summaryrefslogtreecommitdiffstats
path: root/java/com/google/gerrit/httpd/rpc/project/ProjectAccessFactory.java
diff options
context:
space:
mode:
Diffstat (limited to 'java/com/google/gerrit/httpd/rpc/project/ProjectAccessFactory.java')
-rw-r--r--java/com/google/gerrit/httpd/rpc/project/ProjectAccessFactory.java295
1 files changed, 295 insertions, 0 deletions
diff --git a/java/com/google/gerrit/httpd/rpc/project/ProjectAccessFactory.java b/java/com/google/gerrit/httpd/rpc/project/ProjectAccessFactory.java
new file mode 100644
index 0000000000..6193e458c5
--- /dev/null
+++ b/java/com/google/gerrit/httpd/rpc/project/ProjectAccessFactory.java
@@ -0,0 +1,295 @@
+// Copyright (C) 2011 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.google.gerrit.httpd.rpc.project;
+
+import static com.google.gerrit.server.permissions.GlobalPermission.ADMINISTRATE_SERVER;
+import static com.google.gerrit.server.permissions.RefPermission.CREATE_CHANGE;
+import static com.google.gerrit.server.permissions.RefPermission.READ;
+import static com.google.gerrit.server.permissions.RefPermission.WRITE_CONFIG;
+
+import com.google.common.collect.Maps;
+import com.google.gerrit.common.data.AccessSection;
+import com.google.gerrit.common.data.GroupDescription;
+import com.google.gerrit.common.data.GroupInfo;
+import com.google.gerrit.common.data.Permission;
+import com.google.gerrit.common.data.PermissionRule;
+import com.google.gerrit.common.data.ProjectAccess;
+import com.google.gerrit.common.data.RefConfigSection;
+import com.google.gerrit.common.data.WebLinkInfoCommon;
+import com.google.gerrit.common.errors.NoSuchGroupException;
+import com.google.gerrit.extensions.restapi.AuthException;
+import com.google.gerrit.extensions.restapi.ResourceConflictException;
+import com.google.gerrit.httpd.rpc.Handler;
+import com.google.gerrit.reviewdb.client.AccountGroup;
+import com.google.gerrit.reviewdb.client.Project;
+import com.google.gerrit.reviewdb.client.RefNames;
+import com.google.gerrit.server.WebLinks;
+import com.google.gerrit.server.account.GroupBackend;
+import com.google.gerrit.server.account.GroupControl;
+import com.google.gerrit.server.config.AllProjectsName;
+import com.google.gerrit.server.git.meta.MetaDataUpdate;
+import com.google.gerrit.server.permissions.GlobalPermission;
+import com.google.gerrit.server.permissions.PermissionBackend;
+import com.google.gerrit.server.permissions.PermissionBackendException;
+import com.google.gerrit.server.permissions.ProjectPermission;
+import com.google.gerrit.server.permissions.RefPermission;
+import com.google.gerrit.server.project.NoSuchProjectException;
+import com.google.gerrit.server.project.ProjectCache;
+import com.google.gerrit.server.project.ProjectConfig;
+import com.google.gerrit.server.project.ProjectState;
+import com.google.inject.Inject;
+import com.google.inject.assistedinject.Assisted;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import org.eclipse.jgit.errors.ConfigInvalidException;
+
+class ProjectAccessFactory extends Handler<ProjectAccess> {
+ interface Factory {
+ ProjectAccessFactory create(@Assisted Project.NameKey name);
+ }
+
+ private final GroupBackend groupBackend;
+ private final ProjectCache projectCache;
+ private final PermissionBackend permissionBackend;
+ private final GroupControl.Factory groupControlFactory;
+ private final MetaDataUpdate.Server metaDataUpdateFactory;
+ private final AllProjectsName allProjectsName;
+
+ private final Project.NameKey projectName;
+ private WebLinks webLinks;
+
+ @Inject
+ ProjectAccessFactory(
+ GroupBackend groupBackend,
+ ProjectCache projectCache,
+ PermissionBackend permissionBackend,
+ GroupControl.Factory groupControlFactory,
+ MetaDataUpdate.Server metaDataUpdateFactory,
+ AllProjectsName allProjectsName,
+ WebLinks webLinks,
+ @Assisted final Project.NameKey name) {
+ this.groupBackend = groupBackend;
+ this.projectCache = projectCache;
+ this.permissionBackend = permissionBackend;
+ this.groupControlFactory = groupControlFactory;
+ this.metaDataUpdateFactory = metaDataUpdateFactory;
+ this.allProjectsName = allProjectsName;
+ this.webLinks = webLinks;
+
+ this.projectName = name;
+ }
+
+ @Override
+ public ProjectAccess call()
+ throws NoSuchProjectException, IOException, ConfigInvalidException,
+ PermissionBackendException, ResourceConflictException {
+ ProjectState projectState = checkProjectState();
+
+ // Load the current configuration from the repository, ensuring its the most
+ // recent version available. If it differs from what was in the project
+ // state, force a cache flush now.
+ //
+ ProjectConfig config;
+ try (MetaDataUpdate md = metaDataUpdateFactory.create(projectName)) {
+ config = ProjectConfig.read(md);
+ if (config.updateGroupNames(groupBackend)) {
+ md.setMessage("Update group names\n");
+ config.commit(md);
+ projectCache.evict(config.getProject());
+ projectState = checkProjectState();
+ } else if (config.getRevision() != null
+ && !config.getRevision().equals(projectState.getConfig().getRevision())) {
+ projectCache.evict(config.getProject());
+ projectState = checkProjectState();
+ }
+ }
+
+ // The following implementation must match the GetAccess REST API endpoint.
+
+ List<AccessSection> local = new ArrayList<>();
+ Set<String> ownerOf = new HashSet<>();
+ Map<AccountGroup.UUID, Boolean> visibleGroups = new HashMap<>();
+ PermissionBackend.ForProject perm = permissionBackend.currentUser().project(projectName);
+ boolean checkReadConfig = check(perm, RefNames.REFS_CONFIG, READ);
+ boolean canWriteProjectConfig = true;
+ try {
+ perm.check(ProjectPermission.WRITE_CONFIG);
+ } catch (AuthException e) {
+ canWriteProjectConfig = false;
+ }
+
+ for (AccessSection section : config.getAccessSections()) {
+ String name = section.getName();
+ if (AccessSection.GLOBAL_CAPABILITIES.equals(name)) {
+ if (canWriteProjectConfig) {
+ local.add(section);
+ ownerOf.add(name);
+
+ } else if (checkReadConfig) {
+ local.add(section);
+ }
+
+ } else if (RefConfigSection.isValid(name)) {
+ if (check(perm, name, WRITE_CONFIG)) {
+ local.add(section);
+ ownerOf.add(name);
+
+ } else if (checkReadConfig) {
+ local.add(section);
+
+ } else if (check(perm, name, READ)) {
+ // Filter the section to only add rules describing groups that
+ // are visible to the current-user. This includes any group the
+ // user is a member of, as well as groups they own or that
+ // are visible to all users.
+
+ AccessSection dst = null;
+ for (Permission srcPerm : section.getPermissions()) {
+ Permission dstPerm = null;
+
+ for (PermissionRule srcRule : srcPerm.getRules()) {
+ AccountGroup.UUID group = srcRule.getGroup().getUUID();
+ if (group == null) {
+ continue;
+ }
+
+ Boolean canSeeGroup = visibleGroups.get(group);
+ if (canSeeGroup == null) {
+ try {
+ canSeeGroup = groupControlFactory.controlFor(group).isVisible();
+ } catch (NoSuchGroupException e) {
+ canSeeGroup = Boolean.FALSE;
+ }
+ visibleGroups.put(group, canSeeGroup);
+ }
+
+ if (canSeeGroup) {
+ if (dstPerm == null) {
+ if (dst == null) {
+ dst = new AccessSection(name);
+ local.add(dst);
+ }
+ dstPerm = dst.getPermission(srcPerm.getName(), true);
+ }
+ dstPerm.add(srcRule);
+ }
+ }
+ }
+ }
+ }
+ }
+
+ if (ownerOf.isEmpty() && isAdmin()) {
+ // Special case: If the section list is empty, this project has no current
+ // access control information. Fall back to site administrators.
+ ownerOf.add(AccessSection.ALL);
+ }
+
+ final ProjectAccess detail = new ProjectAccess();
+ detail.setProjectName(projectName);
+
+ if (config.getRevision() != null) {
+ detail.setRevision(config.getRevision().name());
+ }
+
+ detail.setInheritsFrom(config.getProject().getParent(allProjectsName));
+
+ if (projectName.equals(allProjectsName)
+ && permissionBackend.currentUser().testOrFalse(ADMINISTRATE_SERVER)) {
+ ownerOf.add(AccessSection.GLOBAL_CAPABILITIES);
+ }
+
+ detail.setLocal(local);
+ detail.setOwnerOf(ownerOf);
+ detail.setCanUpload(
+ canWriteProjectConfig
+ || (checkReadConfig
+ && perm.ref(RefNames.REFS_CONFIG).testOrFalse(CREATE_CHANGE)
+ && projectState.statePermitsWrite()));
+ detail.setConfigVisible(canWriteProjectConfig || checkReadConfig);
+ detail.setGroupInfo(buildGroupInfo(local));
+ detail.setLabelTypes(projectState.getLabelTypes());
+ detail.setFileHistoryLinks(getConfigFileLogLinks(projectName.get()));
+ return detail;
+ }
+
+ private List<WebLinkInfoCommon> getConfigFileLogLinks(String projectName) {
+ List<WebLinkInfoCommon> links =
+ webLinks.getFileHistoryLinks(
+ projectName, RefNames.REFS_CONFIG, ProjectConfig.PROJECT_CONFIG);
+ return links.isEmpty() ? null : links;
+ }
+
+ private Map<AccountGroup.UUID, GroupInfo> buildGroupInfo(List<AccessSection> local) {
+ Map<AccountGroup.UUID, GroupInfo> infos = new HashMap<>();
+ for (AccessSection section : local) {
+ for (Permission permission : section.getPermissions()) {
+ for (PermissionRule rule : permission.getRules()) {
+ if (rule.getGroup() != null) {
+ AccountGroup.UUID uuid = rule.getGroup().getUUID();
+ if (uuid != null && !infos.containsKey(uuid)) {
+ GroupDescription.Basic group = groupBackend.get(uuid);
+ infos.put(uuid, group != null ? new GroupInfo(group) : null);
+ }
+ }
+ }
+ }
+ }
+ return Maps.filterEntries(infos, in -> in.getValue() != null);
+ }
+
+ private ProjectState checkProjectState()
+ throws NoSuchProjectException, IOException, PermissionBackendException,
+ ResourceConflictException {
+ ProjectState state = projectCache.checkedGet(projectName);
+ // Hidden projects(permitsRead = false) should only be accessible by the project owners.
+ // READ_CONFIG is checked here because it's only allowed to project owners(ACCESS may also
+ // be allowed for other users). Allowing project owners to access here will help them to view
+ // and update the config of hidden projects easily.
+ ProjectPermission permissionToCheck =
+ state.statePermitsRead() ? ProjectPermission.ACCESS : ProjectPermission.READ_CONFIG;
+ try {
+ permissionBackend.currentUser().project(projectName).check(permissionToCheck);
+ } catch (AuthException e) {
+ throw new NoSuchProjectException(projectName);
+ }
+ state.checkStatePermitsRead();
+ return state;
+ }
+
+ private static boolean check(PermissionBackend.ForProject ctx, String ref, RefPermission perm)
+ throws PermissionBackendException {
+ try {
+ ctx.ref(ref).check(perm);
+ return true;
+ } catch (AuthException denied) {
+ return false;
+ }
+ }
+
+ private boolean isAdmin() throws PermissionBackendException {
+ try {
+ permissionBackend.currentUser().check(GlobalPermission.ADMINISTRATE_SERVER);
+ return true;
+ } catch (AuthException e) {
+ return false;
+ }
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-13 16:23:00 +0000