summaryrefslogtreecommitdiffstats
path: root/gerrit-server/src/main/java/com/google/gerrit/server/account/CapabilityCollection.java
diff options
context:
space:
mode:
Diffstat (limited to 'gerrit-server/src/main/java/com/google/gerrit/server/account/CapabilityCollection.java')
-rw-r--r--gerrit-server/src/main/java/com/google/gerrit/server/account/CapabilityCollection.java113
1 files changed, 113 insertions, 0 deletions
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/CapabilityCollection.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/CapabilityCollection.java
new file mode 100644
index 0000000000..796b44eacd
--- /dev/null
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/CapabilityCollection.java
@@ -0,0 +1,113 @@
+// Copyright (C) 2011 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.google.gerrit.server.account;
+
+import com.google.gerrit.common.data.AccessSection;
+import com.google.gerrit.common.data.GlobalCapability;
+import com.google.gerrit.common.data.GroupReference;
+import com.google.gerrit.common.data.Permission;
+import com.google.gerrit.common.data.PermissionRange;
+import com.google.gerrit.common.data.PermissionRule;
+import com.google.gerrit.reviewdb.client.AccountGroup;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+/** Caches active {@link GlobalCapability} set for a site. */
+public class CapabilityCollection {
+ private final Map<String, List<PermissionRule>> permissions;
+
+ public final List<PermissionRule> administrateServer;
+ public final List<PermissionRule> emailReviewers;
+ public final List<PermissionRule> priority;
+ public final List<PermissionRule> queryLimit;
+
+ public CapabilityCollection(AccessSection section) {
+ if (section == null) {
+ section = new AccessSection(AccessSection.GLOBAL_CAPABILITIES);
+ }
+
+ Map<String, List<PermissionRule>> tmp =
+ new HashMap<String, List<PermissionRule>>();
+ for (Permission permission : section.getPermissions()) {
+ for (PermissionRule rule : permission.getRules()) {
+ if (!permission.getName().equals(GlobalCapability.EMAIL_REVIEWERS)
+ && rule.getAction() == PermissionRule.Action.DENY) {
+ continue;
+ }
+
+ List<PermissionRule> r = tmp.get(permission.getName());
+ if (r == null) {
+ r = new ArrayList<PermissionRule>(2);
+ tmp.put(permission.getName(), r);
+ }
+ r.add(rule);
+ }
+ }
+ configureDefaults(tmp, section);
+
+ Map<String, List<PermissionRule>> res =
+ new HashMap<String, List<PermissionRule>>();
+ for (Map.Entry<String, List<PermissionRule>> e : tmp.entrySet()) {
+ List<PermissionRule> rules = e.getValue();
+ if (rules.size() == 1) {
+ res.put(e.getKey(), Collections.singletonList(rules.get(0)));
+ } else {
+ res.put(e.getKey(), Collections.unmodifiableList(
+ Arrays.asList(rules.toArray(new PermissionRule[rules.size()]))));
+ }
+ }
+ permissions = Collections.unmodifiableMap(res);
+
+ administrateServer = getPermission(GlobalCapability.ADMINISTRATE_SERVER);
+ emailReviewers = getPermission(GlobalCapability.EMAIL_REVIEWERS);
+ priority = getPermission(GlobalCapability.PRIORITY);
+ queryLimit = getPermission(GlobalCapability.QUERY_LIMIT);
+ }
+
+ public List<PermissionRule> getPermission(String permissionName) {
+ List<PermissionRule> r = permissions.get(permissionName);
+ return r != null ? r : Collections.<PermissionRule> emptyList();
+ }
+
+ private static final GroupReference anonymous = new GroupReference(
+ AccountGroup.ANONYMOUS_USERS,
+ "Anonymous Users");
+
+ private static void configureDefaults(Map<String, List<PermissionRule>> out,
+ AccessSection section) {
+ configureDefault(out, section, GlobalCapability.QUERY_LIMIT, anonymous);
+ }
+
+ private static void configureDefault(Map<String, List<PermissionRule>> out,
+ AccessSection section, String capName, GroupReference group) {
+ if (doesNotDeclare(section, capName)) {
+ PermissionRange.WithDefaults range = GlobalCapability.getRange(capName);
+ if (range != null) {
+ PermissionRule rule = new PermissionRule(group);
+ rule.setRange(range.getDefaultMin(), range.getDefaultMax());
+ out.put(capName, Collections.singletonList(rule));
+ }
+ }
+ }
+
+ private static boolean doesNotDeclare(AccessSection section, String capName) {
+ return section.getPermission(capName) == null;
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-13 20:06:49 +0000