diff options
Diffstat (limited to 'gerrit-httpd/src/main/java/com/google/gerrit/httpd/rpc/ChangeListServiceImpl.java')
-rw-r--r-- | gerrit-httpd/src/main/java/com/google/gerrit/httpd/rpc/ChangeListServiceImpl.java | 111 |
1 files changed, 69 insertions, 42 deletions
diff --git a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/rpc/ChangeListServiceImpl.java b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/rpc/ChangeListServiceImpl.java index 5c19e117b5..9a101d3ff0 100644 --- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/rpc/ChangeListServiceImpl.java +++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/rpc/ChangeListServiceImpl.java @@ -17,17 +17,19 @@ package com.google.gerrit.httpd.rpc; import com.google.gerrit.common.data.AccountDashboardInfo; import com.google.gerrit.common.data.ChangeInfo; import com.google.gerrit.common.data.ChangeListService; +import com.google.gerrit.common.data.GlobalCapability; import com.google.gerrit.common.data.SingleListChangeInfo; import com.google.gerrit.common.data.ToggleStarRequest; import com.google.gerrit.common.errors.InvalidQueryException; import com.google.gerrit.common.errors.NoSuchEntityException; -import com.google.gerrit.reviewdb.Account; -import com.google.gerrit.reviewdb.Change; -import com.google.gerrit.reviewdb.ChangeAccess; -import com.google.gerrit.reviewdb.PatchSetApproval; -import com.google.gerrit.reviewdb.ReviewDb; -import com.google.gerrit.reviewdb.StarredChange; +import com.google.gerrit.reviewdb.client.Account; +import com.google.gerrit.reviewdb.client.Change; +import com.google.gerrit.reviewdb.client.PatchSetApproval; +import com.google.gerrit.reviewdb.client.StarredChange; +import com.google.gerrit.reviewdb.server.ChangeAccess; +import com.google.gerrit.reviewdb.server.ReviewDb; import com.google.gerrit.server.CurrentUser; +import com.google.gerrit.server.account.AccountControl; import com.google.gerrit.server.account.AccountInfoCacheFactory; import com.google.gerrit.server.project.ChangeControl; import com.google.gerrit.server.project.NoSuchChangeException; @@ -37,11 +39,11 @@ import com.google.gerrit.server.query.change.ChangeData; import com.google.gerrit.server.query.change.ChangeDataSource; import com.google.gerrit.server.query.change.ChangeQueryBuilder; import com.google.gerrit.server.query.change.ChangeQueryRewriter; -import com.google.gwt.user.client.rpc.AsyncCallback; -import com.google.gwtjsonrpc.client.VoidResult; -import com.google.gwtorm.client.OrmException; -import com.google.gwtorm.client.ResultSet; -import com.google.gwtorm.client.impl.ListResultSet; +import com.google.gwtjsonrpc.common.AsyncCallback; +import com.google.gwtjsonrpc.common.VoidResult; +import com.google.gwtorm.server.ListResultSet; +import com.google.gwtorm.server.OrmException; +import com.google.gwtorm.server.ResultSet; import com.google.inject.Inject; import com.google.inject.Provider; @@ -79,12 +81,6 @@ public class ChangeListServiceImpl extends BaseServiceImplementation implements } }; - private static final int MAX_PER_PAGE = 100; - - private static int safePageSize(final int pageSize) { - return 0 < pageSize && pageSize <= MAX_PER_PAGE ? pageSize : MAX_PER_PAGE; - } - private final Provider<CurrentUser> currentUser; private final ChangeControl.Factory changeControlFactory; private final AccountInfoCacheFactory.Factory accountInfoCacheFactory; @@ -107,9 +103,9 @@ public class ChangeListServiceImpl extends BaseServiceImplementation implements this.queryRewriter = queryRewriter; } - private boolean canRead(final Change c) { + private boolean canRead(final Change c, final ReviewDb db) throws OrmException { try { - return changeControlFactory.controlFor(c).isVisible(); + return changeControlFactory.controlFor(c).isVisible(db); } catch (NoSuchChangeException e) { return false; } @@ -118,25 +114,33 @@ public class ChangeListServiceImpl extends BaseServiceImplementation implements @Override public void allQueryPrev(final String query, final String pos, final int pageSize, final AsyncCallback<SingleListChangeInfo> callback) { - run(callback, new QueryPrev(pageSize, pos) { - @Override - ResultSet<Change> query(ReviewDb db, int lim, String key) - throws OrmException, InvalidQueryException { - return searchQuery(db, query, lim, key, QUERY_PREV); - } - }); + try { + run(callback, new QueryPrev(pageSize, pos) { + @Override + ResultSet<Change> query(ReviewDb db, int lim, String key) + throws OrmException, InvalidQueryException { + return searchQuery(db, query, lim, key, QUERY_PREV); + } + }); + } catch (InvalidQueryException e) { + callback.onFailure(e); + } } @Override public void allQueryNext(final String query, final String pos, final int pageSize, final AsyncCallback<SingleListChangeInfo> callback) { - run(callback, new QueryNext(pageSize, pos) { - @Override - ResultSet<Change> query(ReviewDb db, int lim, String key) - throws OrmException, InvalidQueryException { - return searchQuery(db, query, lim, key, QUERY_NEXT); - } - }); + try { + run(callback, new QueryNext(pageSize, pos) { + @Override + ResultSet<Change> query(ReviewDb db, int lim, String key) + throws OrmException, InvalidQueryException { + return searchQuery(db, query, lim, key, QUERY_NEXT); + } + }); + } catch (InvalidQueryException e) { + callback.onFailure(e); + } } @SuppressWarnings("unchecked") @@ -184,7 +188,7 @@ public class ChangeListServiceImpl extends BaseServiceImplementation implements // if (!want.isEmpty()) { for (Change c : db.changes().get(want)) { - if (canRead(c)) { + if (canRead(c, db)) { r.add(c); } } @@ -233,23 +237,32 @@ public class ChangeListServiceImpl extends BaseServiceImplementation implements } d = new AccountDashboardInfo(target); - d.setByOwner(filter(changes.byOwnerOpen(target), stars, ac)); - d.setClosed(filter(changes.byOwnerClosed(target), stars, ac)); + d.setByOwner(filter(changes.byOwnerOpen(target), stars, ac, db)); + d.setClosed(filter(changes.byOwnerClosed(target), stars, ac, db)); for (final ChangeInfo c : d.getByOwner()) { openReviews.remove(c.getId()); } - d.setForReview(filter(changes.get(openReviews), stars, ac)); + d.setForReview(filter(changes.get(openReviews), stars, ac, db)); Collections.sort(d.getForReview(), ID_COMP); for (final ChangeInfo c : d.getClosed()) { closedReviews.remove(c.getId()); } if (!closedReviews.isEmpty()) { - d.getClosed().addAll(filter(changes.get(closedReviews), stars, ac)); + d.getClosed().addAll(filter(changes.get(closedReviews), stars, ac, db)); Collections.sort(d.getClosed(), SORT_KEY_COMP); } + // User dashboards are visible to other users, if the current user + // can see any of the changes in the dashboard. + if (!target.equals(me) + && d.getByOwner().isEmpty() + && d.getClosed().isEmpty() + && d.getForReview().isEmpty()) { + throw new Failure(new NoSuchEntityException()); + } + d.setAccounts(ac.create()); return d; } @@ -290,11 +303,22 @@ public class ChangeListServiceImpl extends BaseServiceImplementation implements callback.onSuccess(currentUser.get().getStarredChanges()); } + private int safePageSize(final int pageSize) throws InvalidQueryException { + int maxLimit = currentUser.get().getCapabilities() + .getRange(GlobalCapability.QUERY_LIMIT) + .getMax(); + if (maxLimit <= 0) { + throw new InvalidQueryException("Search Disabled"); + } + return 0 < pageSize && pageSize <= maxLimit ? pageSize : maxLimit; + } + private List<ChangeInfo> filter(final ResultSet<Change> rs, - final Set<Change.Id> starred, final AccountInfoCacheFactory accts) { + final Set<Change.Id> starred, final AccountInfoCacheFactory accts, + final ReviewDb db) throws OrmException { final ArrayList<ChangeInfo> r = new ArrayList<ChangeInfo>(); for (final Change c : rs) { - if (canRead(c)) { + if (canRead(c, db)) { final ChangeInfo ci = new ChangeInfo(c); accts.want(ci.getOwner()); ci.setStarred(starred.contains(ci.getId())); @@ -309,7 +333,7 @@ public class ChangeListServiceImpl extends BaseServiceImplementation implements protected final int limit; protected final int slim; - QueryNext(final int pageSize, final String pos) { + QueryNext(final int pageSize, final String pos) throws InvalidQueryException { this.pos = pos; this.limit = safePageSize(pageSize); this.slim = limit + 1; @@ -324,6 +348,9 @@ public class ChangeListServiceImpl extends BaseServiceImplementation implements final ArrayList<ChangeInfo> list = new ArrayList<ChangeInfo>(); final ResultSet<Change> rs = query(db, slim, pos); for (final Change c : rs) { + if (!canRead(c, db)) { + continue; + } final ChangeInfo ci = new ChangeInfo(c); ac.want(ci.getOwner()); ci.setStarred(starred.contains(ci.getId())); @@ -353,7 +380,7 @@ public class ChangeListServiceImpl extends BaseServiceImplementation implements } private abstract class QueryPrev extends QueryNext { - QueryPrev(int pageSize, String pos) { + QueryPrev(int pageSize, String pos) throws InvalidQueryException { super(pageSize, pos); } |