diff options
Diffstat (limited to 'gerrit-server/src/main/java/com/google/gerrit/server/account/PerformCreateGroup.java')
-rw-r--r-- | gerrit-server/src/main/java/com/google/gerrit/server/account/PerformCreateGroup.java | 56 |
1 files changed, 41 insertions, 15 deletions
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/PerformCreateGroup.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/PerformCreateGroup.java index aab1cda276..5f94df21e2 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/PerformCreateGroup.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/PerformCreateGroup.java @@ -15,22 +15,27 @@ package com.google.gerrit.server.account; import com.google.gerrit.common.errors.NameAlreadyUsedException; -import com.google.gerrit.reviewdb.Account; -import com.google.gerrit.reviewdb.AccountGroup; -import com.google.gerrit.reviewdb.AccountGroupInclude; -import com.google.gerrit.reviewdb.AccountGroupIncludeAudit; -import com.google.gerrit.reviewdb.AccountGroupMember; -import com.google.gerrit.reviewdb.AccountGroupMemberAudit; -import com.google.gerrit.reviewdb.AccountGroupName; -import com.google.gerrit.reviewdb.ReviewDb; +import com.google.gerrit.common.errors.PermissionDeniedException; +import com.google.gerrit.reviewdb.client.Account; +import com.google.gerrit.reviewdb.client.AccountGroup; +import com.google.gerrit.reviewdb.client.AccountGroupInclude; +import com.google.gerrit.reviewdb.client.AccountGroupIncludeAudit; +import com.google.gerrit.reviewdb.client.AccountGroupMember; +import com.google.gerrit.reviewdb.client.AccountGroupMemberAudit; +import com.google.gerrit.reviewdb.client.AccountGroupName; +import com.google.gerrit.reviewdb.server.ReviewDb; +import com.google.gerrit.server.GerritPersonIdent; import com.google.gerrit.server.IdentifiedUser; -import com.google.gwtorm.client.OrmDuplicateKeyException; -import com.google.gwtorm.client.OrmException; +import com.google.gwtorm.server.OrmDuplicateKeyException; +import com.google.gwtorm.server.OrmException; import com.google.inject.Inject; +import org.eclipse.jgit.lib.PersonIdent; + import java.util.ArrayList; import java.util.Collection; import java.util.Collections; +import java.util.HashSet; import java.util.List; public class PerformCreateGroup { @@ -43,14 +48,21 @@ public class PerformCreateGroup { private final AccountCache accountCache; private final GroupIncludeCache groupIncludeCache; private final IdentifiedUser currentUser; + private final PersonIdent serverIdent; + private final GroupCache groupCache; @Inject PerformCreateGroup(final ReviewDb db, final AccountCache accountCache, - final GroupIncludeCache groupIncludeCache, final IdentifiedUser currentUser) { + final GroupIncludeCache groupIncludeCache, + final IdentifiedUser currentUser, + @GerritPersonIdent final PersonIdent serverIdent, + final GroupCache groupCache) { this.db = db; this.accountCache = accountCache; this.groupIncludeCache = groupIncludeCache; this.currentUser = currentUser; + this.serverIdent = serverIdent; + this.groupCache = groupCache; } /** @@ -71,17 +83,28 @@ public class PerformCreateGroup { * error * @throws NameAlreadyUsedException is thrown in case a group with the given * name already exists + * @throws PermissionDeniedException user cannot create a group. */ public AccountGroup.Id createGroup(final String groupName, final String groupDescription, final boolean visibleToAll, final AccountGroup.Id ownerGroupId, final Collection<? extends Account.Id> initialMembers, final Collection<? extends AccountGroup.Id> initialGroups) - throws OrmException, NameAlreadyUsedException { + throws OrmException, NameAlreadyUsedException, PermissionDeniedException { + if (!currentUser.getCapabilities().canCreateGroup()) { + throw new PermissionDeniedException(String.format( + "%s does not have \"Create Group\" capability.", + currentUser.getUserName())); + } + final AccountGroup.Id groupId = new AccountGroup.Id(db.nextAccountGroupId()); final AccountGroup.NameKey nameKey = new AccountGroup.NameKey(groupName); - final AccountGroup group = new AccountGroup(nameKey, groupId); + final AccountGroup.UUID uuid = GroupUUID.make(groupName, + currentUser.newCommitterIdent( + serverIdent.getWhen(), + serverIdent.getTimeZone())); + final AccountGroup group = new AccountGroup(nameKey, groupId, uuid); group.setVisibleToAll(visibleToAll); if (ownerGroupId != null) { group.setOwnerGroupId(ownerGroupId); @@ -105,6 +128,8 @@ public class PerformCreateGroup { addGroups(groupId, initialGroups); } + groupCache.onCreateGroup(nameKey); + return groupId; } @@ -149,8 +174,9 @@ public class PerformCreateGroup { db.accountGroupIncludes().insert(includeList); db.accountGroupIncludesAudit().insert(includesAudit); - for (AccountGroup.Id includeId : groups) { - groupIncludeCache.evictInclude(includeId); + for (AccountGroup group : db.accountGroups().get( + new HashSet<AccountGroup.Id>(groups))) { + groupIncludeCache.evictInclude(group.getGroupUUID()); } } } |