Hide access rights not visible to user

It may be an information leak to display to a user other branches
and the group those users have access to read.  When displaying the
access rights of a project, filter the list of displayed RefRights
to only those RefRights that are owned by the user, or are visible
to them via READ +1 permission.

Change-Id: I70d04d494ec9cef81c2108ecb451a81ac0293615
Signed-off-by: Shawn O. Pearce <sop@google.com>
diff --git a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/rpc/project/ProjectDetailFactory.java b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/rpc/project/ProjectDetailFactory.java
index 3ff3892f..ef632c4 100644
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/rpc/project/ProjectDetailFactory.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/rpc/project/ProjectDetailFactory.java
@@ -26,6 +26,7 @@
 import com.google.gerrit.server.project.NoSuchProjectException;
 import com.google.gerrit.server.project.ProjectControl;
 import com.google.gerrit.server.project.ProjectState;
+import com.google.gerrit.server.project.RefControl;
 import com.google.inject.Inject;
 import com.google.inject.assistedinject.Assisted;
 
@@ -75,8 +76,14 @@
     final List<InheritedRefRight> refRights = new ArrayList<InheritedRefRight>();
 
     for (final RefRight r : projectState.getInheritedRights()) {
-      InheritedRefRight refRight = new InheritedRefRight(
-          r, true, pc.controlForRef(r.getRefPattern()).isOwner());
+      RefControl rc = pc.controlForRef(r.getRefPattern());
+      boolean isOwner = rc.isOwner();
+
+      if (!isOwner && !rc.isVisible()) {
+        continue;
+      }
+
+      InheritedRefRight refRight = new InheritedRefRight(r, true, isOwner);
       if (!refRights.contains(refRight)) {
         refRights.add(refRight);
         wantGroup(r.getAccountGroupId());
@@ -84,8 +91,14 @@
     }
 
     for (final RefRight r : projectState.getLocalRights()) {
-      refRights.add(new InheritedRefRight(
-          r, false, pc.controlForRef(r.getRefPattern()).isOwner()));
+      RefControl rc = pc.controlForRef(r.getRefPattern());
+      boolean isOwner = rc.isOwner();
+
+      if (!isOwner && !rc.isVisible()) {
+        continue;
+      }
+
+      refRights.add(new InheritedRefRight(r, false, isOwner));
       wantGroup(r.getAccountGroupId());
     }