Account REST API: fix the key setting in RestApiServlet

The previous code creates a new PropertyKey both in RestApiServlet and GetExternalIds. These two keys are actually different, which must be the same to get the right external id. Add a PropertyKey in CurrentUser to get the external id. It can't be added in IdentifiedUser as the RestApiServlet will be called by anonymous users, too. Change-Id: If1f4a31e3fc2c781c99aad786de4e741ee626e06
2017-01-13 14:46:08 +01:00
parent f2d9589fed
commit 1746cee4d0
3 changed files with 15 additions and 6 deletions
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/restapi/RestApiServlet.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/restapi/RestApiServlet.java
@@ -1078,9 +1078,8 @@ public class RestApiServlet extends HttpServlet {
    CurrentUser user = globals.currentUser.get();
    if (isRead(req)) {
      user.setAccessPath(AccessPath.REST_API);
-      CurrentUser.PropertyKey<AccountExternalId.Key> k =
-          CurrentUser.PropertyKey.create();
-      user.put(k, globals.webSession.get().getLastLoginExternalId());
+      user.setLastLoginExternalIdKey(
+          globals.webSession.get().getLastLoginExternalId());
    } else if (user instanceof AnonymousUser) {
      throw new AuthException("Authentication required");
    } else if (!globals.webSession.get().isAccessPathOk(AccessPath.REST_API)) {