Merge "Configure editable account fields for OAuth realm"
This commit is contained in:
commit
e4ed9a282d
@ -2874,6 +2874,31 @@ Common examples:
|
|||||||
safe = true
|
safe = true
|
||||||
----
|
----
|
||||||
|
|
||||||
|
[[oauth]]
|
||||||
|
=== Section oauth
|
||||||
|
|
||||||
|
OAuth integration is only enabled if `auth.type` is set to `OAUTH`. See
|
||||||
|
link:#auth.type[above] for a detailed description of the `auth.type` settings
|
||||||
|
and their implications.
|
||||||
|
|
||||||
|
By default, contact information, like the full name and email address,
|
||||||
|
is retrieved from the selected OAuth provider when a user account is created,
|
||||||
|
or when a user requests to reload that information in the settings UI. If
|
||||||
|
that is not supported by the OAuth provider, users can be allowed to edit
|
||||||
|
their contact information manually.
|
||||||
|
|
||||||
|
[[oauth.allowEditFullName]]oauth.allowEditFullName::
|
||||||
|
+
|
||||||
|
If true, the full name can be edited in the contact information.
|
||||||
|
+
|
||||||
|
Default is false.
|
||||||
|
|
||||||
|
[[oauth.allowRegisterNewEmail]]oauth.allowRegisterNewEmail::
|
||||||
|
+
|
||||||
|
If true, additional email addresses can be registered in the contact
|
||||||
|
information.
|
||||||
|
+
|
||||||
|
Default is false.
|
||||||
|
|
||||||
[[pack]]
|
[[pack]]
|
||||||
=== Section pack
|
=== Section pack
|
||||||
|
@ -25,23 +25,37 @@ import com.google.gerrit.server.account.AbstractRealm;
|
|||||||
import com.google.gerrit.server.account.AccountException;
|
import com.google.gerrit.server.account.AccountException;
|
||||||
import com.google.gerrit.server.account.AccountManager;
|
import com.google.gerrit.server.account.AccountManager;
|
||||||
import com.google.gerrit.server.account.AuthRequest;
|
import com.google.gerrit.server.account.AuthRequest;
|
||||||
|
import com.google.gerrit.server.config.GerritServerConfig;
|
||||||
import com.google.inject.Inject;
|
import com.google.inject.Inject;
|
||||||
import com.google.inject.Singleton;
|
import com.google.inject.Singleton;
|
||||||
|
|
||||||
|
import org.eclipse.jgit.lib.Config;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.util.HashSet;
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
@Singleton
|
@Singleton
|
||||||
public class OAuthRealm extends AbstractRealm {
|
public class OAuthRealm extends AbstractRealm {
|
||||||
private final DynamicMap<OAuthLoginProvider> loginProviders;
|
private final DynamicMap<OAuthLoginProvider> loginProviders;
|
||||||
|
private final Set<FieldName> editableAccountFields;
|
||||||
|
|
||||||
@Inject
|
@Inject
|
||||||
OAuthRealm(DynamicMap<OAuthLoginProvider> loginProviders) {
|
OAuthRealm(DynamicMap<OAuthLoginProvider> loginProviders,
|
||||||
|
@GerritServerConfig Config config) {
|
||||||
this.loginProviders = loginProviders;
|
this.loginProviders = loginProviders;
|
||||||
|
this.editableAccountFields = new HashSet<>();
|
||||||
|
if (config.getBoolean("oauth", null, "allowEditFullName", false)) {
|
||||||
|
editableAccountFields.add(FieldName.FULL_NAME);
|
||||||
|
}
|
||||||
|
if (config.getBoolean("oauth", null, "allowRegisterNewEmail", false)) {
|
||||||
|
editableAccountFields.add(FieldName.REGISTER_NEW_EMAIL);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean allowsEdit(FieldName field) {
|
public boolean allowsEdit(FieldName field) {
|
||||||
return false;
|
return editableAccountFields.contains(field);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
Loading…
Reference in New Issue
Block a user