Fix gsql site program

After abd6d4e1 the gsql site program was broken as injection of IdentifiedUser into QueryShell created from the site program failed. There is no IdentifiedUser when running gsql as a site program. Move the check for the accessDatabase capability to the AdminQueryShell. Change-Id: I7882bcb54f082085665c39beab5f5bb22f89f6e0 Signed-off-by: Sasa Zivkov <sasa.zivkov@sap.com>
author: Sasa Zivkov <sasa.zivkov@sap.com> 2013-03-14 14:11:51 +0100
committer: Sasa Zivkov <sasa.zivkov@sap.com> 2013-03-14 14:11:51 +0100
commit: b3a295c833679f5898142fdfc06678c51ae83177 (patch)
tree: e81431b77be6a3ff871e7da7a7908ebddbaaf37d /gerrit-sshd/src
parent: 443a3a1c8fa03462f0a66b518e5b1299cea21615 (diff)
2 files changed, 38 insertions, 39 deletions
diff --git a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/AdminQueryShell.java b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/AdminQueryShell.java
index ecf370db06..f00379b179 100644
--- a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/AdminQueryShell.java
+++ b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/AdminQueryShell.java
@@ -15,7 +15,9 @@
 package com.google.gerrit.sshd.commands;
 
 import com.google.gerrit.common.data.GlobalCapability;
+import com.google.gerrit.common.errors.PermissionDeniedException;
 import com.google.gerrit.extensions.annotations.RequiresCapability;
+import com.google.gerrit.server.IdentifiedUser;
 import com.google.gerrit.sshd.AdminHighPriorityCommand;
 import com.google.gerrit.sshd.CommandMetaData;
 import com.google.gerrit.sshd.SshCommand;
@@ -31,6 +33,9 @@ final class AdminQueryShell extends SshCommand {
   @Inject
   private QueryShell.Factory factory;
 
+  @Inject
+  private IdentifiedUser currentUser;
+
   @Option(name = "--format", usage = "Set output format")
   private QueryShell.OutputFormat format = QueryShell.OutputFormat.PRETTY;
 
@@ -38,13 +43,37 @@ final class AdminQueryShell extends SshCommand {
   private String query;
 
   @Override
-  protected void run() {
-    final QueryShell shell = factory.create(in, out);
-    shell.setOutputFormat(format);
-    if (query != null) {
-      shell.execute(query);
-    } else {
-      shell.run();
+  protected void run() throws Failure {
+    try {
+      checkPermission();
+
+      final QueryShell shell = factory.create(in, out);
+      shell.setOutputFormat(format);
+      if (query != null) {
+        shell.execute(query);
+      } else {
+        shell.run();
+      }
+    } catch (PermissionDeniedException err) {
+      throw new UnloggedFailure("fatal: " + err.getMessage());
+    }
+  }
+
+  /**
+   * Assert that the current user is permitted to perform raw queries.
+   * <p>
+   * As the @RequireCapability guards at various entry points of internal
+   * commands implicitly add administrators (which we want to avoid), we also
+   * check permissions within QueryShell and grant access only to those who
+   * canPerformRawQuery, regardless of whether they are administrators or not.
+   *
+   * @throws PermissionDeniedException
+   */
+  private void checkPermission() throws PermissionDeniedException {
+    if (!currentUser.getCapabilities().canAccessDatabase()) {
+      throw new PermissionDeniedException(String.format(
+          "%s does not have \"Perform Raw Query\" capability.",
+          currentUser.getUserName()));
     }
   }
 }
diff --git a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/QueryShell.java b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/QueryShell.java
index 5226962b4f..1630d115d6 100644
--- a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/QueryShell.java
+++ b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/QueryShell.java
@@ -15,9 +15,7 @@
 package com.google.gerrit.sshd.commands;
 
 import com.google.gerrit.common.Version;
-import com.google.gerrit.common.errors.PermissionDeniedException;
 import com.google.gerrit.reviewdb.server.ReviewDb;
-import com.google.gerrit.server.IdentifiedUser;
 import com.google.gson.JsonObject;
 import com.google.gwtorm.jdbc.JdbcSchema;
 import com.google.gwtorm.server.OrmException;
@@ -57,7 +55,6 @@ public class QueryShell {
   private final BufferedReader in;
   private final PrintWriter out;
   private final SchemaFactory<ReviewDb> dbFactory;
-  private final IdentifiedUser currentUser;
   private OutputFormat outputFormat = OutputFormat.PRETTY;
 
   private ReviewDb db;
@@ -66,14 +63,11 @@ public class QueryShell {
 
   @Inject
   QueryShell(final SchemaFactory<ReviewDb> dbFactory,
-      final IdentifiedUser currentUser,
-
-  @Assisted final InputStream in, @Assisted final OutputStream out)
-      throws UnsupportedEncodingException {
+      @Assisted final InputStream in, @Assisted final OutputStream out)
+          throws UnsupportedEncodingException {
     this.dbFactory = dbFactory;
     this.in = new BufferedReader(new InputStreamReader(in, "UTF-8"));
     this.out = new PrintWriter(new OutputStreamWriter(out, "UTF-8"));
-    this.currentUser = currentUser;
   }
 
   public void setOutputFormat(OutputFormat fmt) {
@@ -82,7 +76,6 @@ public class QueryShell {
 
   public void run() {
     try {
-      checkPermission();
       db = dbFactory.open();
       try {
         connection = ((JdbcSchema) db).getConnection();
@@ -105,8 +98,6 @@ public class QueryShell {
 
     } catch (SQLException err) {
       out.println("fatal: Cannot open connection: " + err.getMessage());
-    } catch (PermissionDeniedException err) {
-      out.println("fatal: " + err.getMessage());
     } finally {
       out.flush();
     }
@@ -114,7 +105,6 @@ public class QueryShell {
 
   public void execute(String query) {
     try {
-      checkPermission();
       db = dbFactory.open();
       try {
         connection = ((JdbcSchema) db).getConnection();
@@ -136,31 +126,11 @@ public class QueryShell {
 
     } catch (SQLException err) {
       out.println("fatal: Cannot open connection: " + err.getMessage());
-    } catch (PermissionDeniedException err) {
-      out.println("fatal: " + err.getMessage());
     } finally {
       out.flush();
     }
   }
 
-  /**
-   * Assert that the current user is permitted to perform raw queries.
-   * <p>
-   * As the @RequireCapability guards at various entry points of internal
-   * commands implicitly add administrators (which we want to avoid), we also
-   * check permissions within QueryShell and grant access only to those who
-   * canPerformRawQuery, regardless of whether they are administrators or not.
-   *
-   * @throws PermissionDeniedException
-   */
-  private void checkPermission() throws PermissionDeniedException {
-    if (!currentUser.getCapabilities().canAccessDatabase()) {
-      throw new PermissionDeniedException(String.format(
-          "%s does not have \"Perform Raw Query\" capability.",
-          currentUser.getUserName()));
-    }
-  }
-
   private void readEvalPrintLoop() {
     final StringBuilder buffer = new StringBuilder();
     boolean executed = false;
author	Sasa Zivkov <sasa.zivkov@sap.com>	2013-03-14 14:11:51 +0100
committer	Sasa Zivkov <sasa.zivkov@sap.com>	2013-03-14 14:11:51 +0100
commit	b3a295c833679f5898142fdfc06678c51ae83177 (patch)
tree	e81431b77be6a3ff871e7da7a7908ebddbaaf37d /gerrit-sshd/src
parent	443a3a1c8fa03462f0a66b518e5b1299cea21615 (diff)