* stable:
Fix ChangeDetailFactory's invocation of PatchSetDetailFactory
Release notes for 2.1.7.1
Fix API breakage on ChangeDetailService
Do not reset Patch History selection on navigation to next file diff
Resolve Project Owners when checking access right on any ref
Conflicts:
gerrit-server/src/main/java/com/google/gerrit/server/project/ProjectControl.java
gerrit-server/src/test/java/com/google/gerrit/server/project/RefControlTest.java
Change-Id: I6e956625cb4648df35035b9be2d32e6e431fb8f3
I flipped the order of the arguments, but did not correctly
update all callers.
Change-Id: Iae14ec35374342f53bc353082db35cb8750a750a
Signed-off-by: Shawn O. Pearce <sop@google.com>
The Mylyn Reviews project pointed out Gerrit changed the API
signature of a JSON method they use remotely. Fix the API back to the
original signature, and define a new method with the extra arguments.
Change-Id: I51cbbdd64bdb72a666a6b5266db3b93494b75182
Signed-off-by: Shawn O. Pearce <sop@google.com>
If a project has no access controls listed in its project.config,
nobody was able to add new sections in the web UI. Ensure that
users are at least able to create new sections if they have owner
power on any reference, which may be inherited down from parent
projects or be implied because of their site administrator status.
Bug: issue 1000
Change-Id: I19bab2a75fe3248275fef9fd87ed86cfa580845a
Signed-off-by: Shawn O. Pearce <sop@google.com>
The abandon and restore routines can fail if the change
is in the wrong state (abandoned already, or open still).
These failure lead to internal NPEs. Instead, create a
new exception and give a reason for the failure to the user.
Change-Id: Id7861d75e535c439c12329f7e891797c5b1f6eca
Most users work in the signed-in mode when reading source files
during review. Using the white background makes it easier to read
the text, especially with syntax coloring enabled.
Change-Id: If49aa62c0ff26971c64fd75505265c58ac859062
Signed-off-by: Shawn O. Pearce <sop@google.com>
* stable:
Support different color pallete when not signed in
Send new patchset event after its available
Enable git:// download URLs if canonicalGitUrl set
Fix NPE on Gerrit startup if mail.from doesn't include a name
Add config setting to only suggest users which are in a visible group
Change-Id: I2bc9ca40e616c7f7b0c12de41f631c916439289c
If the user is not signed in a different theme of colors can be
applied to the UI, making it more obvious that login is necessary.
Bug: issue 913
Change-Id: Id8c780042740b3b93dcee7ed84b3f9f6be06d9de
Signed-off-by: Shawn O. Pearce <sop@google.com>
Add a new setting for the suggest section in the Gerrit configuration
that limits the suggested users to those which are in at least one
group that is visible to the current user.
Change-Id: I89654bfdf63e2b780c5e0c93ee54b14afc1640a0
Signed-off-by: Edwin Kempin <edwin.kempin@sap.com>
When a group is renamed through the web UI, each project.config
(and corresponding groups file) is updated with the new name if
there is a permission rule referencing the group. This ensures
authorship of the relevant modification is charged back to the
user that modified the group name.
Change-Id: Ic44c46553b34548e792269e6ce835ecffea42db7
Signed-off-by: Shawn O. Pearce <sop@google.com>
Pushing a new, rebased Patch Set for a Change failed with a
NullPointer if the first Patch Set could not be merged due
to a patch conflict.
The reason was that there is no ApprovalType of Category SUBM
anymore, but it is still stored in the database.
Change-Id: I058ba99b835813245283c04fdb08199c94957645
Signed-off-by: Stefan Lay <stefan.lay@sap.com>
Permissions are stored in the project.config file within the
refs/meta/config branch of each project. This makes the rules
more flexible in the future, as well as adds version control.
For example:
[access "refs/*"]
owner = group tools-owners
[access "refs/heads/*"]
label-Verified = -1..+1 group tools-dev
label-Verified = -1..+1 group tools-owners
label-Code-Review = -2..+2 group tools-owners
submit = group tools-dev
submit = group tools-owners
[access "refs/heads/stable"]
exclusiveGroupPermissions = read create push
read = group Anonymous Users
push = group tools-repo-maintainer
To enable easy remote editing of the configuration rules, the
following access block is added by default to -- All Projects --
and is thus inherited throughout the entire site:
[access "refs/meta/config"]
read = group Project Owners
push = group Project Owners
This configuration section permits any project owner or site
administrator (as they are indirectly always a project owner of
any project) to push changes to the project.config file within
the refs/meta/config branch, updating access (and other project
information) remotely without using the web UI.
Change-Id: Idb56f657a4bf88108ad40bbb19d831e6806b68c5
Signed-off-by: Shawn O. Pearce <sop@google.com>
The ref_rights table is about to change its entire data model to
something stored in Git, and which uses a different layout in-memory
and on-disk than the old RefRight object. Dropping the old web UI
before making the internal API changes reduces the amount of code that
is being modified at once. A new UI will be built from scratch to
support the new data model more accurately than the old simple table
layout could do.
Change-Id: Idfdebc712b1241a81346084037bc5f6aeab6e42a
Signed-off-by: Shawn O. Pearce <sop@google.com>
By switching to the UUID we can have a globally unique identifier
for group membership throughout the server, even if group information
comes in from a different data source.
Change-Id: Icb49d6a6aff8e62864ac0f78ceedbe03f01de894
Signed-off-by: Shawn O. Pearce <sop@google.com>
Project settings are now saved in the project.config file of the
refs/meta/config branch within each Git repository. This offers
us free version control over the lifespan of the project, and will
help reduce schema version issues as the configuration file is
more free-form.
Project owners can edit the configuration of their project by
hand and push the results back up, possibly even going through
code review, if the proper access rules are assigned in the
project's access panel. Project users can inspect the history of
the configuration by reading the history of the refs/meta/config
branch with their favorite history browser.
Change-Id: Id63414d86dbfb9033021f76e1d5e782373525a77
Signed-off-by: Shawn O. Pearce <sop@google.com>
Rather than locating projects in the database table, perform a
recursive scan of the managed repository directory and pull up
anything that we find. This is a first step towards moving all
the project control metadata directly into Git.
Bug: issue 436
Change-Id: I08e0083f14f5c03eb9e49b4895c265d13b828534
Signed-off-by: Shawn O. Pearce <sop@google.com>
Despite our best efforts to resolve warnings, some new ones slipped in
late this afternoon.
Change-Id: I4b8f8bba08de2d5c7a2a03c04d121c0e447bfa8e
Signed-off-by: Shawn O. Pearce <sop@google.com>
Pass through arguments for diff between patch sets
Modify internal APIs to pass through the old, new and preferences
needed to compute the differences between two patch sets for the
UI.
Bug: issue 194
Change-Id: I98827bf88227e912860769f22cd90f5c35b784b0
Normally an email is sent to a reviewer when they are added
as a reviewer on a change. In the special case that they
are the ones adding themselves as a reviwer, do not bother
sending them the notification email.
Change-Id: Id4c98325bd0e0c8cd141de5fd4fc57b13e258553
Sites may not want to show all users when completing. Enable
two other alternatives: OFF shows nothing, SAME_GROUP requires
them to have a common group.
Change-Id: I50fc4c7c37c4197351ac537123d93083e8ff73d2
Signed-off-by: Shawn O. Pearce <sop@google.com>
If a group is not visible to all users, and the current user is
not an owner of the group nor is a site administrator, the group
must not appear as a suggestion.
Change-Id: I68430f2fff9c855439d85b95668fec03217a3251
Signed-off-by: Shawn O. Pearce <sop@google.com>
This change adds a new item to the group configuration: a list of
groups whose members should be included in this one. This makes it
possible to set up a hierarchy of included groups, which can make it
easier to maintain complex access control lists.
To accomplish this, two new database tables were added,
called AccountGroupIncludes and AccountGroupIncludesAudit.
The relevant support code was added around them, largely based on
the existing code for handling indivdual account membership. In
addition, caches for group information were added, paralleling the
caches that already exist for accounts.
Change-Id: Ib6990c17739f28f38bc13961143db7ce79251567
When this property is set on a group, actions and
comments from members of this group will only cause
emails to be sent to change authors. This is
particularly useful to quiet actions from automation
users.
Change-Id: Ibcde6e07045ec00d095028c86e8dd47cef3cf582
This patch allows configuration of alternative base URL for:
- "(gitweb)" links in Gerrit,
- all links in Gerrit's managed Gitweb.
Please note that this changes only URL of the links and not real URL
under which Gerrit's managed Gitweb is served ("<gerrit>/gitweb").
This means that this feature is useful only in setups with front-end
web servers.
To enable this feature, set both: gitweb.cgi and gitweb.url.
Change-Id: I869e2c0e151deb0e0248ed86b9611e1e5ac7e431
Signed-off-by: Piotr Sikora <piotr.sikora@frickle.com>
This test was broken when symbolic references and their targets were
no longer permitted to be deleted.
Change-Id: I20249341bdcf9f9f65c513294e0177182a6e46ab
Signed-off-by: Shawn O. Pearce <sop@google.com>
In the project branches screen a user can select branches and delete
them. It is also possible to select the symbolic ref HEAD and attempt
to delete it. Trying to delete HEAD fails without message to the user.
Only in the Gerrit log a warning will be written:
'WARN com.google.gerrit.httpd.rpc.project.DeleteBranches : Cannot
delete myProject,HEAD:REJECTED_CURRENT_BRANCH'.
Also the deletion of a branch that is a target of a symbolic ref fails
the same way.
Since HEAD and branches that are target of a symbolic ref can't be
deleted, do not display a checkbox for them so that the user can't
select them and attempt to delete them.
Change-Id: Ibb2306d91db7345577cde385382b32663996a669
Signed-off-by: Edwin Kempin <edwin.kempin@gmail.com>
Normally a group is only visible to the group owners and the Gerrit
administrators. In certain environments (corporate or open source) it
can make sense to have groups that are visible to all registered
users. E.g.:
- a user needs access rights for a certain project, if this user can
see the project owner group, he knows whom to contact to request
the access rights
- a user needs support from a Gerrit administrator, if this user can
see the administrator group, he knows whom to contact
This change adds a new group option that allows to make the group
visible to all registered users. Modifying the group is still only
allowed for the group owners. By default a newly created group will
only be visible to the group owners.
Change-Id: I2de0084a7842d73618ca48fa95804c22d5bb90cb
Signed-off-by: Edwin Kempin <edwin.kempin@sap.com>