Merge "restapi/accounts: clarify permission related behaviors"
diff --git a/java/com/google/gerrit/server/account/AccountResolver.java b/java/com/google/gerrit/server/account/AccountResolver.java
index f861ea7..8c957ec 100644
--- a/java/com/google/gerrit/server/account/AccountResolver.java
+++ b/java/com/google/gerrit/server/account/AccountResolver.java
@@ -492,7 +492,7 @@
}
/**
- * Resolves all accounts matching the input string.
+ * Resolves all accounts matching the input string, visible to the current user.
*
* <p>The following input formats are recognized:
*
diff --git a/java/com/google/gerrit/server/account/VersionedAuthorizedKeys.java b/java/com/google/gerrit/server/account/VersionedAuthorizedKeys.java
index 235537c..30021e6 100644
--- a/java/com/google/gerrit/server/account/VersionedAuthorizedKeys.java
+++ b/java/com/google/gerrit/server/account/VersionedAuthorizedKeys.java
@@ -61,6 +61,8 @@
* <p>Other comment lines are ignored on read, and are not written back when the file is modified.
*/
public class VersionedAuthorizedKeys extends VersionedMetaData {
+
+ /** Read/write SSH keys by user ID. */
@Singleton
public static class Accessor {
private final GitRepositoryManager repoManager;
diff --git a/java/com/google/gerrit/server/restapi/account/AccountsCollection.java b/java/com/google/gerrit/server/restapi/account/AccountsCollection.java
index 119e2e4..61ff6b8 100644
--- a/java/com/google/gerrit/server/restapi/account/AccountsCollection.java
+++ b/java/com/google/gerrit/server/restapi/account/AccountsCollection.java
@@ -53,6 +53,7 @@
return new AccountResource(accountResolver.resolve(id.get()).asUniqueUser());
} catch (UnresolvableAccountException e) {
if (e.isSelf()) {
+ // Must be authenticated to use 'me' or 'self'.
throw new AuthException(e.getMessage(), e);
}
throw new ResourceNotFoundException(e.getMessage(), e);
diff --git a/java/com/google/gerrit/server/restapi/account/GetSshKeys.java b/java/com/google/gerrit/server/restapi/account/GetSshKeys.java
index 6df6c3c..9952987 100644
--- a/java/com/google/gerrit/server/restapi/account/GetSshKeys.java
+++ b/java/com/google/gerrit/server/restapi/account/GetSshKeys.java
@@ -60,8 +60,7 @@
@Override
public Response<List<SshKeyInfo>> apply(AccountResource rsrc)
- throws AuthException, RepositoryNotFoundException, IOException, ConfigInvalidException,
- PermissionBackendException {
+ throws AuthException, IOException, ConfigInvalidException, PermissionBackendException {
if (!self.get().hasSameAccountId(rsrc.getUser())) {
permissionBackend.currentUser().check(GlobalPermission.MODIFY_ACCOUNT);
}
diff --git a/java/com/google/gerrit/server/restapi/account/PutActive.java b/java/com/google/gerrit/server/restapi/account/PutActive.java
index a80ab3f..3b431db 100644
--- a/java/com/google/gerrit/server/restapi/account/PutActive.java
+++ b/java/com/google/gerrit/server/restapi/account/PutActive.java
@@ -32,7 +32,7 @@
*
* <p>This REST endpoint handles {@code PUT /accounts/<account-identifier>/active} requests.
*
- * <p>Only active accounts can login into Gerrit.
+ * <p>Only active accounts can login into Gerrit, or are suggested as reviewers.
*
* <p>Marking an account as inactive is handled by {@link DeleteActive}.
*/
diff --git a/java/com/google/gerrit/server/restapi/account/Stars.java b/java/com/google/gerrit/server/restapi/account/Stars.java
index c27bdd8..cc362f2 100644
--- a/java/com/google/gerrit/server/restapi/account/Stars.java
+++ b/java/com/google/gerrit/server/restapi/account/Stars.java
@@ -46,6 +46,12 @@
import java.util.Set;
import java.util.SortedSet;
+/**
+ * Implements adding label stars to changes.
+ *
+ * <p>This handles {@code POST} and {@code GET} for {@code
+ * /accounts/<account-identifier>/stars.changes/<change ID>}.
+ */
@Singleton
public class Stars implements ChildCollection<AccountResource, AccountResource.Star> {
@@ -70,6 +76,7 @@
public Star parse(AccountResource parent, IdString id)
throws RestApiException, PermissionBackendException, IOException {
IdentifiedUser user = parent.getUser();
+ // This enforces visibility of the change.
ChangeResource change = changes.parse(TopLevelResource.INSTANCE, id);
Set<String> labels = starredChangesUtil.getLabels(user.getAccountId(), change.getId());
return new AccountResource.Star(user, change, labels);
@@ -87,6 +94,7 @@
@Singleton
public static class ListStarredChanges implements RestReadView<AccountResource> {
+
private final Provider<CurrentUser> self;
private final ChangesCollection changes;
@@ -121,6 +129,7 @@
@Singleton
public static class Get implements RestReadView<AccountResource.Star> {
+
private final Provider<CurrentUser> self;
private final StarredChangesUtil starredChangesUtil;
@@ -142,6 +151,7 @@
@Singleton
public static class Post implements RestModifyView<AccountResource.Star, StarsInput> {
+
private final Provider<CurrentUser> self;
private final StarredChangesUtil starredChangesUtil;