Search in sources :

Example 11 with AccountException

use of com.google.gerrit.server.account.AccountException in project gerrit by GerritCodeReview.

the class AccountManagerIT method cannotLinkEmailThatIsAlreadyUsed.

@Test
public void cannotLinkEmailThatIsAlreadyUsed() throws Exception {
    String email = "foo@example.com";
    // Create an account with an SCHEME_EXTERNAL external ID that occupies the email.
    String username = "foo";
    Account.Id accountId = Account.id(seq.nextAccountId());
    ExternalId.Key externalExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_EXTERNAL, username);
    accountsUpdate.insert("Create Test Account", accountId, u -> u.addExternalId(externalIdFactory.createWithEmail(externalExtIdKey, accountId, email)));
    // Create another account with a SCHEME_GERRIT external ID and no email
    String username2 = "foo";
    Account.Id accountId2 = Account.id(seq.nextAccountId());
    ExternalId.Key gerritExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_GERRIT, username2);
    accountsUpdate.insert("Create Test Account", accountId2, u -> u.addExternalId(externalIdFactory.create(gerritExtIdKey, accountId2)));
    // Try to link the email to the second account (via a new MAILTO external ID) and expect that
    // this fails because the email is already assigned to the first account.
    AuthRequest who = authRequestFactory.createForEmail(email);
    AccountException thrown = assertThrows(AccountException.class, () -> accountManager.link(accountId2, who));
    assertThat(thrown).hasMessageThat().contains("Email 'foo@example.com' in use by another account");
}
Also used : Account(com.google.gerrit.entities.Account) AuthRequest(com.google.gerrit.server.account.AuthRequest) AccountException(com.google.gerrit.server.account.AccountException) ExternalId(com.google.gerrit.server.account.externalids.ExternalId) Test(org.junit.Test) AbstractDaemonTest(com.google.gerrit.acceptance.AbstractDaemonTest)

Example 12 with AccountException

use of com.google.gerrit.server.account.AccountException in project gerrit by GerritCodeReview.

the class AccountManagerIT method cannotAuthenticateWithInactiveAccount.

@Test
public void cannotAuthenticateWithInactiveAccount() throws Exception {
    String username = "foo";
    Account.Id accountId = Account.id(seq.nextAccountId());
    ExternalId.Key gerritExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_GERRIT, username);
    accountsUpdate.insert("Create Test Account", accountId, u -> u.setActive(false).addExternalId(externalIdFactory.create(gerritExtIdKey, accountId)));
    AuthRequest who = authRequestFactory.createForUser(username);
    AccountException thrown = assertThrows(AccountException.class, () -> accountManager.authenticate(who));
    assertThat(thrown).hasMessageThat().contains("Authentication error, account inactive");
}
Also used : Account(com.google.gerrit.entities.Account) AuthRequest(com.google.gerrit.server.account.AuthRequest) AccountException(com.google.gerrit.server.account.AccountException) ExternalId(com.google.gerrit.server.account.externalids.ExternalId) Test(org.junit.Test) AbstractDaemonTest(com.google.gerrit.acceptance.AbstractDaemonTest)

Example 13 with AccountException

use of com.google.gerrit.server.account.AccountException in project gerrit by GerritCodeReview.

the class AccountManagerIT method cannotAuthenticateWithOrphanedExtId.

@Test
public void cannotAuthenticateWithOrphanedExtId() throws Exception {
    String username = "foo";
    ExternalId.Key gerritExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_GERRIT, username);
    assertNoSuchExternalIds(gerritExtIdKey);
    // Create orphaned SCHEME_GERRIT external ID.
    Account.Id accountId = Account.id(seq.nextAccountId());
    ExternalId gerritExtId = externalIdFactory.create(gerritExtIdKey, accountId);
    try (Repository allUsersRepo = repoManager.openRepository(allUsers);
        MetaDataUpdate md = metaDataUpdateFactory.create(allUsers)) {
        ExternalIdNotes extIdNotes = extIdNotesFactory.load(allUsersRepo);
        extIdNotes.insert(gerritExtId);
        extIdNotes.commit(md);
    }
    AuthRequest who = authRequestFactory.createForUser(username);
    AccountException thrown = assertThrows(AccountException.class, () -> accountManager.authenticate(who));
    assertThat(thrown).hasMessageThat().contains("Authentication error, account not found");
}
Also used : Account(com.google.gerrit.entities.Account) AuthRequest(com.google.gerrit.server.account.AuthRequest) Repository(org.eclipse.jgit.lib.Repository) AccountException(com.google.gerrit.server.account.AccountException) ExternalIdNotes(com.google.gerrit.server.account.externalids.ExternalIdNotes) ExternalId(com.google.gerrit.server.account.externalids.ExternalId) MetaDataUpdate(com.google.gerrit.server.git.meta.MetaDataUpdate) Test(org.junit.Test) AbstractDaemonTest(com.google.gerrit.acceptance.AbstractDaemonTest)

Example 14 with AccountException

use of com.google.gerrit.server.account.AccountException in project gerrit by GerritCodeReview.

the class AccountManagerIT method cannotLinkExternalIdThatIsAlreadyUsed.

@Test
public void cannotLinkExternalIdThatIsAlreadyUsed() throws Exception {
    // Create an account with a SCHEME_EXTERNAL external ID
    String username1 = "foo";
    Account.Id accountId1 = Account.id(seq.nextAccountId());
    ExternalId.Key externalExtIdKey1 = externalIdKeyFactory.create(ExternalId.SCHEME_EXTERNAL, username1);
    accountsUpdate.insert("Create Test Account", accountId1, u -> u.addExternalId(externalIdFactory.create(externalExtIdKey1, accountId1)));
    // Create another account with a SCHEME_EXTERNAL external ID
    String username2 = "bar";
    Account.Id accountId2 = Account.id(seq.nextAccountId());
    ExternalId.Key externalExtIdKey2 = externalIdKeyFactory.create(ExternalId.SCHEME_EXTERNAL, username2);
    accountsUpdate.insert("Create Test Account", accountId2, u -> u.addExternalId(externalIdFactory.create(externalExtIdKey2, accountId2)));
    // Try to link external ID of the first account to the second account.
    // Expect that this fails because the external ID is already assigned to the first account.
    AuthRequest who = authRequestFactory.createForExternalUser(username1);
    AccountException thrown = assertThrows(AccountException.class, () -> accountManager.link(accountId2, who));
    assertThat(thrown).hasMessageThat().contains("Identity 'external:foo' in use by another account");
}
Also used : Account(com.google.gerrit.entities.Account) AuthRequest(com.google.gerrit.server.account.AuthRequest) AccountException(com.google.gerrit.server.account.AccountException) ExternalId(com.google.gerrit.server.account.externalids.ExternalId) Test(org.junit.Test) AbstractDaemonTest(com.google.gerrit.acceptance.AbstractDaemonTest)

Example 15 with AccountException

use of com.google.gerrit.server.account.AccountException in project gerrit by GerritCodeReview.

the class AccountManagerIT method cannotUpdateToEmailThatIsAlreadyUsed.

@Test
public void cannotUpdateToEmailThatIsAlreadyUsed() throws Exception {
    String email = "foo@example.com";
    String newEmail = "bar@example.com";
    // Create an account with a SCHEME_GERRIT external ID and an email.
    String username = "foo";
    Account.Id accountId = Account.id(seq.nextAccountId());
    ExternalId.Key gerritExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_GERRIT, username);
    accountsUpdate.insert("Create Test Account", accountId, u -> u.setPreferredEmail(email).addExternalId(externalIdFactory.createWithEmail(gerritExtIdKey, accountId, email)));
    // Create another account with an SCHEME_EXTERNAL external ID that occupies the new email.
    Account.Id accountId2 = Account.id(seq.nextAccountId());
    ExternalId.Key externalExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_EXTERNAL, "bar");
    accountsUpdate.insert("Create Test Account", accountId2, u -> u.addExternalId(externalIdFactory.createWithEmail(externalExtIdKey, accountId2, newEmail)));
    // Try to authenticate and update the email for the first account.
    // Expect that this fails because the new email is already assigned to the other account.
    AuthRequest who = authRequestFactory.createForUser(username);
    who.setEmailAddress(newEmail);
    AccountException thrown = assertThrows(AccountException.class, () -> accountManager.authenticate(who));
    assertThat(thrown).hasMessageThat().isEqualTo("Email 'bar@example.com' in use by another account");
    // Verify that the email in the external ID was not updated.
    Optional<ExternalId> gerritExtId = externalIds.get(gerritExtIdKey);
    assertThat(gerritExtId).isPresent();
    assertThat(gerritExtId.get().email()).isEqualTo(email);
    // Verify that the preferred email was not updated.
    Optional<AccountState> accountState = accounts.get(accountId);
    assertThat(accountState).isPresent();
    assertThat(accountState.get().account().preferredEmail()).isEqualTo(email);
}
Also used : Account(com.google.gerrit.entities.Account) AuthRequest(com.google.gerrit.server.account.AuthRequest) AccountException(com.google.gerrit.server.account.AccountException) ExternalId(com.google.gerrit.server.account.externalids.ExternalId) AccountState(com.google.gerrit.server.account.AccountState) Test(org.junit.Test) AbstractDaemonTest(com.google.gerrit.acceptance.AbstractDaemonTest)

Aggregations

AccountException (com.google.gerrit.server.account.AccountException)36 AuthRequest (com.google.gerrit.server.account.AuthRequest)19 Account (com.google.gerrit.entities.Account)12 ExternalId (com.google.gerrit.server.account.externalids.ExternalId)11 Test (org.junit.Test)10 AbstractDaemonTest (com.google.gerrit.acceptance.AbstractDaemonTest)9 AuthResult (com.google.gerrit.server.account.AuthResult)7 ParameterizedString (com.google.gerrit.common.data.ParameterizedString)6 AccountState (com.google.gerrit.server.account.AccountState)5 IOException (java.io.IOException)5 AuthException (com.google.gerrit.extensions.restapi.AuthException)4 AuthenticationUnavailableException (com.google.gerrit.server.auth.AuthenticationUnavailableException)4 HashMap (java.util.HashMap)4 ResourceConflictException (com.google.gerrit.extensions.restapi.ResourceConflictException)3 UnprocessableEntityException (com.google.gerrit.extensions.restapi.UnprocessableEntityException)3 CurrentUser (com.google.gerrit.server.CurrentUser)3 NamingException (javax.naming.NamingException)3 DirContext (javax.naming.directory.DirContext)3 LoginException (javax.security.auth.login.LoginException)3 OAuthLoginProvider (com.google.gerrit.extensions.auth.oauth.OAuthLoginProvider)2