Fix calculation of project owners

When calculating the owners of a project the ref pattern to which the OWN access rights are assigned are ignored and the inherited OWN access rights are also not taken into account. There are two use-cases for which the owners of a project must be calculated: 1. e-mail notification for project owners about new changes: This e-mail notification should only be sent to the local project owners (the groups to which the OWN access right is assigned on this project). In case there are no local owners for a project this e-mail notification should be sent to the local owners of the nearest parent project that has local owners. 2. resolving of the system group 'Project Owners': The 'Project Owners' system group should be resolved to all groups that are allowed to administrate the project. These are the local owners plus the inherited owners. For both use cases we have to filter the OWN access rights to only those access rights that are assigned for the ref pattern 'refs/*'. This change implements the logic described above. Change-Id: Ib90014caf628db00250694f00741076db0492113 Signed-off-by: Edwin Kempin <edwin.kempin@sap.com>
author: Edwin Kempin <edwin.kempin@sap.com> 2011-01-24 11:00:42 +0100
committer: Shawn O. Pearce <sop@google.com> 2011-05-19 10:24:30 -0700
commit: 5ad271d039d4d09c7d094ef1f86e0ce5400a2c5c (patch)
tree: f4ecbe3c1dbcd47ffd520aef73cba8f85a632fee
parent: b1901c07979a54ae497b2579a44540c15ddd9b0a (diff)
2 files changed, 39 insertions, 5 deletions
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/project/ProjectState.java b/gerrit-server/src/main/java/com/google/gerrit/server/project/ProjectState.java
index 68e80ee881..0b8e83a188 100644
--- a/gerrit-server/src/main/java/com/google/gerrit/server/project/ProjectState.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/project/ProjectState.java
@@ -46,7 +46,7 @@ public class ProjectState {
 
   private final Project project;
   private final Collection<RefRight> localRights;
-  private final Set<AccountGroup.Id> owners;
+  private final Set<AccountGroup.Id> localOwners;
 
   private volatile Collection<RefRight> inheritedRights;
 
@@ -78,11 +78,12 @@ public class ProjectState {
     final HashSet<AccountGroup.Id> groups = new HashSet<AccountGroup.Id>();
     for (final RefRight right : rights) {
       if (ApprovalCategory.OWN.equals(right.getApprovalCategoryId())
-          && right.getMaxValue() > 0) {
+          && right.getMaxValue() > 0
+          && right.getRefPattern().equals(RefRight.ALL)) {
         groups.add(right.getAccountGroupId());
       }
     }
-    owners = Collections.unmodifiableSet(groups);
+    localOwners = Collections.unmodifiableSet(groups);
   }
 
   public Project getProject() {
@@ -209,8 +210,41 @@ public class ProjectState {
     return project.getNameKey().equals(wildProject);
   }
 
+  /**
+   * @return all {@link AccountGroup}'s to which the owner privilege for
+   *         'refs/*' is assigned for this project (the local owners), if there
+   *         are no local owners the local owners of the nearest parent project
+   *         that has local owners are returned
+   */
   public Set<AccountGroup.Id> getOwners() {
-    return owners;
+    if (!localOwners.isEmpty() || isSpecialWildProject()
+        || project.getParent() == null) {
+      return localOwners;
+    }
+
+    final ProjectState parent = projectCache.get(project.getParent());
+    if (parent != null) {
+      return parent.getOwners();
+    }
+
+    return Collections.emptySet();
+  }
+
+  /**
+   * @return all {@link AccountGroup}'s that are allowed to administrate the
+   *         complete project. This includes all groups to which the owner
+   *         privilege for 'refs/*' is assigned for this project (the local
+   *         owners) and all groups to which the owner privilege for 'refs/*' is
+   *         assigned for one of the parent projects (the inherited owners).
+   */
+  public Set<AccountGroup.Id> getAllOwners() {
+    final HashSet<AccountGroup.Id> owners = new HashSet<AccountGroup.Id>();
+    for (final RefRight right : getAllRights(ApprovalCategory.OWN, true)) {
+      if (right.getMaxValue() > 0 && right.getRefPattern().equals(RefRight.ALL)) {
+        owners.add(right.getAccountGroupId());
+      }
+    }
+    return Collections.unmodifiableSet(owners);
   }
 
   public ProjectControl controlForAnonymousUser() {
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/project/RefControl.java b/gerrit-server/src/main/java/com/google/gerrit/server/project/RefControl.java
index 4c9d0a4e8f..8ddf5850d0 100644
--- a/gerrit-server/src/main/java/com/google/gerrit/server/project/RefControl.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/project/RefControl.java
@@ -539,7 +539,7 @@ public class RefControl {
   private Set<RefRight> resolveOwnerGroups(final RefRight refRight) {
     final Set<RefRight> resolvedRefRights = new HashSet<RefRight>();
     if (refRight.getAccountGroupId().equals(systemConfig.ownerGroupId)) {
-      for (final AccountGroup.Id ownerGroup : getProjectState().getOwners()) {
+      for (final AccountGroup.Id ownerGroup : getProjectState().getAllOwners()) {
         if (!ownerGroup.equals(systemConfig.ownerGroupId)) {
           resolvedRefRights.add(new RefRight(refRight, ownerGroup));
         }
author	Edwin Kempin <edwin.kempin@sap.com>	2011-01-24 11:00:42 +0100
committer	Shawn O. Pearce <sop@google.com>	2011-05-19 10:24:30 -0700
commit	5ad271d039d4d09c7d094ef1f86e0ce5400a2c5c (patch)
tree	f4ecbe3c1dbcd47ffd520aef73cba8f85a632fee
parent	b1901c07979a54ae497b2579a44540c15ddd9b0a (diff)