Merge branch 'stable-3.0'
* stable-3.0: Fix eclipse project generation Always send an email when adding or deleting an SSH key AccountIT: Add test for adding GPG key to another account AccountIT: Add tests for modifying SSH keys of another account Remove GWT leftovers from .gitignore Update rules_closure to latest version Use bazelisk to switch between used bazel version Eclipse: Configure classpath to ignore warnings in generated classes Allow load labels to cross package boundaries by default Change-Id: Iaf0aef486ef7dc189c11ab3cb0417600155c0b99
This commit is contained in:
David Pursehouse
@@ -2043,6 +2043,16 @@ public class AccountIT extends AbstractDaemonTest {
|
||||
assertThat(thrown).hasMessageThat().contains(id);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void adminCannotAddGpgKeyToOtherAccount() throws Exception {
|
||||
TestKey key = validKeyWithoutExpiration();
|
||||
addExternalIdEmail(user, "test1@example.com");
|
||||
|
||||
sender.clear();
|
||||
requestScopeOperations.setApiUser(admin.id());
|
||||
assertThrows(ResourceNotFoundException.class, () -> addGpgKey(user, key.getPublicKeyArmored()));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void reAddExistingGpgKey() throws Exception {
|
||||
addExternalIdEmail(admin, "test5@example.com");
|
||||
@@ -2084,7 +2094,8 @@ public class AccountIT extends AbstractDaemonTest {
|
||||
requestScopeOperations.setApiUser(user.id());
|
||||
|
||||
ResourceConflictException thrown =
|
||||
assertThrows(ResourceConflictException.class, () -> addGpgKey(key.getPublicKeyArmored()));
|
||||
assertThrows(
|
||||
ResourceConflictException.class, () -> addGpgKey(user, key.getPublicKeyArmored()));
|
||||
assertThat(thrown).hasMessageThat().contains("GPG key already associated with another account");
|
||||
}
|
||||
|
||||
@@ -2243,6 +2254,63 @@ public class AccountIT extends AbstractDaemonTest {
|
||||
accountIndexedCounter.assertReindexOf(admin);
|
||||
}
|
||||
|
||||
@Test
|
||||
@UseSsh
|
||||
public void adminCanAddOrRemoveSshKeyOnOtherAccount() throws Exception {
|
||||
// The test account should initially have exactly one ssh key
|
||||
List<SshKeyInfo> info = gApi.accounts().self().listSshKeys();
|
||||
assertThat(info).hasSize(1);
|
||||
assertSequenceNumbers(info);
|
||||
SshKeyInfo key = info.get(0);
|
||||
KeyPair keyPair = sshKeys.getKeyPair(admin);
|
||||
String initial = TestSshKeys.publicKey(keyPair, admin.email());
|
||||
assertThat(key.sshPublicKey).isEqualTo(initial);
|
||||
accountIndexedCounter.assertNoReindex();
|
||||
|
||||
// Add a new key
|
||||
sender.clear();
|
||||
String newKey = TestSshKeys.publicKey(TestSshKeys.genSshKey(), user.email());
|
||||
gApi.accounts().id(user.username()).addSshKey(newKey);
|
||||
info = gApi.accounts().id(user.username()).listSshKeys();
|
||||
assertThat(info).hasSize(2);
|
||||
assertSequenceNumbers(info);
|
||||
accountIndexedCounter.assertReindexOf(user);
|
||||
|
||||
assertThat(sender.getMessages()).hasSize(1);
|
||||
Message message = sender.getMessages().get(0);
|
||||
assertThat(message.rcpt()).containsExactly(user.getEmailAddress());
|
||||
assertThat(message.body()).contains("new SSH keys have been added");
|
||||
|
||||
// Delete key
|
||||
sender.clear();
|
||||
gApi.accounts().id(user.username()).deleteSshKey(1);
|
||||
info = gApi.accounts().id(user.username()).listSshKeys();
|
||||
assertThat(info).hasSize(1);
|
||||
accountIndexedCounter.assertReindexOf(user);
|
||||
|
||||
assertThat(sender.getMessages()).hasSize(1);
|
||||
message = sender.getMessages().get(0);
|
||||
assertThat(message.rcpt()).containsExactly(user.getEmailAddress());
|
||||
assertThat(message.body()).contains("SSH keys have been deleted");
|
||||
}
|
||||
|
||||
@Test
|
||||
@UseSsh
|
||||
public void userCannotAddSshKeyToOtherAccount() throws Exception {
|
||||
String newKey = TestSshKeys.publicKey(TestSshKeys.genSshKey(), admin.email());
|
||||
requestScopeOperations.setApiUser(user.id());
|
||||
assertThrows(AuthException.class, () -> gApi.accounts().id(admin.username()).addSshKey(newKey));
|
||||
}
|
||||
|
||||
@Test
|
||||
@UseSsh
|
||||
public void userCannotDeleteSshKeyOfOtherAccount() throws Exception {
|
||||
requestScopeOperations.setApiUser(user.id());
|
||||
assertThrows(
|
||||
ResourceNotFoundException.class,
|
||||
() -> gApi.accounts().id(admin.username()).deleteSshKey(0));
|
||||
}
|
||||
|
||||
// reindex is tested by {@link AbstractQueryAccountsTest#reindex}
|
||||
@Test
|
||||
public void reindexPermissions() throws Exception {
|
||||
@@ -3129,9 +3197,15 @@ public class AccountIT extends AbstractDaemonTest {
|
||||
}
|
||||
|
||||
private Map<String, GpgKeyInfo> addGpgKey(String armored) throws Exception {
|
||||
return addGpgKey(admin, armored);
|
||||
}
|
||||
|
||||
private Map<String, GpgKeyInfo> addGpgKey(TestAccount account, String armored) throws Exception {
|
||||
Map<String, GpgKeyInfo> gpgKeys =
|
||||
gApi.accounts().self().putGpgKeys(ImmutableList.of(armored), ImmutableList.of());
|
||||
accountIndexedCounter.assertReindexOf(gApi.accounts().self().get());
|
||||
gApi.accounts()
|
||||
.id(account.username())
|
||||
.putGpgKeys(ImmutableList.of(armored), ImmutableList.<String>of());
|
||||
accountIndexedCounter.assertReindexOf(gApi.accounts().id(account.username()).get());
|
||||
return gpgKeys;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user