Show the trust status of a user's identities

If a user's provider is untrusted, we show them it in the new status column, so they can take steps to join a trusted site and link that identity, then remove the untrusted one. This may be necessary to upgrade the user's effective groups to their actual memberships. Signed-off-by: Shawn O. Pearce <sop@google.com>
2009-02-25 15:07:43 -08:00
parent a2299669f2
commit 92d7ab7556
10 changed files with 104 additions and 31 deletions
--- a/src/main/java/com/google/gerrit/client/account/AccountConstants.java
+++ b/src/main/java/com/google/gerrit/client/account/AccountConstants.java
@@ -51,8 +51,10 @@ public interface AccountConstants extends Constants {
  String invalidSshKeyError();
  String webIdLastUsed();
  String webIdStatus();
  String webIdEmail();
  String webIdIdentity();
  String untrustedProvider();
  String buttonDeleteIdentity();
  String buttonLinkIdentity();
--- a/src/main/java/com/google/gerrit/client/account/AccountConstants.properties
+++ b/src/main/java/com/google/gerrit/client/account/AccountConstants.properties
@@ -27,8 +27,10 @@ sshKeyLastUsed = Last Used
 sshKeyStored = Stored
 webIdLastUsed = Last Login
 webIdStatus = Status
 webIdEmail = Email Address
 webIdIdentity = Identity
 untrustedProvider = Untrusted
 buttonDeleteIdentity = Delete
 buttonLinkIdentity = Link Another Identity
--- a/src/main/java/com/google/gerrit/client/account/AccountSecurity.java
+++ b/src/main/java/com/google/gerrit/client/account/AccountSecurity.java
@@ -39,7 +39,7 @@ public interface AccountSecurity extends RemoteJsonService {
      AsyncCallback<VoidResult> callback);
  @SignInRequired
-  void myExternalIds(AsyncCallback<List<AccountExternalId>> callback);
+  void myExternalIds(AsyncCallback<ExternalIdDetail> callback);
  @SignInRequired
  void deleteExternalIds(Set<AccountExternalId.Key> keys,
--- a/src/main/java/com/google/gerrit/client/account/ContactPanel.java
+++ b/src/main/java/com/google/gerrit/client/account/ContactPanel.java
@@ -217,11 +217,12 @@ class ContactPanel extends Composite {
      }
    });
    Util.ACCOUNT_SEC
-        .myExternalIds(new GerritCallback<List<AccountExternalId>>() {
+        .myExternalIds(new GerritCallback<ExternalIdDetail>() {
-          public void onSuccess(final List<AccountExternalId> result) {
+          public void onSuccess(final ExternalIdDetail detail) {
            if (!isAttached()) {
              return;
            }
            final List<AccountExternalId> result = detail.ids;
            final Set<String> emails = new HashSet<String>();
            for (final AccountExternalId i : result) {
              if (i.getEmailAddress() != null
--- a/src/main/java/com/google/gerrit/client/account/ExternalIdDetail.java
+++ b/src/main/java/com/google/gerrit/client/account/ExternalIdDetail.java
@@ -0,0 +1,49 @@
 // Copyright 2009 Google Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 // http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 package com.google.gerrit.client.account;
 import com.google.gerrit.client.reviewdb.AccountExternalId;
 import com.google.gerrit.client.reviewdb.TrustedExternalId;
 import com.google.gerrit.client.rpc.Common;
 import java.util.List;
 public class ExternalIdDetail {
  protected List<AccountExternalId> ids;
  protected List<TrustedExternalId> trusted;
  protected ExternalIdDetail() {
  }
  public ExternalIdDetail(final List<AccountExternalId> myIds,
      final List<TrustedExternalId> siteTrusts) {
    ids = myIds;
    trusted = siteTrusts;
  }
  public List<AccountExternalId> getIds() {
    return ids;
  }
  public boolean isTrusted(final AccountExternalId id) {
    switch (Common.getGerritConfig().getLoginType()) {
      case HTTP:
        return true;
      case OPENID:
      default:
        return TrustedExternalId.isTrusted(id, trusted);
    }
  }
 }
--- a/src/main/java/com/google/gerrit/client/account/ExternalIdPanel.java
+++ b/src/main/java/com/google/gerrit/client/account/ExternalIdPanel.java
@@ -31,7 +31,6 @@ import com.google.gwt.user.client.ui.Widget;
 import com.google.gwt.user.client.ui.FlexTable.FlexCellFormatter;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
 class ExternalIdPanel extends Composite {
@@ -86,9 +85,8 @@ class ExternalIdPanel extends Composite {
  }
  private void refresh() {
-    Util.ACCOUNT_SEC
+    Util.ACCOUNT_SEC.myExternalIds(new GerritCallback<ExternalIdDetail>() {
-        .myExternalIds(new GerritCallback<List<AccountExternalId>>() {
+      public void onSuccess(final ExternalIdDetail result) {
          public void onSuccess(final List<AccountExternalId> result) {
        identites.display(result);
        identites.finishDisplay(true);
      }
@@ -98,8 +96,9 @@ class ExternalIdPanel extends Composite {
  private class IdTable extends FancyFlexTable<AccountExternalId> {
    IdTable() {
      table.setText(0, 2, Util.C.webIdLastUsed());
-      table.setText(0, 3, Util.C.webIdEmail());
+      table.setText(0, 3, Util.C.webIdStatus());
-      table.setText(0, 4, Util.C.webIdIdentity());
+      table.setText(0, 4, Util.C.webIdEmail());
      table.setText(0, 5, Util.C.webIdIdentity());
      table.addTableListener(new TableListener() {
        public void onCellClicked(SourcesTableEvents sender, int row, int cell) {
          if (cell != 1 && getRowItem(row) != null) {
@@ -113,6 +112,7 @@ class ExternalIdPanel extends Composite {
      fmt.addStyleName(0, 2, S_DATA_HEADER);
      fmt.addStyleName(0, 3, S_DATA_HEADER);
      fmt.addStyleName(0, 4, S_DATA_HEADER);
      fmt.addStyleName(0, 5, S_DATA_HEADER);
    }
    @Override
@@ -189,15 +189,16 @@ class ExternalIdPanel extends Composite {
      }
    }
-    void display(final List<AccountExternalId> result) {
+    void display(final ExternalIdDetail result) {
      while (1 < table.getRowCount())
        table.removeRow(table.getRowCount() - 1);
-      for (final AccountExternalId k : result) {
+      for (final AccountExternalId k : result.getIds()) {
-        addOneId(k);
+        addOneId(k, result);
      }
-      final AccountExternalId mostRecent = AccountExternalId.mostRecent(result);
+      final AccountExternalId mostRecent =
          AccountExternalId.mostRecent(result.getIds());
      if (mostRecent != null) {
        for (int row = 1; row < table.getRowCount(); row++) {
          if (getRowItem(row) == mostRecent) {
@@ -212,7 +213,8 @@ class ExternalIdPanel extends Composite {
      }
    }
-    void addOneId(final AccountExternalId k) {
+    void addOneId(final AccountExternalId k, final ExternalIdDetail detail) {
      final FlexCellFormatter fmt = table.getFlexCellFormatter();
      final int row = table.getRowCount();
      table.insertRow(row);
      applyDataRowStyle(row);
@@ -227,15 +229,21 @@ class ExternalIdPanel extends Composite {
      } else {
        table.setHTML(row, 2, "&nbsp;");
      }
-      table.setText(row, 3, k.getEmailAddress());
+      if (detail.isTrusted(k)) {
-      table.setText(row, 4, k.getExternalId());
+        table.setHTML(row, 3, "&nbsp;");
      } else {
        table.setText(row, 3, Util.C.untrustedProvider());
        fmt.addStyleName(row, 3, "gerrit-Identity-UntrustedExternalId");
      }
      table.setText(row, 4, k.getEmailAddress());
      table.setText(row, 5, k.getExternalId());
      final FlexCellFormatter fmt = table.getFlexCellFormatter();
      fmt.addStyleName(row, 1, S_ICON_CELL);
      fmt.addStyleName(row, 2, S_DATA_CELL);
      fmt.addStyleName(row, 2, "C_LAST_UPDATE");
      fmt.addStyleName(row, 3, S_DATA_CELL);
      fmt.addStyleName(row, 3, "C_LAST_UPDATE");
      fmt.addStyleName(row, 4, S_DATA_CELL);
      fmt.addStyleName(row, 5, S_DATA_CELL);
      setRowItem(row, k);
    }
--- a/src/main/java/com/google/gerrit/client/data/GroupCache.java
+++ b/src/main/java/com/google/gerrit/client/data/GroupCache.java
@@ -222,13 +222,13 @@ public class GroupCache {
      default:
        // Validate against the trusted provider list
        //
-        return TrustedExternalId.isIdentityTrustable(getTrustedIds(db), db
+        return TrustedExternalId.isIdentityTrustable(getTrustedExternalIds(db),
-            .accountExternalIds().byAccount(accountId));
+            db.accountExternalIds().byAccount(accountId));
    }
  }
-  private synchronized List<TrustedExternalId> getTrustedIds(final ReviewDb db)
+  public synchronized List<TrustedExternalId> getTrustedExternalIds(
-      throws OrmException {
+      final ReviewDb db) throws OrmException {
    if (trustedIds == null) {
      trustedIds =
          Collections.unmodifiableList(db.trustedExternalIds().all().toList());
--- a/src/main/java/com/google/gerrit/client/reviewdb/TrustedExternalId.java
+++ b/src/main/java/com/google/gerrit/client/reviewdb/TrustedExternalId.java
@@ -53,7 +53,7 @@ public final class TrustedExternalId {
    return true;
  }
-  private static boolean isTrusted(final AccountExternalId id,
+  public static boolean isTrusted(final AccountExternalId id,
      final Collection<TrustedExternalId> trusted) {
    if (id.getExternalId().startsWith("Google Account ")) {
      // Assume this is a trusted token, its a legacy import from
--- a/src/main/java/com/google/gerrit/public/Gerrit.css
+++ b/src/main/java/com/google/gerrit/public/Gerrit.css
@@ -682,6 +682,11 @@
  color: red;
  font-weight: bold;
 }
 .gerrit-Identity-UntrustedExternalId {
  white-space: nowrap;
  color: red;
  font-weight: bold;
 }
 .gerrit-AccountInfoBlock {
  margin-bottom: 10px;
--- a/src/main/java/com/google/gerrit/server/AccountSecurityImpl.java
+++ b/src/main/java/com/google/gerrit/server/AccountSecurityImpl.java
@@ -15,6 +15,7 @@
 package com.google.gerrit.server;
 import com.google.gerrit.client.account.AccountSecurity;
 import com.google.gerrit.client.account.ExternalIdDetail;
 import com.google.gerrit.client.reviewdb.Account;
 import com.google.gerrit.client.reviewdb.AccountAgreement;
 import com.google.gerrit.client.reviewdb.AccountExternalId;
@@ -23,6 +24,7 @@ import com.google.gerrit.client.reviewdb.ContactInformation;
 import com.google.gerrit.client.reviewdb.ContributorAgreement;
 import com.google.gerrit.client.reviewdb.ReviewDb;
 import com.google.gerrit.client.reviewdb.SystemConfig;
 import com.google.gerrit.client.reviewdb.TrustedExternalId;
 import com.google.gerrit.client.rpc.BaseServiceImplementation;
 import com.google.gerrit.client.rpc.Common;
 import com.google.gerrit.client.rpc.ContactInformationStoreException;
@@ -135,11 +137,15 @@ class AccountSecurityImpl extends BaseServiceImplementation implements
    });
  }
-  public void myExternalIds(AsyncCallback<List<AccountExternalId>> callback) {
+  public void myExternalIds(AsyncCallback<ExternalIdDetail> callback) {
-    run(callback, new Action<List<AccountExternalId>>() {
+    run(callback, new Action<ExternalIdDetail>() {
-      public List<AccountExternalId> run(ReviewDb db) throws OrmException {
+      public ExternalIdDetail run(ReviewDb db) throws OrmException {
        final Account.Id me = Common.getAccountId();
-        return db.accountExternalIds().byAccount(me).toList();
+        final List<TrustedExternalId> trusted =
            Common.getGroupCache().getTrustedExternalIds(db);
        final List<AccountExternalId> myIds =
            db.accountExternalIds().byAccount(me).toList();
        return new ExternalIdDetail(myIds, trusted);
      }
    });
  }