use of com.google.gerrit.server.account.AccountException in project gerrit by GerritCodeReview.
the class AccountManagerIT method cannotLinkEmailThatIsAlreadyUsed.
@Test
public void cannotLinkEmailThatIsAlreadyUsed() throws Exception {
String email = "foo@example.com";
// Create an account with an SCHEME_EXTERNAL external ID that occupies the email.
String username = "foo";
Account.Id accountId = Account.id(seq.nextAccountId());
ExternalId.Key externalExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_EXTERNAL, username);
accountsUpdate.insert("Create Test Account", accountId, u -> u.addExternalId(externalIdFactory.createWithEmail(externalExtIdKey, accountId, email)));
// Create another account with a SCHEME_GERRIT external ID and no email
String username2 = "foo";
Account.Id accountId2 = Account.id(seq.nextAccountId());
ExternalId.Key gerritExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_GERRIT, username2);
accountsUpdate.insert("Create Test Account", accountId2, u -> u.addExternalId(externalIdFactory.create(gerritExtIdKey, accountId2)));
// Try to link the email to the second account (via a new MAILTO external ID) and expect that
// this fails because the email is already assigned to the first account.
AuthRequest who = authRequestFactory.createForEmail(email);
AccountException thrown = assertThrows(AccountException.class, () -> accountManager.link(accountId2, who));
assertThat(thrown).hasMessageThat().contains("Email 'foo@example.com' in use by another account");
}
use of com.google.gerrit.server.account.AccountException in project gerrit by GerritCodeReview.
the class AccountManagerIT method cannotAuthenticateWithInactiveAccount.
@Test
public void cannotAuthenticateWithInactiveAccount() throws Exception {
String username = "foo";
Account.Id accountId = Account.id(seq.nextAccountId());
ExternalId.Key gerritExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_GERRIT, username);
accountsUpdate.insert("Create Test Account", accountId, u -> u.setActive(false).addExternalId(externalIdFactory.create(gerritExtIdKey, accountId)));
AuthRequest who = authRequestFactory.createForUser(username);
AccountException thrown = assertThrows(AccountException.class, () -> accountManager.authenticate(who));
assertThat(thrown).hasMessageThat().contains("Authentication error, account inactive");
}
use of com.google.gerrit.server.account.AccountException in project gerrit by GerritCodeReview.
the class AccountManagerIT method cannotAuthenticateWithOrphanedExtId.
@Test
public void cannotAuthenticateWithOrphanedExtId() throws Exception {
String username = "foo";
ExternalId.Key gerritExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_GERRIT, username);
assertNoSuchExternalIds(gerritExtIdKey);
// Create orphaned SCHEME_GERRIT external ID.
Account.Id accountId = Account.id(seq.nextAccountId());
ExternalId gerritExtId = externalIdFactory.create(gerritExtIdKey, accountId);
try (Repository allUsersRepo = repoManager.openRepository(allUsers);
MetaDataUpdate md = metaDataUpdateFactory.create(allUsers)) {
ExternalIdNotes extIdNotes = extIdNotesFactory.load(allUsersRepo);
extIdNotes.insert(gerritExtId);
extIdNotes.commit(md);
}
AuthRequest who = authRequestFactory.createForUser(username);
AccountException thrown = assertThrows(AccountException.class, () -> accountManager.authenticate(who));
assertThat(thrown).hasMessageThat().contains("Authentication error, account not found");
}
use of com.google.gerrit.server.account.AccountException in project gerrit by GerritCodeReview.
the class AccountManagerIT method cannotLinkExternalIdThatIsAlreadyUsed.
@Test
public void cannotLinkExternalIdThatIsAlreadyUsed() throws Exception {
// Create an account with a SCHEME_EXTERNAL external ID
String username1 = "foo";
Account.Id accountId1 = Account.id(seq.nextAccountId());
ExternalId.Key externalExtIdKey1 = externalIdKeyFactory.create(ExternalId.SCHEME_EXTERNAL, username1);
accountsUpdate.insert("Create Test Account", accountId1, u -> u.addExternalId(externalIdFactory.create(externalExtIdKey1, accountId1)));
// Create another account with a SCHEME_EXTERNAL external ID
String username2 = "bar";
Account.Id accountId2 = Account.id(seq.nextAccountId());
ExternalId.Key externalExtIdKey2 = externalIdKeyFactory.create(ExternalId.SCHEME_EXTERNAL, username2);
accountsUpdate.insert("Create Test Account", accountId2, u -> u.addExternalId(externalIdFactory.create(externalExtIdKey2, accountId2)));
// Try to link external ID of the first account to the second account.
// Expect that this fails because the external ID is already assigned to the first account.
AuthRequest who = authRequestFactory.createForExternalUser(username1);
AccountException thrown = assertThrows(AccountException.class, () -> accountManager.link(accountId2, who));
assertThat(thrown).hasMessageThat().contains("Identity 'external:foo' in use by another account");
}
use of com.google.gerrit.server.account.AccountException in project gerrit by GerritCodeReview.
the class AccountManagerIT method cannotUpdateToEmailThatIsAlreadyUsed.
@Test
public void cannotUpdateToEmailThatIsAlreadyUsed() throws Exception {
String email = "foo@example.com";
String newEmail = "bar@example.com";
// Create an account with a SCHEME_GERRIT external ID and an email.
String username = "foo";
Account.Id accountId = Account.id(seq.nextAccountId());
ExternalId.Key gerritExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_GERRIT, username);
accountsUpdate.insert("Create Test Account", accountId, u -> u.setPreferredEmail(email).addExternalId(externalIdFactory.createWithEmail(gerritExtIdKey, accountId, email)));
// Create another account with an SCHEME_EXTERNAL external ID that occupies the new email.
Account.Id accountId2 = Account.id(seq.nextAccountId());
ExternalId.Key externalExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_EXTERNAL, "bar");
accountsUpdate.insert("Create Test Account", accountId2, u -> u.addExternalId(externalIdFactory.createWithEmail(externalExtIdKey, accountId2, newEmail)));
// Try to authenticate and update the email for the first account.
// Expect that this fails because the new email is already assigned to the other account.
AuthRequest who = authRequestFactory.createForUser(username);
who.setEmailAddress(newEmail);
AccountException thrown = assertThrows(AccountException.class, () -> accountManager.authenticate(who));
assertThat(thrown).hasMessageThat().isEqualTo("Email 'bar@example.com' in use by another account");
// Verify that the email in the external ID was not updated.
Optional<ExternalId> gerritExtId = externalIds.get(gerritExtIdKey);
assertThat(gerritExtId).isPresent();
assertThat(gerritExtId.get().email()).isEqualTo(email);
// Verify that the preferred email was not updated.
Optional<AccountState> accountState = accounts.get(accountId);
assertThat(accountState).isPresent();
assertThat(accountState.get().account().preferredEmail()).isEqualTo(email);
}
Aggregations