use of com.google.gerrit.extensions.restapi.MethodNotAllowedException in project gerrit by GerritCodeReview.
the class PutName method apply.
public Response<String> apply(IdentifiedUser user, NameInput input) throws MethodNotAllowedException, ResourceNotFoundException, IOException, ConfigInvalidException {
if (input == null) {
input = new NameInput();
}
Account.Id accountId = user.getAccountId();
if (realm.accountBelongsToRealm(externalIds.byAccount(accountId)) && !realm.allowsEdit(AccountFieldName.FULL_NAME)) {
throw new MethodNotAllowedException("realm does not allow editing name");
}
String newName = input.name;
AccountState accountState = accountsUpdateProvider.get().update("Set Full Name via API", accountId, u -> u.setFullName(newName)).orElseThrow(() -> new ResourceNotFoundException("account not found"));
return Strings.isNullOrEmpty(accountState.account().fullName()) ? Response.none() : Response.ok(accountState.account().fullName());
}
use of com.google.gerrit.extensions.restapi.MethodNotAllowedException in project gerrit by GerritCodeReview.
the class PutUsername method apply.
@Override
public Response<String> apply(AccountResource rsrc, UsernameInput input) throws RestApiException, IOException, ConfigInvalidException, PermissionBackendException {
if (!self.get().hasSameAccountId(rsrc.getUser())) {
permissionBackend.currentUser().check(GlobalPermission.ADMINISTRATE_SERVER);
}
Account.Id accountId = rsrc.getUser().getAccountId();
if (!externalIds.byAccount(accountId, SCHEME_USERNAME).isEmpty()) {
throw new MethodNotAllowedException("Username cannot be changed.");
}
if (realm.accountBelongsToRealm(externalIds.byAccount(accountId)) && !realm.allowsEdit(AccountFieldName.USER_NAME)) {
throw new MethodNotAllowedException("realm does not allow editing username");
}
if (input == null || Strings.isNullOrEmpty(input.username)) {
throw new BadRequestException("input required");
}
if (!ExternalId.isValidUsername(input.username)) {
throw new UnprocessableEntityException("invalid username");
}
ExternalId.Key key = externalIdKeyFactory.create(SCHEME_USERNAME, input.username);
try {
accountsUpdateProvider.get().update("Set Username via API", accountId, u -> u.addExternalId(externalIdFactory.create(key, accountId, null, null)));
} catch (DuplicateKeyException dupeErr) {
// If we are using this identity, don't report the exception.
Optional<ExternalId> other = externalIds.get(key);
if (other.isPresent() && other.get().accountId().equals(accountId)) {
return Response.ok(input.username);
}
// Otherwise, someone else has this identity.
throw new ResourceConflictException("username already used", dupeErr);
}
sshKeyCache.evict(input.username);
return Response.ok(input.username);
}
use of com.google.gerrit.extensions.restapi.MethodNotAllowedException in project gerrit by GerritCodeReview.
the class CreateEmail method apply.
/**
* To be used from plugins that want to create emails without permission checks.
*/
@UsedAt(UsedAt.Project.PLUGIN_SERVICEUSER)
public EmailInfo apply(IdentifiedUser user, IdString id, EmailInput input) throws RestApiException, EmailException, MethodNotAllowedException, IOException, ConfigInvalidException, PermissionBackendException {
String email = id.get().trim();
if (input == null) {
input = new EmailInput();
}
if (input.email != null && !email.equals(input.email)) {
throw new BadRequestException("email address must match URL");
}
if (!validator.isValid(email)) {
throw new BadRequestException("invalid email address");
}
EmailInfo info = new EmailInfo();
info.email = email;
if (input.noConfirmation || isDevMode) {
if (isDevMode) {
logger.atWarning().log("skipping email validation in developer mode");
}
try {
accountManager.link(user.getAccountId(), authRequestFactory.createForEmail(email));
} catch (AccountException e) {
throw new ResourceConflictException(e.getMessage());
}
if (input.preferred) {
putPreferred.apply(new AccountResource.Email(user, email), null);
info.preferred = true;
}
} else {
try {
RegisterNewEmailSender emailSender = registerNewEmailFactory.create(email);
if (!emailSender.isAllowed()) {
throw new MethodNotAllowedException("Not allowed to add email address " + email);
}
emailSender.setMessageId(messageIdGenerator.fromAccountUpdate(user.getAccountId()));
emailSender.send();
info.pendingConfirmation = true;
} catch (EmailException | RuntimeException e) {
logger.atSevere().withCause(e).log("Cannot send email verification message to %s", email);
throw e;
}
}
return info;
}
use of com.google.gerrit.extensions.restapi.MethodNotAllowedException in project gerrit by GerritCodeReview.
the class DeleteChange method apply.
@Override
public Response<Object> apply(ChangeResource rsrc, Input input) throws RestApiException, UpdateException, PermissionBackendException {
if (!isChangeDeletable(rsrc)) {
throw new MethodNotAllowedException("delete not permitted");
}
rsrc.permissions().check(ChangePermission.DELETE);
try (BatchUpdate bu = updateFactory.create(rsrc.getProject(), rsrc.getUser(), TimeUtil.now())) {
Change.Id id = rsrc.getChange().getId();
bu.addOp(id, opFactory.create(id));
bu.execute();
}
return Response.none();
}
use of com.google.gerrit.extensions.restapi.MethodNotAllowedException in project gerrit by GerritCodeReview.
the class GetAgreements method apply.
@Override
public Response<List<AgreementInfo>> apply(AccountResource resource) throws RestApiException, PermissionBackendException {
if (!agreementsEnabled) {
throw new MethodNotAllowedException("contributor agreements disabled");
}
if (!self.get().isIdentifiedUser()) {
throw new AuthException("not allowed to get contributor agreements");
}
IdentifiedUser user = self.get().asIdentifiedUser();
if (user != resource.getUser()) {
try {
permissionBackend.user(user).check(GlobalPermission.ADMINISTRATE_SERVER);
} catch (AuthException e) {
throw new AuthException("not allowed to get contributor agreements", e);
}
}
List<AgreementInfo> results = new ArrayList<>();
Collection<ContributorAgreement> cas = projectCache.getAllProjects().getConfig().getContributorAgreements().values();
for (ContributorAgreement ca : cas) {
List<AccountGroup.UUID> groupIds = new ArrayList<>();
for (PermissionRule rule : ca.getAccepted()) {
if ((rule.getAction() == Action.ALLOW) && (rule.getGroup() != null)) {
if (rule.getGroup().getUUID() != null) {
groupIds.add(rule.getGroup().getUUID());
} else {
logger.atWarning().log("group \"%s\" does not exist, referenced in CLA \"%s\"", rule.getGroup().getName(), ca.getName());
}
}
}
if (user.getEffectiveGroups().containsAnyOf(groupIds)) {
results.add(agreementJson.format(ca));
}
}
return Response.ok(results);
}
Aggregations