opendev/gerrit
Code Issues Proposed changes

Allow Realm to participate when linking an account identity

Browse Source 
When linking a new user identity to an exisiting account, permit the
Realm to observe the new incoming identity and the current account,
and to alter the request. This enables a Realm to observe when a
user verifies a new email address link.

Change-Id: I152d3e4a6713a5d6c757839c857eaf2752b32675
This commit is contained in:
Shawn O. Pearce
2012-01-17 09:53:54 -08:00
parent 30e74bbc8d
commit d3a1bbbf38
4 changed files with 18 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
gerrit-server/src/main/java/com/google/gerrit/server/account/AccountManager.java
View File

@@ -382,11 +382,13 @@ public class AccountManager {
* @throws AccountException the identity belongs to a different account, or it
* cannot be linked at this time.
*/
public AuthResult link(final Account.Id to, final AuthRequest who)
public AuthResult link(final Account.Id to, AuthRequest who)
throws AccountException {
try {
final ReviewDb db = schema.open();
try {
who = realm.link(db, to, who);
final AccountExternalId.Key key = id(who);
AccountExternalId extId = db.accountExternalIds().get(key);
if (extId != null) {

6
gerrit-server/src/main/java/com/google/gerrit/server/account/DefaultRealm.java
View File

@@ -16,6 +16,7 @@ package com.google.gerrit.server.account;
import com.google.gerrit.reviewdb.Account;
import com.google.gerrit.reviewdb.AccountGroup;
import com.google.gerrit.reviewdb.ReviewDb;
import com.google.inject.Inject;
import java.util.Collections;
@@ -46,6 +47,11 @@ public class DefaultRealm implements Realm {
return who;
}
@Override
public AuthRequest link(ReviewDb db, Account.Id to, AuthRequest who) {
return who;
}
@Override
public void onCreateAccount(final AuthRequest who, final Account account) {
}

4
gerrit-server/src/main/java/com/google/gerrit/server/account/Realm.java
View File

@@ -16,6 +16,7 @@ package com.google.gerrit.server.account;
import com.google.gerrit.reviewdb.Account;
import com.google.gerrit.reviewdb.AccountGroup;
import com.google.gerrit.reviewdb.ReviewDb;
import java.util.Set;
@@ -25,6 +26,9 @@ public interface Realm {
public AuthRequest authenticate(AuthRequest who) throws AccountException;
public AuthRequest link(ReviewDb db, Account.Id to, AuthRequest who)
throws AccountException;
public void onCreateAccount(AuthRequest who, Account account);
public Set<AccountGroup.UUID> groups(AccountState who);

5
gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapRealm.java
View File

@@ -243,6 +243,11 @@ class LdapRealm implements Realm {
}
}
@Override
public AuthRequest link(ReviewDb db, Account.Id to, AuthRequest who) {
return who;
}
@Override
public void onCreateAccount(final AuthRequest who, final Account account) {
usernameCache.put(who.getLocalUser(), account.getId());