Merge branch 'stable-2.15' into stable-2.16

* stable-2.15:
  AccountIT: Test that account is not created with invalid email
  CreateAccount: Fail early when invalid SSH key is given
  Use base url for commentlink

Change-Id: Ifac43208ba54ffcc012e1ff9374272466555bfbc

java/com/google/gerrit/server/restapi/account/CreateAccount.java

@@ -131,6 +131,16 @@ public class CreateAccount
     }
 
     extIds.add(ExternalId.createUsername(username, accountId, input.httpPassword));
+
+    if (input.sshKey != null) {
+      try {
+        authorizedKeys.addKey(accountId, input.sshKey);
+        sshKeyCache.evict(username);
+      } catch (InvalidSshKeyException e) {
+        throw new BadRequestException(e.getMessage());
+      }
+    }
+
     for (AccountExternalIdCreator c : externalIdCreators) {
       extIds.addAll(c.create(accountId, username, input.email));
     }
@@ -163,15 +173,6 @@ public class CreateAccount
       }
     }
 
-    if (input.sshKey != null) {
-      try {
-        authorizedKeys.addKey(accountId, input.sshKey);
-        sshKeyCache.evict(username);
-      } catch (InvalidSshKeyException e) {
-        throw new BadRequestException(e.getMessage());
-      }
-    }
-
     AccountLoader loader = infoLoader.create(true);
     AccountInfo info = loader.get(accountId);
     loader.fill();

javatests/com/google/gerrit/acceptance/api/accounts/AccountIT.java

@@ -32,6 +32,7 @@ import static com.google.gerrit.server.StarredChangesUtil.IGNORE_LABEL;
 import static com.google.gerrit.server.account.externalids.ExternalId.SCHEME_GPGKEY;
 import static com.google.gerrit.server.group.SystemGroupBackend.ANONYMOUS_USERS;
 import static com.google.gerrit.server.group.SystemGroupBackend.REGISTERED_USERS;
+import static com.google.gerrit.testing.GerritJUnit.assertThrows;
 import static java.nio.charset.StandardCharsets.UTF_8;
 import static java.util.Objects.requireNonNull;
 import static java.util.concurrent.TimeUnit.SECONDS;
@@ -316,6 +317,36 @@ public class AccountIT extends AbstractDaemonTest {
         RefUpdateCounter.projectRef(allUsers, RefNames.REFS_SEQUENCES + Sequences.NAME_ACCOUNTS));
   }
 
+  @Test
+  public void createWithInvalidSshKey() throws Exception {
+    AccountInput input = new AccountInput();
+    input.username = name("test");
+    input.sshKey = "invalid key";
+
+    // Invalid key should cause the creation to fail
+    BadRequestException thrown =
+        assertThrows(BadRequestException.class, () -> gApi.accounts().create(input));
+    assertThat(thrown).hasMessageThat().isEqualTo("Invalid SSH Key");
+
+    // The account should not have been created
+    assertThrows(ResourceNotFoundException.class, () -> gApi.accounts().id(input.username).get());
+  }
+
+  @Test
+  public void createWithInvalidEmailAddress() throws Exception {
+    AccountInput input = new AccountInput();
+    input.username = name("test");
+    input.email = "invalid email address";
+
+    // Invalid email address should cause the creation to fail
+    BadRequestException thrown =
+        assertThrows(BadRequestException.class, () -> gApi.accounts().create(input));
+    assertThat(thrown).hasMessageThat().isEqualTo("invalid email address");
+
+    // The account should not have been created
+    assertThrows(ResourceNotFoundException.class, () -> gApi.accounts().id(input.username).get());
+  }
+
   private Account.Id createByAccountCreator(int expectedAccountReindexCalls) throws Exception {
     String name = "foo";
     TestAccount foo = accountCreator.create(name);

polygerrit-ui/app/elements/shared/gr-linked-text/gr-linked-text.html

@@ -16,8 +16,9 @@ limitations under the License.
 -->
 
 <link rel="import" href="../../../bower_components/polymer/polymer.html">
-<link rel="import" href="../../core/gr-navigation/gr-navigation.html">
+<link rel="import" href="../../../behaviors/base-url-behavior/base-url-behavior.html">
 <link rel="import" href="../../../styles/shared-styles.html">
+<link rel="import" href="../../core/gr-navigation/gr-navigation.html">
 
 <script src="../../../bower_components/ba-linkify/ba-linkify.js"></script>
 <script src="link-text-parser.js"></script>

polygerrit-ui/app/elements/shared/gr-linked-text/gr-linked-text_test.html

@@ -124,6 +124,24 @@ limitations under the License.
       assert.equal(linkEl.textContent, changeID);
     });
 
+    test('Change-Id pattern was parsed and linked with base url', () => {
+      window.CANONICAL_PATH = '/r';
+
+      // "Change-Id:" pattern.
+      const changeID = 'I11d6a37f5e9b5df0486f6c922d8836dfa780e03e';
+      const prefix = 'Change-Id: ';
+      element.content = prefix + changeID;
+
+      const textNode = element.$.output.childNodes[0];
+      const linkEl = element.$.output.childNodes[1];
+      assert.equal(textNode.textContent, prefix);
+      const url = '/r/q/' + changeID;
+      assert.equal(linkEl.target, '_blank');
+      // Since url is a path, the host is added automatically.
+      assert.isTrue(linkEl.href.endsWith(url));
+      assert.equal(linkEl.textContent, changeID);
+    });
+
     test('Multiple matches', () => {
       element.content = 'Issue 3650\nIssue 3450';
       const linkEl1 = element.$.output.childNodes[0];

polygerrit-ui/app/elements/shared/gr-linked-text/link-text-parser.js

@@ -172,6 +172,10 @@
   GrLinkTextParser.prototype.addLink =
       function(text, href, position, length, outputArray) {
         if (!text || this.hasOverlap(position, length, outputArray)) { return; }
+    const baseUrl = Gerrit.BaseUrlBehavior.getBaseUrl();
+    if (!!baseUrl && href.startsWith('/') && !href.startsWith(baseUrl)) {
+      href = baseUrl + href;
+    }
         this.addItem(text, href, null, position, length, outputArray);
       };