PutName: Remove special case for LDAP
If the realm doesn't allow editing the username, editing the username should be forbidden. The special case for LDAP didn't make sense as it was checking for an external ID in the gerrit scheme that had the username of the user as value, but usernames are stored in the username scheme. Change-Id: Id69a6cbfc9c6a6b0f1617ebc13bdff02b608c527 Signed-off-by: Edwin Kempin <ekempin@google.com>
This commit is contained in:
Edwin Kempin
@@ -14,8 +14,6 @@
|
||||
|
||||
package com.google.gerrit.server.account;
|
||||
|
||||
import static com.google.gerrit.reviewdb.client.AccountExternalId.SCHEME_GERRIT;
|
||||
|
||||
import com.google.common.base.Strings;
|
||||
import com.google.gerrit.extensions.restapi.AuthException;
|
||||
import com.google.gerrit.extensions.restapi.DefaultInput;
|
||||
@@ -25,12 +23,10 @@ import com.google.gerrit.extensions.restapi.Response;
|
||||
import com.google.gerrit.extensions.restapi.RestModifyView;
|
||||
import com.google.gerrit.reviewdb.client.Account;
|
||||
import com.google.gerrit.reviewdb.client.Account.FieldName;
|
||||
import com.google.gerrit.reviewdb.client.AccountExternalId;
|
||||
import com.google.gerrit.reviewdb.server.ReviewDb;
|
||||
import com.google.gerrit.server.CurrentUser;
|
||||
import com.google.gerrit.server.IdentifiedUser;
|
||||
import com.google.gerrit.server.account.PutName.Input;
|
||||
import com.google.gerrit.server.auth.ldap.LdapRealm;
|
||||
import com.google.gwtorm.server.OrmException;
|
||||
import com.google.inject.Inject;
|
||||
import com.google.inject.Provider;
|
||||
@@ -77,18 +73,15 @@ public class PutName implements RestModifyView<AccountResource, Input> {
|
||||
if (input == null) {
|
||||
input = new Input();
|
||||
}
|
||||
ReviewDb db = dbProvider.get();
|
||||
Account a = db.accounts().get(user.getAccountId());
|
||||
if (a == null) {
|
||||
throw new ResourceNotFoundException("account not found");
|
||||
}
|
||||
|
||||
if (!realm.allowsEdit(FieldName.FULL_NAME)
|
||||
&& !(realm instanceof LdapRealm && db.accountExternalIds().get(
|
||||
new AccountExternalId.Key(SCHEME_GERRIT, a.getUserName())) == null)) {
|
||||
if (!realm.allowsEdit(FieldName.FULL_NAME)) {
|
||||
throw new MethodNotAllowedException("realm does not allow editing name");
|
||||
}
|
||||
|
||||
Account a = dbProvider.get().accounts().get(user.getAccountId());
|
||||
if (a == null) {
|
||||
throw new ResourceNotFoundException("account not found");
|
||||
}
|
||||
a.setFullName(input.name);
|
||||
dbProvider.get().accounts().update(Collections.singleton(a));
|
||||
byIdCache.evict(a.getId());
|
||||
|
||||
@@ -58,7 +58,7 @@ import javax.naming.directory.DirContext;
|
||||
import javax.security.auth.login.LoginException;
|
||||
|
||||
@Singleton
|
||||
public class LdapRealm extends AbstractRealm {
|
||||
class LdapRealm extends AbstractRealm {
|
||||
static final Logger log = LoggerFactory.getLogger(LdapRealm.class);
|
||||
static final String LDAP = "com.sun.jndi.ldap.LdapCtxFactory";
|
||||
static final String USERNAME = "username";
|
||||
|
||||
Reference in New Issue
Block a user