All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.google.gerrit.server.IdentifiedUser Maven / Gradle / Ivy

There is a newer version: 3.11.0-rc3
Show newest version
// Copyright (C) 2009 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package com.google.gerrit.server;

import static com.google.common.base.MoreObjects.firstNonNull;
import static com.google.common.collect.ImmutableSet.toImmutableSet;
import static com.google.common.flogger.LazyArgs.lazy;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Sets;
import com.google.common.flogger.FluentLogger;
import com.google.gerrit.common.Nullable;
import com.google.gerrit.common.UsedAt;
import com.google.gerrit.entities.Account;
import com.google.gerrit.server.account.AccountCache;
import com.google.gerrit.server.account.AccountState;
import com.google.gerrit.server.account.GroupBackend;
import com.google.gerrit.server.account.GroupMembership;
import com.google.gerrit.server.account.ListGroupMembership;
import com.google.gerrit.server.account.Realm;
import com.google.gerrit.server.account.externalids.ExternalId;
import com.google.gerrit.server.config.AnonymousCowardName;
import com.google.gerrit.server.config.AuthConfig;
import com.google.gerrit.server.config.CanonicalWebUrl;
import com.google.gerrit.server.config.EnablePeerIPInReflogRecord;
import com.google.gerrit.server.group.SystemGroupBackend;
import com.google.inject.Inject;
import com.google.inject.OutOfScopeException;
import com.google.inject.Provider;
import com.google.inject.ProvisionException;
import com.google.inject.Singleton;
import com.google.inject.util.Providers;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.MalformedURLException;
import java.net.SocketAddress;
import java.net.URL;
import java.time.Instant;
import java.util.Optional;
import java.util.Set;
import java.util.TimeZone;
import org.eclipse.jgit.lib.PersonIdent;
import org.eclipse.jgit.util.SystemReader;

/** An authenticated user. */
public class IdentifiedUser extends CurrentUser {
  private static final FluentLogger logger = FluentLogger.forEnclosingClass();

  /** Create an IdentifiedUser, ignoring any per-request state. */
  @Singleton
  public static class GenericFactory {
    private final AuthConfig authConfig;
    private final Realm realm;
    private final String anonymousCowardName;
    private final Provider canonicalUrl;
    private final AccountCache accountCache;
    private final GroupBackend groupBackend;
    private final Boolean enablePeerIPInReflogRecord;

    @Inject
    public GenericFactory(
        AuthConfig authConfig,
        Realm realm,
        @AnonymousCowardName String anonymousCowardName,
        @CanonicalWebUrl Provider canonicalUrl,
        @EnablePeerIPInReflogRecord Boolean enablePeerIPInReflogRecord,
        AccountCache accountCache,
        GroupBackend groupBackend) {
      this.authConfig = authConfig;
      this.realm = realm;
      this.anonymousCowardName = anonymousCowardName;
      this.canonicalUrl = canonicalUrl;
      this.accountCache = accountCache;
      this.groupBackend = groupBackend;
      this.enablePeerIPInReflogRecord = enablePeerIPInReflogRecord;
    }

    public IdentifiedUser create(AccountState state) {
      return new IdentifiedUser(
          authConfig,
          realm,
          anonymousCowardName,
          canonicalUrl,
          accountCache,
          groupBackend,
          enablePeerIPInReflogRecord,
          Providers.of(null),
          state,
          null);
    }

    public IdentifiedUser create(Account.Id id) {
      return create(null, id);
    }

    @VisibleForTesting
    @UsedAt(UsedAt.Project.GOOGLE)
    public IdentifiedUser forTest(Account.Id id, PropertyMap properties) {
      return runAs(null, id, null, properties);
    }

    public IdentifiedUser create(SocketAddress remotePeer, Account.Id id) {
      return runAs(remotePeer, id, null);
    }

    public IdentifiedUser runAs(
        SocketAddress remotePeer, Account.Id id, @Nullable CurrentUser caller) {
      return runAs(remotePeer, id, caller, PropertyMap.EMPTY);
    }

    private IdentifiedUser runAs(
        SocketAddress remotePeer,
        Account.Id id,
        @Nullable CurrentUser caller,
        PropertyMap properties) {
      return new IdentifiedUser(
          authConfig,
          realm,
          anonymousCowardName,
          canonicalUrl,
          accountCache,
          groupBackend,
          enablePeerIPInReflogRecord,
          Providers.of(remotePeer),
          id,
          caller,
          properties);
    }
  }

  /**
   * Create an IdentifiedUser, relying on current request state.
   *
   * 

Can only be used from within a module that has defined a request scoped {@code @RemotePeer * SocketAddress} provider. */ @Singleton public static class RequestFactory { private final AuthConfig authConfig; private final Realm realm; private final String anonymousCowardName; private final Provider canonicalUrl; private final AccountCache accountCache; private final GroupBackend groupBackend; private final Boolean enablePeerIPInReflogRecord; private final Provider remotePeerProvider; @Inject RequestFactory( AuthConfig authConfig, Realm realm, @AnonymousCowardName String anonymousCowardName, @CanonicalWebUrl Provider canonicalUrl, AccountCache accountCache, GroupBackend groupBackend, @EnablePeerIPInReflogRecord Boolean enablePeerIPInReflogRecord, @RemotePeer Provider remotePeerProvider) { this.authConfig = authConfig; this.realm = realm; this.anonymousCowardName = anonymousCowardName; this.canonicalUrl = canonicalUrl; this.accountCache = accountCache; this.groupBackend = groupBackend; this.enablePeerIPInReflogRecord = enablePeerIPInReflogRecord; this.remotePeerProvider = remotePeerProvider; } public IdentifiedUser create(Account.Id id) { return create(id, PropertyMap.EMPTY); } public IdentifiedUser create(Account.Id id, PropertyMap properties) { return new IdentifiedUser( authConfig, realm, anonymousCowardName, canonicalUrl, accountCache, groupBackend, enablePeerIPInReflogRecord, remotePeerProvider, id, null, properties); } public IdentifiedUser runAs(Account.Id id, CurrentUser caller, PropertyMap properties) { return new IdentifiedUser( authConfig, realm, anonymousCowardName, canonicalUrl, accountCache, groupBackend, enablePeerIPInReflogRecord, remotePeerProvider, id, caller, properties); } } private static final GroupMembership registeredGroups = new ListGroupMembership( ImmutableSet.of(SystemGroupBackend.ANONYMOUS_USERS, SystemGroupBackend.REGISTERED_USERS)); private final Provider canonicalUrl; private final AccountCache accountCache; private final AuthConfig authConfig; private final Realm realm; private final GroupBackend groupBackend; private final String anonymousCowardName; private final Boolean enablePeerIPInReflogRecord; private final Set validEmails = Sets.newTreeSet(String.CASE_INSENSITIVE_ORDER); private final CurrentUser realUser; // Must be final since cached properties depend on it. private final Provider remotePeerProvider; private final Account.Id accountId; private AccountState state; private boolean loadedAllEmails; private Set invalidEmails; private GroupMembership effectiveGroups; private IdentifiedUser( AuthConfig authConfig, Realm realm, String anonymousCowardName, Provider canonicalUrl, AccountCache accountCache, GroupBackend groupBackend, Boolean enablePeerIPInReflogRecord, @Nullable Provider remotePeerProvider, AccountState state, @Nullable CurrentUser realUser) { this( authConfig, realm, anonymousCowardName, canonicalUrl, accountCache, groupBackend, enablePeerIPInReflogRecord, remotePeerProvider, state.account().id(), realUser, PropertyMap.EMPTY); this.state = state; } private IdentifiedUser( AuthConfig authConfig, Realm realm, String anonymousCowardName, Provider canonicalUrl, AccountCache accountCache, GroupBackend groupBackend, Boolean enablePeerIPInReflogRecord, @Nullable Provider remotePeerProvider, Account.Id id, @Nullable CurrentUser realUser, PropertyMap properties) { super(properties); this.canonicalUrl = canonicalUrl; this.accountCache = accountCache; this.groupBackend = groupBackend; this.authConfig = authConfig; this.realm = realm; this.anonymousCowardName = anonymousCowardName; this.enablePeerIPInReflogRecord = enablePeerIPInReflogRecord; this.remotePeerProvider = remotePeerProvider; this.accountId = id; this.realUser = realUser != null ? realUser : this; } @Override public CurrentUser getRealUser() { return realUser; } @Override public boolean isImpersonating() { if (realUser == this) { return false; } if (realUser.isIdentifiedUser()) { if (realUser.getAccountId().equals(getAccountId())) { // Impersonating another copy of this user is allowed. return false; } } return true; } /** * Returns the account state of the identified user. * * @return the account state of the identified user, an empty account state if the account is * missing */ public AccountState state() { if (state == null) { // TODO(ekempin): // Ideally we would only create IdentifiedUser instances for existing accounts. To ensure // this we could load the account state eagerly on the creation of IdentifiedUser and fail is // the account is missing. In most cases, e.g. when creating an IdentifiedUser for a request // context, we really want to fail early if the account is missing. However there are some // usages where an IdentifiedUser may be instantiated for a missing account. We may go // through all of them and ensure that they never try to create an IdentifiedUser for a // missing account or make this explicit by adding a createEvenIfMissing method to // IdentifiedUser.GenericFactory. However since this is a lot of effort we stick with calling // AccountCache#getEvenIfMissing(Account.Id) for now. // Alternatively we could be could also return an Optional from the state() // method and let callers handle the missing account case explicitly. But this would be a lot // of work too. state = accountCache.getEvenIfMissing(getAccountId()); } return state; } @Override public IdentifiedUser asIdentifiedUser() { return this; } @Override public Account.Id getAccountId() { return accountId; } /** * Returns the user's user name; null if one has not been selected/assigned or if the user name is * empty. */ @Override public Optional getUserName() { return state().userName(); } /** Returns unique name of the user for logging, never {@code null} */ @Override public String getLoggableName() { return getUserName() .orElseGet(() -> firstNonNull(getAccount().preferredEmail(), "a/" + getAccountId().get())); } /** * Returns the account of the identified user. * * @return the account of the identified user, an empty account if the account is missing */ public Account getAccount() { return state().account(); } public boolean hasEmailAddress(String email) { if (validEmails.contains(email)) { return true; } else if (invalidEmails != null && invalidEmails.contains(email)) { return false; } else if (realm.hasEmailAddress(this, email)) { validEmails.add(email); return true; } else if (invalidEmails == null) { invalidEmails = Sets.newTreeSet(String.CASE_INSENSITIVE_ORDER); } invalidEmails.add(email); return false; } @Override public ImmutableSet getEmailAddresses() { if (!loadedAllEmails) { validEmails.addAll(realm.getEmailAddresses(this)); loadedAllEmails = true; } return ImmutableSet.copyOf(validEmails); } @Override public ImmutableSet getExternalIdKeys() { return state().externalIds().stream().map(ExternalId::key).collect(toImmutableSet()); } public String getName() { return getAccount().getName(); } public String getNameEmail() { return getAccount().getNameEmail(anonymousCowardName); } @Override public GroupMembership getEffectiveGroups() { if (effectiveGroups == null) { if (authConfig.isIdentityTrustable(state().externalIds())) { effectiveGroups = groupBackend.membershipsOf(this); logger.atFinest().log( "Known groups of %s: %s", getLoggableName(), lazy(effectiveGroups::getKnownGroups)); } else { effectiveGroups = registeredGroups; logger.atFinest().log( "%s has a non-trusted identity, falling back to %s as known groups", getLoggableName(), lazy(registeredGroups::getKnownGroups)); } } return effectiveGroups; } @Override public Object getCacheKey() { return getAccountId(); } public PersonIdent newRefLogIdent() { return newRefLogIdent(Instant.now(), TimeZone.getDefault()); } public PersonIdent newRefLogIdent(Instant when, TimeZone tz) { final Account ua = getAccount(); String name = ua.fullName(); if (name == null || name.isEmpty()) { name = ua.preferredEmail(); } if (name == null || name.isEmpty()) { name = anonymousCowardName; } String user; if (enablePeerIPInReflogRecord) { user = constructMailAddress(ua, guessHost()); } else { user = Strings.isNullOrEmpty(ua.preferredEmail()) ? constructMailAddress(ua, "unknown") : ua.preferredEmail(); } return newPersonIdent(name, user, when, tz); } private String constructMailAddress(Account ua, String host) { return getUserName().orElse("") + "|account-" + ua.id().toString() + "@" + host; } // TODO(issue-15517): Fix the JdkObsolete issue with Date once JGit's PersonIdent class supports // Instants @SuppressWarnings("JdkObsolete") public PersonIdent newCommitterIdent(PersonIdent ident) { return newCommitterIdent(ident.getWhen().toInstant(), ident.getTimeZone()); } public PersonIdent newCommitterIdent(Instant when, TimeZone tz) { final Account ua = getAccount(); String name = ua.fullName(); String email = ua.preferredEmail(); if (email == null || email.isEmpty()) { // No preferred email is configured. Use a generic identity so we // don't leak an address the user may have given us, but doesn't // necessarily want to publish through Git records. // String user = getUserName().orElseGet(() -> "account-" + ua.id().toString()); String host; if (canonicalUrl.get() != null) { try { host = new URL(canonicalUrl.get()).getHost(); } catch (MalformedURLException e) { host = SystemReader.getInstance().getHostname(); } } else { host = SystemReader.getInstance().getHostname(); } email = user + "@" + host; } if (name == null || name.isEmpty()) { final int at = email.indexOf('@'); if (0 < at) { name = email.substring(0, at); } else { name = anonymousCowardName; } } return newPersonIdent(name, email, when, tz); } @Override public String toString() { return "IdentifiedUser[account " + getAccountId() + "]"; } /** Check if user is the IdentifiedUser */ @Override public boolean isIdentifiedUser() { return true; } /** * Returns a materialized copy of the user with all dependencies. * *

Invoke all providers and factories of dependent objects and store the references to a copy * of the current identified user. * * @return copy of the identified user */ public IdentifiedUser materializedCopy() { Provider remotePeer; try { remotePeer = Providers.of(remotePeerProvider.get()); } catch (OutOfScopeException | ProvisionException e) { remotePeer = () -> { throw e; }; } return new IdentifiedUser( authConfig, realm, anonymousCowardName, Providers.of(canonicalUrl.get()), accountCache, groupBackend, enablePeerIPInReflogRecord, remotePeer, state, realUser); } @Override public boolean hasSameAccountId(CurrentUser other) { return getAccountId().get() == other.getAccountId().get(); } private String guessHost() { String host = null; SocketAddress remotePeer = null; try { remotePeer = remotePeerProvider.get(); } catch (OutOfScopeException | ProvisionException e) { // Leave null. } if (remotePeer instanceof InetSocketAddress) { InetSocketAddress sa = (InetSocketAddress) remotePeer; InetAddress in = sa.getAddress(); host = in != null ? in.getHostAddress() : sa.getHostName(); } if (Strings.isNullOrEmpty(host)) { return "unknown"; } return host; } /** * Create a {@link PersonIdent} from an {@code Instant} and a {@link TimeZone}. * *

We use the {@link PersonIdent#PersonIdent(String, String, long, int)} constructor to avoid * doing a conversion to {@code java.util.Date} here. For the {@code int aTZ} argument, which is * the time zone, we do the same computation as in {@link PersonIdent#PersonIdent(String, String, * java.util.Date, TimeZone)} (just instead of getting the epoch millis from {@code * java.util.Date} we get them from {@link Instant}). */ // TODO(issue-15517): Drop this method once JGit's PersonIdent class supports Instants private static PersonIdent newPersonIdent(String name, String email, Instant when, TimeZone tz) { return new PersonIdent( name, email, when.toEpochMilli(), tz.getOffset(when.toEpochMilli()) / (60 * 1000)); } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy