager; - private final AllProjectsName allProjectsName = new AllProjectsName("parent"); - private final ProjectConfig parent = new ProjectConfig(allProjectsName); + private final AllProjectsName allProjectsName = + new AllProjectsName("All-Projects"); + private final ProjectConfig allProjects; public Util() { all = new HashMap<>(); repoManager = new InMemoryRepositoryManager(); try { Repository repo = repoManager.createRepository(allProjectsName); - parent.load(repo); - parent.getLabelSections().put(CR.getName(), CR); - add(parent); + allProjects = new ProjectConfig(new Project.NameKey(allProjectsName.get())); + allProjects.load(repo); + allProjects.getLabelSections().put(CR.getName(), CR); + add(allProjects); } catch (IOException | ConfigInvalidException e) { throw new RuntimeException(e); } @@ -281,10 +283,6 @@ injector.getInstance(ChangeControl.AssistedFactory.class); } - public ProjectConfig getParentConfig() { - return this.parent; - } - public void add(ProjectConfig pc) { PrologEnvironment.Factory envFactory = null; ProjectControl.AssistedFactory projectControlFactory = null;
diff --git a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/SetAccountCommand.java b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/SetAccountCommand.java index 83d75e9..87d9d03 100644 --- a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/SetAccountCommand.java +++ b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/SetAccountCommand.java
@@ -14,7 +14,10 @@ package com.google.gerrit.sshd.commands; +import com.google.common.base.Strings; +import com.google.gerrit.common.data.GlobalCapability; import com.google.gerrit.common.errors.EmailException; +import com.google.gerrit.extensions.annotations.RequiresCapability; import com.google.gerrit.extensions.restapi.RawInput; import com.google.gerrit.extensions.restapi.ResourceNotFoundException; import com.google.gerrit.extensions.restapi.RestApiException; @@ -55,6 +58,7 @@ /** Set a user's account settings. **/ @CommandMetaData(name = "set-account", description = "Change an account's settings") +@RequiresCapability(GlobalCapability.MODIFY_ACCOUNT) final class SetAccountCommand extends BaseCommand { @Argument(index = 0, required = true, metaVar = "USER", usage = "full name, email-address, ssh username or account id") @@ -84,8 +88,8 @@ @Option(name = "--http-password", metaVar = "PASSWORD", usage = "password for HTTP authentication for the account") private String httpPassword; - @Inject - private IdentifiedUser currentUser; + @Option(name = "--clear-http-password", usage = "clear HTTP password for the account") + private boolean clearHttpPassword; @Inject private IdentifiedUser.GenericFactory genericUserFactory; @@ -128,13 +132,6 @@ startThread(new CommandRunnable() { @Override public void run() throws Exception { - if (!currentUser.getCapabilities().canAdministrateServer()) { - String msg = - String.format( - "fatal: %s does not have \"Administrator\" capability.", - currentUser.getUserName()); - throw new UnloggedFailure(1, msg); - } parseCommandLine(); validate(); setAccount(); @@ -147,6 +144,11 @@ throw new UnloggedFailure(1, "--active and --inactive options are mutually exclusive."); } + if (clearHttpPassword && !Strings.isNullOrEmpty(httpPassword)) { + throw new UnloggedFailure(1, + "--http-password and --clear-http-password options are mutually " + + "exclusive."); + } if (addSshKeys.contains("-") && deleteSshKeys.contains("-")) { throw new UnloggedFailure(1, "Only one option may use the stdin"); } @@ -176,7 +178,7 @@ putName.apply(rsrc, in); } - if (httpPassword != null) { + if (httpPassword != null || clearHttpPassword) { PutHttpPassword.Input in = new PutHttpPassword.Input(); in.httpPassword = httpPassword; putHttpPassword.apply(rsrc, in); @@ -271,7 +273,7 @@ private void deleteEmail(String email) throws UnloggedFailure, RestApiException, OrmException { if (email.equals("ALL")) { - List<EmailInfo> emails = getEmails.apply(rsrc);; + List<EmailInfo> emails = getEmails.apply(rsrc); for (EmailInfo e : emails) { deleteEmail.apply(new AccountResource.Email(user, e.email), new DeleteEmail.Input());
diff --git a/gerrit-war/pom.xml b/gerrit-war/pom.xml index ef5e53f..81d8498 100644 --- a/gerrit-war/pom.xml +++ b/gerrit-war/pom.xml
@@ -2,7 +2,7 @@ <modelVersion>4.0.0</modelVersion> <groupId>com.google.gerrit</groupId> <artifactId>gerrit-war</artifactId> - <version>2.10-SNAPSHOT</version> + <version>2.11-SNAPSHOT</version> <packaging>war</packaging> <name>Gerrit Code Review - WAR</name> <description>Gerrit WAR</description>