Update HTTP password from SSH commands.

Non-interactive users created from the ssh command line normally can not logon using the Gerrit web UI. So to create/update a HTTP password, for REST API usage, one needs to manually update the correct database table. This change adds support for creating and updating HTTP passwords from the command line. Change-Id: Ic8ad8360f3e0c87dfd71ff408b43be60270986c5
2012-09-04 22:09:29 +02:00 · 2012-09-04 22:09:29 +02:00 · 99c3703954
commit 99c3703954
parent e935f4c87f
4 changed files with 37 additions and 3 deletions
--- a/Documentation/cmd-create-account.txt
+++ b/Documentation/cmd-create-account.txt
@ -13,6 +13,7 @@ SYNOPSIS
  [--full-name <FULLNAME>]
  [--email <EMAIL>]
  [--ssh-key - | <KEY>]
+  [--http-password <PASSWORD>]
  <USERNAME>

 DESCRIPTION
@ -59,6 +60,9 @@ This most likely requires double quoting the value, for example
 --email::
 	Preferred email address for the user account.

+--http-password::
+    HTTP password for the user account.
+
 EXAMPLES
 --------
 Create a new user account called `watcher`:
--- a/Documentation/cmd-set-account.txt
+++ b/Documentation/cmd-set-account.txt
@ -11,13 +11,14 @@ SYNOPSIS
 set-account [--full-name <FULLNAME>] [--active|--inactive] \
            [--add-email <EMAIL>] [--delete-email <EMAIL> | ALL] \
            [--add-ssh-key - | <KEY>] \
-            [--delete-ssh-key - | <KEY> | ALL] <USER>
+            [--delete-ssh-key - | <KEY> | ALL] \
+            [--http-password <PASSWORD>] <USER>

 DESCRIPTION
 -----------
 Modifies a given user's settings. This command can be useful to
-deactivate an account or add/delete ssh keys without going through
-the UI.
+deactivate an account, set HTTP password, add/delete ssh keys without
+going through the UI.

 It also allows managing email addresses, which bypasses the
 verification step we force within the UI.
@ -79,6 +80,9 @@ This most likely requires double quoting the value, for example
    May be supplied more than once to delete multiple SSH
    keys in a single command execution.

+--http-password::
+    Set the HTTP password for the user account.
+
 EXAMPLES
 --------
 Add an email and SSH key to `watcher`'s account:
--- a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/CreateAccountCommand.java
+++ b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/CreateAccountCommand.java
@ -60,6 +60,9 @@ final class CreateAccountCommand extends SshCommand {
  @Option(name = "--ssh-key", metaVar = "-|KEY", usage = "public key for SSH authentication")
  private String sshKey;

+  @Option(name = "--http-password", metaVar = "PASSWORD", usage = "password for HTTP authentication")
+  private String httpPassword;
+
  @Argument(index = 0, required = true, metaVar = "USERNAME", usage = "name of the user account")
  private String username;

@ -93,6 +96,10 @@ final class CreateAccountCommand extends SshCommand {
        new AccountExternalId(id, new AccountExternalId.Key(
            AccountExternalId.SCHEME_USERNAME, username));

+    if (httpPassword != null) {
+      extUser.setPassword(httpPassword);
+    }
+
    if (db.accountExternalIds().get(extUser.getKey()) != null) {
      throw die("username '" + username + "' already exists");
    }
--- a/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/SetAccountCommand.java
+++ b/gerrit-sshd/src/main/java/com/google/gerrit/sshd/commands/SetAccountCommand.java
@ -72,6 +72,9 @@ final class SetAccountCommand extends BaseCommand {
  @Option(name = "--delete-ssh-key", multiValued = true, metaVar = "-|KEY", usage = "public keys to delete from the account")
  private List<String> deleteSshKeys = new ArrayList<String>();

+  @Option(name = "--http-password", metaVar = "PASSWORD", usage = "password for HTTP authentication for the account")
+  private String httpPassword;
+
  @Inject
  private IdentifiedUser currentUser;

@ -147,6 +150,10 @@ final class SetAccountCommand extends BaseCommand {
      }
    }

+    if (httpPassword != null) {
+      setHttpPassword(id, httpPassword);
+    }
+
    if (active) {
      accountUpdated = true;
      account.setActive(true);
@ -234,6 +241,18 @@ final class SetAccountCommand extends BaseCommand {
    }
  }

+  private void setHttpPassword(Account.Id id, final String httpPassword)
+      throws UnloggedFailure, OrmException {
+    ResultSet<AccountExternalId> ids = db.accountExternalIds().byAccount(id);
+    for (AccountExternalId extId: ids) {
+      if (extId.isScheme(AccountExternalId.SCHEME_USERNAME)) {
+        extId.setPassword(httpPassword);
+        db.accountExternalIds().update(Collections.singleton(extId));
+        byIdCache.evict(id);
+      }
+    }
+  }
+
  private void unlink(Account.Id id, final String mailAddress)
      throws UnloggedFailure {
    try {