Merge branch 'stable-3.7' * stable-3.7: Compute projectName in GitCloneStep constructor Set parent project at creation time for imported repos from GitHub Disallow the discovery of other user's membership Revert "Set version 3.5.0.2" Change-Id: I7d4f5db1c936beb771f661fa3fe5c45b97d3c75b
diff --git a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/CreateProjectStep.java b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/CreateProjectStep.java index 870a13b..f25e6ee 100644 --- a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/CreateProjectStep.java +++ b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/CreateProjectStep.java
@@ -190,7 +190,6 @@ private void setProjectSettings() { projectConfig.updateProject( b -> { - b.setParent(config.getBaseProject(getRepository().isPrivate())); b.setDescription(description); b.setSubmitType(SubmitType.MERGE_IF_NECESSARY); b.setBooleanConfig(
diff --git a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/GitCloneStep.java b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/GitCloneStep.java index 02dfe87..0e0e72d 100644 --- a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/GitCloneStep.java +++ b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/GitCloneStep.java
@@ -16,6 +16,7 @@ import com.google.gerrit.entities.Project; import com.google.gerrit.extensions.api.GerritApi; import com.google.gerrit.extensions.api.changes.NotifyHandling; +import com.google.gerrit.extensions.api.projects.ProjectInput; import com.google.gerrit.extensions.events.ProjectDeletedListener; import com.google.gerrit.extensions.registration.DynamicSet; import com.google.gerrit.extensions.restapi.ResourceConflictException; @@ -52,6 +53,7 @@ private final DynamicSet<ProjectDeletedListener> deletedListeners; private final ProjectCache projectCache; private final GitRepositoryManager repoManager; + private final String projectName; public interface Factory { GitCloneStep create( @@ -79,15 +81,15 @@ this.context = context; this.organisation = organisation; this.repository = repository; - this.destinationDirectory = prepareTargetGitDirectory(gitDir, organisation, repository); + this.projectName = organisation + "/" + repository; + this.destinationDirectory = prepareTargetGitDirectory(gitDir, this.projectName); this.deletedListeners = deletedListeners; this.projectCache = projectCache; this.repoManager = repoManager; } - private static File prepareTargetGitDirectory(File gitDir, String organisation, String repository) + private static File prepareTargetGitDirectory(File gitDir, String projectName) throws GitException { - String projectName = organisation + "/" + repository; File repositoryDir = new File(gitDir, projectName + ".git"); if (repositoryDir.exists()) { throw new GitDestinationAlreadyExistsException(projectName); @@ -96,9 +98,11 @@ } private void createNewProject() throws GitException { - String projectName = organisation + "/" + repository; try (ManualRequestContext requestContext = context.openAs(config.importAccountId)) { - gerritApi.projects().create(projectName).get(); + ProjectInput pi = new ProjectInput(); + pi.name = projectName; + pi.parent = config.getBaseProject(getRepository().isPrivate()); + gerritApi.projects().create(pi).get(); } catch (ResourceConflictException e) { throw new GitDestinationAlreadyExistsException(projectName); } catch (RestApiException e) { @@ -136,7 +140,6 @@ } try { - String projectName = organisation + "/" + repository; Project.NameKey key = Project.nameKey(projectName); cleanJGitCache(key); FileUtils.deleteDirectory(gitDirectory);
diff --git a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/group/GitHubGroupBackend.java b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/group/GitHubGroupBackend.java index 5f74078..9e96c2b 100644 --- a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/group/GitHubGroupBackend.java +++ b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/group/GitHubGroupBackend.java
@@ -30,6 +30,7 @@ import com.google.gerrit.server.account.GroupMembership; import com.google.gerrit.server.project.ProjectState; import com.google.inject.Inject; +import com.google.inject.Provider; import java.util.Collection; import java.util.Collections; import java.util.Set; @@ -41,12 +42,16 @@ private static final Logger log = LoggerFactory.getLogger(GitHubGroupBackend.class); private final GitHubGroupMembership.Factory ghMembershipProvider; private final GitHubGroupsCache ghOrganisationCache; + private final Provider<CurrentUser> currentUserProvider; @Inject GitHubGroupBackend( - GitHubGroupMembership.Factory ghMembershipProvider, GitHubGroupsCache ghOrganisationCache) { + GitHubGroupMembership.Factory ghMembershipProvider, + GitHubGroupsCache ghOrganisationCache, + Provider<CurrentUser> currentUserProvider) { this.ghMembershipProvider = ghMembershipProvider; this.ghOrganisationCache = ghOrganisationCache; + this.currentUserProvider = currentUserProvider; } @Override @@ -112,6 +117,13 @@ @Override public GroupMembership membershipsOf(CurrentUser user) { + CurrentUser currentUser = currentUserProvider.get(); + if (!currentUser.isIdentifiedUser() + || !currentUser.asIdentifiedUser().getAccountId().equals(user.getAccountId())) { + // Do not allow to perform group discovery of other users + return GroupMembership.EMPTY; + } + String username = user.getUserName().orElse(null); if (Strings.isNullOrEmpty(username)) { return GroupMembership.EMPTY;