summaryrefslogtreecommitdiffstats
path: root/gerrit-server/src/main/java/com/google/gerrit/server/project/ChangeControl.java
diff options
context:
space:
mode:
Diffstat (limited to 'gerrit-server/src/main/java/com/google/gerrit/server/project/ChangeControl.java')
-rw-r--r--gerrit-server/src/main/java/com/google/gerrit/server/project/ChangeControl.java37
1 files changed, 20 insertions, 17 deletions
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/project/ChangeControl.java b/gerrit-server/src/main/java/com/google/gerrit/server/project/ChangeControl.java
index 1582d43958..a605a7d240 100644
--- a/gerrit-server/src/main/java/com/google/gerrit/server/project/ChangeControl.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/project/ChangeControl.java
@@ -50,7 +50,7 @@ import java.util.Map;
import java.util.Set;
/** Access control management for a user accessing a single change. */
-class ChangeControl {
+public class ChangeControl {
@Singleton
static class Factory {
private final ChangeData.Factory changeDataFactory;
@@ -87,6 +87,8 @@ class ChangeControl {
private final ChangeNotes notes;
private final PatchSetUtil patchSetUtil;
+ private ChangeData cd;
+
ChangeControl(
ChangeData.Factory changeDataFactory,
ApprovalsUtil approvalsUtil,
@@ -128,17 +130,20 @@ class ChangeControl {
return notes;
}
- /** Can this user see this change? */
- private boolean isVisible(ReviewDb db, @Nullable ChangeData cd) throws OrmException {
- if (getChange().isPrivate() && !isPrivateVisible(db, cd)) {
- return false;
+ public ChangeControl setChangeData(@Nullable ChangeData cd) {
+ if (cd != null) {
+ this.cd = cd;
}
- return isRefVisible();
+ return this;
}
- /** Can the user see this change? Does not account for draft status */
- private boolean isRefVisible() {
- return getRefControl().isVisible();
+ /** Can this user see this change? */
+ public boolean isVisible(ReviewDb db) throws OrmException {
+ if (getChange().isPrivate() && !isPrivateVisible(db, changeData(db))) {
+ return false;
+ }
+ // Does the user have READ permission on the destination?
+ return refControl.asForRef().testOrFalse(RefPermission.READ);
}
/** Can this user abandon this change? */
@@ -237,7 +242,7 @@ class ChangeControl {
/** Is this user a reviewer for the change? */
private boolean isReviewer(ReviewDb db, @Nullable ChangeData cd) throws OrmException {
if (getUser().isIdentifiedUser()) {
- Collection<Account.Id> results = changeData(db, cd).reviewers().all();
+ Collection<Account.Id> results = setChangeData(cd).changeData(db).reviewers().all();
return results.contains(getUser().getAccountId());
}
return false;
@@ -282,8 +287,8 @@ class ChangeControl {
|| getProjectControl().isAdmin();
}
- private ChangeData changeData(ReviewDb db, @Nullable ChangeData cd) {
- return cd != null ? cd : changeDataFactory.create(db, getNotes());
+ private ChangeData changeData(ReviewDb db) {
+ return this.cd != null ? cd : changeDataFactory.create(db, getNotes());
}
private boolean isPrivateVisible(ReviewDb db, ChangeData cd) throws OrmException {
@@ -294,15 +299,13 @@ class ChangeControl {
}
ForChange asForChange(@Nullable ChangeData cd, @Nullable Provider<ReviewDb> db) {
- return new ForChangeImpl(cd, db);
+ return new ForChangeImpl(db);
}
private class ForChangeImpl extends ForChange {
- private ChangeData cd;
private Map<String, PermissionRange> labels;
- ForChangeImpl(@Nullable ChangeData cd, @Nullable Provider<ReviewDb> db) {
- this.cd = cd;
+ ForChangeImpl(@Nullable Provider<ReviewDb> db) {
this.db = db;
}
@@ -370,7 +373,7 @@ class ChangeControl {
try {
switch (perm) {
case READ:
- return isVisible(db(), changeData());
+ return isVisible(db());
case ABANDON:
return canAbandon(db());
case DELETE:
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-08 11:44:03 +0000