Examples with AccountException com.google.gerrit.server.account.AccountException used on opensource projects

Example 31 with AccountException

use of com.google.gerrit.server.account.AccountException in project gerrit by GerritCodeReview.

the class DeleteExternalIds method apply.

@Override
public Response<?> apply(AccountResource resource, List<String> extIds) throws RestApiException, IOException, ConfigInvalidException, PermissionBackendException {
    if (!self.get().hasSameAccountId(resource.getUser())) {
        permissionBackend.currentUser().check(GlobalPermission.MODIFY_ACCOUNT);
    }
    if (extIds == null || extIds.isEmpty()) {
        throw new BadRequestException("external IDs are required");
    }
    Map<ExternalId.Key, ExternalId> externalIdMap = externalIds.byAccount(resource.getUser().getAccountId()).stream().collect(toMap(ExternalId::key, Function.identity()));
    List<ExternalId> toDelete = new ArrayList<>();
    Optional<ExternalId.Key> last = resource.getUser().getLastLoginExternalIdKey();
    for (String externalIdStr : extIds) {
        ExternalId id = externalIdMap.get(externalIdKeyFactory.parse(externalIdStr));
        if (id == null) {
            throw new UnprocessableEntityException(String.format("External id %s does not exist", externalIdStr));
        }
        if (!last.isPresent() || !last.get().equals(id.key())) {
            if (id.isScheme(SCHEME_USERNAME)) {
                if (self.get().hasSameAccountId(resource.getUser())) {
                    throw new AuthException("User cannot delete its own externalId in 'username:' scheme");
                }
                permissionBackend.currentUser().checkAny(ImmutableSet.of(GlobalPermission.ADMINISTRATE_SERVER, GlobalPermission.MAINTAIN_SERVER));
            }
            toDelete.add(id);
        } else {
            throw new ResourceConflictException(String.format("External id %s cannot be deleted", externalIdStr));
        }
    }
    try {
        accountManager.unlink(resource.getUser().getAccountId(), toDelete.stream().map(ExternalId::key).collect(toSet()));
    } catch (AccountException e) {
        throw new ResourceConflictException(e.getMessage());
    }
    return Response.none();
}

Example 32 with AccountException

use of com.google.gerrit.server.account.AccountException in project gerrit by GerritCodeReview.

the class AccountIdHandler method createAccountByLdap.

private Account.Id createAccountByLdap(String user) throws CmdLineException, IOException {
    if (!ExternalId.isValidUsername(user)) {
        throw new CmdLineException(owner, localizable("user \"%s\" not found"), user);
    }
    try {
        AuthRequest req = authRequestFactory.createForUser(user);
        req.setSkipAuthentication(true);
        return accountManager.authenticate(req).getAccountId();
    } catch (AccountException e) {
        String msg = "user \"%s\" not found";
        logger.atSevere().withCause(e).log(msg, user);
        throw new CmdLineException(owner, localizable(msg), user);
    }
}

Example 33 with AccountException

use of com.google.gerrit.server.account.AccountException in project gerrit by GerritCodeReview.

the class AccountManagerIT method cannotAuthenticateNewAccountWithEmailThatIsAlreadyUsed.

@Test
public void cannotAuthenticateNewAccountWithEmailThatIsAlreadyUsed() throws Exception {
    String email = "foo@example.com";
    // Create an account with an SCHEME_EXTERNAL external ID that occupies the email.
    String username = "foo";
    Account.Id accountId = Account.id(seq.nextAccountId());
    ExternalId.Key externalExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_EXTERNAL, username);
    accountsUpdate.insert("Create Test Account", accountId, u -> u.addExternalId(externalIdFactory.createWithEmail(externalExtIdKey, accountId, email)));
    // Try to authenticate with this email to create a new account with a SCHEME_MAILTO external ID.
    // Expect that this fails because the email is already assigned to the other account.
    AuthRequest who = authRequestFactory.createForEmail(email);
    AccountException thrown = assertThrows(AccountException.class, () -> accountManager.authenticate(who));
    assertThat(thrown).hasMessageThat().contains("Email 'foo@example.com' in use by another account");
}

Example 34 with AccountException

use of com.google.gerrit.server.account.AccountException in project gerrit by GerritCodeReview.

the class AccountManagerIT method cannotAuthenticateNewAccountWithUsernameAndEmailThatIsAlreadyUsed.

@Test
public void cannotAuthenticateNewAccountWithUsernameAndEmailThatIsAlreadyUsed() throws Exception {
    String email = "foo@example.com";
    // Create an account with an SCHEME_EXTERNAL external ID that occupies the email.
    String username = "foo";
    Account.Id accountId = Account.id(seq.nextAccountId());
    ExternalId.Key externalExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_EXTERNAL, username);
    accountsUpdate.insert("Create Test Account", accountId, u -> u.addExternalId(externalIdFactory.createWithEmail(externalExtIdKey, accountId, email)));
    // Try to authenticate with a new username and claim the same email.
    // Expect that this fails because the email is already assigned to the other account.
    AuthRequest who = authRequestFactory.createForUser("bar");
    who.setEmailAddress(email);
    AccountException thrown = assertThrows(AccountException.class, () -> accountManager.authenticate(who));
    assertThat(thrown).hasMessageThat().contains("Email 'foo@example.com' in use by another account");
}

Example 35 with AccountException

use of com.google.gerrit.server.account.AccountException in project gerrit by GerritCodeReview.

the class AccountManagerIT method deactivateAccountOnAuthenticationWhenAutoUpdateAccountActiveStatusIsEnabled.

@Test
@GerritConfig(name = "auth.autoUpdateAccountActiveStatus", value = "true")
public void deactivateAccountOnAuthenticationWhenAutoUpdateAccountActiveStatusIsEnabled() throws Exception {
    String username = "foo";
    Account.Id accountId = Account.id(seq.nextAccountId());
    ExternalId.Key gerritExtIdKey = externalIdKeyFactory.create(ExternalId.SCHEME_GERRIT, username);
    accountsUpdate.insert("Create Test Account", accountId, u -> u.addExternalId(externalIdFactory.create(gerritExtIdKey, accountId)));
    AuthRequest who = authRequestFactory.createForUser(username);
    who.setActive(false);
    who.setAuthProvidesAccountActiveStatus(true);
    AccountException thrown = assertThrows(AccountException.class, () -> accountManager.authenticate(who));
    assertThat(thrown).hasMessageThat().isEqualTo("Authentication error, account inactive");
    Optional<AccountState> accountState = accounts.get(accountId);
    assertThat(accountState).isPresent();
    assertThat(accountState.get().account().isActive()).isFalse();
}