diff options
-rw-r--r-- | gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/AdminQueryShell.java | 43 | ||||
-rw-r--r-- | gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/QueryShell.java | 34 |
2 files changed, 38 insertions, 39 deletions
diff --git a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/AdminQueryShell.java b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/AdminQueryShell.java index ecf370db06..f00379b179 100644 --- a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/AdminQueryShell.java +++ b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/AdminQueryShell.java @@ -15,7 +15,9 @@ package com.google.gerrit.sshd.commands; import com.google.gerrit.common.data.GlobalCapability; +import com.google.gerrit.common.errors.PermissionDeniedException; import com.google.gerrit.extensions.annotations.RequiresCapability; +import com.google.gerrit.server.IdentifiedUser; import com.google.gerrit.sshd.AdminHighPriorityCommand; import com.google.gerrit.sshd.CommandMetaData; import com.google.gerrit.sshd.SshCommand; @@ -31,6 +33,9 @@ final class AdminQueryShell extends SshCommand { @Inject private QueryShell.Factory factory; + @Inject + private IdentifiedUser currentUser; + @Option(name = "--format", usage = "Set output format") private QueryShell.OutputFormat format = QueryShell.OutputFormat.PRETTY; @@ -38,13 +43,37 @@ final class AdminQueryShell extends SshCommand { private String query; @Override - protected void run() { - final QueryShell shell = factory.create(in, out); - shell.setOutputFormat(format); - if (query != null) { - shell.execute(query); - } else { - shell.run(); + protected void run() throws Failure { + try { + checkPermission(); + + final QueryShell shell = factory.create(in, out); + shell.setOutputFormat(format); + if (query != null) { + shell.execute(query); + } else { + shell.run(); + } + } catch (PermissionDeniedException err) { + throw new UnloggedFailure("fatal: " + err.getMessage()); + } + } + + /** + * Assert that the current user is permitted to perform raw queries. + * <p> + * As the @RequireCapability guards at various entry points of internal + * commands implicitly add administrators (which we want to avoid), we also + * check permissions within QueryShell and grant access only to those who + * canPerformRawQuery, regardless of whether they are administrators or not. + * + * @throws PermissionDeniedException + */ + private void checkPermission() throws PermissionDeniedException { + if (!currentUser.getCapabilities().canAccessDatabase()) { + throw new PermissionDeniedException(String.format( + "%s does not have \"Perform Raw Query\" capability.", + currentUser.getUserName())); } } } diff --git a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/QueryShell.java b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/QueryShell.java index 5226962b4f..1630d115d6 100644 --- a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/QueryShell.java +++ b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/QueryShell.java @@ -15,9 +15,7 @@ package com.google.gerrit.sshd.commands; import com.google.gerrit.common.Version; -import com.google.gerrit.common.errors.PermissionDeniedException; import com.google.gerrit.reviewdb.server.ReviewDb; -import com.google.gerrit.server.IdentifiedUser; import com.google.gson.JsonObject; import com.google.gwtorm.jdbc.JdbcSchema; import com.google.gwtorm.server.OrmException; @@ -57,7 +55,6 @@ public class QueryShell { private final BufferedReader in; private final PrintWriter out; private final SchemaFactory<ReviewDb> dbFactory; - private final IdentifiedUser currentUser; private OutputFormat outputFormat = OutputFormat.PRETTY; private ReviewDb db; @@ -66,14 +63,11 @@ public class QueryShell { @Inject QueryShell(final SchemaFactory<ReviewDb> dbFactory, - final IdentifiedUser currentUser, - - @Assisted final InputStream in, @Assisted final OutputStream out) - throws UnsupportedEncodingException { + @Assisted final InputStream in, @Assisted final OutputStream out) + throws UnsupportedEncodingException { this.dbFactory = dbFactory; this.in = new BufferedReader(new InputStreamReader(in, "UTF-8")); this.out = new PrintWriter(new OutputStreamWriter(out, "UTF-8")); - this.currentUser = currentUser; } public void setOutputFormat(OutputFormat fmt) { @@ -82,7 +76,6 @@ public class QueryShell { public void run() { try { - checkPermission(); db = dbFactory.open(); try { connection = ((JdbcSchema) db).getConnection(); @@ -105,8 +98,6 @@ public class QueryShell { } catch (SQLException err) { out.println("fatal: Cannot open connection: " + err.getMessage()); - } catch (PermissionDeniedException err) { - out.println("fatal: " + err.getMessage()); } finally { out.flush(); } @@ -114,7 +105,6 @@ public class QueryShell { public void execute(String query) { try { - checkPermission(); db = dbFactory.open(); try { connection = ((JdbcSchema) db).getConnection(); @@ -136,31 +126,11 @@ public class QueryShell { } catch (SQLException err) { out.println("fatal: Cannot open connection: " + err.getMessage()); - } catch (PermissionDeniedException err) { - out.println("fatal: " + err.getMessage()); } finally { out.flush(); } } - /** - * Assert that the current user is permitted to perform raw queries. - * <p> - * As the @RequireCapability guards at various entry points of internal - * commands implicitly add administrators (which we want to avoid), we also - * check permissions within QueryShell and grant access only to those who - * canPerformRawQuery, regardless of whether they are administrators or not. - * - * @throws PermissionDeniedException - */ - private void checkPermission() throws PermissionDeniedException { - if (!currentUser.getCapabilities().canAccessDatabase()) { - throw new PermissionDeniedException(String.format( - "%s does not have \"Perform Raw Query\" capability.", - currentUser.getUserName())); - } - } - private void readEvalPrintLoop() { final StringBuilder buffer = new StringBuilder(); boolean executed = false; |