Merge branch 'stable-3.3'
* branch 'stable-3.3':
Upgrade bazlets to latest stable-3.1 to build with 3.1.12 API
Use username from notedb in serviceuser.db
Upgrade bazlets to latest stable-3.1 to build with 3.1.11 API
Change-Id: Idd35ba419e2d0e873092cb664918595ed8f7e350
diff --git a/BUILD b/BUILD
index 81b7851..d4074e0 100644
--- a/BUILD
+++ b/BUILD
@@ -1,9 +1,6 @@
-load("@npm//@bazel/rollup:index.bzl", "rollup_bundle")
-load("//tools/bzl:js.bzl", "polygerrit_plugin")
-load("//tools/bzl:genrule2.bzl", "genrule2")
-load("//tools/js:eslint.bzl", "eslint")
load("//tools/bzl:junit.bzl", "junit_tests")
load("//tools/bzl:plugin.bzl", "PLUGIN_DEPS", "PLUGIN_TEST_DEPS", "gerrit_plugin")
+load("//tools/js:eslint.bzl", "eslint")
gerrit_plugin(
name = "serviceuser",
@@ -14,7 +11,7 @@
"Gerrit-HttpModule: com.googlesource.gerrit.plugins.serviceuser.HttpModule",
"Gerrit-SshModule: com.googlesource.gerrit.plugins.serviceuser.SshModule",
],
- resource_jars = [":gr-serviceuser-static"],
+ resource_jars = ["//plugins/serviceuser/gr-serviceuser:serviceuser"],
resources = glob(["src/main/resources/**/*"]),
)
@@ -30,36 +27,6 @@
],
)
-genrule2(
- name = "gr-serviceuser-static",
- srcs = [":gr-serviceuser"],
- outs = ["gr-serviceuser-static.jar"],
- cmd = " && ".join([
- "mkdir $$TMP/static",
- "cp -r $(locations :gr-serviceuser) $$TMP/static",
- "cd $$TMP",
- "zip -Drq $$ROOT/$@ -g .",
- ]),
-)
-
-rollup_bundle(
- name = "serviceuser-bundle",
- srcs = glob(["gr-serviceuser/*.js"]),
- entry_point = "gr-serviceuser/gr-serviceuser.js",
- format = "iife",
- rollup_bin = "//tools/node_tools:rollup-bin",
- sourcemap = "hidden",
- deps = [
- "@tools_npm//rollup-plugin-node-resolve",
- ],
-)
-
-polygerrit_plugin(
- name = "gr-serviceuser",
- app = "serviceuser-bundle.js",
- plugin_name = "serviceuser",
-)
-
# Define the eslinter for the plugin
# The eslint macro creates 2 rules: lint_test and lint_bin
eslint(
diff --git a/gr-serviceuser/BUILD b/gr-serviceuser/BUILD
new file mode 100644
index 0000000..484aafa
--- /dev/null
+++ b/gr-serviceuser/BUILD
@@ -0,0 +1,14 @@
+load("//tools/bzl:js.bzl", "gerrit_js_bundle")
+
+package(default_visibility = [":visibility"])
+
+package_group(
+ name = "visibility",
+ packages = ["//plugins/serviceuser/..."],
+)
+
+gerrit_js_bundle(
+ name = "serviceuser",
+ srcs = glob(["*.js"]),
+ entry_point = "gr-serviceuser.js",
+)
diff --git a/gr-serviceuser/gr-serviceuser-create_html.js b/gr-serviceuser/gr-serviceuser-create_html.js
index 86f2473..338ae7e 100644
--- a/gr-serviceuser/gr-serviceuser-create_html.js
+++ b/gr-serviceuser/gr-serviceuser-create_html.js
@@ -18,6 +18,7 @@
export const htmlTemplate = Polymer.html`
<style include="shared-styles"></style>
<style include="gr-subpage-styles"></style>
+ <style include="gr-font-styles"></style>
<style include="gr-form-styles"></style>
<style>
main {
diff --git a/gr-serviceuser/gr-serviceuser-detail.js b/gr-serviceuser/gr-serviceuser-detail.js
index fa8fd32..c757b0c 100644
--- a/gr-serviceuser/gr-serviceuser-detail.js
+++ b/gr-serviceuser/gr-serviceuser-detail.js
@@ -135,7 +135,7 @@
}
_getPermissions() {
- return this.plugin.restApi().getAccountCapabilities(['administrateServer'])
+ return this.plugin.restApi('/accounts/self/capabilities/').get('')
.then(capabilities => {
this._isAdmin = capabilities && capabilities.administrateServer;
});
diff --git a/gr-serviceuser/gr-serviceuser-detail_html.js b/gr-serviceuser/gr-serviceuser-detail_html.js
index 0fe87f3..ecd2505 100644
--- a/gr-serviceuser/gr-serviceuser-detail_html.js
+++ b/gr-serviceuser/gr-serviceuser-detail_html.js
@@ -18,6 +18,7 @@
export const htmlTemplate = Polymer.html`
<style include="shared-styles"></style>
<style include="gr-subpage-styles"></style>
+ <style include="gr-font-styles"></style>
<style include="gr-form-styles"></style>
<style>
div.serviceuser-detail {
diff --git a/gr-serviceuser/gr-serviceuser-list_html.js b/gr-serviceuser/gr-serviceuser-list_html.js
index ae0ff2f..a6e19ff 100644
--- a/gr-serviceuser/gr-serviceuser-list_html.js
+++ b/gr-serviceuser/gr-serviceuser-list_html.js
@@ -17,6 +17,7 @@
export const htmlTemplate = Polymer.html`
<style include="shared-styles"></style>
+ <style include="gr-font-styles"></style>
<style include="gr-table-styles"></style>
<style>
.topHeader {
diff --git a/gr-serviceuser/gr-serviceuser.js b/gr-serviceuser/gr-serviceuser.js
index c6624a6..81b7329 100644
--- a/gr-serviceuser/gr-serviceuser.js
+++ b/gr-serviceuser/gr-serviceuser.js
@@ -20,10 +20,7 @@
import {GrServiceUserCreate} from './gr-serviceuser-create.js';
Gerrit.install(plugin => {
- plugin.restApi()
- .getAccountCapabilities([
- 'administrateServer',
- 'serviceuser-createServiceUser'])
+ plugin.restApi('/accounts/self/capabilities/').get('')
.then(capabilities => {
if (capabilities
&& (capabilities.administrateServer
diff --git a/src/main/java/com/googlesource/gerrit/plugins/serviceuser/GetConfig.java b/src/main/java/com/googlesource/gerrit/plugins/serviceuser/GetConfig.java
index 3cca663..c4aa9e1 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/serviceuser/GetConfig.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/serviceuser/GetConfig.java
@@ -16,6 +16,7 @@
import com.google.common.base.Strings;
import com.google.gerrit.entities.AccountGroup;
+import com.google.gerrit.entities.InternalGroup;
import com.google.gerrit.extensions.annotations.PluginName;
import com.google.gerrit.extensions.common.GroupInfo;
import com.google.gerrit.extensions.restapi.Response;
@@ -24,7 +25,6 @@
import com.google.gerrit.server.config.ConfigResource;
import com.google.gerrit.server.config.PluginConfig;
import com.google.gerrit.server.config.PluginConfigFactory;
-import com.google.gerrit.server.group.InternalGroup;
import com.google.gerrit.server.group.InternalGroupDescription;
import com.google.gerrit.server.permissions.PermissionBackendException;
import com.google.gerrit.server.restapi.group.GroupJson;
@@ -67,6 +67,7 @@
info.onSuccess = Strings.emptyToNull(cfg.getString("onSuccessMessage"));
info.allowEmail = toBoolean(cfg.getBoolean("allowEmail", false));
info.allowHttpPassword = toBoolean(cfg.getBoolean("allowHttpPassword", false));
+ info.allowCustomHttpPassword = toBoolean(cfg.getBoolean("allowCustomHttpPassword", false));
info.allowOwner = toBoolean(cfg.getBoolean("allowOwner", false));
info.createNotes = toBoolean(cfg.getBoolean("createNotes", true));
info.createNotesAsync = toBoolean(cfg.getBoolean("createNotesAsync", false));
@@ -100,6 +101,7 @@
public String onSuccess;
public Boolean allowEmail;
public Boolean allowHttpPassword;
+ public Boolean allowCustomHttpPassword;
public Boolean allowOwner;
public Boolean createNotes;
public Boolean createNotesAsync;
diff --git a/src/main/java/com/googlesource/gerrit/plugins/serviceuser/HttpModule.java b/src/main/java/com/googlesource/gerrit/plugins/serviceuser/HttpModule.java
index 650eba6..d551473 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/serviceuser/HttpModule.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/serviceuser/HttpModule.java
@@ -22,7 +22,6 @@
public class HttpModule extends AbstractModule {
@Override
protected void configure() {
- DynamicSet.bind(binder(), WebUiPlugin.class)
- .toInstance(new JavaScriptPlugin("serviceuser.js"));
+ DynamicSet.bind(binder(), WebUiPlugin.class).toInstance(new JavaScriptPlugin("serviceuser.js"));
}
}
diff --git a/src/main/java/com/googlesource/gerrit/plugins/serviceuser/PutHttpPassword.java b/src/main/java/com/googlesource/gerrit/plugins/serviceuser/PutHttpPassword.java
index 4ff0525..16cfab8 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/serviceuser/PutHttpPassword.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/serviceuser/PutHttpPassword.java
@@ -28,6 +28,7 @@
import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;
+import com.googlesource.gerrit.plugins.serviceuser.GetConfig.ConfigInfo;
import com.googlesource.gerrit.plugins.serviceuser.PutHttpPassword.Input;
import java.io.IOException;
import org.eclipse.jgit.errors.ConfigInvalidException;
@@ -65,19 +66,19 @@
}
input.httpPassword = Strings.emptyToNull(input.httpPassword);
- Boolean httpPasswordAllowed;
+ ConfigInfo config;
try {
- httpPasswordAllowed = getConfig.get().apply(new ConfigResource()).value().allowHttpPassword;
+ config = getConfig.get().apply(new ConfigResource()).value();
} catch (Exception e) {
throw asRestApiException("Cannot get configuration", e);
}
- if (input.generate || input.httpPassword == null) {
- if ((httpPasswordAllowed == null || !httpPasswordAllowed)) {
+ if ((config.allowHttpPassword == null || !config.allowHttpPassword)) {
+ permissionBackend.user(self.get()).check(ADMINISTRATE_SERVER);
+ } else if (!input.generate && input.httpPassword != null) {
+ if ((config.allowCustomHttpPassword == null || !config.allowCustomHttpPassword)) {
permissionBackend.user(self.get()).check(ADMINISTRATE_SERVER);
}
- } else {
- permissionBackend.user(self.get()).check(ADMINISTRATE_SERVER);
}
String newPassword = input.generate ? generate() : input.httpPassword;
diff --git a/src/main/resources/Documentation/config.md b/src/main/resources/Documentation/config.md
index aa2e4b5..b66c181 100644
--- a/src/main/resources/Documentation/config.md
+++ b/src/main/resources/Documentation/config.md
@@ -59,6 +59,15 @@
passwords for any service user.
By default false.
+<a id="allowCustomHttpPassword"></a>
+`plugin.@PLUGIN@.allowCustomHttpPassword`
+: Whether it is allowed for service user owners to set custom HTTP
+ passwords for their service users. This option requires
+ `plugin.@PLUGIN@.allowHttpPassword` to be true. Independent of this
+ setting Gerrit administrators are always able to set custom HTTP
+ passwords for any service user.
+ By default false.
+
<a id="allowOwner"></a>
`plugin.@PLUGIN@.allowOwner`
: Whether it is allowed to set an owner group for a service user.
