Merge branch 'stable-3.7'
* stable-3.7:
Compute projectName in GitCloneStep constructor
Set parent project at creation time for imported repos from GitHub
Disallow the discovery of other user's membership
Revert "Set version 3.5.0.2"
Change-Id: I7d4f5db1c936beb771f661fa3fe5c45b97d3c75b
diff --git a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/CreateProjectStep.java b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/CreateProjectStep.java
index 870a13b..f25e6ee 100644
--- a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/CreateProjectStep.java
+++ b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/CreateProjectStep.java
@@ -190,7 +190,6 @@
private void setProjectSettings() {
projectConfig.updateProject(
b -> {
- b.setParent(config.getBaseProject(getRepository().isPrivate()));
b.setDescription(description);
b.setSubmitType(SubmitType.MERGE_IF_NECESSARY);
b.setBooleanConfig(
diff --git a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/GitCloneStep.java b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/GitCloneStep.java
index 02dfe87..0e0e72d 100644
--- a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/GitCloneStep.java
+++ b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/git/GitCloneStep.java
@@ -16,6 +16,7 @@
import com.google.gerrit.entities.Project;
import com.google.gerrit.extensions.api.GerritApi;
import com.google.gerrit.extensions.api.changes.NotifyHandling;
+import com.google.gerrit.extensions.api.projects.ProjectInput;
import com.google.gerrit.extensions.events.ProjectDeletedListener;
import com.google.gerrit.extensions.registration.DynamicSet;
import com.google.gerrit.extensions.restapi.ResourceConflictException;
@@ -52,6 +53,7 @@
private final DynamicSet<ProjectDeletedListener> deletedListeners;
private final ProjectCache projectCache;
private final GitRepositoryManager repoManager;
+ private final String projectName;
public interface Factory {
GitCloneStep create(
@@ -79,15 +81,15 @@
this.context = context;
this.organisation = organisation;
this.repository = repository;
- this.destinationDirectory = prepareTargetGitDirectory(gitDir, organisation, repository);
+ this.projectName = organisation + "/" + repository;
+ this.destinationDirectory = prepareTargetGitDirectory(gitDir, this.projectName);
this.deletedListeners = deletedListeners;
this.projectCache = projectCache;
this.repoManager = repoManager;
}
- private static File prepareTargetGitDirectory(File gitDir, String organisation, String repository)
+ private static File prepareTargetGitDirectory(File gitDir, String projectName)
throws GitException {
- String projectName = organisation + "/" + repository;
File repositoryDir = new File(gitDir, projectName + ".git");
if (repositoryDir.exists()) {
throw new GitDestinationAlreadyExistsException(projectName);
@@ -96,9 +98,11 @@
}
private void createNewProject() throws GitException {
- String projectName = organisation + "/" + repository;
try (ManualRequestContext requestContext = context.openAs(config.importAccountId)) {
- gerritApi.projects().create(projectName).get();
+ ProjectInput pi = new ProjectInput();
+ pi.name = projectName;
+ pi.parent = config.getBaseProject(getRepository().isPrivate());
+ gerritApi.projects().create(pi).get();
} catch (ResourceConflictException e) {
throw new GitDestinationAlreadyExistsException(projectName);
} catch (RestApiException e) {
@@ -136,7 +140,6 @@
}
try {
- String projectName = organisation + "/" + repository;
Project.NameKey key = Project.nameKey(projectName);
cleanJGitCache(key);
FileUtils.deleteDirectory(gitDirectory);
diff --git a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/group/GitHubGroupBackend.java b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/group/GitHubGroupBackend.java
index 5f74078..9e96c2b 100644
--- a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/group/GitHubGroupBackend.java
+++ b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/group/GitHubGroupBackend.java
@@ -30,6 +30,7 @@
import com.google.gerrit.server.account.GroupMembership;
import com.google.gerrit.server.project.ProjectState;
import com.google.inject.Inject;
+import com.google.inject.Provider;
import java.util.Collection;
import java.util.Collections;
import java.util.Set;
@@ -41,12 +42,16 @@
private static final Logger log = LoggerFactory.getLogger(GitHubGroupBackend.class);
private final GitHubGroupMembership.Factory ghMembershipProvider;
private final GitHubGroupsCache ghOrganisationCache;
+ private final Provider<CurrentUser> currentUserProvider;
@Inject
GitHubGroupBackend(
- GitHubGroupMembership.Factory ghMembershipProvider, GitHubGroupsCache ghOrganisationCache) {
+ GitHubGroupMembership.Factory ghMembershipProvider,
+ GitHubGroupsCache ghOrganisationCache,
+ Provider<CurrentUser> currentUserProvider) {
this.ghMembershipProvider = ghMembershipProvider;
this.ghOrganisationCache = ghOrganisationCache;
+ this.currentUserProvider = currentUserProvider;
}
@Override
@@ -112,6 +117,13 @@
@Override
public GroupMembership membershipsOf(CurrentUser user) {
+ CurrentUser currentUser = currentUserProvider.get();
+ if (!currentUser.isIdentifiedUser()
+ || !currentUser.asIdentifiedUser().getAccountId().equals(user.getAccountId())) {
+ // Do not allow to perform group discovery of other users
+ return GroupMembership.EMPTY;
+ }
+
String username = user.getUserName().orElse(null);
if (Strings.isNullOrEmpty(username)) {
return GroupMembership.EMPTY;
