Examples with Account com.google.gerrit.entities.Account used on opensource projects

Example 56 with Account

use of com.google.gerrit.entities.Account in project gerrit by GerritCodeReview.

the class AccountManagerIT method authenticateWithEmail.

@Test
public void authenticateWithEmail() throws Exception {
    String email = "foo@example.com";
    Account.Id accountId = Account.id(seq.nextAccountId());
    ExternalId.Key mailtoExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_MAILTO, email);
    accountsUpdate.insert("Create Test Account", accountId, u -> u.addExternalId(externalIdFactory.create(mailtoExtIdKey, accountId)));
    AuthRequest who = authRequestFactory.createForEmail(email);
    AuthResult authResult = accountManager.authenticate(who);
    assertAuthResultForExistingAccount(authResult, accountId, mailtoExtIdKey);
}

Example 57 with Account

use of com.google.gerrit.entities.Account in project gerrit by GerritCodeReview.

the class AccountManagerIT method cannotActivateAccountOnAuthenticationWhenAutoUpdateAccountActiveStatusIsDisabled.

@Test
public void cannotActivateAccountOnAuthenticationWhenAutoUpdateAccountActiveStatusIsDisabled() throws Exception {
    String username = "foo";
    Account.Id accountId = Account.id(seq.nextAccountId());
    ExternalId.Key gerritExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_GERRIT, username);
    accountsUpdate.insert("Create Test Account", accountId, u -> u.setActive(false).addExternalId(externalIdFactory.create(gerritExtIdKey, accountId)));
    AuthRequest who = authRequestFactory.createForUser(username);
    who.setActive(true);
    who.setAuthProvidesAccountActiveStatus(true);
    AccountException thrown = assertThrows(AccountException.class, () -> accountManager.authenticate(who));
    assertThat(thrown).hasMessageThat().contains("Authentication error, account inactive");
}

Example 58 with Account

use of com.google.gerrit.entities.Account in project gerrit by GerritCodeReview.

the class AccountResolverIT method onlyExactIdReturnsInactiveAccounts.

@Test
public void onlyExactIdReturnsInactiveAccounts() throws Exception {
    TestAccount account = accountOperations.account(accountOperations.newAccount().fullname("Inactiveuser Name").preferredEmail("inactiveuser@example.com").username("inactiveusername").create()).get();
    Account.Id id = account.accountId();
    String nameEmail = account.fullname().get() + " <" + account.preferredEmail().get() + ">";
    ImmutableList<String> inputs = ImmutableList.of(account.fullname().get() + " (" + account.accountId() + ")", account.fullname().get(), account.preferredEmail().get(), nameEmail, Splitter.on(' ').splitToList(account.fullname().get()).get(0));
    assertThat(resolve(account.accountId())).containsExactly(id);
    for (String input : inputs) {
        assertWithMessage("results for %s (active)", input).that(resolve(input)).containsExactly(id);
    }
    gApi.accounts().id(id.get()).setActive(false);
    assertThat(resolve(account.accountId())).containsExactly(id);
    for (String input : inputs) {
        Result result = accountResolver.resolve(input);
        assertWithMessage("results for %s (inactive)", input).that(result.asIdSet()).isEmpty();
        UnresolvableAccountException thrown = assertThrows(UnresolvableAccountException.class, () -> result.asUnique());
        assertThat(thrown).hasMessageThat().isEqualTo("Account '" + input + "' only matches inactive accounts. To use an inactive account, retry" + " with one of the following exact account IDs:\n" + id + ": " + nameEmail);
        assertWithMessage("results by name or email for %s (inactive)", input).that(resolveByNameOrEmail(input)).isEmpty();
    }
}

Example 59 with Account

use of com.google.gerrit.entities.Account in project gerrit by GerritCodeReview.

the class AbstractQueryChangesTest method byAuthorOrCommitterExact.

private void byAuthorOrCommitterExact(String searchOperator) throws Exception {
    TestRepository<Repo> repo = createProject("repo");
    PersonIdent johnDoe = new PersonIdent("John Doe", "john.doe@example.com");
    PersonIdent john = new PersonIdent("John", "john@example.com");
    PersonIdent doeSmith = new PersonIdent("Doe Smith", "doe_smith@example.com");
    Account ua = user.asIdentifiedUser().getAccount();
    PersonIdent myself = new PersonIdent("I Am", ua.preferredEmail());
    PersonIdent selfName = new PersonIdent("My Self", "my.self@example.com");
    Change change1 = createChange(repo, johnDoe);
    Change change2 = createChange(repo, john);
    Change change3 = createChange(repo, doeSmith);
    createChange(repo, selfName);
    // Only email address.
    assertQuery(searchOperator + "john.doe@example.com", change1);
    assertQuery(searchOperator + "john@example.com", change2);
    // Case insensitive.
    assertQuery(searchOperator + "Doe_SmIth@example.com", change3);
    // Right combination of email address and name.
    assertQuery(searchOperator + "\"John Doe <john.doe@example.com>\"", change1);
    assertQuery(searchOperator + "\" John <john@example.com> \"", change2);
    assertQuery(searchOperator + "\"doE SMITH <doe_smitH@example.com>\"", change3);
    // Wrong combination of email address and name.
    assertQuery(searchOperator + "\"John <john.doe@example.com>\"");
    assertQuery(searchOperator + "\"Doe John <john@example.com>\"");
    assertQuery(searchOperator + "\"Doe John <doe_smith@example.com>\"");
    // Partial name
    assertQuery(searchOperator + "ohn");
    assertQuery(searchOperator + "smith", change3);
    // The string 'self' in the name should not be matched
    assertQuery(searchOperator + "self");
    // ':self' matches a change created with the current user's email address
    Change change5 = createChange(repo, myself);
    assertQuery(searchOperator + "me", change5);
    assertQuery(searchOperator + "self", change5);
}

Example 60 with Account

use of com.google.gerrit.entities.Account in project gerrit by GerritCodeReview.

the class RunAsFilter method doFilter.

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
    HttpServletRequest req = (HttpServletRequest) request;
    HttpServletResponse res = (HttpServletResponse) response;
    String runas = req.getHeader(RUN_AS);
    if (runas != null) {
        if (!enabled) {
            replyError(req, res, SC_FORBIDDEN, RUN_AS + " disabled by auth.enableRunAs = false", null);
            return;
        }
        CurrentUser self = session.get().getUser();
        try {
            if (!self.isIdentifiedUser()) {
                // because that would be crazy.
                throw new AuthException("denied");
            }
            permissionBackend.user(self).check(GlobalPermission.RUN_AS);
        } catch (AuthException e) {
            replyError(req, res, SC_FORBIDDEN, "not permitted to use " + RUN_AS, null);
            return;
        } catch (PermissionBackendException e) {
            logger.atWarning().withCause(e).log("cannot check runAs");
            replyError(req, res, SC_INTERNAL_SERVER_ERROR, RUN_AS + " unavailable", null);
            return;
        }
        Account.Id target;
        try {
            target = accountResolver.resolve(runas).asUnique().account().id();
        } catch (UnprocessableEntityException e) {
            replyError(req, res, SC_FORBIDDEN, "no account matches " + RUN_AS, null);
            return;
        } catch (IOException | ConfigInvalidException | RuntimeException e) {
            logger.atWarning().withCause(e).log("cannot resolve account for %s", RUN_AS);
            replyError(req, res, SC_INTERNAL_SERVER_ERROR, "cannot resolve " + RUN_AS, e);
            return;
        }
        session.get().setUserAccountId(target);
    }
    chain.doFilter(req, res);
}