opendev/gerrit
Code Issues Proposed changes

Make the magic "Become" mode for development a normal LoginType

Browse Source 
This simplifies cases in the client code, making the magic become
mode behave like other types of login routines.

Signed-off-by: Shawn O. Pearce <sop@google.com>
This commit is contained in:
Shawn O. Pearce
2009-08-01 13:16:37 -07:00
parent 840d2e283f
commit a87c68f9a7
8 changed files with 87 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
src/main/java/com/google/gerrit/client/Gerrit.java
View File

@@ -351,43 +351,39 @@ public class Gerrit implements EntryPoint {
if (signedIn) {
whoAmI();
addLink(menuRight, C.menuSettings(), Link.SETTINGS);
boolean signout = false;
switch (Common.getGerritConfig().getLoginType()) {
case HTTP:
break;
case OPENID:
default:
signout = true;
case DEVELOPMENT_BECOME_ANY_ACCOUNT:
menuRight.addItem(C.menuSignOut(), new Command() {
public void execute() {
doSignOut();
}
});
break;
}
if (signout || !GWT.isScript()) {
menuRight.addItem(C.menuSignOut(), new Command() {
public void execute() {
doSignOut();
}
});
}
} else {
switch (Common.getGerritConfig().getLoginType()) {
case HTTP:
break;
case OPENID:
default:
menuRight.addItem(C.menuSignIn(), new Command() {
public void execute() {
doSignIn();
}
});
break;
}
if (!GWT.isScript()) {
menuRight.addItem("Become", new Command() {
public void execute() {
Window.Location.assign(GWT.getHostPageBaseURL() + "become");
}
});
case DEVELOPMENT_BECOME_ANY_ACCOUNT:
menuRight.addItem("Become", new Command() {
public void execute() {
Window.Location.assign(GWT.getHostPageBaseURL() + "become");
}
});
break;
}
}
}

8
src/main/java/com/google/gerrit/client/data/GerritConfig.java
View File

@@ -15,7 +15,7 @@
package com.google.gerrit.client.data;
import com.google.gerrit.client.reviewdb.ApprovalCategory;
import com.google.gerrit.client.reviewdb.SystemConfig;
import com.google.gerrit.client.reviewdb.LoginType;
import java.util.ArrayList;
import java.util.HashMap;
@@ -30,7 +30,7 @@ public class GerritConfig implements Cloneable {
protected boolean useContributorAgreements;
protected boolean useContactInfo;
protected boolean allowRegisterNewEmail;
protected SystemConfig.LoginType loginType;
protected LoginType loginType;
protected boolean useRepoDownload;
protected String gitDaemonUrl;
protected String sshdAddress;
@@ -47,11 +47,11 @@ public class GerritConfig implements Cloneable {
canonicalUrl = u;
}
public SystemConfig.LoginType getLoginType() {
public LoginType getLoginType() {
return loginType;
}
public void setLoginType(final SystemConfig.LoginType t) {
public void setLoginType(final LoginType t) {
loginType = t;
}

32
src/main/java/com/google/gerrit/client/reviewdb/LoginType.java Normal file
View File

@@ -0,0 +1,32 @@
// Copyright (C) 2009 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package com.google.gerrit.client.reviewdb;
public enum LoginType {
/** Login relies upon the OpenID standard: {@link "http://openid.net/"} */
OPENID,
/**
* Login relies upon the container/web server security.
* <p>
* The container or web server must populate an HTTP header with the some
* user token. Gerrit will implicitly trust the value of this header to
* supply the unique identity.
*/
HTTP,
/** Development mode to enable becoming anyone you want. */
DEVELOPMENT_BECOME_ANY_ACCOUNT;
}

14
src/main/java/com/google/gerrit/client/reviewdb/SystemConfig.java
View File

@@ -42,20 +42,6 @@ public final class SystemConfig {
}
}
public static enum LoginType {
/** Login relies upon the OpenID standard: {@link "http://openid.net/"} */
OPENID,
/**
* Login relies upon the container/web server security.
* <p>
* The container or web server must populate an HTTP header with the some
* user token. Gerrit will implicitly trust the value of this header to
* supply the unique identity.
*/
HTTP;
}
/** Construct a new, unconfigured instance. */
public static SystemConfig create() {
final SystemConfig r = new SystemConfig();

14
src/main/java/com/google/gerrit/server/config/AuthConfig.java
View File

@@ -14,8 +14,8 @@
package com.google.gerrit.server.config;
import com.google.gerrit.client.reviewdb.LoginType;
import com.google.gerrit.client.reviewdb.SystemConfig;
import com.google.gerrit.client.reviewdb.SystemConfig.LoginType;
import com.google.gwtjsonrpc.server.SignedToken;
import com.google.gwtjsonrpc.server.XsrfException;
import com.google.inject.Inject;
@@ -64,6 +64,9 @@ public class AuthConfig {
}
private static LoginType toType(final Config cfg) {
if (isBecomeAnyoneEnabled()) {
return LoginType.DEVELOPMENT_BECOME_ANY_ACCOUNT;
}
String type = cfg.getString("auth", null, "type");
if (type == null) {
return LoginType.OPENID;
@@ -76,6 +79,15 @@ public class AuthConfig {
throw new IllegalStateException("Unsupported auth.type: " + type);
}
private static boolean isBecomeAnyoneEnabled() {
try {
String s = "com.google.gerrit.server.http.BecomeAnyAccountLoginServlet";
return Boolean.getBoolean(s);
} catch (SecurityException se) {
return false;
}
}
/** Type of user authentication used by this Gerrit server. */
public LoginType getLoginType() {
return loginType;

2
src/main/java/com/google/gerrit/server/config/CacheManagerProvider.java
View File

@@ -1,6 +1,6 @@
package com.google.gerrit.server.config;
import com.google.gerrit.client.reviewdb.SystemConfig.LoginType;
import com.google.gerrit.client.reviewdb.LoginType;
import com.google.inject.Inject;
import com.google.inject.Provider;

31
src/main/java/com/google/gerrit/server/http/BecomeAnyAccountLoginServlet.java
View File

@@ -16,6 +16,8 @@ package com.google.gerrit.server.http;
import com.google.gerrit.client.reviewdb.Account;
import com.google.gerrit.client.reviewdb.ReviewDb;
import com.google.gerrit.server.config.CanonicalWebUrl;
import com.google.gerrit.server.config.Nullable;
import com.google.gwtorm.client.OrmException;
import com.google.gwtorm.client.SchemaFactory;
import com.google.inject.Inject;
@@ -34,24 +36,17 @@ import javax.servlet.http.HttpServletResponse;
@SuppressWarnings("serial")
@Singleton
public class BecomeAnyAccountLoginServlet extends HttpServlet {
static boolean isAllowed() {
try {
return Boolean.getBoolean(BecomeAnyAccountLoginServlet.class.getName());
} catch (SecurityException se) {
return false;
}
}
private final boolean allowed;
private final SchemaFactory<ReviewDb> schema;
private final Provider<GerritCall> callFactory;
private final Provider<String> urlProvider;
@Inject
BecomeAnyAccountLoginServlet(final Provider<GerritCall> cf,
final SchemaFactory<ReviewDb> sf) {
final SchemaFactory<ReviewDb> sf,
final @CanonicalWebUrl @Nullable Provider<String> up) {
callFactory = cf;
schema = sf;
allowed = isAllowed();
urlProvider = up;
}
@Override
@@ -63,11 +58,6 @@ public class BecomeAnyAccountLoginServlet extends HttpServlet {
@Override
protected void doPost(final HttpServletRequest req,
final HttpServletResponse rsp) throws IOException {
if (!allowed) {
rsp.sendError(HttpServletResponse.SC_NOT_FOUND);
return;
}
final List<Account> accounts;
if (req.getParameter("ssh_user_name") != null) {
accounts = bySshUserName(rsp, req.getParameter("ssh_user_name"));
@@ -97,11 +87,10 @@ public class BecomeAnyAccountLoginServlet extends HttpServlet {
if (accounts.size() == 1) {
final Account account = accounts.get(0);
callFactory.get().setAccount(account.getId(), false);
final StringBuffer url = req.getRequestURL();
url.setLength(url.lastIndexOf("/")); // drop 'become'
rsp.sendRedirect(url.toString());
final GerritCall call = callFactory.get();
call.noCache();
call.setAccount(account.getId(), false);
rsp.sendRedirect(urlProvider.get());
} else {
rsp.sendError(HttpServletResponse.SC_NOT_FOUND);

23
src/main/java/com/google/gerrit/server/http/GerritServletConfig.java
View File

@@ -17,7 +17,6 @@ package com.google.gerrit.server.http;
import static com.google.inject.Stage.PRODUCTION;
import com.google.gerrit.client.reviewdb.Account;
import com.google.gerrit.client.reviewdb.SystemConfig.LoginType;
import com.google.gerrit.client.rpc.Common;
import com.google.gerrit.client.rpc.Common.CurrentAccountImpl;
import com.google.gerrit.git.PushAllProjectsOp;
@@ -123,15 +122,19 @@ public class GerritServletConfig extends GuiceServletContextListener {
final List<Module> modules = new ArrayList<Module>();
modules.add(new WebModule(sshInfo));
if (BecomeAnyAccountLoginServlet.isAllowed()) {
modules.add(new ServletModule() {
@Override
protected void configureServlets() {
serve("/become").with(BecomeAnyAccountLoginServlet.class);
}
});
} else if (auth.getLoginType() == LoginType.OPENID) {
modules.add(new OpenIdModule());
switch (auth.getLoginType()) {
case OPENID:
modules.add(new OpenIdModule());
break;
case DEVELOPMENT_BECOME_ANY_ACCOUNT:
modules.add(new ServletModule() {
@Override
protected void configureServlets() {
serve("/become").with(BecomeAnyAccountLoginServlet.class);
}
});
break;
}
return sysInjector.createChildInjector(modules);