From 22ade6cd6e615c2feea7bb0cf7e0832bcedc4976 Mon Sep 17 00:00:00 2001 From: Edwin Kempin Date: Wed, 3 Aug 2016 15:15:21 +0200 Subject: [PATCH] PutName: Remove special case for LDAP If the realm doesn't allow editing the username, editing the username should be forbidden. The special case for LDAP didn't make sense as it was checking for an external ID in the gerrit scheme that had the username of the user as value, but usernames are stored in the username scheme. Change-Id: Id69a6cbfc9c6a6b0f1617ebc13bdff02b608c527 Signed-off-by: Edwin Kempin --- .../google/gerrit/server/account/PutName.java | 17 +++++------------ .../gerrit/server/auth/ldap/LdapRealm.java | 2 +- 2 files changed, 6 insertions(+), 13 deletions(-) diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/PutName.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/PutName.java index 6338b15a39..e0b69a64ff 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/PutName.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/PutName.java @@ -14,8 +14,6 @@ package com.google.gerrit.server.account; -import static com.google.gerrit.reviewdb.client.AccountExternalId.SCHEME_GERRIT; - import com.google.common.base.Strings; import com.google.gerrit.extensions.restapi.AuthException; import com.google.gerrit.extensions.restapi.DefaultInput; @@ -25,12 +23,10 @@ import com.google.gerrit.extensions.restapi.Response; import com.google.gerrit.extensions.restapi.RestModifyView; import com.google.gerrit.reviewdb.client.Account; import com.google.gerrit.reviewdb.client.Account.FieldName; -import com.google.gerrit.reviewdb.client.AccountExternalId; import com.google.gerrit.reviewdb.server.ReviewDb; import com.google.gerrit.server.CurrentUser; import com.google.gerrit.server.IdentifiedUser; import com.google.gerrit.server.account.PutName.Input; -import com.google.gerrit.server.auth.ldap.LdapRealm; import com.google.gwtorm.server.OrmException; import com.google.inject.Inject; import com.google.inject.Provider; @@ -77,18 +73,15 @@ public class PutName implements RestModifyView { if (input == null) { input = new Input(); } - ReviewDb db = dbProvider.get(); - Account a = db.accounts().get(user.getAccountId()); - if (a == null) { - throw new ResourceNotFoundException("account not found"); - } - if (!realm.allowsEdit(FieldName.FULL_NAME) - && !(realm instanceof LdapRealm && db.accountExternalIds().get( - new AccountExternalId.Key(SCHEME_GERRIT, a.getUserName())) == null)) { + if (!realm.allowsEdit(FieldName.FULL_NAME)) { throw new MethodNotAllowedException("realm does not allow editing name"); } + Account a = dbProvider.get().accounts().get(user.getAccountId()); + if (a == null) { + throw new ResourceNotFoundException("account not found"); + } a.setFullName(input.name); dbProvider.get().accounts().update(Collections.singleton(a)); byIdCache.evict(a.getId()); diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapRealm.java b/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapRealm.java index d55bbc3727..30b08a6c0f 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapRealm.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapRealm.java @@ -58,7 +58,7 @@ import javax.naming.directory.DirContext; import javax.security.auth.login.LoginException; @Singleton -public class LdapRealm extends AbstractRealm { +class LdapRealm extends AbstractRealm { static final Logger log = LoggerFactory.getLogger(LdapRealm.class); static final String LDAP = "com.sun.jndi.ldap.LdapCtxFactory"; static final String USERNAME = "username";