Allow Owner permission to inherit

The Owner permission should be inherited from any parent project, so long as the parent project isn't the global -- All Projects -- parent project. Change-Id: I2a1f1d9c941a44d2ed4b8d900ee3ef6e48368343 Signed-off-by: Shawn O. Pearce <sop@google.com>
2010-12-15 11:35:42 -08:00 · 2010-12-15 11:35:42 -08:00 · 521dec3725
commit 521dec3725
parent e143def387
4 changed files with 21 additions and 16 deletions
--- a/gerrit-gwtui/src/main/java/com/google/gerrit/client/admin/AccessRightEditor.java
+++ b/gerrit-gwtui/src/main/java/com/google/gerrit/client/admin/AccessRightEditor.java
@ -21,25 +21,21 @@ import com.google.gerrit.client.ui.HintTextBox;
 import com.google.gerrit.client.ui.RPCSuggestOracle;
 import com.google.gerrit.common.data.ApprovalType;
 import com.google.gerrit.common.data.ProjectDetail;
 import com.google.gerrit.reviewdb.AccountGroup;
 import com.google.gerrit.reviewdb.ApprovalCategory;
 import com.google.gerrit.reviewdb.ApprovalCategoryValue;
 import com.google.gerrit.reviewdb.AccountGroup;
 import com.google.gerrit.reviewdb.Project;
 import com.google.gerrit.reviewdb.RefRight;
 import com.google.gwt.event.dom.client.BlurEvent;
 import com.google.gwt.event.dom.client.BlurHandler;
 import com.google.gwt.event.dom.client.ChangeEvent;
 import com.google.gwt.event.dom.client.ChangeHandler;
 import com.google.gwt.event.dom.client.ClickEvent;
 import com.google.gwt.event.dom.client.ClickHandler;
 import com.google.gwt.event.dom.client.FocusEvent;
 import com.google.gwt.event.dom.client.FocusHandler;
 import com.google.gwt.event.dom.client.KeyCodes;
 import com.google.gwt.event.dom.client.KeyPressEvent;
 import com.google.gwt.event.dom.client.KeyPressHandler;
 import com.google.gwt.event.logical.shared.HasValueChangeHandlers;
 import com.google.gwt.event.logical.shared.ValueChangeEvent;
 import com.google.gwt.event.logical.shared.ValueChangeHandler;
 import com.google.gwt.event.logical.shared.HasValueChangeHandlers;
 import com.google.gwt.event.shared.HandlerRegistration;
 import com.google.gwt.user.client.ui.Button;
 import com.google.gwt.user.client.ui.Composite;
@ -148,7 +144,7 @@ public class AccessRightEditor extends Composite
        .getActionTypes()) {
      final ApprovalCategory c = at.getCategory();
      if (Gerrit.getConfig().getWildProject().equals(projectKey)
-          && ApprovalCategory.OWN.equals(c.getId())) {
+          && !c.getId().canBeOnWildProject()) {
        // Giving out control of the WILD_PROJECT to other groups beyond
        // Administrators is dangerous. Having control over WILD_PROJECT
        // is about the same as having Administrator access as users are
--- a/gerrit-reviewdb/src/main/java/com/google/gerrit/reviewdb/ApprovalCategory.java
+++ b/gerrit-reviewdb/src/main/java/com/google/gerrit/reviewdb/ApprovalCategory.java
@ -74,14 +74,15 @@ public final class ApprovalCategory {
      id = newValue;
    }
-    /** True if the right can inherit from the magical "-- All Projects --". */
+    /** True if the right can be assigned on the wild project. */
-    public boolean canInheritFromWildProject() {
+    public boolean canBeOnWildProject() {
      if (OWN.equals(this)) {
        return false;
-      }
+      } else {
        return true;
      }
    }
  }
  /** Internal short unique identifier for this category. */
  @Column(id = 1)
--- a/gerrit-server/src/main/java/com/google/gerrit/server/project/ProjectState.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/project/ProjectState.java
@ -56,12 +56,22 @@ public class ProjectState {
      @WildProjectName final Project.NameKey wildProject,
      final ProjectControl.AssistedFactory projectControlFactory,
      @Assisted final Project project,
-      @Assisted final Collection<RefRight> rights) {
+      @Assisted Collection<RefRight> rights) {
    this.anonymousUser = anonymousUser;
    this.projectCache = projectCache;
    this.wildProject = wildProject;
    this.projectControlFactory = projectControlFactory;
    if (wildProject.equals(project.getNameKey())) {
      rights = new ArrayList<RefRight>(rights);
      for (Iterator<RefRight> itr = rights.iterator(); itr.hasNext();) {
        if (!itr.next().getApprovalCategoryId().canBeOnWildProject()) {
          itr.remove();
        }
      }
      rights = Collections.unmodifiableCollection(rights);
    }
    this.project = project;
    this.localRights = rights;
@ -174,9 +184,7 @@ public class ProjectState {
   */
  public Collection<RefRight> getAllRights(ApprovalCategory.Id action, boolean dropOverridden) {
    Collection<RefRight> rights = new LinkedList<RefRight>(getLocalRights(action));
    if (action.canInheritFromWildProject()) {
    rights.addAll(filter(getInheritedRights(), action));
    }
    if (dropOverridden) {
      Set<Grant> grants = new HashSet<Grant>();
      Iterator<RefRight> iter = rights.iterator();
--- a/gerrit-server/src/test/java/com/google/gerrit/server/project/RefControlTest.java
+++ b/gerrit-server/src/test/java/com/google/gerrit/server/project/RefControlTest.java
@ -284,7 +284,7 @@ public class RefControlTest extends TestCase {
  private ProjectState newProjectState() {
    ProjectCache projectCache = null;
-    Project.NameKey wildProject = null;
+    Project.NameKey wildProject = new Project.NameKey("-- All Projects --");
    ProjectControl.AssistedFactory projectControlFactory = null;
    ProjectState ps =
        new ProjectState(anonymousUser, projectCache, wildProject,