All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.google.gerrit.server.account.externalids.ExternalIdsConsistencyChecker Maven / Gradle / Ivy

There is a newer version: 3.11.0-rc3
Show newest version
// Copyright (C) 2017 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package com.google.gerrit.server.account.externalids;

import static com.google.gerrit.server.account.externalids.ExternalId.SCHEME_USERNAME;
import static java.util.stream.Collectors.joining;

import com.google.common.collect.ListMultimap;
import com.google.common.collect.MultimapBuilder;
import com.google.gerrit.extensions.api.config.ConsistencyCheckInfo.ConsistencyProblemInfo;
import com.google.gerrit.server.account.AccountCache;
import com.google.gerrit.server.account.HashedPassword;
import com.google.gerrit.server.config.AllUsersName;
import com.google.gerrit.server.git.GitRepositoryManager;
import com.google.gerrit.server.mail.send.OutgoingEmailValidator;
import com.google.inject.Inject;
import com.google.inject.Singleton;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import org.eclipse.jgit.errors.ConfigInvalidException;
import org.eclipse.jgit.lib.ObjectId;
import org.eclipse.jgit.lib.Repository;
import org.eclipse.jgit.notes.Note;
import org.eclipse.jgit.notes.NoteMap;
import org.eclipse.jgit.revwalk.RevWalk;

@Singleton
public class ExternalIdsConsistencyChecker {
  private final GitRepositoryManager repoManager;
  private final AllUsersName allUsers;
  private final AccountCache accountCache;
  private final OutgoingEmailValidator validator;
  private final ExternalIdFactory externalIdFactory;

  @Inject
  ExternalIdsConsistencyChecker(
      GitRepositoryManager repoManager,
      AllUsersName allUsers,
      AccountCache accountCache,
      OutgoingEmailValidator validator,
      ExternalIdFactory externalIdFactory) {
    this.repoManager = repoManager;
    this.allUsers = allUsers;
    this.accountCache = accountCache;
    this.validator = validator;
    this.externalIdFactory = externalIdFactory;
  }

  public List check() throws IOException, ConfigInvalidException {
    try (Repository repo = repoManager.openRepository(allUsers)) {
      return check(ExternalIdNotes.loadReadOnly(allUsers, repo, null, externalIdFactory, false));
    }
  }

  public List check(ObjectId rev)
      throws IOException, ConfigInvalidException {
    try (Repository repo = repoManager.openRepository(allUsers)) {
      return check(ExternalIdNotes.loadReadOnly(allUsers, repo, rev, externalIdFactory, false));
    }
  }

  private List check(ExternalIdNotes extIdNotes) throws IOException {
    List problems = new ArrayList<>();

    ListMultimap emails = MultimapBuilder.hashKeys().arrayListValues().build();

    try (RevWalk rw = new RevWalk(extIdNotes.getRepository())) {
      NoteMap noteMap = extIdNotes.getNoteMap();
      for (Note note : noteMap) {
        byte[] raw = ExternalIdNotes.readNoteData(rw, note.getData());
        try {
          ExternalId extId = externalIdFactory.parse(note.getName(), raw, note.getData());
          problems.addAll(validateExternalId(extId));

          if (extId.email() != null) {
            String email = extId.email();
            if (emails.get(email).stream()
                .noneMatch(e -> e.accountId().get() == extId.accountId().get())) {
              emails.put(email, extId);
            }
          }
        } catch (ConfigInvalidException e) {
          addError(String.format(e.getMessage()), problems);
        }
      }
    }

    emails.asMap().entrySet().stream()
        .filter(e -> e.getValue().size() > 1)
        .forEach(
            e ->
                addError(
                    String.format(
                        "Email '%s' is not unique, it's used by the following external IDs: %s",
                        e.getKey(),
                        e.getValue().stream()
                            .map(k -> "'" + k.key().get() + "'")
                            .sorted()
                            .collect(joining(", "))),
                    problems));

    return problems;
  }

  private List validateExternalId(ExternalId extId) {
    List problems = new ArrayList<>();

    if (!accountCache.get(extId.accountId()).isPresent()) {
      addError(
          String.format(
              "External ID '%s' belongs to account that doesn't exist: %s",
              extId.key().get(), extId.accountId().get()),
          problems);
    }

    if (extId.email() != null && !validator.isValid(extId.email())) {
      addError(
          String.format(
              "External ID '%s' has an invalid email: %s", extId.key().get(), extId.email()),
          problems);
    }

    if (extId.password() != null && extId.isScheme(SCHEME_USERNAME)) {
      try {
        HashedPassword.decode(extId.password());
      } catch (HashedPassword.DecoderException e) {
        addError(
            String.format(
                "External ID '%s' has an invalid password: %s", extId.key().get(), e.getMessage()),
            problems);
      }
    }

    return problems;
  }

  private static void addError(String error, List problems) {
    problems.add(new ConsistencyProblemInfo(ConsistencyProblemInfo.Status.ERROR, error));
  }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy