Account REST API: fix the key setting in RestApiServlet

The previous code creates a new PropertyKey both in RestApiServlet and GetExternalIds. These two keys are actually different, which must be the same to get the right external id. Add a PropertyKey in CurrentUser to get the external id. It can't be added in IdentifiedUser as the RestApiServlet will be called by anonymous users, too. Change-Id: If1f4a31e3fc2c781c99aad786de4e741ee626e06
2017-01-13 14:46:08 +01:00
parent f2d9589fed
commit 1746cee4d0
3 changed files with 15 additions and 6 deletions
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/restapi/RestApiServlet.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/restapi/RestApiServlet.java
@@ -1078,9 +1078,8 @@ public class RestApiServlet extends HttpServlet {
    CurrentUser user = globals.currentUser.get();
    if (isRead(req)) {
      user.setAccessPath(AccessPath.REST_API);
-      CurrentUser.PropertyKey<AccountExternalId.Key> k =
-          CurrentUser.PropertyKey.create();
-      user.put(k, globals.webSession.get().getLastLoginExternalId());
+      user.setLastLoginExternalIdKey(
+          globals.webSession.get().getLastLoginExternalId());
    } else if (user instanceof AnonymousUser) {
      throw new AuthException("Authentication required");
    } else if (!globals.webSession.get().isAccessPathOk(AccessPath.REST_API)) {
--- a/gerrit-server/src/main/java/com/google/gerrit/server/CurrentUser.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/CurrentUser.java
@@ -16,6 +16,7 @@ package com.google.gerrit.server;

 import com.google.gerrit.common.Nullable;
 import com.google.gerrit.reviewdb.client.Account;
+import com.google.gerrit.reviewdb.client.AccountExternalId;
 import com.google.gerrit.server.account.CapabilityControl;
 import com.google.gerrit.server.account.GroupMembership;
 import com.google.inject.servlet.RequestScoped;
@@ -45,6 +46,8 @@ public abstract class CurrentUser {
  private AccessPath accessPath = AccessPath.UNKNOWN;

  private CapabilityControl capabilities;
+  private PropertyKey<AccountExternalId.Key> lastLoginExternalIdPropertyKey =
+      PropertyKey.create();

  protected CurrentUser(CapabilityControl.Factory capabilityControlFactory) {
    this.capabilityControlFactory = capabilityControlFactory;
@@ -150,4 +153,12 @@ public abstract class CurrentUser {
   */
  public <T> void put(PropertyKey<T> key, @Nullable T value) {
  }
+
+  public void setLastLoginExternalIdKey(AccountExternalId.Key externalIdKey) {
+    put(lastLoginExternalIdPropertyKey, externalIdKey);
+  }
+
+  public AccountExternalId.Key getLastLoginExternalIdKey() {
+    return get(lastLoginExternalIdPropertyKey);
+  }
 }
--- a/gerrit-server/src/main/java/com/google/gerrit/server/account/GetExternalIds.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/GetExternalIds.java
@@ -72,9 +72,8 @@ public class GetExternalIds implements RestReadView<AccountResource> {
      // establish this web session, and if only if an identity was
      // actually used to establish this web session.
      if (!id.isScheme(SCHEME_USERNAME)) {
-        CurrentUser.PropertyKey<AccountExternalId.Key> k =
-            CurrentUser.PropertyKey.create();
-        AccountExternalId.Key last = resource.getUser().get(k);
+        AccountExternalId.Key last = resource.getUser()
+            .getLastLoginExternalIdKey();
        info.canDelete =
            toBoolean(last != null && !last.get().equals(info.identity));
      }