diff options
Diffstat (limited to 'java/com/google/gerrit/httpd/rpc/project/ProjectAccessFactory.java')
-rw-r--r-- | java/com/google/gerrit/httpd/rpc/project/ProjectAccessFactory.java | 295 |
1 files changed, 295 insertions, 0 deletions
diff --git a/java/com/google/gerrit/httpd/rpc/project/ProjectAccessFactory.java b/java/com/google/gerrit/httpd/rpc/project/ProjectAccessFactory.java new file mode 100644 index 0000000000..6193e458c5 --- /dev/null +++ b/java/com/google/gerrit/httpd/rpc/project/ProjectAccessFactory.java @@ -0,0 +1,295 @@ +// Copyright (C) 2011 The Android Open Source Project +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package com.google.gerrit.httpd.rpc.project; + +import static com.google.gerrit.server.permissions.GlobalPermission.ADMINISTRATE_SERVER; +import static com.google.gerrit.server.permissions.RefPermission.CREATE_CHANGE; +import static com.google.gerrit.server.permissions.RefPermission.READ; +import static com.google.gerrit.server.permissions.RefPermission.WRITE_CONFIG; + +import com.google.common.collect.Maps; +import com.google.gerrit.common.data.AccessSection; +import com.google.gerrit.common.data.GroupDescription; +import com.google.gerrit.common.data.GroupInfo; +import com.google.gerrit.common.data.Permission; +import com.google.gerrit.common.data.PermissionRule; +import com.google.gerrit.common.data.ProjectAccess; +import com.google.gerrit.common.data.RefConfigSection; +import com.google.gerrit.common.data.WebLinkInfoCommon; +import com.google.gerrit.common.errors.NoSuchGroupException; +import com.google.gerrit.extensions.restapi.AuthException; +import com.google.gerrit.extensions.restapi.ResourceConflictException; +import com.google.gerrit.httpd.rpc.Handler; +import com.google.gerrit.reviewdb.client.AccountGroup; +import com.google.gerrit.reviewdb.client.Project; +import com.google.gerrit.reviewdb.client.RefNames; +import com.google.gerrit.server.WebLinks; +import com.google.gerrit.server.account.GroupBackend; +import com.google.gerrit.server.account.GroupControl; +import com.google.gerrit.server.config.AllProjectsName; +import com.google.gerrit.server.git.meta.MetaDataUpdate; +import com.google.gerrit.server.permissions.GlobalPermission; +import com.google.gerrit.server.permissions.PermissionBackend; +import com.google.gerrit.server.permissions.PermissionBackendException; +import com.google.gerrit.server.permissions.ProjectPermission; +import com.google.gerrit.server.permissions.RefPermission; +import com.google.gerrit.server.project.NoSuchProjectException; +import com.google.gerrit.server.project.ProjectCache; +import com.google.gerrit.server.project.ProjectConfig; +import com.google.gerrit.server.project.ProjectState; +import com.google.inject.Inject; +import com.google.inject.assistedinject.Assisted; +import java.io.IOException; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.HashSet; +import java.util.List; +import java.util.Map; +import java.util.Set; +import org.eclipse.jgit.errors.ConfigInvalidException; + +class ProjectAccessFactory extends Handler<ProjectAccess> { + interface Factory { + ProjectAccessFactory create(@Assisted Project.NameKey name); + } + + private final GroupBackend groupBackend; + private final ProjectCache projectCache; + private final PermissionBackend permissionBackend; + private final GroupControl.Factory groupControlFactory; + private final MetaDataUpdate.Server metaDataUpdateFactory; + private final AllProjectsName allProjectsName; + + private final Project.NameKey projectName; + private WebLinks webLinks; + + @Inject + ProjectAccessFactory( + GroupBackend groupBackend, + ProjectCache projectCache, + PermissionBackend permissionBackend, + GroupControl.Factory groupControlFactory, + MetaDataUpdate.Server metaDataUpdateFactory, + AllProjectsName allProjectsName, + WebLinks webLinks, + @Assisted final Project.NameKey name) { + this.groupBackend = groupBackend; + this.projectCache = projectCache; + this.permissionBackend = permissionBackend; + this.groupControlFactory = groupControlFactory; + this.metaDataUpdateFactory = metaDataUpdateFactory; + this.allProjectsName = allProjectsName; + this.webLinks = webLinks; + + this.projectName = name; + } + + @Override + public ProjectAccess call() + throws NoSuchProjectException, IOException, ConfigInvalidException, + PermissionBackendException, ResourceConflictException { + ProjectState projectState = checkProjectState(); + + // Load the current configuration from the repository, ensuring its the most + // recent version available. If it differs from what was in the project + // state, force a cache flush now. + // + ProjectConfig config; + try (MetaDataUpdate md = metaDataUpdateFactory.create(projectName)) { + config = ProjectConfig.read(md); + if (config.updateGroupNames(groupBackend)) { + md.setMessage("Update group names\n"); + config.commit(md); + projectCache.evict(config.getProject()); + projectState = checkProjectState(); + } else if (config.getRevision() != null + && !config.getRevision().equals(projectState.getConfig().getRevision())) { + projectCache.evict(config.getProject()); + projectState = checkProjectState(); + } + } + + // The following implementation must match the GetAccess REST API endpoint. + + List<AccessSection> local = new ArrayList<>(); + Set<String> ownerOf = new HashSet<>(); + Map<AccountGroup.UUID, Boolean> visibleGroups = new HashMap<>(); + PermissionBackend.ForProject perm = permissionBackend.currentUser().project(projectName); + boolean checkReadConfig = check(perm, RefNames.REFS_CONFIG, READ); + boolean canWriteProjectConfig = true; + try { + perm.check(ProjectPermission.WRITE_CONFIG); + } catch (AuthException e) { + canWriteProjectConfig = false; + } + + for (AccessSection section : config.getAccessSections()) { + String name = section.getName(); + if (AccessSection.GLOBAL_CAPABILITIES.equals(name)) { + if (canWriteProjectConfig) { + local.add(section); + ownerOf.add(name); + + } else if (checkReadConfig) { + local.add(section); + } + + } else if (RefConfigSection.isValid(name)) { + if (check(perm, name, WRITE_CONFIG)) { + local.add(section); + ownerOf.add(name); + + } else if (checkReadConfig) { + local.add(section); + + } else if (check(perm, name, READ)) { + // Filter the section to only add rules describing groups that + // are visible to the current-user. This includes any group the + // user is a member of, as well as groups they own or that + // are visible to all users. + + AccessSection dst = null; + for (Permission srcPerm : section.getPermissions()) { + Permission dstPerm = null; + + for (PermissionRule srcRule : srcPerm.getRules()) { + AccountGroup.UUID group = srcRule.getGroup().getUUID(); + if (group == null) { + continue; + } + + Boolean canSeeGroup = visibleGroups.get(group); + if (canSeeGroup == null) { + try { + canSeeGroup = groupControlFactory.controlFor(group).isVisible(); + } catch (NoSuchGroupException e) { + canSeeGroup = Boolean.FALSE; + } + visibleGroups.put(group, canSeeGroup); + } + + if (canSeeGroup) { + if (dstPerm == null) { + if (dst == null) { + dst = new AccessSection(name); + local.add(dst); + } + dstPerm = dst.getPermission(srcPerm.getName(), true); + } + dstPerm.add(srcRule); + } + } + } + } + } + } + + if (ownerOf.isEmpty() && isAdmin()) { + // Special case: If the section list is empty, this project has no current + // access control information. Fall back to site administrators. + ownerOf.add(AccessSection.ALL); + } + + final ProjectAccess detail = new ProjectAccess(); + detail.setProjectName(projectName); + + if (config.getRevision() != null) { + detail.setRevision(config.getRevision().name()); + } + + detail.setInheritsFrom(config.getProject().getParent(allProjectsName)); + + if (projectName.equals(allProjectsName) + && permissionBackend.currentUser().testOrFalse(ADMINISTRATE_SERVER)) { + ownerOf.add(AccessSection.GLOBAL_CAPABILITIES); + } + + detail.setLocal(local); + detail.setOwnerOf(ownerOf); + detail.setCanUpload( + canWriteProjectConfig + || (checkReadConfig + && perm.ref(RefNames.REFS_CONFIG).testOrFalse(CREATE_CHANGE) + && projectState.statePermitsWrite())); + detail.setConfigVisible(canWriteProjectConfig || checkReadConfig); + detail.setGroupInfo(buildGroupInfo(local)); + detail.setLabelTypes(projectState.getLabelTypes()); + detail.setFileHistoryLinks(getConfigFileLogLinks(projectName.get())); + return detail; + } + + private List<WebLinkInfoCommon> getConfigFileLogLinks(String projectName) { + List<WebLinkInfoCommon> links = + webLinks.getFileHistoryLinks( + projectName, RefNames.REFS_CONFIG, ProjectConfig.PROJECT_CONFIG); + return links.isEmpty() ? null : links; + } + + private Map<AccountGroup.UUID, GroupInfo> buildGroupInfo(List<AccessSection> local) { + Map<AccountGroup.UUID, GroupInfo> infos = new HashMap<>(); + for (AccessSection section : local) { + for (Permission permission : section.getPermissions()) { + for (PermissionRule rule : permission.getRules()) { + if (rule.getGroup() != null) { + AccountGroup.UUID uuid = rule.getGroup().getUUID(); + if (uuid != null && !infos.containsKey(uuid)) { + GroupDescription.Basic group = groupBackend.get(uuid); + infos.put(uuid, group != null ? new GroupInfo(group) : null); + } + } + } + } + } + return Maps.filterEntries(infos, in -> in.getValue() != null); + } + + private ProjectState checkProjectState() + throws NoSuchProjectException, IOException, PermissionBackendException, + ResourceConflictException { + ProjectState state = projectCache.checkedGet(projectName); + // Hidden projects(permitsRead = false) should only be accessible by the project owners. + // READ_CONFIG is checked here because it's only allowed to project owners(ACCESS may also + // be allowed for other users). Allowing project owners to access here will help them to view + // and update the config of hidden projects easily. + ProjectPermission permissionToCheck = + state.statePermitsRead() ? ProjectPermission.ACCESS : ProjectPermission.READ_CONFIG; + try { + permissionBackend.currentUser().project(projectName).check(permissionToCheck); + } catch (AuthException e) { + throw new NoSuchProjectException(projectName); + } + state.checkStatePermitsRead(); + return state; + } + + private static boolean check(PermissionBackend.ForProject ctx, String ref, RefPermission perm) + throws PermissionBackendException { + try { + ctx.ref(ref).check(perm); + return true; + } catch (AuthException denied) { + return false; + } + } + + private boolean isAdmin() throws PermissionBackendException { + try { + permissionBackend.currentUser().check(GlobalPermission.ADMINISTRATE_SERVER); + return true; + } catch (AuthException e) { + return false; + } + } +} |