// Copyright (C) 2014 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package com.google.gerrit.server.project;
import static com.google.gerrit.common.data.Permission.READ;
import static com.google.gerrit.server.group.SystemGroupBackend.REGISTERED_USERS;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import com.google.gerrit.common.data.AccessSection;
import com.google.gerrit.common.data.Permission;
import com.google.gerrit.lifecycle.LifecycleManager;
import com.google.gerrit.reviewdb.client.Account;
import com.google.gerrit.reviewdb.client.AccountGroup;
import com.google.gerrit.reviewdb.client.Project;
import com.google.gerrit.reviewdb.server.ReviewDb;
import com.google.gerrit.server.CurrentUser;
import com.google.gerrit.server.IdentifiedUser;
import com.google.gerrit.server.account.AccountManager;
import com.google.gerrit.server.account.AuthRequest;
import com.google.gerrit.server.account.GroupCache;
import com.google.gerrit.server.config.AllProjectsName;
import com.google.gerrit.server.git.MetaDataUpdate;
import com.google.gerrit.server.git.ProjectConfig;
import com.google.gerrit.server.schema.SchemaCreator;
import com.google.gerrit.server.util.RequestContext;
import com.google.gerrit.server.util.ThreadLocalRequestContext;
import com.google.gerrit.testutil.InMemoryDatabase;
import com.google.gerrit.testutil.InMemoryModule;
import com.google.gerrit.testutil.InMemoryRepositoryManager;
import com.google.inject.Guice;
import com.google.inject.Inject;
import com.google.inject.Injector;
import com.google.inject.Provider;
import com.google.inject.util.Providers;
import org.eclipse.jgit.internal.storage.dfs.InMemoryRepository;
import org.eclipse.jgit.junit.TestRepository;
import org.eclipse.jgit.lib.ObjectId;
import org.eclipse.jgit.lib.Repository;
import org.eclipse.jgit.revwalk.RevCommit;
import org.eclipse.jgit.revwalk.RevWalk;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
/** Unit tests for {@link ProjectControl}. */
public class ProjectControlTest {
@Inject private AccountManager accountManager;
@Inject private IdentifiedUser.GenericFactory userFactory;
@Inject private InMemoryDatabase schemaFactory;
@Inject private InMemoryRepositoryManager repoManager;
@Inject private ProjectControl.GenericFactory projectControlFactory;
@Inject private SchemaCreator schemaCreator;
@Inject private ThreadLocalRequestContext requestContext;
@Inject protected ProjectCache projectCache;
@Inject protected MetaDataUpdate.Server metaDataUpdateFactory;
@Inject protected AllProjectsName allProjects;
@Inject protected GroupCache groupCache;
private LifecycleManager lifecycle;
private ReviewDb db;
private TestRepository<InMemoryRepository> repo;
private ProjectConfig project;
private IdentifiedUser user;
private AccountGroup.UUID admins;
@Before
public void setUp() throws Exception {
Injector injector = Guice.createInjector(new InMemoryModule());
injector.injectMembers(this);
lifecycle = new LifecycleManager();
lifecycle.add(injector);
lifecycle.start();
db = schemaFactory.open();
schemaCreator.create(db);
// Need to create at least one user to be admin before creating a "normal"
// registered user.
// See AccountManager#create().
accountManager.authenticate(AuthRequest.forUser("admin")).getAccountId();
admins = groupCache.get(new AccountGroup.NameKey("Administrators")).getGroupUUID();
setUpPermissions();
Account.Id userId = accountManager.authenticate(AuthRequest.forUser("user")).getAccountId();
user = userFactory.create(userId);
Project.NameKey name = new Project.NameKey("project");
InMemoryRepository inMemoryRepo = repoManager.createRepository(name);
project = new ProjectConfig(name);
project.load(inMemoryRepo);
repo = new TestRepository<>(inMemoryRepo);
requestContext.setContext(
new RequestContext() {
@Override
public CurrentUser getUser() {
return user;
}
@Override
public Provider<ReviewDb> getReviewDbProvider() {
return Providers.of(db);
}
});
}
@After
public void tearDown() {
if (repo != null) {
repo.getRepository().close();
}
if (lifecycle != null) {
lifecycle.stop();
}
requestContext.setContext(null);
if (db != null) {
db.close();
}
InMemoryDatabase.drop(schemaFactory);
}
@Test
public void canReadCommitWhenAllRefsVisible() throws Exception {
allow(project, READ, REGISTERED_USERS, "refs/*");
ObjectId id = repo.branch("master").commit().create();
ProjectControl pc = newProjectControl();
RevWalk rw = repo.getRevWalk();
Repository r = repo.getRepository();
assertTrue(pc.canReadCommit(db, r, rw.parseCommit(id)));
}
@Test
public void canReadCommitIfTwoRefsVisible() throws Exception {
allow(project, READ, REGISTERED_USERS, "refs/heads/branch1");
allow(project, READ, REGISTERED_USERS, "refs/heads/branch2");
ObjectId id1 = repo.branch("branch1").commit().create();
ObjectId id2 = repo.branch("branch2").commit().create();
ProjectControl pc = newProjectControl();
RevWalk rw = repo.getRevWalk();
Repository r = repo.getRepository();
assertTrue(pc.canReadCommit(db, r, rw.parseCommit(id1)));
assertTrue(pc.canReadCommit(db, r, rw.parseCommit(id2)));
}
@Test
public void canReadCommitIfRefVisible() throws Exception {
allow(project, READ, REGISTERED_USERS, "refs/heads/branch1");
deny(project, READ, REGISTERED_USERS, "refs/heads/branch2");
ObjectId id1 = repo.branch("branch1").commit().create();
ObjectId id2 = repo.branch("branch2").commit().create();
ProjectControl pc = newProjectControl();
RevWalk rw = repo.getRevWalk();
Repository r = repo.getRepository();
assertTrue(pc.canReadCommit(db, r, rw.parseCommit(id1)));
assertFalse(pc.canReadCommit(db, r, rw.parseCommit(id2)));
}
@Test
public void canReadCommitIfReachableFromVisibleRef() throws Exception {
allow(project, READ, REGISTERED_USERS, "refs/heads/branch1");
deny(project, READ, REGISTERED_USERS, "refs/heads/branch2");
RevCommit parent1 = repo.commit().create();
repo.branch("branch1").commit().parent(parent1).create();
RevCommit parent2 = repo.commit().create();
repo.branch("branch2").commit().parent(parent2).create();
ProjectControl pc = newProjectControl();
RevWalk rw = repo.getRevWalk();
Repository r = repo.getRepository();
assertTrue(pc.canReadCommit(db, r, rw.parseCommit(parent1)));
assertFalse(pc.canReadCommit(db, r, rw.parseCommit(parent2)));
}
@Test
public void cannotReadAfterRollbackWithRestrictedRead() throws Exception {
allow(project, READ, REGISTERED_USERS, "refs/heads/branch1");
RevCommit parent1 = repo.commit().create();
ObjectId id1 = repo.branch("branch1").commit().parent(parent1).create();
ProjectControl pc = newProjectControl();
RevWalk rw = repo.getRevWalk();
Repository r = repo.getRepository();
assertTrue(pc.canReadCommit(db, r, rw.parseCommit(parent1)));
assertTrue(pc.canReadCommit(db, r, rw.parseCommit(id1)));
repo.branch("branch1").update(parent1);
assertTrue(pc.canReadCommit(db, r, rw.parseCommit(parent1)));
assertFalse(pc.canReadCommit(db, r, rw.parseCommit(id1)));
}
@Test
public void canReadAfterRollbackWithAllRefsVisible() throws Exception {
allow(project, READ, REGISTERED_USERS, "refs/*");
RevCommit parent1 = repo.commit().create();
ObjectId id1 = repo.branch("branch1").commit().parent(parent1).create();
ProjectControl pc = newProjectControl();
RevWalk rw = repo.getRevWalk();
Repository r = repo.getRepository();
assertTrue(pc.canReadCommit(db, r, rw.parseCommit(parent1)));
assertTrue(pc.canReadCommit(db, r, rw.parseCommit(id1)));
repo.branch("branch1").update(parent1);
assertTrue(pc.canReadCommit(db, r, rw.parseCommit(parent1)));
assertFalse(pc.canReadCommit(db, r, rw.parseCommit(id1)));
}
private ProjectControl newProjectControl() throws Exception {
return projectControlFactory.controlFor(project.getName(), user);
}
protected void allow(ProjectConfig project, String permission, AccountGroup.UUID id, String ref)
throws Exception {
Util.allow(project, permission, id, ref);
saveProjectConfig(project);
}
protected void deny(ProjectConfig project, String permission, AccountGroup.UUID id, String ref)
throws Exception {
Util.deny(project, permission, id, ref);
saveProjectConfig(project);
}
protected void saveProjectConfig(ProjectConfig cfg) throws Exception {
try (MetaDataUpdate md = metaDataUpdateFactory.create(cfg.getName())) {
cfg.commit(md);
}
projectCache.evict(cfg.getProject());
}
private void setUpPermissions() throws Exception {
// Remove read permissions for all users besides admin, because by default
// Anonymous user group has ALLOW READ permission in refs/*.
// This method is idempotent, so is safe to call on every test setup.
ProjectConfig pc = projectCache.checkedGet(allProjects).getConfig();
for (AccessSection sec : pc.getAccessSections()) {
sec.removePermission(Permission.READ);
}
allow(pc, Permission.READ, admins, "refs/*");
}
}