opendev/gerrit
Code Issues Proposed changes

Add REST endpoint to get account external IDs

Browse Source 
Add a new endpoint /accounts/{id}/external.ids which will return a
list of the external IDs for the given account. It is only allowed
to get this list for a user's own account.

To determine whether or not the user can delete an external ID, we
need to know if that ID was used to log into the current session.

The WebSession is not available outside of gerrit-httpd, so pass the
external ID through a property on the current user.

Change-Id: Iab7ef2ffa06c3a8d9f22472308051b4b73668f82
This commit is contained in:
Changcheng Xiao
2017-01-10 13:03:53 +01:00
parent 6c5fa05cdd
commit 0748e7441d
8 changed files with 222 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
gerrit-httpd/src/main/java/com/google/gerrit/httpd/restapi/RestApiServlet.java
View File

@@ -90,6 +90,7 @@ import com.google.gerrit.extensions.restapi.RestView;
import com.google.gerrit.extensions.restapi.TopLevelResource;
import com.google.gerrit.extensions.restapi.UnprocessableEntityException;
import com.google.gerrit.httpd.WebSession;
import com.google.gerrit.reviewdb.client.AccountExternalId;
import com.google.gerrit.server.AccessPath;
import com.google.gerrit.server.AnonymousUser;
import com.google.gerrit.server.CurrentUser;
@@ -1077,6 +1078,9 @@ public class RestApiServlet extends HttpServlet {
CurrentUser user = globals.currentUser.get();
if (isRead(req)) {
user.setAccessPath(AccessPath.REST_API);
CurrentUser.PropertyKey<AccountExternalId.Key> k =
CurrentUser.PropertyKey.create();
user.put(k, globals.webSession.get().getLastLoginExternalId());
} else if (user instanceof AnonymousUser) {
throw new AuthException("Authentication required");
} else if (!globals.webSession.get().isAccessPathOk(AccessPath.REST_API)) {