Clarify that account must have a username to be able to set HTTP password

Update the REST API documentation to clarify that an account must have
its username set to be able to set the HTTP password.

Also add a test for this scenario.

Change-Id: Id46cd8abcdea12f002c5aa1ff18ce323e7338fb3

Documentation/rest-api-accounts.txt

@@ -473,6 +473,8 @@ The options for setting/generating the HTTP password must be provided
 in the request body inside a link:#http-password-input[
 HttpPasswordInput] entity.
 
+The account must have a username.
+
 .Request
 ----
   PUT /accounts/self/password.http HTTP/1.0

gerrit-acceptance-tests/src/test/java/com/google/gerrit/acceptance/api/accounts/AccountIT.java

@@ -1957,6 +1957,16 @@ public class AccountIT extends AbstractDaemonTest {
     assertThat(gApi.accounts().id(user.username).setHttpPassword(null)).isNull();
   }
 
+  @Test
+  public void cannotGenerateHttpPasswordWhenUsernameIsNotSet() throws Exception {
+    setApiUser(admin);
+    int userId = accountCreator.create().id.get();
+    assertThat(gApi.accounts().id(userId).get().username).isNull();
+    exception.expect(ResourceConflictException.class);
+    exception.expectMessage("username");
+    gApi.accounts().id(userId).generateHttpPassword();
+  }
+
   private void assertGroups(String user, List<String> expected) throws Exception {
     List<String> actual =
         gApi.accounts().id(user).getGroups().stream().map(g -> g.name).collect(toList());