Modify account command: Add option to clear HTTP password

Change-Id: I00033fa5987bbf58d12e4d9b357367b5d2f28770
This commit is contained in:
David Ostrovsky 2014-07-23 02:38:32 +02:00 committed by David Pursehouse
parent aa49e277a3
commit db8dfae19b
2 changed files with 18 additions and 5 deletions

View File

@ -9,7 +9,8 @@ set-account [--full-name <FULLNAME>] [--active|--inactive] \
[--add-email <EMAIL>] [--delete-email <EMAIL> | ALL] \
[--add-ssh-key - | <KEY>] \
[--delete-ssh-key - | <KEY> | ALL] \
[--http-password <PASSWORD>] <USER>
[--http-password <PASSWORD>] \
[--clear-http-password] <USER>
--
== DESCRIPTION
@ -25,9 +26,9 @@ Caller must be a member of the privileged 'Administrators' group,
or have been granted
link:access-control.html#capability_modifyAccount[the 'Modify Account' global capability].
To set the HTTP password for the user account (option --http-password) the
caller must be a member of the privileged 'Administrators' group,
or have been granted
To set the HTTP password for the user account (option --http-password) or
to clear the HTTP password (option --clear-http-password) caller must be
a member of the privileged 'Administrators' group, or have been granted
link:access-control.html#capability_generateHttpPassword[the 'Generate HTTP Password' global capability]
in addition to 'Modify Account' global capability.
@ -85,6 +86,9 @@ This most likely requires double quoting the value, for example
--http-password::
Set the HTTP password for the user account.
--clear-http-password::
Clear the HTTP password for the user account.
== EXAMPLES
Add an email and SSH key to `watcher`'s account:

View File

@ -14,6 +14,7 @@
package com.google.gerrit.sshd.commands;
import com.google.common.base.Strings;
import com.google.gerrit.common.data.GlobalCapability;
import com.google.gerrit.common.errors.EmailException;
import com.google.gerrit.extensions.annotations.RequiresCapability;
@ -87,6 +88,9 @@ final class SetAccountCommand extends BaseCommand {
@Option(name = "--http-password", metaVar = "PASSWORD", usage = "password for HTTP authentication for the account")
private String httpPassword;
@Option(name = "--clear-http-password", usage = "clear HTTP password for the account")
private boolean clearHttpPassword;
@Inject
private IdentifiedUser.GenericFactory genericUserFactory;
@ -140,6 +144,11 @@ final class SetAccountCommand extends BaseCommand {
throw new UnloggedFailure(1,
"--active and --inactive options are mutually exclusive.");
}
if (clearHttpPassword && !Strings.isNullOrEmpty(httpPassword)) {
throw new UnloggedFailure(1,
"--http-password and --clear-http-password options are mutually " +
"exclusive.");
}
if (addSshKeys.contains("-") && deleteSshKeys.contains("-")) {
throw new UnloggedFailure(1, "Only one option may use the stdin");
}
@ -169,7 +178,7 @@ final class SetAccountCommand extends BaseCommand {
putName.apply(rsrc, in);
}
if (httpPassword != null) {
if (httpPassword != null || clearHttpPassword) {
PutHttpPassword.Input in = new PutHttpPassword.Input();
in.httpPassword = httpPassword;
putHttpPassword.apply(rsrc, in);