All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.google.gerrit.server.CurrentUser Maven / Gradle / Ivy

The newest version!
// Copyright (C) 2009 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package com.google.gerrit.server;

import com.google.common.collect.ImmutableSet;
import com.google.gerrit.entities.Account;
import com.google.gerrit.server.account.GroupMembership;
import com.google.gerrit.server.account.externalids.ExternalId;
import com.google.inject.servlet.RequestScoped;
import java.util.Optional;
import java.util.function.Consumer;

/**
 * Information about the currently logged in user.
 *
 * 

This is a {@link RequestScoped} property managed by Guice. * * @see AnonymousUser * @see IdentifiedUser */ public abstract class CurrentUser { public static final PropertyMap.Key LAST_LOGIN_EXTERNAL_ID_PROPERTY_KEY = PropertyMap.key(); private final PropertyMap properties; private AccessPath accessPath = AccessPath.UNKNOWN; protected CurrentUser() { this.properties = PropertyMap.EMPTY; } protected CurrentUser(PropertyMap properties) { this.properties = properties; } /** How this user is accessing the Gerrit Code Review application. */ public final AccessPath getAccessPath() { return accessPath; } public void setAccessPath(AccessPath path) { accessPath = path; } /** * Identity of the authenticated user. * *

In the normal case where a user authenticates as themselves {@code getRealUser() == this}. * *

If {@code X-Gerrit-RunAs} or {@code suexec} was used this method returns the identity of the * account that has permission to act on behalf of this user. */ public CurrentUser getRealUser() { return this; } public boolean isImpersonating() { return false; } /** * If the {@link #getRealUser()} has an account ID associated with it, call the given setter with * that ID. */ public void updateRealAccountId(Consumer setter) { if (getRealUser().isIdentifiedUser()) { setter.accept(getRealUser().getAccountId()); } } /** * Get the set of groups the user is currently a member of. * *

The returned set may be a subset of the user's actual groups; if the user's account is * currently deemed to be untrusted then the effective group set is only the anonymous and * registered user groups. To enable additional groups (and gain their granted permissions) the * user must update their account to use only trusted authentication providers. * * @return active groups for this user. */ public abstract GroupMembership getEffectiveGroups(); /** * Returns a unique identifier for this user that is intended to be used as a cache key. Returned * object should to implement {@code equals()} and {@code hashCode()} for effective caching. */ public abstract Object getCacheKey(); /** Unique name of the user on this server, if one has been assigned. */ public Optional getUserName() { return Optional.empty(); } /** Returns unique name of the user for logging, never {@code null} */ public String getLoggableName() { return getUserName().orElseGet(() -> getClass().getSimpleName()); } /** Check if user is the IdentifiedUser */ public boolean isIdentifiedUser() { return false; } /** Cast to IdentifiedUser if possible. */ public IdentifiedUser asIdentifiedUser() { throw new UnsupportedOperationException( getClass().getSimpleName() + " is not an IdentifiedUser"); } /** * Return account ID if {@link #isIdentifiedUser} is true. * * @throws UnsupportedOperationException if the user is not logged in. */ public Account.Id getAccountId() { throw new UnsupportedOperationException( getClass().getSimpleName() + " is not an IdentifiedUser"); } /** * Returns all email addresses associated with this user. For {@link AnonymousUser} and other * users that don't represent a person user or service account, this set will be empty. */ public ImmutableSet getEmailAddresses() { return ImmutableSet.of(); } /** * Returns all {@link com.google.gerrit.server.account.externalids.ExternalId.Key}s associated * with this user. For {@link AnonymousUser} and other users that don't represent a person user or * service account, this set will be empty. */ public ImmutableSet getExternalIdKeys() { return ImmutableSet.of(); } /** Check if the CurrentUser is an InternalUser. */ public boolean isInternalUser() { return false; } /** * Lookup a stored property. * * @param key unique property key. This key has to be the same instance that was used to store the * value when constructing the {@link PropertyMap} * @return stored value, or {@code Optional#empty()}. */ public Optional get(PropertyMap.Key key) { return properties.get(key); } public Optional getLastLoginExternalIdKey() { return get(LAST_LOGIN_EXTERNAL_ID_PROPERTY_KEY); } /** * Checks if the current user has the same account id of another. * *

Provide a generic interface for allowing subclasses to define whether two accounts represent * the same account id. * * @param other user to compare * @return true if the two users have the same account id */ public boolean hasSameAccountId(CurrentUser other) { return false; } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy