Use email instead of Account.Id to retrieve avatar image

On the client side references to the Account.Id should be removed for
information disclosure reasons. As a first step this change removes the
usage of Account.Id for retrieving avatar images. This is done because
follow up changes will display the avatar image in more place and it
should be avoided that the Account.Id appears in even more method
signatures than now.

Change-Id: I23b1d966e6cee1a2170856a73899440faad89f29
Signed-off-by: Edwin Kempin <edwin.kempin@sap.com>

gerrit-gwtui/src/main/java/com/google/gerrit/client/AvatarImage.java

@@ -15,7 +15,6 @@
 package com.google.gerrit.client;
 
 import com.google.gerrit.client.rpc.RestApi;
-import com.google.gerrit.reviewdb.client.Account;
 import com.google.gwt.event.dom.client.ErrorEvent;
 import com.google.gwt.event.dom.client.ErrorHandler;
 import com.google.gwt.user.client.ui.Image;
@@ -23,20 +22,20 @@ import com.google.gwt.user.client.ui.Image;
 public class AvatarImage extends Image {
 
   /** A default sized avatar image. */
-  public AvatarImage(Account.Id account) {
-    this(account, 0);
+  public AvatarImage(String email) {
+    this(email, 0);
   }
 
   /**
    * An avatar image for the given account using the requested size.
    *
-   * @param account The account in which we are interested
+   * @param email The email address of the account in which we are interested
    * @param size A requested size. Note that the size can be ignored depending
    *        on the avatar provider. A size <= 0 indicates to let the provider
    *        decide a default size.
    */
-  public AvatarImage(Account.Id account, int size) {
-    super(url(account, size));
+  public AvatarImage(String email, int size) {
+    super(url(email, size));
 
     if (size > 0) {
       // If the provider does not resize the image, force it in the browser.
@@ -53,12 +52,15 @@ public class AvatarImage extends Image {
     });
   }
 
-  private static String url(Account.Id id, int size) {
+  private static String url(String email, int size) {
+    if (email == null) {
+      return "";
+    }
     String u;
-    if (Gerrit.isSignedIn() && id.equals(Gerrit.getUserAccount().getId())) {
+    if (Gerrit.isSignedIn() && email.equals(Gerrit.getUserAccount().getPreferredEmail())) {
       u = "self";
     } else {
-      u = id.toString();
+      u = email;
     }
     RestApi api = new RestApi("/accounts/").id(u).view("avatar");
     if (size > 0) {

gerrit-gwtui/src/main/java/com/google/gerrit/client/CurrentUserPopupPanel.java

@@ -43,7 +43,7 @@ public class CurrentUserPopupPanel extends PluginSafePopupPanel {
 
   public CurrentUserPopupPanel(Account account, boolean canLogOut) {
     super(/* auto hide */true, /* modal */false);
-    avatar = new AvatarImage(account.getId(), 100);
+    avatar = new AvatarImage(account.getPreferredEmail(), 100);
     setWidget(binder.createAndBindUi(this));
     // We must show and then hide this popup so that it is part of the DOM.
     // Otherwise the image does not get any events.  Calling hide() would

gerrit-gwtui/src/main/java/com/google/gerrit/client/Gerrit.java

@@ -791,7 +791,7 @@ public class Gerrit implements EntryPoint {
     final PopupHandler popupHandler = new PopupHandler();
     final InlineLabel l = new InlineLabel(FormatUtil.name(account));
     l.setStyleName(RESOURCES.css().menuBarUserName());
-    final AvatarImage avatar = new AvatarImage(account.getId(), 26);
+    final AvatarImage avatar = new AvatarImage(account.getPreferredEmail(), 26);
     avatar.setStyleName(RESOURCES.css().menuBarUserNameAvatar());
     userSummaryPanel.setStyleName(RESOURCES.css().menuBarUserNamePanel());
     userSummaryPanel.add(l);