Merge branch 'stable-2.14' into stable-2.15
* stable-2.14:
Upgrade bazlets to latest stable-2.14
Change-Id: Id42424fd4fcd822a7100dc863055c93f4a963269
diff --git a/README.md b/README.md
index 2c9d9b4..8060e8b 100644
--- a/README.md
+++ b/README.md
@@ -2,4 +2,5 @@
Gerrit plugin to provide information via SSH commands to Gerrit Administrators.
-[![Build Status](https://gerrit-ci.gerritforge.com/view/Plugins-master/job/plugin-admin-console-master/badge/icon)](https://gerrit-ci.gerritforge.com/view/Plugins-master/job/plugin-admin-console-master/)
\ No newline at end of file
+[![Build Status](https://gerrit-ci.gerritforge.com/view/Plugins-master/job/plugin-admin-console-bazel-master/badge/icon
+)](https://gerrit-ci.gerritforge.com/view/Plugins-master/job/plugin-admin-console-bazel-master/)
diff --git a/WORKSPACE b/WORKSPACE
index f31e993..0d915be 100644
--- a/WORKSPACE
+++ b/WORKSPACE
@@ -3,7 +3,7 @@
load("//:bazlets.bzl", "load_bazlets")
load_bazlets(
- commit = "10cd2e19ba04fcaaf7edef21b8fc407c699fb9d1",
+ commit = "9c84d2870bf8d3f51685a289a1fc9edc3bf9dc89",
#local_path = "/home/<user>/projects/bazlets",
)
diff --git a/src/main/java/com/googlesource/gerrit/plugins/adminconsole/ListUsersCommand.java b/src/main/java/com/googlesource/gerrit/plugins/adminconsole/ListUsersCommand.java
index 926db63..96b9c77 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/adminconsole/ListUsersCommand.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/adminconsole/ListUsersCommand.java
@@ -18,21 +18,21 @@
import com.google.gerrit.common.data.GlobalCapability;
import com.google.gerrit.extensions.annotations.CapabilityScope;
import com.google.gerrit.extensions.annotations.RequiresCapability;
+import com.google.gerrit.index.query.Predicate;
import com.google.gerrit.reviewdb.client.Account;
-import com.google.gerrit.reviewdb.server.ReviewDb;
-import com.google.gerrit.server.account.AccountResolver;
+import com.google.gerrit.server.account.AccountState;
+import com.google.gerrit.server.query.account.AccountPredicates;
+import com.google.gerrit.server.query.account.InternalAccountQuery;
import com.google.gerrit.sshd.CommandMetaData;
import com.google.gerrit.sshd.SshCommand;
-import com.google.gwtorm.server.OrmException;
-import com.google.gwtorm.server.ResultSet;
import com.google.inject.Inject;
+import com.google.inject.Provider;
import org.kohsuke.args4j.Option;
@RequiresCapability(value = GlobalCapability.ADMINISTRATE_SERVER, scope = CapabilityScope.CORE)
@CommandMetaData(name = "ls-users", description = "List users")
public final class ListUsersCommand extends SshCommand {
- private ReviewDb db;
- private final AccountResolver accountResolver;
+ private final Provider<InternalAccountQuery> accountQueryProvider;
@Option(name = "--active-only", usage = "show only active users")
private boolean activeOnly = false;
@@ -41,27 +41,37 @@
private boolean inactiveOnly = false;
@Inject
- ListUsersCommand(ReviewDb db, AccountResolver accountResolver) {
- this.db = db;
- this.accountResolver = accountResolver;
+ ListUsersCommand(Provider<InternalAccountQuery> accountQueryProvider) {
+ this.accountQueryProvider = accountQueryProvider;
}
@Override
protected void run() throws UnloggedFailure, Failure, Exception {
- ResultSet<Account> accounts = db.accounts().all();
- for (Account account : accounts) {
- if (activeOnly && !account.isActive()) {
- continue;
- }
- if (inactiveOnly && account.isActive()) {
- continue;
- }
- String username = getUsername(account);
+ if (activeOnly && inactiveOnly) {
+ throw die("--active-only and --inactive-only are mutually exclusive");
+ }
+
+ Predicate<AccountState> queryPredicate;
+ if (activeOnly) {
+ queryPredicate = AccountPredicates.isActive();
+ } else if (inactiveOnly) {
+ queryPredicate = AccountPredicates.isNotActive();
+ } else {
+ // This is a work-around to get all the account from the index, querying
+ // active and inactive users returns all the users. Another option is to
+ // use the Accounts class which will list all the account ids from notedb
+ // and then query the secondary index for each user but this way is less
+ // efficient.
+ queryPredicate = Predicate.or(AccountPredicates.isActive(), AccountPredicates.isNotActive());
+ }
+ for (AccountState accountState : accountQueryProvider.get().query(queryPredicate)) {
+ Account account = accountState.getAccount();
String out =
new StringBuilder()
.append(account.getId().toString())
.append(" |")
- .append(Strings.isNullOrEmpty(username) ? "" : " " + username)
+ .append(
+ Strings.isNullOrEmpty(account.getUserName()) ? "" : " " + account.getUserName())
.append(" |")
.append(
Strings.isNullOrEmpty(account.getFullName()) ? "" : " " + account.getFullName())
@@ -76,10 +86,4 @@
stdout.println(out);
}
}
-
- private String getUsername(Account account) throws OrmException {
- String id = account.getId().toString();
- Account accountFromResolver = accountResolver.find(db, id);
- return accountFromResolver == null ? null : accountFromResolver.getUserName();
- }
}
diff --git a/src/main/java/com/googlesource/gerrit/plugins/adminconsole/ShowAccountCommand.java b/src/main/java/com/googlesource/gerrit/plugins/adminconsole/ShowAccountCommand.java
index aa086f0..512828e 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/adminconsole/ShowAccountCommand.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/adminconsole/ShowAccountCommand.java
@@ -22,17 +22,16 @@
import com.google.gerrit.extensions.restapi.AuthException;
import com.google.gerrit.reviewdb.client.Account;
import com.google.gerrit.reviewdb.client.Account.Id;
-import com.google.gerrit.reviewdb.client.AccountExternalId;
-import com.google.gerrit.reviewdb.server.ReviewDb;
import com.google.gerrit.server.IdentifiedUser;
import com.google.gerrit.server.account.AccountResolver;
import com.google.gerrit.server.account.AccountResource;
import com.google.gerrit.server.account.GetGroups;
import com.google.gerrit.server.account.GetSshKeys;
+import com.google.gerrit.server.account.externalids.ExternalId;
+import com.google.gerrit.server.account.externalids.ExternalIds;
+import com.google.gerrit.server.permissions.PermissionBackendException;
import com.google.gerrit.sshd.CommandMetaData;
import com.google.gerrit.sshd.SshCommand;
-import com.google.gwtorm.server.OrmException;
-import com.google.gwtorm.server.SchemaFactory;
import com.google.inject.Inject;
import com.google.inject.Provider;
import java.io.IOException;
@@ -63,10 +62,10 @@
private boolean showKeys = false;
private final AccountResolver accountResolver;
- private final SchemaFactory<ReviewDb> schema;
private final Provider<GetGroups> accountGetGroups;
private final IdentifiedUser.GenericFactory userFactory;
private final Provider<GetSshKeys> getSshKeys;
+ private final ExternalIds externalIds;
@Inject
ShowAccountCommand(
@@ -74,16 +73,16 @@
Provider<GetGroups> accountGetGroups,
IdentifiedUser.GenericFactory userFactory,
Provider<GetSshKeys> getSshKeys,
- SchemaFactory<ReviewDb> schema) {
+ ExternalIds externalIds) {
this.accountResolver = accountResolver;
this.accountGetGroups = accountGetGroups;
this.userFactory = userFactory;
- this.schema = schema;
this.getSshKeys = getSshKeys;
+ this.externalIds = externalIds;
}
@Override
- public void run() throws UnloggedFailure, OrmException {
+ public void run() throws UnloggedFailure, Exception {
Account account;
if (name.isEmpty()) {
@@ -92,92 +91,92 @@
"You need to tell me who to find: LastName,\\\\ Firstname, email@address.com, account id or an user name. "
+ "Be sure to double-escape spaces, for example: \"show-account Last,\\\\ First\"");
}
- try (ReviewDb db = schema.open()) {
- Set<Id> idList = accountResolver.findAll(db, name);
- if (idList.isEmpty()) {
- throw new UnloggedFailure(
- 1,
- "No accounts found for your query: \""
- + name
- + "\""
- + " Tip: Try double-escaping spaces, for example: \"show-account Last,\\\\ First\"");
- }
- stdout.println(
- "Found "
- + idList.size()
- + " result"
- + (idList.size() > 1 ? "s" : "")
- + ": for query: \""
+ Set<Id> idList = accountResolver.findAll(name);
+ if (idList.isEmpty()) {
+ throw new UnloggedFailure(
+ 1,
+ "No accounts found for your query: \""
+ name
- + "\"");
- stdout.println();
+ + "\""
+ + " Tip: Try double-escaping spaces, for example: \"show-account Last,\\\\ First\"");
+ }
+ stdout.println(
+ "Found "
+ + idList.size()
+ + " result"
+ + (idList.size() > 1 ? "s" : "")
+ + ": for query: \""
+ + name
+ + "\"");
+ stdout.println();
- for (Id id : idList) {
- account = accountResolver.find(db, id.toString());
- if (account == null) {
- throw new UnloggedFailure("Account " + id.toString() + " does not exist.");
- }
- stdout.println("Full name: " + account.getFullName());
- stdout.println("Account Id: " + id.toString());
- stdout.println("Preferred Email: " + account.getPreferredEmail());
- stdout.println("User Name: " + account.getUserName());
- stdout.println("Active: " + account.isActive());
- stdout.println("Registered on: " + account.getRegisteredOn());
+ for (Id id : idList) {
+ account = accountResolver.find(id.toString());
+ if (account == null) {
+ throw new UnloggedFailure("Account " + id.toString() + " does not exist.");
+ }
+ stdout.println("Full name: " + account.getFullName());
+ stdout.println("Account Id: " + id.toString());
+ stdout.println("Preferred Email: " + account.getPreferredEmail());
+ stdout.println("User Name: " + account.getUserName());
+ stdout.println("Active: " + account.isActive());
+ stdout.println("Registered on: " + account.getRegisteredOn());
- stdout.println("");
- stdout.println("External Ids:");
- stdout.println(String.format("%-50s %s", "Email Address:", "External Id:"));
- for (AccountExternalId accountExternalId :
- db.accountExternalIds().byAccount(account.getId())) {
+ stdout.println("");
+ stdout.println("External Ids:");
+ stdout.println(String.format("%-50s %s", "Email Address:", "External Id:"));
+ try {
+ for (ExternalId externalId : externalIds.byAccount(account.getId())) {
stdout.println(
String.format(
"%-50s %s",
- (accountExternalId.getEmailAddress() == null
- ? ""
- : accountExternalId.getEmailAddress()),
- accountExternalId.getExternalId()));
+ (externalId.email() == null ? "" : externalId.email()), externalId.key()));
}
-
- if (showKeys) {
- stdout.println("");
- stdout.println("Public Keys:");
- List<SshKeyInfo> sshKeys;
- try {
- sshKeys = getSshKeys.get().apply(new AccountResource(userFactory.create(id)));
- } catch (AuthException | IOException | ConfigInvalidException e) {
- throw new UnloggedFailure(1, "Error getting sshkeys: " + e.getMessage(), e);
- }
- if (sshKeys == null || sshKeys.isEmpty()) {
- stdout.println("None");
- } else {
- stdout.println(String.format("%-9s %s", "Status:", "Key:"));
- for (SshKeyInfo sshKey : sshKeys) {
- stdout.println(
- String.format(
- "%-9s %s", (sshKey.valid ? "Active" : "Inactive"), sshKey.sshPublicKey));
- }
- }
- }
-
- if (showGroups) {
- stdout.println();
- stdout.println(
- "Member of groups"
- + (filterGroups == null ? "" : " (Filtering on \"" + filterGroups + "\")")
- + ":");
- List<GroupInfo> groupInfos =
- accountGetGroups.get().apply(new AccountResource(userFactory.create(id)));
-
- Collections.sort(groupInfos, new CustomComparator());
- for (GroupInfo groupInfo : groupInfos) {
- if (null == filterGroups
- || groupInfo.name.toLowerCase().contains(filterGroups.toLowerCase())) {
- stdout.println(groupInfo.name);
- }
- }
- }
- stdout.println("");
+ } catch (IOException e) {
+ throw new UnloggedFailure(1, "Error getting external Ids: " + e.getMessage(), e);
}
+ if (showKeys) {
+ stdout.println("");
+ stdout.println("Public Keys:");
+ List<SshKeyInfo> sshKeys;
+ try {
+ sshKeys = getSshKeys.get().apply(new AccountResource(userFactory.create(id)));
+ } catch (AuthException
+ | IOException
+ | ConfigInvalidException
+ | PermissionBackendException e) {
+ throw new UnloggedFailure(1, "Error getting sshkeys: " + e.getMessage(), e);
+ }
+ if (sshKeys == null || sshKeys.isEmpty()) {
+ stdout.println("None");
+ } else {
+ stdout.println(String.format("%-9s %s", "Status:", "Key:"));
+ for (SshKeyInfo sshKey : sshKeys) {
+ stdout.println(
+ String.format(
+ "%-9s %s", (sshKey.valid ? "Active" : "Inactive"), sshKey.sshPublicKey));
+ }
+ }
+ }
+
+ if (showGroups) {
+ stdout.println();
+ stdout.println(
+ "Member of groups"
+ + (filterGroups == null ? "" : " (Filtering on \"" + filterGroups + "\")")
+ + ":");
+ List<GroupInfo> groupInfos =
+ accountGetGroups.get().apply(new AccountResource(userFactory.create(id)));
+
+ Collections.sort(groupInfos, new CustomComparator());
+ for (GroupInfo groupInfo : groupInfos) {
+ if (null == filterGroups
+ || groupInfo.name.toLowerCase().contains(filterGroups.toLowerCase())) {
+ stdout.println(groupInfo.name);
+ }
+ }
+ }
+ stdout.println("");
}
}
diff --git a/src/main/java/com/googlesource/gerrit/plugins/adminconsole/ShowRepoAccountAccessCommand.java b/src/main/java/com/googlesource/gerrit/plugins/adminconsole/ShowRepoAccountAccessCommand.java
index dca6eb9..6b59bc1 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/adminconsole/ShowRepoAccountAccessCommand.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/adminconsole/ShowRepoAccountAccessCommand.java
@@ -24,7 +24,6 @@
import com.google.gerrit.reviewdb.client.Account;
import com.google.gerrit.reviewdb.client.Account.Id;
import com.google.gerrit.reviewdb.client.Project;
-import com.google.gerrit.reviewdb.server.ReviewDb;
import com.google.gerrit.server.IdentifiedUser;
import com.google.gerrit.server.account.AccountResolver;
import com.google.gerrit.server.account.AccountResource;
@@ -33,7 +32,6 @@
import com.google.gerrit.server.git.ProjectConfig;
import com.google.gerrit.sshd.CommandMetaData;
import com.google.gerrit.sshd.SshCommand;
-import com.google.gwtorm.server.SchemaFactory;
import com.google.inject.Inject;
import com.google.inject.Provider;
import java.util.HashSet;
@@ -67,20 +65,17 @@
MetaDataUpdate.Server metaDataUpdateFactory,
Provider<GetGroups> accountGetGroups,
AccountResolver accountResolver,
- IdentifiedUser.GenericFactory userFactory,
- SchemaFactory<ReviewDb> schema) {
+ IdentifiedUser.GenericFactory userFactory) {
this.metaDataUpdateFactory = metaDataUpdateFactory;
this.accountGetGroups = accountGetGroups;
this.accountResolver = accountResolver;
this.userFactory = userFactory;
- this.schema = schema;
}
private final MetaDataUpdate.Server metaDataUpdateFactory;
private final AccountResolver accountResolver;
private final Provider<GetGroups> accountGetGroups;
private final IdentifiedUser.GenericFactory userFactory;
- private final SchemaFactory<ReviewDb> schema;
private int columns = 80;
private int permissionGroupWidth;
@@ -104,82 +99,80 @@
"You need to tell me who to find: LastName,\\\\ Firstname, email@address.com, account id or an user name. "
+ "Be sure to double-escape spaces, for example: \"show-repo-account-access All-Projects --user Last,\\\\ First\"");
}
- try (ReviewDb db = schema.open()) {
- Set<Id> idList = accountResolver.findAll(db, name);
- if (idList.isEmpty()) {
- throw new UnloggedFailure(
- 1,
- "No accounts found for your query: \""
- + name
- + "\""
- + " Tip: Try double-escaping spaces, for example: \"--user Last,\\\\ First\"");
- }
+ Set<Id> idList = accountResolver.findAll(name);
+ if (idList.isEmpty()) {
+ throw new UnloggedFailure(
+ 1,
+ "No accounts found for your query: \""
+ + name
+ + "\""
+ + " Tip: Try double-escaping spaces, for example: \"--user Last,\\\\ First\"");
+ }
- Project.NameKey nameKey = new Project.NameKey(projectName);
+ Project.NameKey nameKey = new Project.NameKey(projectName);
- try {
- MetaDataUpdate md = metaDataUpdateFactory.create(nameKey);
- ProjectConfig config;
- config = ProjectConfig.read(md);
+ try {
+ MetaDataUpdate md = metaDataUpdateFactory.create(nameKey);
+ ProjectConfig config;
+ config = ProjectConfig.read(md);
- permissionGroupWidth = wide ? Integer.MAX_VALUE : columns - 9 - 5 - 9;
+ permissionGroupWidth = wide ? Integer.MAX_VALUE : columns - 9 - 5 - 9;
- for (Id id : idList) {
- userHasPermissionsInProject = false;
- account = accountResolver.find(db, id.toString());
- stdout.println("Full name: " + account.getFullName());
- // Need to know what groups the user is in. This is not a great
- // solution, but it does work.
- List<GroupInfo> groupInfos =
- accountGetGroups.get().apply(new AccountResource(userFactory.create(id)));
- HashSet<String> groupHash = new HashSet<>();
+ for (Id id : idList) {
+ userHasPermissionsInProject = false;
+ account = accountResolver.find(id.toString());
+ stdout.println("Full name: " + account.getFullName());
+ // Need to know what groups the user is in. This is not a great
+ // solution, but it does work.
+ List<GroupInfo> groupInfos =
+ accountGetGroups.get().apply(new AccountResource(userFactory.create(id)));
+ HashSet<String> groupHash = new HashSet<>();
- for (GroupInfo groupInfo : groupInfos) {
- groupHash.add(groupInfo.name);
- }
+ for (GroupInfo groupInfo : groupInfos) {
+ groupHash.add(groupInfo.name);
+ }
- for (AccessSection accessSection : config.getAccessSections()) {
- StringBuilder sb = new StringBuilder();
- sb.append((String.format(sectionNameFormatter, accessSection.getName().toString())));
- // This is a solution to prevent displaying a section heading unless
- // the user has permissions for it
- // not the best solution, but I haven't been able to find
- // "Is user a member of this group" based on the information I have
- // in a more efficient manner yet.
- userHasPermissionsInSection = false;
- for (Permission permission : accessSection.getPermissions()) {
+ for (AccessSection accessSection : config.getAccessSections()) {
+ StringBuilder sb = new StringBuilder();
+ sb.append((String.format(sectionNameFormatter, accessSection.getName().toString())));
+ // This is a solution to prevent displaying a section heading unless
+ // the user has permissions for it
+ // not the best solution, but I haven't been able to find
+ // "Is user a member of this group" based on the information I have
+ // in a more efficient manner yet.
+ userHasPermissionsInSection = false;
+ for (Permission permission : accessSection.getPermissions()) {
- for (PermissionRule rule : permission.getRules()) {
+ for (PermissionRule rule : permission.getRules()) {
- if (groupHash.contains(rule.getGroup().getName())) {
- sb.append(String.format(ruleNameFormatter, permission.getName()));
- sb.append(
- String.format(
- permissionNameFormatter,
- (!rule.getMin().equals(rule.getMax()))
- ? "" + rule.getMin() + " " + rule.getMax()
- : rule.getAction(),
- (permission.getExclusiveGroup() ? "EXCLUSIVE" : ""),
- format(rule.getGroup().getName())));
- userHasPermissionsInSection = true;
- }
+ if (groupHash.contains(rule.getGroup().getName())) {
+ sb.append(String.format(ruleNameFormatter, permission.getName()));
+ sb.append(
+ String.format(
+ permissionNameFormatter,
+ (!rule.getMin().equals(rule.getMax()))
+ ? "" + rule.getMin() + " " + rule.getMax()
+ : rule.getAction(),
+ (permission.getExclusiveGroup() ? "EXCLUSIVE" : ""),
+ format(rule.getGroup().getName())));
+ userHasPermissionsInSection = true;
}
}
-
- if (userHasPermissionsInSection) {
- stdout.print(sb.toString());
-
- userHasPermissionsInProject = true;
- }
}
- if (!userHasPermissionsInProject) {
- stdout.println(" No access found for this user on this repository");
+ if (userHasPermissionsInSection) {
+ stdout.print(sb.toString());
+
+ userHasPermissionsInProject = true;
}
}
- } catch (RepositoryNotFoundException e) {
- throw new UnloggedFailure(1, "Repository not found");
+
+ if (!userHasPermissionsInProject) {
+ stdout.println(" No access found for this user on this repository");
+ }
}
+ } catch (RepositoryNotFoundException e) {
+ throw new UnloggedFailure(1, "Repository not found");
}
}