private GroupReference getOrCreateGroupForIndividuals(
ReviewDb db,
ProjectConfig config,
List<AccountGroup.UUID> adminGroupUUIDs,
ContributorAgreement agreement)
throws OrmException {
if (!agreement.getAccepted().isEmpty()) {
return agreement.getAccepted().get(0).getGroup();
}
String name = "CLA Accepted - " + agreement.getName();
AccountGroupName agn = db.accountGroupNames().get(new AccountGroup.NameKey(name));
AccountGroup ag;
if (agn != null) {
ag = db.accountGroups().get(agn.getId());
if (ag == null) {
throw new IllegalStateException(
"account group name exists but account group does not: " + name);
}
if (!adminGroupUUIDs.contains(ag.getOwnerGroupUUID())) {
throw new IllegalStateException(
"individual group exists with non admin owner group: " + name);
}
} else {
ag =
createGroup(
db,
name,
adminGroupUUIDs.get(0),
String.format("Users who have accepted the %s CLA", agreement.getName()));
}
GroupReference group = config.resolve(ag);
agreement.setAccepted(Lists.newArrayList(new PermissionRule(group)));
if (agreement.getAutoVerify() != null) {
agreement.setAutoVerify(group);
}
// Don't allow accounts in the same individual CLA group to see each
// other in same group visibility mode.
List<PermissionRule> sameGroupVisibility = config.getAccountsSection().getSameGroupVisibility();
PermissionRule rule = new PermissionRule(group);
rule.setDeny();
if (!sameGroupVisibility.contains(rule)) {
sameGroupVisibility.add(rule);
}
return group;
}
