Package com.google.gerrit.server.permissions

Class PermissionBackend

java.lang.Object
com.google.gerrit.server.permissions.PermissionBackend
Direct Known Subclasses:
DefaultPermissionBackend
public abstract class PermissionBackend extends Object
Checks authorization to perform an action on a project, reference, or change.

check methods should be used during action handlers to verify the user is allowed to exercise the specified permission. For convenience in implementation check methods throw AuthException if the permission is denied.

test methods should be used when constructing replies to the client and the result object needs to include a true/false hint indicating the user's ability to exercise the permission. This is suitable for configuring UI button state, but should not be relied upon to guard handlers before making state changes.

PermissionBackend is a singleton for the server, acting as a factory for lightweight request instances. Implementation classes may cache supporting data inside of PermissionBackend.WithUser, PermissionBackend.ForProject, PermissionBackend.ForRef, and PermissionBackend.ForChange instances, in addition to storing within CurrentUser using a PropertyMap.Key. GlobalPermission caching for PermissionBackend.WithUser may best cached inside CurrentUser as PermissionBackend.WithUser instances are frequently created.

Example use: 

   private final PermissionBackend permissions;
   private final Provider user;

   @Inject
   Foo(PermissionBackend permissions, Provider user) {
     this.permissions = permissions;
     this.user = user;
   }

   public void apply(...) {
     permissions.user(user).change(cd).check(ChangePermission.SUBMIT);
   }

   public UiAction.Description getDescription(ChangeResource rsrc) {
     return new UiAction.Description()
       .setLabel("Submit")
       .setVisible(rsrc.permissions().testCond(ChangePermission.SUBMIT));
 }

  • Constructor Details

    • PermissionBackend

      public PermissionBackend()

  • Method Details

    • currentUser

      public abstract PermissionBackend.WithUser currentUser()
      Returns an instance scoped to the current user.

    • user

      public abstract PermissionBackend.WithUser user(CurrentUser user)
      Returns an instance scoped to the specified user. Should be used in cases where the user could either be the issuer of the current request or an impersonated user. PermissionBackends that do not support impersonation can fail with an IllegalStateException.

      If an instance scoped to the current user is desired, use currentUser() instead.

    • absentUser

      public abstract PermissionBackend.WithUser absentUser(Account.Id id)
      Returns an instance scoped to the provided user. Should be used in cases where the caller wants to check the permissions of a user who is not the issuer of the current request and not the target of impersonation.

      Usage should be very limited as this can expose a group-oracle.

    • usesDefaultCapabilities

      public boolean usesDefaultCapabilities()
      Check whether this PermissionBackend respects the same global capabilities as the DefaultPermissionBackend.

      If true, then it makes sense for downstream callers to refer to built-in Gerrit capability names in user-facing error messages, for example.

      Returns:
      whether this is the default permission backend.

    • checkUsesDefaultCapabilities

      public void checkUsesDefaultCapabilities() throws ResourceNotFoundException
      Throw ResourceNotFoundException if this backend does not use the default global capabilities.
      Throws:
      ResourceNotFoundException

    • bulkEvaluateTest

      public void bulkEvaluateTest(Set<PermissionBackendCondition> conds)
      Bulk evaluate a set of PermissionBackendCondition for view handling.

      Overridden implementations should call PermissionBackendCondition.set(boolean) to cache the result of testOrFalse in the condition for later evaluation. Caching the result will bypass the usual invocation of testOrFalse.

      Parameters:
      conds - conditions to consider.