Allow Gerrit admins to add email addresses without confirmation
Change-Id: I386979ef6d8f693e3e4de3f60cd52828b690b4a3 Signed-off-by: Edwin Kempin <edwin.kempin@sap.com>
This commit is contained in:
Edwin Kempin
@@ -234,7 +234,9 @@ Registers a new email address for the user. A verification email is
|
||||
sent with a link that needs to be visited to confirm the email address,
|
||||
unless `DEVELOPMENT_BECOME_ANY_ACCOUNT` is used as authentication type.
|
||||
For the development mode email addresses are directly added without
|
||||
confirmation.
|
||||
confirmation. A Gerrit administrator may add an email address without
|
||||
confirmation by setting `no_confirmation` in the
|
||||
link:#email-input[EmailInput].
|
||||
|
||||
In the request body additional data for the email address can be
|
||||
provided as link:#email-input[EmailInput].
|
||||
@@ -869,15 +871,20 @@ The `EmailInput` entity contains information for registering a new
|
||||
email address.
|
||||
|
||||
[options="header",width="50%",cols="1,^1,5"]
|
||||
|========================
|
||||
|Field Name ||Description
|
||||
|`email` ||
|
||||
|==============================
|
||||
|Field Name ||Description
|
||||
|`email` ||
|
||||
The email address. If provided, must match the email address from the
|
||||
URL.
|
||||
|`preferred`|`false` if not set|
|
||||
|`preferred` |`false` if not set|
|
||||
Whether the new email address should become the preferred email address
|
||||
of the user.
|
||||
|========================
|
||||
|`no_confirmation`|`false` if not set|
|
||||
Whether the email address should be added without confirmation. In this
|
||||
case no verification email is sent to the user. +
|
||||
Only Gerrit administrators are allowed to add email addresses without
|
||||
confirmation.
|
||||
|==============================
|
||||
|
||||
[[query-limit-info]]
|
||||
QueryLimitInfo
|
||||
|
||||
@@ -44,6 +44,7 @@ public class CreateEmail implements RestModifyView<AccountResource, Input> {
|
||||
@DefaultInput
|
||||
String email;
|
||||
boolean preferred;
|
||||
boolean noConfirmation;
|
||||
}
|
||||
|
||||
static interface Factory {
|
||||
@@ -85,8 +86,13 @@ public class CreateEmail implements RestModifyView<AccountResource, Input> {
|
||||
if (input.email != null && !email.equals(input.email)) {
|
||||
throw new BadRequestException("email address must match URL");
|
||||
}
|
||||
if (input.noConfirmation && !self.get().getCapabilities().canAdministrateServer()) {
|
||||
throw new AuthException("not allowed to add email address without confirmation, "
|
||||
+ "need to be Gerrit administrator");
|
||||
}
|
||||
|
||||
if (authConfig.getAuthType() == AuthType.DEVELOPMENT_BECOME_ANY_ACCOUNT) {
|
||||
if (input.noConfirmation
|
||||
|| authConfig.getAuthType() == AuthType.DEVELOPMENT_BECOME_ANY_ACCOUNT) {
|
||||
try {
|
||||
accountManager.link(rsrc.getUser().getAccountId(),
|
||||
AuthRequest.forEmail(email));
|
||||
|
||||
Reference in New Issue
Block a user