Example 31 with IdentifiedUser
use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.
the class InternalAccountDirectory method fill.
private void fill(AccountInfo info, Account account, @Nullable Collection<ExternalId> externalIds, Set<FillOptions> options) {
if (options.contains(FillOptions.ID)) {
info._accountId = account.getId().get();
} else {
// Was previously set to look up account for filling.
info._accountId = null;
}
if (options.contains(FillOptions.NAME)) {
info.name = Strings.emptyToNull(account.getFullName());
if (info.name == null) {
info.name = account.getUserName();
}
}
if (options.contains(FillOptions.EMAIL)) {
info.email = account.getPreferredEmail();
}
if (options.contains(FillOptions.SECONDARY_EMAILS)) {
info.secondaryEmails = externalIds != null ? getSecondaryEmails(account, externalIds) : null;
}
if (options.contains(FillOptions.USERNAME)) {
info.username = externalIds != null ? AccountState.getUserName(externalIds) : null;
}
if (options.contains(FillOptions.STATUS)) {
info.status = account.getStatus();
}
if (options.contains(FillOptions.AVATARS)) {
AvatarProvider ap = avatar.get();
if (ap != null) {
info.avatars = new ArrayList<>(3);
IdentifiedUser user = userFactory.create(account.getId());
// GWT UI uses DEFAULT_SIZE (26px).
addAvatar(ap, info, user, AvatarInfo.DEFAULT_SIZE);
// PolyGerrit UI prefers 32px and 100px.
if (!info.avatars.isEmpty()) {
if (32 != AvatarInfo.DEFAULT_SIZE) {
addAvatar(ap, info, user, 32);
}
if (100 != AvatarInfo.DEFAULT_SIZE) {
addAvatar(ap, info, user, 100);
}
}
}
}
}
Also used :
AvatarProvider(com.google.gerrit.server.avatar.AvatarProvider)
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
Example 32 with IdentifiedUser
use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.
the class AccountManager method create.
private AuthResult create(ReviewDb db, AuthRequest who) throws OrmException, AccountException, IOException, ConfigInvalidException {
Account.Id newId = new Account.Id(db.nextAccountId());
Account account = new Account(newId, TimeUtil.nowTs());
ExternalId extId = ExternalId.createWithEmail(who.getExternalIdKey(), newId, who.getEmailAddress());
account.setFullName(who.getDisplayName());
account.setPreferredEmail(extId.email());
boolean isFirstAccount = awaitsFirstAccountCheck.getAndSet(false) && db.accounts().anyAccounts().toList().isEmpty();
try {
AccountsUpdate accountsUpdate = accountsUpdateFactory.create();
accountsUpdate.upsert(db, account);
ExternalId existingExtId = externalIds.get(extId.key());
if (existingExtId != null && !existingExtId.accountId().equals(extId.accountId())) {
// external ID is assigned to another account, do not overwrite
accountsUpdate.delete(db, account);
throw new AccountException("Cannot assign external ID \"" + extId.key().get() + "\" to account " + newId + "; external ID already in use.");
}
externalIdsUpdateFactory.create().upsert(extId);
} finally {
// If adding the account failed, it may be that it actually was the
// first account. So we reset the 'check for first account'-guard, as
// otherwise the first account would not get administration permissions.
awaitsFirstAccountCheck.set(isFirstAccount);
}
if (isFirstAccount) {
// This is the first user account on our site. Assume this user
// is going to be the site's administrator and just make them that
// to bootstrap the authentication database.
//
Permission admin = projectCache.getAllProjects().getConfig().getAccessSection(AccessSection.GLOBAL_CAPABILITIES).getPermission(GlobalCapability.ADMINISTRATE_SERVER);
AccountGroup.UUID uuid = admin.getRules().get(0).getGroup().getUUID();
AccountGroup g = db.accountGroups().byUUID(uuid).iterator().next();
AccountGroup.Id adminId = g.getId();
AccountGroupMember m = new AccountGroupMember(new AccountGroupMember.Key(newId, adminId));
auditService.dispatchAddAccountsToGroup(newId, Collections.singleton(m));
db.accountGroupMembers().insert(Collections.singleton(m));
}
if (who.getUserName() != null) {
// Only set if the name hasn't been used yet, but was given to us.
//
IdentifiedUser user = userFactory.create(newId);
try {
changeUserNameFactory.create(user, who.getUserName()).call();
} catch (NameAlreadyUsedException e) {
String message = "Cannot assign user name \"" + who.getUserName() + "\" to account " + newId + "; name already in use.";
handleSettingUserNameFailure(db, account, extId, message, e, false);
} catch (InvalidUserNameException e) {
String message = "Cannot assign user name \"" + who.getUserName() + "\" to account " + newId + "; name does not conform.";
handleSettingUserNameFailure(db, account, extId, message, e, false);
} catch (OrmException e) {
String message = "Cannot assign user name";
handleSettingUserNameFailure(db, account, extId, message, e, true);
}
}
byEmailCache.evict(account.getPreferredEmail());
byIdCache.evict(account.getId());
realm.onCreateAccount(who, account);
return new AuthResult(newId, extId.key(), true);
}
Also used :
Account(com.google.gerrit.reviewdb.client.Account)
AccountGroupMember(com.google.gerrit.reviewdb.client.AccountGroupMember)
ExternalId(com.google.gerrit.server.account.externalids.ExternalId)
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
NameAlreadyUsedException(com.google.gerrit.common.errors.NameAlreadyUsedException)
AccountGroup(com.google.gerrit.reviewdb.client.AccountGroup)
OrmException(com.google.gwtorm.server.OrmException)
Permission(com.google.gerrit.common.data.Permission)
ExternalId(com.google.gerrit.server.account.externalids.ExternalId)
Example 33 with IdentifiedUser
use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.
the class DeleteEmail method apply.
public Response<?> apply(IdentifiedUser user, String email) throws ResourceNotFoundException, ResourceConflictException, MethodNotAllowedException, OrmException, IOException, ConfigInvalidException {
if (!realm.allowsEdit(AccountFieldName.REGISTER_NEW_EMAIL)) {
throw new MethodNotAllowedException("realm does not allow deleting emails");
}
Set<ExternalId> extIds = externalIds.byAccount(user.getAccountId()).stream().filter(e -> email.equals(e.email())).collect(toSet());
if (extIds.isEmpty()) {
throw new ResourceNotFoundException(email);
}
try {
for (ExternalId extId : extIds) {
AuthRequest authRequest = new AuthRequest(extId.key());
authRequest.setEmailAddress(email);
accountManager.unlink(user.getAccountId(), authRequest);
}
} catch (AccountException e) {
throw new ResourceConflictException(e.getMessage());
}
return Response.none();
}
Also used :
ResourceNotFoundException(com.google.gerrit.extensions.restapi.ResourceNotFoundException)
GlobalPermission(com.google.gerrit.server.permissions.GlobalPermission)
PermissionBackendException(com.google.gerrit.server.permissions.PermissionBackendException)
CurrentUser(com.google.gerrit.server.CurrentUser)
OrmException(com.google.gwtorm.server.OrmException)
ConfigInvalidException(org.eclipse.jgit.errors.ConfigInvalidException)
Input(com.google.gerrit.server.account.DeleteEmail.Input)
Inject(com.google.inject.Inject)
Set(java.util.Set)
AccountFieldName(com.google.gerrit.extensions.client.AccountFieldName)
IOException(java.io.IOException)
Response(com.google.gerrit.extensions.restapi.Response)
PermissionBackend(com.google.gerrit.server.permissions.PermissionBackend)
MethodNotAllowedException(com.google.gerrit.extensions.restapi.MethodNotAllowedException)
ExternalIds(com.google.gerrit.server.account.externalids.ExternalIds)
RestModifyView(com.google.gerrit.extensions.restapi.RestModifyView)
Provider(com.google.inject.Provider)
ResourceConflictException(com.google.gerrit.extensions.restapi.ResourceConflictException)
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
AuthException(com.google.gerrit.extensions.restapi.AuthException)
ExternalId(com.google.gerrit.server.account.externalids.ExternalId)
Collectors.toSet(java.util.stream.Collectors.toSet)
Singleton(com.google.inject.Singleton)
ResourceConflictException(com.google.gerrit.extensions.restapi.ResourceConflictException)
MethodNotAllowedException(com.google.gerrit.extensions.restapi.MethodNotAllowedException)
ExternalId(com.google.gerrit.server.account.externalids.ExternalId)
ResourceNotFoundException(com.google.gerrit.extensions.restapi.ResourceNotFoundException)
Example 34 with IdentifiedUser
use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.
the class GetGroups method apply.
@Override
public List<GroupInfo> apply(AccountResource resource) throws OrmException {
IdentifiedUser user = resource.getUser();
Account.Id userId = user.getAccountId();
List<GroupInfo> groups = new ArrayList<>();
for (AccountGroup.UUID uuid : user.getEffectiveGroups().getKnownGroups()) {
GroupControl ctl;
try {
ctl = groupControlFactory.controlFor(uuid);
} catch (NoSuchGroupException e) {
continue;
}
if (ctl.isVisible() && ctl.canSeeMember(userId)) {
groups.add(json.format(ctl.getGroup()));
}
}
return groups;
}
Also used :
Account(com.google.gerrit.reviewdb.client.Account)
AccountGroup(com.google.gerrit.reviewdb.client.AccountGroup)
GroupInfo(com.google.gerrit.extensions.common.GroupInfo)
ArrayList(java.util.ArrayList)
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
NoSuchGroupException(com.google.gerrit.common.errors.NoSuchGroupException)
Example 35 with IdentifiedUser
use of com.google.gerrit.server.IdentifiedUser in project gerrit by GerritCodeReview.
the class SetParent method validateParentUpdate.
public void validateParentUpdate(final ProjectControl ctl, String newParent, boolean checkIfAdmin) throws AuthException, ResourceConflictException, UnprocessableEntityException, PermissionBackendException {
IdentifiedUser user = ctl.getUser().asIdentifiedUser();
if (checkIfAdmin) {
permissionBackend.user(user).check(GlobalPermission.ADMINISTRATE_SERVER);
}
if (ctl.getProject().getNameKey().equals(allProjects)) {
throw new ResourceConflictException("cannot set parent of " + allProjects.get());
}
newParent = Strings.emptyToNull(newParent);
if (newParent != null) {
ProjectState parent = cache.get(new Project.NameKey(newParent));
if (parent == null) {
throw new UnprocessableEntityException("parent project " + newParent + " not found");
}
if (Iterables.tryFind(parent.tree(), p -> {
return p.getProject().getNameKey().equals(ctl.getProject().getNameKey());
}).isPresent()) {
throw new ResourceConflictException("cycle exists between " + ctl.getProject().getName() + " and " + parent.getProject().getName());
}
}
}
Also used :
ResourceNotFoundException(com.google.gerrit.extensions.restapi.ResourceNotFoundException)
Project(com.google.gerrit.reviewdb.client.Project)
Iterables(com.google.common.collect.Iterables)
GlobalPermission(com.google.gerrit.server.permissions.GlobalPermission)
PermissionBackendException(com.google.gerrit.server.permissions.PermissionBackendException)
ConfigInvalidException(org.eclipse.jgit.errors.ConfigInvalidException)
UnprocessableEntityException(com.google.gerrit.extensions.restapi.UnprocessableEntityException)
RepositoryNotFoundException(org.eclipse.jgit.errors.RepositoryNotFoundException)
MetaDataUpdate(com.google.gerrit.server.git.MetaDataUpdate)
Inject(com.google.inject.Inject)
Preconditions.checkNotNull(com.google.common.base.Preconditions.checkNotNull)
MoreObjects(com.google.common.base.MoreObjects)
IOException(java.io.IOException)
PermissionBackend(com.google.gerrit.server.permissions.PermissionBackend)
DefaultInput(com.google.gerrit.extensions.restapi.DefaultInput)
RestModifyView(com.google.gerrit.extensions.restapi.RestModifyView)
Strings(com.google.common.base.Strings)
AllProjectsName(com.google.gerrit.server.config.AllProjectsName)
ResourceConflictException(com.google.gerrit.extensions.restapi.ResourceConflictException)
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
AuthException(com.google.gerrit.extensions.restapi.AuthException)
ProjectConfig(com.google.gerrit.server.git.ProjectConfig)
Input(com.google.gerrit.server.project.SetParent.Input)
Singleton(com.google.inject.Singleton)
Project(com.google.gerrit.reviewdb.client.Project)
UnprocessableEntityException(com.google.gerrit.extensions.restapi.UnprocessableEntityException)
ResourceConflictException(com.google.gerrit.extensions.restapi.ResourceConflictException)
IdentifiedUser(com.google.gerrit.server.IdentifiedUser)
Aggregations
IdentifiedUser (com.google.gerrit.server.IdentifiedUser)48
AuthException (com.google.gerrit.extensions.restapi.AuthException)12
Account (com.google.gerrit.reviewdb.client.Account)10
Change (com.google.gerrit.reviewdb.client.Change)10
CurrentUser (com.google.gerrit.server.CurrentUser)8
ResourceNotFoundException (com.google.gerrit.extensions.restapi.ResourceNotFoundException)7
Project (com.google.gerrit.reviewdb.client.Project)7
ChangeControl (com.google.gerrit.server.project.ChangeControl)7
BadRequestException (com.google.gerrit.extensions.restapi.BadRequestException)6
BatchUpdate (com.google.gerrit.server.update.BatchUpdate)6
ResourceConflictException (com.google.gerrit.extensions.restapi.ResourceConflictException)5
UnprocessableEntityException (com.google.gerrit.extensions.restapi.UnprocessableEntityException)5
AccountGroup (com.google.gerrit.reviewdb.client.AccountGroup)5
PatchSet (com.google.gerrit.reviewdb.client.PatchSet)5
OrmException (com.google.gwtorm.server.OrmException)5
Ref (org.eclipse.jgit.lib.Ref)5
Repository (org.eclipse.jgit.lib.Repository)5
Test (org.junit.Test)5
IOException (java.io.IOException)4
ArrayList (java.util.ArrayList)4
