Fix: enable to add a user within a project's ACL using 'user/username' Currently, a user cannot be added to a project's ACL unless the user already has READ permission in the project's ACL. For example, a user cannot be given READ permission on refs/* if the user does not already has READ permission on refs/*. In other words, it is impossible to give READ permission of refs/* to an individual user. The fix is done by disabling the filter which prevents any user that does not have READ permission in the project's ACL from being added within the project's ACL. Verified using following steps: 1.Create a project with default configurations 2.Select the project and go to Access 3.Start typing 'user/' followed by a username at any refs for any permission type 4.Users containing the typed string is suggested for auto-completion 5.Choose a user to be added to the permission Change-Id: I7342e87d2f200d698e247a3c35f339d122aaea82
diff --git a/src/main/java/com/googlesource/gerrit/plugins/singleusergroup/SingleUserGroup.java b/src/main/java/com/googlesource/gerrit/plugins/singleusergroup/SingleUserGroup.java index 9d72b1b..3359865 100644 --- a/src/main/java/com/googlesource/gerrit/plugins/singleusergroup/SingleUserGroup.java +++ b/src/main/java/com/googlesource/gerrit/plugins/singleusergroup/SingleUserGroup.java
@@ -78,17 +78,13 @@ private final SchemaFactory<ReviewDb> schemaFactory; private final AccountCache accountCache; private final AccountControl.Factory accountControlFactory; - private final IdentifiedUser.GenericFactory userFactory; - @Inject SingleUserGroup(SchemaFactory<ReviewDb> schemaFactory, AccountCache accountCache, - AccountControl.Factory accountControlFactory, - IdentifiedUser.GenericFactory userFactory) { + AccountControl.Factory accountControlFactory) { this.schemaFactory = schemaFactory; this.accountCache = accountCache; this.accountControlFactory = accountControlFactory; - this.userFactory = userFactory; } @Override @@ -171,7 +167,7 @@ if (name.matches(ACCOUNT_ID_PATTERN)) { Account.Id id = new Account.Id(Integer.parseInt(name)); if (db.accounts().get(id) != null) { - add(matches, ids, ctl, project, id); + add(matches, ids, ctl, id); return matches; } } @@ -184,7 +180,7 @@ if (!e.getSchemeRest().startsWith(a)) { break; } - add(matches, ids, ctl, project, e.getAccountId()); + add(matches, ids, ctl, e.getAccountId()); } } @@ -192,14 +188,14 @@ if (!p.getFullName().startsWith(a)) { break; } - add(matches, ids, ctl, project, p.getId()); + add(matches, ids, ctl, p.getId()); } for (Account p : db.accounts().suggestByPreferredEmail(a, b, MAX)) { if (!p.getPreferredEmail().startsWith(a)) { break; } - add(matches, ids, ctl, project, p.getId()); + add(matches, ids, ctl, p.getId()); } for (AccountExternalId e : db.accountExternalIds() @@ -207,7 +203,7 @@ if (!e.getEmailAddress().startsWith(a)) { break; } - add(matches, ids, ctl, project, e.getAccountId()); + add(matches, ids, ctl, e.getAccountId()); } return matches; @@ -226,13 +222,13 @@ } private void add(List<GroupReference> matches, Set<Account.Id> ids, - AccountControl ctl, @Nullable ProjectControl project, Account.Id id) { + AccountControl ctl, Account.Id id) { if (!ids.add(id) || !ctl.canSee(id)) { return; } AccountState state = accountCache.get(id); - if (state == null || !isVisible(project, id)) { + if (state == null) { return; } @@ -245,11 +241,6 @@ matches.add(new GroupReference(uuid, nameOf(uuid, state))); } - private boolean isVisible(@Nullable ProjectControl project, Account.Id id) { - return project == null - || project.forUser(userFactory.create(id)).isVisible(); - } - private static String username(AccountGroup.UUID uuid) { checkUUID(uuid); return uuid.get().substring(UUID_PREFIX.length());