Fix 'force topic edit' permission to consider change owner rule

On closed changes, the permission to edit topic name currently
ignores the rule to allow the change owner. Fix this by updating
RefControl#canForceEditTopicName to require whether the user
is owner of the change.

Release-Notes: 'force topic edit' permission is fixed to work with change owner rule
Change-Id: I5d014dd44cf3a0cb4a84318ab69791376d41eb68

3 files changed, 19 insertions, 5 deletions

diff --git a/java/com/google/gerrit/server/permissions/ChangeControl.java b/java/com/google/gerrit/server/permissions/ChangeControl.java
index 37c773ac31..79ea9af893 100644
--- a/java/com/google/gerrit/server/permissions/ChangeControl.java
+++ b/java/com/google/gerrit/server/permissions/ChangeControl.java
@@ -150,7 +150,7 @@ class ChangeControl {
               Permission.EDIT_TOPIC_NAME) // user can edit topic on a specific ref
           || getProjectControl().isAdmin();
     }
-    return refControl.canForceEditTopicName();
+    return refControl.canForceEditTopicName(isOwner());
   }
 
   /** Can this user toggle WorkInProgress state? */
diff --git a/java/com/google/gerrit/server/permissions/RefControl.java b/java/com/google/gerrit/server/permissions/RefControl.java
index 6b51335fcf..484fa39d50 100644
--- a/java/com/google/gerrit/server/permissions/RefControl.java
+++ b/java/com/google/gerrit/server/permissions/RefControl.java
@@ -161,8 +161,8 @@ class RefControl {
   }
 
   /** Returns true if this user can force edit topic names. */
-  boolean canForceEditTopicName() {
-    return canPerform(Permission.EDIT_TOPIC_NAME, false, true);
+  boolean canForceEditTopicName(boolean isChangeOwner) {
+    return canPerform(Permission.EDIT_TOPIC_NAME, isChangeOwner, true);
   }
 
   /** Returns true if this user can delete changes. */
diff --git a/javatests/com/google/gerrit/server/permissions/RefControlTest.java b/javatests/com/google/gerrit/server/permissions/RefControlTest.java
index c5bef59e8a..43b0ebabad 100644
--- a/javatests/com/google/gerrit/server/permissions/RefControlTest.java
+++ b/javatests/com/google/gerrit/server/permissions/RefControlTest.java
@@ -981,6 +981,20 @@ public class RefControlTest {
   }
 
   @Test
+  public void changeOwnerEditTopicName() throws Exception {
+    projectOperations
+        .project(localKey)
+        .forUpdate()
+        .add(allow(EDIT_TOPIC_NAME).ref("refs/heads/*").group(CHANGE_OWNER).force(true))
+        .update();
+
+    ProjectControl u = user(localKey, DEVS);
+    assertWithMessage("u can edit topic name")
+        .that(u.controlForRef("refs/heads/master").canForceEditTopicName(true))
+        .isTrue();
+  }
+
+  @Test
   public void unblockForceEditTopicName() throws Exception {
     projectOperations
         .project(localKey)
@@ -991,7 +1005,7 @@ public class RefControlTest {
 
     ProjectControl u = user(localKey, DEVS);
     assertWithMessage("u can edit topic name")
-        .that(u.controlForRef("refs/heads/master").canForceEditTopicName())
+        .that(u.controlForRef("refs/heads/master").canForceEditTopicName(false))
         .isTrue();
   }
 
@@ -1010,7 +1024,7 @@ public class RefControlTest {
 
     ProjectControl u = user(localKey, REGISTERED_USERS);
     assertWithMessage("u can't edit topic name")
-        .that(u.controlForRef("refs/heads/master").canForceEditTopicName())
+        .that(u.controlForRef("refs/heads/master").canForceEditTopicName(false))
         .isFalse();
   }