private GroupReference getOrCreateGroupForIndividuals( ReviewDb db, ProjectConfig config, List<AccountGroup.UUID> adminGroupUUIDs, ContributorAgreement agreement) throws OrmException { if (!agreement.getAccepted().isEmpty()) { return agreement.getAccepted().get(0).getGroup(); } String name = "CLA Accepted - " + agreement.getName(); AccountGroupName agn = db.accountGroupNames().get(new AccountGroup.NameKey(name)); AccountGroup ag; if (agn != null) { ag = db.accountGroups().get(agn.getId()); if (ag == null) { throw new IllegalStateException( "account group name exists but account group does not: " + name); } if (!adminGroupUUIDs.contains(ag.getOwnerGroupUUID())) { throw new IllegalStateException( "individual group exists with non admin owner group: " + name); } } else { ag = createGroup( db, name, adminGroupUUIDs.get(0), String.format("Users who have accepted the %s CLA", agreement.getName())); } GroupReference group = config.resolve(ag); agreement.setAccepted(Lists.newArrayList(new PermissionRule(group))); if (agreement.getAutoVerify() != null) { agreement.setAutoVerify(group); } // Don't allow accounts in the same individual CLA group to see each // other in same group visibility mode. List<PermissionRule> sameGroupVisibility = config.getAccountsSection().getSameGroupVisibility(); PermissionRule rule = new PermissionRule(group); rule.setDeny(); if (!sameGroupVisibility.contains(rule)) { sameGroupVisibility.add(rule); } return group; }
@Override protected void migrateData(ReviewDb db, UpdateUI ui) throws OrmException, SQLException { Repository git; try { git = mgr.openRepository(allProjects); } catch (IOException e) { throw new OrmException(e); } try { MetaDataUpdate md = new MetaDataUpdate(GitReferenceUpdated.DISABLED, allProjects, git); ProjectConfig config = ProjectConfig.read(md); Map<Integer, ContributorAgreement> agreements = getAgreementToAdd(db, config); if (agreements.isEmpty()) { return; } ui.message("Moved contributor agreements to project.config"); // Create the auto verify groups. List<AccountGroup.UUID> adminGroupUUIDs = getAdministrateServerGroups(db, config); for (ContributorAgreement agreement : agreements.values()) { if (agreement.getAutoVerify() != null) { getOrCreateGroupForIndividuals(db, config, adminGroupUUIDs, agreement); } } // Scan AccountAgreement long minTime = addAccountAgreements(db, config, adminGroupUUIDs, agreements); ProjectConfig base = ProjectConfig.read(md, null); for (ContributorAgreement agreement : agreements.values()) { base.replace(agreement); } base.getAccountsSection() .setSameGroupVisibility(config.getAccountsSection().getSameGroupVisibility()); BatchMetaDataUpdate batch = base.openUpdate(md); try { // Scan AccountGroupAgreement List<AccountGroupAgreement> groupAgreements = getAccountGroupAgreements(db, agreements); // Find the earliest change for (AccountGroupAgreement aga : groupAgreements) { minTime = Math.min(minTime, aga.getTime()); } minTime -= 60 * 1000; // 1 Minute CommitBuilder commit = new CommitBuilder(); commit.setAuthor(new PersonIdent(serverUser, new Date(minTime))); commit.setCommitter(new PersonIdent(serverUser, new Date(minTime))); commit.setMessage( "Add the ContributorAgreements for upgrade to Gerrit Code Review schema 65\n"); batch.write(commit); for (AccountGroupAgreement aga : groupAgreements) { AccountGroup group = db.accountGroups().get(aga.groupId); if (group == null) { continue; } ContributorAgreement agreement = agreements.get(aga.claId); agreement.getAccepted().add(new PermissionRule(config.resolve(group))); base.replace(agreement); PersonIdent ident = null; if (aga.reviewedBy != null) { Account ua = db.accounts().get(aga.reviewedBy); if (ua != null) { String name = ua.getFullName(); String email = ua.getPreferredEmail(); if (email == null || email.isEmpty()) { // No preferred email is configured. Use a generic identity so we // don't leak an address the user may have given us, but doesn't // necessarily want to publish through Git records. // String user = ua.getUserName(); if (user == null || user.isEmpty()) { user = "******" + ua.getId().toString(); } String host = SystemReader.getInstance().getHostname(); email = user + "@" + host; } if (name == null || name.isEmpty()) { final int at = email.indexOf('@'); if (0 < at) { name = email.substring(0, at); } else { name = anonymousCowardName; } } ident = new PersonIdent(name, email, new Date(aga.getTime()), TimeZone.getDefault()); } } if (ident == null) { ident = new PersonIdent(serverUser, new Date(aga.getTime())); } // Build the commits such that it keeps track of the date added and // who added it. commit = new CommitBuilder(); commit.setAuthor(ident); commit.setCommitter(new PersonIdent(serverUser, new Date(aga.getTime()))); String msg = String.format( "Accept %s contributor agreement for %s\n", agreement.getName(), group.getName()); if (!Strings.isNullOrEmpty(aga.reviewComments)) { msg += "\n" + aga.reviewComments + "\n"; } commit.setMessage(msg); batch.write(commit); } // Merge the agreements with the other data in project.config. commit = new CommitBuilder(); commit.setAuthor(serverUser); commit.setCommitter(serverUser); commit.setMessage("Upgrade to Gerrit Code Review schema 65\n"); commit.addParentId(config.getRevision()); batch.write(config, commit); // Save the the final metadata. batch.commitAt(config.getRevision()); } finally { batch.close(); } } catch (IOException e) { throw new OrmException(e); } catch (ConfigInvalidException e) { throw new OrmException(e); } finally { git.close(); } }