Merge "Don't support checks for change edits"
diff --git a/java/com/google/gerrit/plugins/checks/acceptance/AbstractCheckersTest.java b/java/com/google/gerrit/plugins/checks/acceptance/AbstractCheckersTest.java
index de02574..e476537 100644
--- a/java/com/google/gerrit/plugins/checks/acceptance/AbstractCheckersTest.java
+++ b/java/com/google/gerrit/plugins/checks/acceptance/AbstractCheckersTest.java
@@ -14,15 +14,19 @@
package com.google.gerrit.plugins.checks.acceptance;
+import static com.google.gerrit.acceptance.testsuite.project.TestProjectUpdate.allowCapability;
+
import com.google.gerrit.acceptance.LightweightPluginDaemonTest;
import com.google.gerrit.acceptance.ProjectResetter;
import com.google.gerrit.acceptance.TestPlugin;
+import com.google.gerrit.acceptance.testsuite.project.ProjectOperations;
import com.google.gerrit.plugins.checks.CheckerRef;
import com.google.gerrit.plugins.checks.acceptance.testsuite.CheckOperations;
import com.google.gerrit.plugins.checks.acceptance.testsuite.CheckerOperations;
import com.google.gerrit.plugins.checks.api.Checkers;
import com.google.gerrit.plugins.checks.api.ChecksFactory;
import com.google.gerrit.plugins.checks.api.PendingChecks;
+import com.google.inject.Inject;
import org.junit.Before;
// TODO(dborowitz): Improve the plugin test framework so we can avoid subclassing:
@@ -34,6 +38,8 @@
sysModule = "com.google.gerrit.plugins.checks.acceptance.TestModule",
httpModule = "com.google.gerrit.plugins.checks.HttpModule")
public class AbstractCheckersTest extends LightweightPluginDaemonTest {
+ @Inject protected ProjectOperations projectOperations;
+
protected CheckerOperations checkerOperations;
protected CheckOperations checkOperations;
protected Checkers checkersApi;
@@ -54,6 +60,12 @@
checksApiFactory = plugin.getHttpInjector().getInstance(ChecksFactory.class);
pendingChecksApi = plugin.getHttpInjector().getInstance(PendingChecks.class);
- allowGlobalCapabilities(group("Administrators").getGroupUUID(), "checks-administrateCheckers");
+ projectOperations
+ .project(allProjects)
+ .forUpdate()
+ .add(
+ allowCapability("checks-administrateCheckers")
+ .group(group("Administrators").getGroupUUID()))
+ .update();
}
}
diff --git a/javatests/com/google/gerrit/plugins/checks/acceptance/CheckerRefsIT.java b/javatests/com/google/gerrit/plugins/checks/acceptance/CheckerRefsIT.java
index ba9ac63..e87dd42 100644
--- a/javatests/com/google/gerrit/plugins/checks/acceptance/CheckerRefsIT.java
+++ b/javatests/com/google/gerrit/plugins/checks/acceptance/CheckerRefsIT.java
@@ -17,6 +17,8 @@
import static com.google.common.truth.Truth.assertThat;
import static com.google.gerrit.acceptance.GitUtil.deleteRef;
import static com.google.gerrit.acceptance.GitUtil.fetch;
+import static com.google.gerrit.acceptance.testsuite.project.TestProjectUpdate.allow;
+import static com.google.gerrit.acceptance.testsuite.project.TestProjectUpdate.allowLabel;
import static com.google.gerrit.server.group.SystemGroupBackend.REGISTERED_USERS;
import static com.google.gerrit.testing.GerritJUnit.assertThrows;
@@ -55,8 +57,12 @@
@Test
public void cannotCreateCheckerRef() throws Exception {
- grant(allProjects, CheckerRef.REFS_CHECKERS + "*", Permission.CREATE);
- grant(allProjects, CheckerRef.REFS_CHECKERS + "*", Permission.PUSH);
+ projectOperations
+ .project(allProjects)
+ .forUpdate()
+ .add(allow(Permission.CREATE).ref(CheckerRef.REFS_CHECKERS + "*").group(adminGroupUuid()))
+ .add(allow(Permission.PUSH).ref(CheckerRef.REFS_CHECKERS + "*").group(adminGroupUuid()))
+ .update();
String checkerRef = CheckerUuid.parse("test:my-checker").toRefName();
@@ -72,8 +78,12 @@
@Test
public void canCreateCheckerLikeRef() throws Exception {
- grant(project, CheckerRef.REFS_CHECKERS + "*", Permission.CREATE);
- grant(project, CheckerRef.REFS_CHECKERS + "*", Permission.PUSH);
+ projectOperations
+ .project(project)
+ .forUpdate()
+ .add(allow(Permission.CREATE).ref(CheckerRef.REFS_CHECKERS + "*").group(adminGroupUuid()))
+ .add(allow(Permission.PUSH).ref(CheckerRef.REFS_CHECKERS + "*").group(adminGroupUuid()))
+ .update();
String checkerRef = CheckerUuid.parse("test:my-checker").toRefName();
@@ -89,7 +99,15 @@
@Test
public void cannotDeleteCheckerRef() throws Exception {
- grant(allProjects, CheckerRef.REFS_CHECKERS + "*", Permission.DELETE, true, REGISTERED_USERS);
+ projectOperations
+ .project(allProjects)
+ .forUpdate()
+ .add(
+ allow(Permission.DELETE)
+ .ref(CheckerRef.REFS_CHECKERS + "*")
+ .group(REGISTERED_USERS)
+ .force(true))
+ .update();
CheckerUuid checkerUuid = checkerOperations.newChecker().create();
String checkerRef = checkerUuid.toRefName();
@@ -107,11 +125,17 @@
@Test
public void canDeleteCheckerLikeRef() throws Exception {
- grant(project, CheckerRef.REFS_CHECKERS + "*", Permission.DELETE, true, REGISTERED_USERS);
-
String checkerRef = CheckerUuid.parse("foo:bar").toRefName();
-
- allow(checkerRef, Permission.CREATE, adminGroupUuid());
+ projectOperations
+ .project(project)
+ .forUpdate()
+ .add(
+ allow(Permission.DELETE)
+ .ref(CheckerRef.REFS_CHECKERS + "*")
+ .group(REGISTERED_USERS)
+ .force(true))
+ .add(allow(Permission.CREATE).ref(checkerRef).group(adminGroupUuid()))
+ .update();
createBranch(BranchNameKey.create(project, checkerRef));
// checker ref can be deleted in any project except All-Projects
@@ -134,7 +158,11 @@
fetch(repo, checkerRef + ":checkerRef");
repo.reset("checkerRef");
- grant(allProjects, CheckerRef.REFS_CHECKERS + "*", Permission.PUSH);
+ projectOperations
+ .project(allProjects)
+ .forUpdate()
+ .add(allow(Permission.PUSH).ref(CheckerRef.REFS_CHECKERS + "*").group(adminGroupUuid()))
+ .update();
PushOneCommit.Result r = pushFactory.create(admin.newIdent(), repo).to(checkerRef);
r.assertErrorStatus();
r.assertMessage("direct update of checker ref not allowed");
@@ -144,14 +172,22 @@
public void updateCheckerLikeRefByPush() throws Exception {
String checkerRef = CheckerUuid.parse("foo:bar").toRefName();
- allow(checkerRef, Permission.CREATE, adminGroupUuid());
+ projectOperations
+ .project(project)
+ .forUpdate()
+ .add(allow(Permission.CREATE).ref(checkerRef).group(adminGroupUuid()))
+ .update();
createBranch(BranchNameKey.create(project, checkerRef));
TestRepository<InMemoryRepository> repo = cloneProject(project, admin);
fetch(repo, checkerRef + ":checkerRef");
repo.reset("checkerRef");
- grant(project, CheckerRef.REFS_CHECKERS + "*", Permission.PUSH);
+ projectOperations
+ .project(project)
+ .forUpdate()
+ .add(allow(Permission.PUSH).ref(CheckerRef.REFS_CHECKERS + "*").group(adminGroupUuid()))
+ .update();
PushOneCommit.Result r = pushFactory.create(admin.newIdent(), repo).to(checkerRef);
r.assertOkStatus();
}
@@ -162,11 +198,22 @@
String checkerRef = checkerUuid.toRefName();
String changeId = createChangeWithoutCommitValidation(allProjects, checkerRef);
- grantLabel(
- "Code-Review", -2, 2, allProjects, CheckerRef.REFS_CHECKERS + "*", adminGroupUuid(), false);
+ projectOperations
+ .project(allProjects)
+ .forUpdate()
+ .add(
+ allowLabel("Code-Review")
+ .ref(CheckerRef.REFS_CHECKERS + "*")
+ .group(adminGroupUuid())
+ .range(-2, 2))
+ .update();
approve(changeId);
- grant(allProjects, CheckerRef.REFS_CHECKERS + "*", Permission.SUBMIT);
+ projectOperations
+ .project(allProjects)
+ .forUpdate()
+ .add(allow(Permission.SUBMIT).ref(CheckerRef.REFS_CHECKERS + "*").group(adminGroupUuid()))
+ .update();
ResourceConflictException thrown =
assertThrows(
@@ -178,16 +225,31 @@
public void submitToCheckerLikeRef() throws Exception {
String checkerRef = CheckerUuid.parse("foo:bar").toRefName();
- allow(checkerRef, Permission.CREATE, adminGroupUuid());
+ projectOperations
+ .project(project)
+ .forUpdate()
+ .add(allow(Permission.CREATE).ref(checkerRef).group(adminGroupUuid()))
+ .update();
createBranch(BranchNameKey.create(project, checkerRef));
String changeId = createChangeWithoutCommitValidation(project, checkerRef);
- grantLabel(
- "Code-Review", -2, 2, project, CheckerRef.REFS_CHECKERS + "*", adminGroupUuid(), false);
+ projectOperations
+ .project(project)
+ .forUpdate()
+ .add(
+ allowLabel("Code-Review")
+ .ref(CheckerRef.REFS_CHECKERS + "*")
+ .group(adminGroupUuid())
+ .range(-2, 2))
+ .update();
approve(changeId);
- grant(project, CheckerRef.REFS_CHECKERS + "*", Permission.SUBMIT);
+ projectOperations
+ .project(project)
+ .forUpdate()
+ .add(allow(Permission.SUBMIT).ref(CheckerRef.REFS_CHECKERS + "*").group(adminGroupUuid()))
+ .update();
// submitting to a checker ref should work in any project except All-Projects
gApi.changes().id(changeId).current().submit();
@@ -204,7 +266,11 @@
fetch(repo, checkerRef + ":checkerRef");
repo.reset("checkerRef");
- grant(allProjects, CheckerRef.REFS_CHECKERS + "*", Permission.PUSH);
+ projectOperations
+ .project(allProjects)
+ .forUpdate()
+ .add(allow(Permission.PUSH).ref(CheckerRef.REFS_CHECKERS + "*").group(adminGroupUuid()))
+ .update();
PushOneCommit.Result r =
pushFactory.create(admin.newIdent(), repo).to("refs/for/" + checkerRef);
r.assertErrorStatus();
@@ -215,7 +281,11 @@
public void createChangeForCheckerLikeRefByPush() throws Exception {
String checkerRef = CheckerUuid.parse("foo:bar").toRefName();
- allow(checkerRef, Permission.CREATE, adminGroupUuid());
+ projectOperations
+ .project(project)
+ .forUpdate()
+ .add(allow(Permission.CREATE).ref(checkerRef).group(adminGroupUuid()))
+ .update();
createBranch(BranchNameKey.create(project, checkerRef));
TestRepository<InMemoryRepository> repo = cloneProject(project, admin);
@@ -223,7 +293,11 @@
repo.reset("checkerRef");
// creating a change on a checker ref by push should work in any project except All-Projects
- grant(project, CheckerRef.REFS_CHECKERS + "*", Permission.PUSH);
+ projectOperations
+ .project(project)
+ .forUpdate()
+ .add(allow(Permission.PUSH).ref(CheckerRef.REFS_CHECKERS + "*").group(adminGroupUuid()))
+ .update();
PushOneCommit.Result r =
pushFactory.create(admin.newIdent(), repo).to("refs/for/" + checkerRef);
r.assertOkStatus();
@@ -254,7 +328,11 @@
public void createChangeForCheckerLikeRefViaApi() throws Exception {
String checkerRef = CheckerUuid.parse("foo:bar").toRefName();
- allow(checkerRef, Permission.CREATE, adminGroupUuid());
+ projectOperations
+ .project(project)
+ .forUpdate()
+ .add(allow(Permission.CREATE).ref(checkerRef).group(adminGroupUuid()))
+ .update();
createBranch(BranchNameKey.create(project, checkerRef));
TestRepository<InMemoryRepository> repo = cloneProject(project, admin);
diff --git a/javatests/com/google/gerrit/plugins/checks/acceptance/api/QueryPendingChecksIT.java b/javatests/com/google/gerrit/plugins/checks/acceptance/api/QueryPendingChecksIT.java
index 3586930..5bfbee0 100644
--- a/javatests/com/google/gerrit/plugins/checks/acceptance/api/QueryPendingChecksIT.java
+++ b/javatests/com/google/gerrit/plugins/checks/acceptance/api/QueryPendingChecksIT.java
@@ -15,6 +15,8 @@
package com.google.gerrit.plugins.checks.acceptance.api;
import static com.google.common.truth.Truth.assertThat;
+import static com.google.gerrit.acceptance.testsuite.project.TestProjectUpdate.allow;
+import static com.google.gerrit.acceptance.testsuite.project.TestProjectUpdate.block;
import static com.google.gerrit.plugins.checks.testing.PendingChecksInfoSubject.assertThat;
import static com.google.gerrit.server.group.SystemGroupBackend.REGISTERED_USERS;
import static com.google.gerrit.testing.GerritJUnit.assertThrows;
@@ -33,7 +35,6 @@
import com.google.gerrit.plugins.checks.api.PendingCheckInfo;
import com.google.gerrit.plugins.checks.api.PendingChecksInfo;
import com.google.gerrit.reviewdb.client.PatchSet;
-import com.google.gerrit.server.project.testing.Util;
import com.google.gerrit.testing.TestTimeUtil;
import com.google.gson.reflect.TypeToken;
import com.google.inject.Inject;
@@ -579,11 +580,12 @@
@Test
public void pendingChecksDontIncludeChecksForNonVisibleChanges() throws Exception {
// restrict project visibility so that it is only visible to administrators
- try (ProjectConfigUpdate u = updateProject(project)) {
- Util.allow(u.getConfig(), Permission.READ, adminGroupUuid(), "refs/*");
- Util.block(u.getConfig(), Permission.READ, REGISTERED_USERS, "refs/*");
- u.save();
- }
+ projectOperations
+ .project(project)
+ .forUpdate()
+ .add(allow(Permission.READ).ref("refs/*").group(adminGroupUuid()))
+ .add(block(Permission.READ).ref("refs/*").group(REGISTERED_USERS))
+ .update();
CheckerUuid checkerUuid = checkerOperations.newChecker().repository(project).create();
checkOperations