Merge "Support deletion of email address via REST"

Documentation/rest-api-accounts.txt

@@ -262,6 +262,24 @@ link:#email-info[EmailInfo] entity.
   }
 ----
 
+[[delete-account-email]]
+Delete Account Email
+~~~~~~~~~~~~~~~~~~~~
+[verse]
+'DELETE /accounts/link:#account-id[\{account-id\}]/emails/link:#email-id[\{email-id\}]'
+
+Deletes an email address of an account.
+
+.Request
+----
+  DELETE /accounts/self/emails/john.doe@example.com HTTP/1.0
+----
+
+.Response
+----
+  HTTP/1.1 204 No Content
+----
+
 [[set-preferred-email]]
 Set Preferred Email
 ~~~~~~~~~~~~~~~~~~~

gerrit-server/src/main/java/com/google/gerrit/server/account/AccountManager.java

@@ -435,8 +435,7 @@ public class AccountManager {
    *         cannot be unlinked at this time.
    */
   public AuthResult unlink(final Account.Id from, AuthRequest who)
-      throws AccountException {
+      throws AccountException, OrmException {
-    try {
     final ReviewDb db = schema.open();
     try {
       who = realm.unlink(db, from, who);
@@ -469,9 +468,6 @@ public class AccountManager {
     } finally {
       db.close();
     }
-    } catch (OrmException e) {
-      throw new AccountException("Cannot unlink identity", e);
-    }
   }
 
 

gerrit-server/src/main/java/com/google/gerrit/server/account/DeleteEmail.java

@@ -0,0 +1,75 @@
+// Copyright (C) 2013 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.google.gerrit.server.account;
+
+import com.google.gerrit.extensions.restapi.AuthException;
+import com.google.gerrit.extensions.restapi.MethodNotAllowedException;
+import com.google.gerrit.extensions.restapi.ResourceConflictException;
+import com.google.gerrit.extensions.restapi.ResourceNotFoundException;
+import com.google.gerrit.extensions.restapi.Response;
+import com.google.gerrit.extensions.restapi.RestModifyView;
+import com.google.gerrit.reviewdb.client.Account.FieldName;
+import com.google.gerrit.reviewdb.client.AccountExternalId;
+import com.google.gerrit.reviewdb.server.ReviewDb;
+import com.google.gerrit.server.CurrentUser;
+import com.google.gerrit.server.account.DeleteEmail.Input;
+import com.google.gwtorm.server.OrmException;
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+
+public class DeleteEmail implements RestModifyView<AccountResource.Email, Input> {
+  static class Input {
+  }
+
+  private final Provider<CurrentUser> self;
+  private final Realm realm;
+  private final Provider<ReviewDb> dbProvider;
+  private final AccountManager accountManager;
+
+  @Inject
+  DeleteEmail(Provider<CurrentUser> self, Realm realm,
+      Provider<ReviewDb> dbProvider, AccountManager accountManager) {
+    this.self = self;
+    this.realm = realm;
+    this.dbProvider = dbProvider;
+    this.accountManager = accountManager;
+  }
+
+  @Override
+  public Object apply(AccountResource.Email rsrc, Input input)
+      throws AuthException, ResourceNotFoundException,
+      ResourceConflictException, MethodNotAllowedException, OrmException {
+    if (self.get() != rsrc.getUser()
+        && !self.get().getCapabilities().canAdministrateServer()) {
+      throw new AuthException("not allowed to delete email address");
+    }
+    if (!realm.allowsEdit(FieldName.REGISTER_NEW_EMAIL)) {
+      throw new MethodNotAllowedException("realm does not allow deleting emails");
+    }
+    AccountExternalId.Key key = new AccountExternalId.Key(
+        AccountExternalId.SCHEME_MAILTO, rsrc.getEmail());
+    AccountExternalId extId = dbProvider.get().accountExternalIds().get(key);
+    if (extId == null) {
+      throw new ResourceNotFoundException(rsrc.getEmail());
+    }
+    try {
+      accountManager.unlink(rsrc.getUser().getAccountId(),
+          AuthRequest.forEmail(rsrc.getEmail()));
+    } catch (AccountException e) {
+      throw new ResourceConflictException(e.getMessage());
+    }
+    return Response.none();
+  }
+}

gerrit-server/src/main/java/com/google/gerrit/server/account/Module.java

@@ -40,6 +40,7 @@ public class Module extends RestApiModule {
     child(ACCOUNT_KIND, "emails").to(Emails.class);
     get(EMAIL_KIND).to(GetEmail.class);
     put(EMAIL_KIND).to(PutEmail.class);
+    delete(EMAIL_KIND).to(DeleteEmail.class);
     put(EMAIL_KIND, "preferred").to(PutPreferred.class);
     get(ACCOUNT_KIND, "avatar").to(GetAvatar.class);
     get(ACCOUNT_KIND, "avatar.change.url").to(GetAvatarChangeUrl.class);

gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/SetAccountCommand.java

@@ -260,6 +260,8 @@ final class SetAccountCommand extends BaseCommand {
       manager.unlink(id, AuthRequest.forEmail(mailAddress));
     } catch (AccountException ex) {
       throw die(ex.getMessage());
+    } catch (OrmException ex) {
+      throw die(ex.getMessage());
     }
   }