diff options
Diffstat (limited to 'gerrit-server/src/main/java/com/google/gerrit/server/project/CreateBranch.java')
-rw-r--r-- | gerrit-server/src/main/java/com/google/gerrit/server/project/CreateBranch.java | 28 |
1 files changed, 18 insertions, 10 deletions
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/project/CreateBranch.java b/gerrit-server/src/main/java/com/google/gerrit/server/project/CreateBranch.java index 422607b9e1..0a648d9a71 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/project/CreateBranch.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/project/CreateBranch.java @@ -22,10 +22,12 @@ import com.google.gerrit.extensions.restapi.ResourceConflictException; import com.google.gerrit.extensions.restapi.RestModifyView; import com.google.gerrit.reviewdb.client.Branch; import com.google.gerrit.reviewdb.client.RefNames; -import com.google.gerrit.reviewdb.server.ReviewDb; import com.google.gerrit.server.IdentifiedUser; import com.google.gerrit.server.extensions.events.GitReferenceUpdated; import com.google.gerrit.server.git.GitRepositoryManager; +import com.google.gerrit.server.permissions.PermissionBackend; +import com.google.gerrit.server.permissions.PermissionBackendException; +import com.google.gerrit.server.permissions.RefPermission; import com.google.gerrit.server.util.MagicBranch; import com.google.inject.Inject; import com.google.inject.Provider; @@ -50,31 +52,35 @@ public class CreateBranch implements RestModifyView<ProjectResource, BranchInput } private final Provider<IdentifiedUser> identifiedUser; + private final PermissionBackend permissionBackend; private final GitRepositoryManager repoManager; - private final Provider<ReviewDb> db; private final GitReferenceUpdated referenceUpdated; private final RefValidationHelper refCreationValidator; + private final CreateRefControl createRefControl; private String ref; @Inject CreateBranch( Provider<IdentifiedUser> identifiedUser, + PermissionBackend permissionBackend, GitRepositoryManager repoManager, - Provider<ReviewDb> db, GitReferenceUpdated referenceUpdated, RefValidationHelper.Factory refHelperFactory, + CreateRefControl createRefControl, @Assisted String ref) { this.identifiedUser = identifiedUser; + this.permissionBackend = permissionBackend; this.repoManager = repoManager; - this.db = db; this.referenceUpdated = referenceUpdated; this.refCreationValidator = refHelperFactory.create(ReceiveCommand.Type.CREATE); + this.createRefControl = createRefControl; this.ref = ref; } @Override public BranchInfo apply(ProjectResource rsrc, BranchInput input) - throws BadRequestException, AuthException, ResourceConflictException, IOException { + throws BadRequestException, AuthException, ResourceConflictException, IOException, + PermissionBackendException, NoSuchProjectException { if (input == null) { input = new BranchInput(); } @@ -99,7 +105,6 @@ public class CreateBranch implements RestModifyView<ProjectResource, BranchInput } final Branch.NameKey name = new Branch.NameKey(rsrc.getNameKey(), ref); - final RefControl refControl = rsrc.getControl().controlForRef(name); try (Repository repo = repoManager.openRepository(rsrc.getNameKey())) { ObjectId revid = RefUtil.parseBaseRevision(repo, rsrc.getNameKey(), input.revision); RevWalk rw = RefUtil.verifyConnected(repo, revid); @@ -116,9 +121,7 @@ public class CreateBranch implements RestModifyView<ProjectResource, BranchInput } } - if (!refControl.canCreate(db.get(), repo, object)) { - throw new AuthException("Cannot create \"" + ref + "\""); - } + createRefControl.checkCreateRef(identifiedUser, repo, name, object); try { final RefUpdate u = repo.updateRef(ref); @@ -161,6 +164,8 @@ public class CreateBranch implements RestModifyView<ProjectResource, BranchInput case REJECTED: case REJECTED_CURRENT_BRANCH: case RENAMED: + case REJECTED_MISSING_OBJECT: + case REJECTED_OTHER_REASON: default: { throw new IOException(result.name()); @@ -170,7 +175,10 @@ public class CreateBranch implements RestModifyView<ProjectResource, BranchInput BranchInfo info = new BranchInfo(); info.ref = ref; info.revision = revid.getName(); - info.canDelete = refControl.canDelete() ? true : null; + info.canDelete = + permissionBackend.user(identifiedUser).ref(name).testOrFalse(RefPermission.DELETE) + ? true + : null; return info; } catch (IOException err) { log.error("Cannot create branch \"" + name + "\"", err); |