diff options
Diffstat (limited to 'java/com/google/gerrit/server/permissions/PermissionBackend.java')
-rw-r--r-- | java/com/google/gerrit/server/permissions/PermissionBackend.java | 39 |
1 files changed, 31 insertions, 8 deletions
diff --git a/java/com/google/gerrit/server/permissions/PermissionBackend.java b/java/com/google/gerrit/server/permissions/PermissionBackend.java index d40b1381f3..8c731f6597 100644 --- a/java/com/google/gerrit/server/permissions/PermissionBackend.java +++ b/java/com/google/gerrit/server/permissions/PermissionBackend.java @@ -173,7 +173,13 @@ public abstract class PermissionBackend { return ref(notes.getChange().getDest()).change(notes); } - /** Verify scoped user can {@code perm}, throwing if denied. */ + /** + * Verify scoped user can {@code perm}, throwing if denied. + * + * <p>Should be used in REST API handlers where the thrown {@link AuthException} can be + * propagated. In business logic, where the exception would have to be caught, prefer using + * {@link #test(GlobalOrPluginPermission)}. + */ public abstract void check(GlobalOrPluginPermission perm) throws AuthException, PermissionBackendException; @@ -240,10 +246,9 @@ public abstract class PermissionBackend { Set<Project.NameKey> allowed = Sets.newHashSetWithExpectedSize(projects.size()); for (Project.NameKey project : projects) { try { - project(project).check(perm); - allowed.add(project); - } catch (AuthException e) { - // Do not include this project in allowed. + if (project(project).test(perm)) { + allowed.add(project); + } } catch (PermissionBackendException e) { if (e.getCause() instanceof RepositoryNotFoundException) { logger.atWarning().withCause(e).log( @@ -280,7 +285,13 @@ public abstract class PermissionBackend { return ref(notes.getChange().getDest().branch()).change(notes); } - /** Verify scoped user can {@code perm}, throwing if denied. */ + /** + * Verify scoped user can {@code perm}, throwing if denied. + * + * <p>Should be used in REST API handlers where the thrown {@link AuthException} can be + * propagated. In business logic, where the exception would have to be caught, prefer using + * {@link #test(CoreOrPluginProjectPermission)}. + */ public abstract void check(CoreOrPluginProjectPermission perm) throws AuthException, PermissionBackendException; @@ -368,7 +379,13 @@ public abstract class PermissionBackend { /** Returns an instance scoped to change. */ public abstract ForChange change(ChangeNotes notes); - /** Verify scoped user can {@code perm}, throwing if denied. */ + /** + * Verify scoped user can {@code perm}, throwing if denied. + * + * <p>Should be used in REST API handlers where the thrown {@link AuthException} can be + * propagated. In business logic, where the exception would have to be caught, prefer using + * {@link #test(RefPermission)}. + */ public abstract void check(RefPermission perm) throws AuthException, PermissionBackendException; /** Filter {@code permSet} to permissions scoped user might be able to perform. */ @@ -406,7 +423,13 @@ public abstract class PermissionBackend { /** Returns the fully qualified resource path that this instance is scoped to. */ public abstract String resourcePath(); - /** Verify scoped user can {@code perm}, throwing if denied. */ + /** + * Verify scoped user can {@code perm}, throwing if denied. + * + * <p>Should be used in REST API handlers where the thrown {@link AuthException} can be + * propagated. In business logic, where the exception would have to be caught, prefer using + * {@link #test(ChangePermissionOrLabel)}. + */ public abstract void check(ChangePermissionOrLabel perm) throws AuthException, PermissionBackendException; |