Fix handling of interactive/batch users in the QoS filter

For the git-over-http requests this filter didn't work properly because the
basic authentication happened later in the filter chain and at the moment when
the ProjectQoSFilter was invoked the current user was not yet set.  Therefore,
the current user was always AnonymousUser in this filter and, by default, it
always used the interactive queue type. The sshd.batchThreads [1] setting didn't
work as documented i.e. to define the max number of Git requests for batch
users over SSH and HTTP together.

Bind ProjectQoSFilter after the ProjectBasicAuthFilter which is bound from the
GitOverHttpModule so that the current user is authenticated when the
ProjectQoSFilter is reached.

[1] https://gerrit-review.googlesource.com/Documentation/config-gerrit.html#sshd.batchThreads

Change-Id: I0a5a70a5ee2d6416b69aa3ab4e4c55640bca8670

1 files changed, 3 insertions, 3 deletions

diff --git a/java/com/google/gerrit/pgm/Daemon.java b/java/com/google/gerrit/pgm/Daemon.java
index b08842ed57..591297335a 100644
--- a/java/com/google/gerrit/pgm/Daemon.java
+++ b/java/com/google/gerrit/pgm/Daemon.java
@@ -579,14 +579,14 @@ public class Daemon extends SiteProgram {
 
   private Injector createWebInjector() {
     final List<Module> modules = new ArrayList<>();
-    if (sshd) {
-      modules.add(new ProjectQoSFilter.Module());
-    }
     modules.add(RequestContextFilter.module());
     modules.add(RequestMetricsFilter.module());
     modules.add(H2CacheBasedWebSession.module());
     modules.add(sysInjector.getInstance(GerritAuthModule.class));
     modules.add(sysInjector.getInstance(GitOverHttpModule.class));
+    if (sshd) {
+      modules.add(new ProjectQoSFilter.Module());
+    }
     modules.add(AllRequestFilter.module());
     modules.add(sysInjector.getInstance(WebModule.class));
     modules.add(sysInjector.getInstance(RequireSslFilter.Module.class));