Examples of com.google.gerrit.common.data.AccessSection

com.google.gerrit.common.data.AccessSection
Portion of a {@link Project} describing access rules.

      ProjectConfig config = ProjectConfig.read(md);
      Project p = config.getProject();
      p.setDescription("Rights inherited by all other projects");
      p.setUseContributorAgreements(false);


      AccessSection cap = config.getAccessSection(AccessSection.GLOBAL_CAPABILITIES, true);
      AccessSection all = config.getAccessSection(AccessSection.ALL, true);
      AccessSection heads = config.getAccessSection(AccessSection.HEADS, true);
      AccessSection meta = config.getAccessSection(GitRepositoryManager.REF_CONFIG, true);


      cap.getPermission(GlobalCapability.ADMINISTRATE_SERVER, true)
        .add(rule(config, admin));


      PermissionRule review = rule(config, registered);
      review.setRange(-1, 1);
      heads.getPermission(Permission.LABEL + "Code-Review", true).add(review);


      all.getPermission(Permission.READ, true) //
          .add(rule(config, admin));
      all.getPermission(Permission.READ, true) //
          .add(rule(config, anonymous));


      config.getAccessSection("refs/for/" + AccessSection.ALL, true) //
          .getPermission(Permission.PUSH, true) //
          .add(rule(config, registered));
      all.getPermission(Permission.FORGE_AUTHOR, true) //
          .add(rule(config, registered));


      Permission metaReadPermission = meta.getPermission(Permission.READ, true);
      metaReadPermission.setExclusiveGroup(true);
      metaReadPermission.add(rule(config, owners));


      md.setMessage("Initialized Gerrit Code Review " + Version.getVersion());
      config.commit(md);

View Full Code Here

            new MetaDataUpdate(GitReferenceUpdated.DISABLED, allProjects, git);
        md.getCommitBuilder().setAuthor(serverUser);
        md.getCommitBuilder().setCommitter(serverUser);


        ProjectConfig config = ProjectConfig.read(md);
        AccessSection cap = config.getAccessSection(AccessSection.GLOBAL_CAPABILITIES, true);


        // Move the Administrators group reference to All-Projects.
        cap.getPermission(GlobalCapability.ADMINISTRATE_SERVER, true)
            .add(new PermissionRule(config.resolve(db.accountGroups().get(sc.adminGroupId))));


        // Move the repository.*.createGroup to Create Project.
        String[] createGroupList = cfg.getStringList("repository", "*", "createGroup");
        for (String name : createGroupList) {
          AccountGroup.NameKey key = new AccountGroup.NameKey(name);
          AccountGroupName groupName = db.accountGroupNames().get(key);
          if (groupName == null) {
            continue;
          }


          AccountGroup group = db.accountGroups().get(groupName.getId());
          if (group == null) {
            continue;
          }


          cap.getPermission(GlobalCapability.CREATE_PROJECT, true)
              .add(new PermissionRule(config.resolve(group)));
        }
        if (createGroupList.length != 0) {
          ui.message("Moved repository.*.createGroup to 'Create Project' capability");
          cfg.unset("repository", "*", "createGroup");
          cfgDirty = true;
        }


        AccountGroup batch = db.accountGroups().get(sc.batchUsersGroupId);
        if (batch != null
            && db.accountGroupMembers().byGroup(sc.batchUsersGroupId).toList().isEmpty()
            &&  db.accountGroupIncludes().byGroup(sc.batchUsersGroupId).toList().isEmpty()) {
          // If the batch user group is not used, delete it.
          //
          db.accountGroups().delete(Collections.singleton(batch));


          AccountGroupName name = db.accountGroupNames().get(batch.getNameKey());
          if (name != null) {
            db.accountGroupNames().delete(Collections.singleton(name));
          }
        } else if (batch != null) {
          cap.getPermission(GlobalCapability.PRIORITY, true)
              .getRule(config.resolve(batch), true)
              .setAction(Action.BATCH);
        }


        md.setMessage("Upgrade to Gerrit Code Review schema 57\n");

View Full Code Here

          new MetaDataUpdate(GitReferenceUpdated.DISABLED, allProjects, git);
      md.getCommitBuilder().setAuthor(serverUser);
      md.getCommitBuilder().setCommitter(serverUser);


      ProjectConfig config = ProjectConfig.read(md);
      AccessSection section =
          config.getAccessSection(AccessSection.GLOBAL_CAPABILITIES, true);
      Permission capability =
          section.getPermission(GlobalCapability.EMAIL_REVIEWERS, true);
      for (GroupReference group : groups) {
        capability.getRule(config.resolve(group), true).setDeny();
      }


      md.setMessage("Upgrade to Gerrit Code Review schema 64\n");

View Full Code Here


    if (isAllProjects && !Permission.canBeOnAllProjects(AccessSection.ALL, Permission.OWNER)) {
      localOwners = Collections.emptySet();
    } else {
      HashSet<AccountGroup.UUID> groups = new HashSet<AccountGroup.UUID>();
      AccessSection all = config.getAccessSection(AccessSection.ALL);
      if (all != null) {
        Permission owner = all.getPermission(Permission.OWNER);
        if (owner != null) {
          for (PermissionRule rule : owner.getRules()) {
            GroupReference ref = rule.getGroup();
            if (ref.getUUID() != null) {
              groups.add(ref.getUUID());

View Full Code Here

          for (Permission p : section.getPermissions()) {
            if (Permission.canBeOnAllProjects(section.getName(), p.getName())) {
              copy.add(p);
            }
          }
          section = new AccessSection(section.getName());
          section.setPermissions(copy);
        }


        SectionMatcher matcher = SectionMatcher.wrap(section);
        if (matcher != null) {

View Full Code Here

        newProject.setParentName(createProjectArgs.newParent.getProject()
            .getNameKey());
      }


      if (!createProjectArgs.ownerIds.isEmpty()) {
        final AccessSection all =
            config.getAccessSection(AccessSection.ALL, true);
        for (AccountGroup.UUID ownerId : createProjectArgs.ownerIds) {
          GroupDescription.Basic g = groupBackend.get(ownerId);
          if (g != null) {
            GroupReference group = config.resolve(GroupReference.forGroup(g));
            all.getPermission(Permission.OWNER, true).add(
                new PermissionRule(group));
          }
        }
      }

View Full Code Here

  public final List<PermissionRule> priority;
  public final List<PermissionRule> queryLimit;


  public CapabilityCollection(AccessSection section) {
    if (section == null) {
      section = new AccessSection(AccessSection.GLOBAL_CAPABILITIES);
    }


    Map<String, List<PermissionRule>> tmp =
        new HashMap<String, List<PermissionRule>>();
    for (Permission permission : section.getPermissions()) {

View Full Code Here

          // Filter the section to only add rules describing groups that
          // are visible to the current-user. This includes any group the
          // user is a member of, as well as groups they own or that
          // are visible to all users.


          AccessSection dst = null;
          for (Permission srcPerm : section.getPermissions()) {
            Permission dstPerm = null;


            for (PermissionRule srcRule : srcPerm.getRules()) {
              AccountGroup.UUID group = srcRule.getGroup().getUUID();
              if (group == null) {
                continue;
              }


              Boolean canSeeGroup = visibleGroups.get(group);
              if (canSeeGroup == null) {
                try {
                  canSeeGroup = groupControlFactory.controlFor(group).isVisible();
                } catch (NoSuchGroupException e) {
                  canSeeGroup = Boolean.FALSE;
                }
                visibleGroups.put(group, canSeeGroup);
              }


              if (canSeeGroup) {
                if (dstPerm == null) {
                  if (dst == null) {
                    dst = new AccessSection(name);
                    local.add(dst);
                  }
                  dstPerm = dst.getPermission(srcPerm.getName(), true);
                }
                dstPerm.add(srcRule);
              }
            }
          }

View Full Code Here

    for (AccessSection section : src) {
      if (section.getPermissions().isEmpty()) {
        continue;
      }


      AccessSection prior = map.get(section.getName());
      if (prior != null) {
        prior.mergeFrom(section);
      } else {
        map.put(section.getName(), section);
      }
    }
    return new ArrayList<AccessSection>(map.values());

View Full Code Here

        convertRights(config);


        // Grant out read on the config branch by default.
        //
        if (config.getProject().getNameKey().equals(systemConfig.wildProjectName)) {
          AccessSection meta = config.getAccessSection(GitRepositoryManager.REF_CONFIG, true);
          Permission read = meta.getPermission(READ, true);
          read.getRule(config.resolve(projectOwners), true);
        }


        md.setMessage("Import project configuration from SQL\n");
        config.commit(md);

View Full Code Here

0 1 2

TOP

Related Classes of com.google.gerrit.common.data.AccessSection

com.google.gerrit.client.admin.ProjectAccessEditor

com.google.gerrit.httpd.rpc.project.ProjectAccessFactory

com.google.gerrit.httpd.rpc.project.ProjectAccessHandler

com.google.gerrit.server.account.CapabilityCollection

com.google.gerrit.server.git.ProjectConfig

com.google.gerrit.server.git.ProjectConfigTest

com.google.gerrit.server.project.CreateProject

com.google.gerrit.server.project.ProjectControl

com.google.gerrit.server.project.ProjectState

com.google.gerrit.server.schema.Schema_53

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.