From d3a1bbbf383ce690197373cb58d08fe01cb48e0b Mon Sep 17 00:00:00 2001 From: "Shawn O. Pearce" Date: Tue, 17 Jan 2012 09:53:54 -0800 Subject: [PATCH] Allow Realm to participate when linking an account identity When linking a new user identity to an exisiting account, permit the Realm to observe the new incoming identity and the current account, and to alter the request. This enables a Realm to observe when a user verifies a new email address link. Change-Id: I152d3e4a6713a5d6c757839c857eaf2752b32675 --- .../com/google/gerrit/server/account/AccountManager.java | 4 +++- .../java/com/google/gerrit/server/account/DefaultRealm.java | 6 ++++++ .../main/java/com/google/gerrit/server/account/Realm.java | 4 ++++ .../java/com/google/gerrit/server/auth/ldap/LdapRealm.java | 5 +++++ 4 files changed, 18 insertions(+), 1 deletion(-) diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/AccountManager.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/AccountManager.java index 9af8171ecc..3f4d0d1549 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/AccountManager.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/AccountManager.java @@ -382,11 +382,13 @@ public class AccountManager { * @throws AccountException the identity belongs to a different account, or it * cannot be linked at this time. */ - public AuthResult link(final Account.Id to, final AuthRequest who) + public AuthResult link(final Account.Id to, AuthRequest who) throws AccountException { try { final ReviewDb db = schema.open(); try { + who = realm.link(db, to, who); + final AccountExternalId.Key key = id(who); AccountExternalId extId = db.accountExternalIds().get(key); if (extId != null) { diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/DefaultRealm.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/DefaultRealm.java index 2f270a9ecd..c03aee95c7 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/DefaultRealm.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/DefaultRealm.java @@ -16,6 +16,7 @@ package com.google.gerrit.server.account; import com.google.gerrit.reviewdb.Account; import com.google.gerrit.reviewdb.AccountGroup; +import com.google.gerrit.reviewdb.ReviewDb; import com.google.inject.Inject; import java.util.Collections; @@ -46,6 +47,11 @@ public class DefaultRealm implements Realm { return who; } + @Override + public AuthRequest link(ReviewDb db, Account.Id to, AuthRequest who) { + return who; + } + @Override public void onCreateAccount(final AuthRequest who, final Account account) { } diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/Realm.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/Realm.java index 072f7969ca..58527aca7d 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/Realm.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/Realm.java @@ -16,6 +16,7 @@ package com.google.gerrit.server.account; import com.google.gerrit.reviewdb.Account; import com.google.gerrit.reviewdb.AccountGroup; +import com.google.gerrit.reviewdb.ReviewDb; import java.util.Set; @@ -25,6 +26,9 @@ public interface Realm { public AuthRequest authenticate(AuthRequest who) throws AccountException; + public AuthRequest link(ReviewDb db, Account.Id to, AuthRequest who) + throws AccountException; + public void onCreateAccount(AuthRequest who, Account account); public Set groups(AccountState who); diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapRealm.java b/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapRealm.java index ac2bf01b89..5b19f81c51 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapRealm.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapRealm.java @@ -243,6 +243,11 @@ class LdapRealm implements Realm { } } + @Override + public AuthRequest link(ReviewDb db, Account.Id to, AuthRequest who) { + return who; + } + @Override public void onCreateAccount(final AuthRequest who, final Account account) { usernameCache.put(who.getLocalUser(), account.getId());