commit 1dedb872196767c2f1aa5f9407434e136ffc8c72
author Luca Milanesio <luca.milanesio@gmail.com> Mon Oct 26 21:03:08 2020 +0000
committer Luca Milanesio <luca.milanesio@gmail.com> Mon Oct 26 21:03:08 2020 +0000
tree 823f55943b27cd7afa97cb1e3d46a9b2362d36e2
parent 51cf01410742f827a76b58293517d3a87c765fc7
parent 110895f9a5a611ce1fdc00e5fb03c2e7e5845799

Merge branch 'stable-2.14' into stable-2.15

* stable-2.14:
  Add option to exclude metrics

Change-Id: I91aaeaf3e0d9c7bb2e58a03c13f4e2ef7d77f651

pom.xml

diff --git a/pom.xml b/pom.xml
index 15a4f17..e2b7b28 100644
--- a/pom.xml
+++ b/pom.xml
@@ -23,7 +23,7 @@
   <artifactId>metrics-reporter-prometheus</artifactId>
   <name>metrics-reporter-prometheus</name>
   <packaging>jar</packaging>
-  <version>2.14</version>
+  <version>2.15</version>
   <properties>
     <Gerrit-ApiType>plugin</Gerrit-ApiType>
     <Gerrit-ApiVersion>${project.version}</Gerrit-ApiVersion>

src/main/java/com/googlesource/gerrit/plugins/metricsreporters/CapabilityChecker.java

diff --git a/src/main/java/com/googlesource/gerrit/plugins/metricsreporters/CapabilityChecker.java b/src/main/java/com/googlesource/gerrit/plugins/metricsreporters/CapabilityChecker.java
index ccb9d92..ae7bc93 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/metricsreporters/CapabilityChecker.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/metricsreporters/CapabilityChecker.java
@@ -13,24 +13,45 @@
 // limitations under the License.
 package com.googlesource.gerrit.plugins.metricsreporters;
 
+import com.google.common.collect.ImmutableSet;
 import com.google.gerrit.extensions.annotations.PluginName;
+import com.google.gerrit.extensions.api.access.PluginPermission;
+import com.google.gerrit.extensions.restapi.AuthException;
 import com.google.gerrit.server.CurrentUser;
-import com.google.gerrit.server.account.CapabilityControl;
+import com.google.gerrit.server.permissions.GlobalPermission;
+import com.google.gerrit.server.permissions.PermissionBackend;
+import com.google.gerrit.server.permissions.PermissionBackendException;
 import com.google.inject.Inject;
 import com.google.inject.Provider;
+import com.google.inject.Singleton;
 
+@Singleton
 public class CapabilityChecker {
+  private final PermissionBackend permissionBackend;
   private final Provider<CurrentUser> userProvider;
-  private final String capabilityName;
+  private final String pluginName;
 
   @Inject
-  CapabilityChecker(Provider<CurrentUser> userProvider, @PluginName String pluginName) {
+  CapabilityChecker(
+      PermissionBackend permissionBackend,
+      Provider<CurrentUser> userProvider,
+      @PluginName String pluginName) {
+    this.permissionBackend = permissionBackend;
     this.userProvider = userProvider;
-    this.capabilityName = String.format("%s-%s", pluginName, ViewMetricsCapability.ID);
+    this.pluginName = pluginName;
   }
 
   public boolean canViewMetrics() {
-    CapabilityControl ctl = userProvider.get().getCapabilities();
-    return ctl.canAdministrateServer() || ctl.canPerform(capabilityName);
+    try {
+      permissionBackend
+          .user(userProvider)
+          .checkAny(
+              ImmutableSet.of(
+                  GlobalPermission.ADMINISTRATE_SERVER,
+                  new PluginPermission(pluginName, ViewMetricsCapability.ID)));
+      return true;
+    } catch (AuthException | PermissionBackendException e) {
+      return false;
+    }
   }
 }