gerrit-server/src/main/java/com/google/gerrit/server/IdentifiedUser.java - gerrit-attic - Git at Google

 // Copyright (C) 2009 The Android Open Source Project
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 // http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 package com.google.gerrit.server;

 import com.google.gerrit.reviewdb.Account;
 import com.google.gerrit.reviewdb.AccountGroup;
 import com.google.gerrit.reviewdb.Change;
 import com.google.gerrit.reviewdb.ReviewDb;
 import com.google.gerrit.reviewdb.StarredChange;
 import com.google.gerrit.server.account.AccountCache;
 import com.google.gerrit.server.account.AccountState;
 import com.google.gerrit.server.account.Realm;
 import com.google.gerrit.server.config.AuthConfig;
 import com.google.gerrit.server.config.CanonicalWebUrl;
 import com.google.gwtorm.client.OrmException;
 import com.google.inject.Inject;
 import com.google.inject.OutOfScopeException;
 import com.google.inject.Provider;
 import com.google.inject.ProvisionException;
 import com.google.inject.Singleton;

 import org.eclipse.jgit.lib.PersonIdent;
 import org.eclipse.jgit.util.SystemReader;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.net.MalformedURLException;
 import java.net.SocketAddress;
 import java.net.URL;
 import java.util.Collections;
 import java.util.Date;
 import java.util.HashSet;
 import java.util.Set;
 import java.util.TimeZone;

 import javax.annotation.Nullable;

 /** An authenticated user. */
 public class IdentifiedUser extends CurrentUser {
   /** Create an IdentifiedUser, ignoring any per-request state. */
   @Singleton
   public static class GenericFactory {
     private final AuthConfig authConfig;
     private final Provider<String> canonicalUrl;
     private final Realm realm;
     private final AccountCache accountCache;

     @Inject
     GenericFactory(final AuthConfig authConfig,
         final @CanonicalWebUrl Provider<String> canonicalUrl,
         final Realm realm, final AccountCache accountCache) {
       this.authConfig = authConfig;
       this.canonicalUrl = canonicalUrl;
       this.realm = realm;
       this.accountCache = accountCache;
     }

     public IdentifiedUser create(final Account.Id id) {
       return create(AccessPath.UNKNOWN, null, id);
     }

     public IdentifiedUser create(AccessPath accessPath,
         Provider<SocketAddress> remotePeerProvider, Account.Id id) {
       return new IdentifiedUser(accessPath, authConfig, canonicalUrl, realm,
           accountCache, remotePeerProvider, null, id);
     }
   }

   /**
    * Create an IdentifiedUser, relying on current request state.
    * <p>
    * Can only be used from within a module that has defined request scoped
    * {@code @RemotePeer SocketAddress} and {@code ReviewDb} providers.
    */
   @Singleton
   public static class RequestFactory {
     private final AuthConfig authConfig;
     private final Provider<String> canonicalUrl;
     private final Realm realm;
     private final AccountCache accountCache;

     private final Provider<SocketAddress> remotePeerProvider;
     private final Provider<ReviewDb> dbProvider;

     @Inject
     RequestFactory(final AuthConfig authConfig,
         final @CanonicalWebUrl Provider<String> canonicalUrl,
         final Realm realm, final AccountCache accountCache,

         final @RemotePeer Provider<SocketAddress> remotePeerProvider,
         final Provider<ReviewDb> dbProvider) {
       this.authConfig = authConfig;
       this.canonicalUrl = canonicalUrl;
       this.realm = realm;
       this.accountCache = accountCache;

       this.remotePeerProvider = remotePeerProvider;
       this.dbProvider = dbProvider;
     }

     public IdentifiedUser create(final AccessPath accessPath,
         final Account.Id id) {
       return new IdentifiedUser(accessPath, authConfig, canonicalUrl, realm,
           accountCache, remotePeerProvider, dbProvider, id);
     }
   }

   private static final Logger log =
       LoggerFactory.getLogger(IdentifiedUser.class);

   private final Provider<String> canonicalUrl;
   private final Realm realm;
   private final AccountCache accountCache;

   @Nullable
   private final Provider<SocketAddress> remotePeerProvider;

   @Nullable
   private final Provider<ReviewDb> dbProvider;

   private final Account.Id accountId;

   private AccountState state;
   private Set<String> emailAddresses;
   private Set<AccountGroup.Id> effectiveGroups;
   private Set<Change.Id> starredChanges;

   private IdentifiedUser(final AccessPath accessPath,
       final AuthConfig authConfig, final Provider<String> canonicalUrl,
       final Realm realm, final AccountCache accountCache,
       @Nullable final Provider<SocketAddress> remotePeerProvider,
       @Nullable final Provider<ReviewDb> dbProvider, final Account.Id id) {
     super(accessPath, authConfig);
     this.canonicalUrl = canonicalUrl;
     this.realm = realm;
     this.accountCache = accountCache;
     this.remotePeerProvider = remotePeerProvider;
     this.dbProvider = dbProvider;
     this.accountId = id;
   }

   private AccountState state() {
     if (state == null) {
       state = accountCache.get(getAccountId());
     }
     return state;
   }

   /** The account identity for the user. */
   public Account.Id getAccountId() {
     return accountId;
   }

   /** @return the user's user name; null if one has not been selected/assigned. */
   public String getUserName() {
     return state().getUserName();
   }

   public Account getAccount() {
     return state().getAccount();
   }

   public Set<String> getEmailAddresses() {
     if (emailAddresses == null) {
       emailAddresses = state().getEmailAddresses();
     }
     return emailAddresses;
   }

   @Override
   public Set<AccountGroup.Id> getEffectiveGroups() {
     if (effectiveGroups == null) {
       if (authConfig.isIdentityTrustable(state().getExternalIds())) {
         effectiveGroups = realm.groups(state());

       } else {
         effectiveGroups = authConfig.getRegisteredGroups();
       }
     }
     return effectiveGroups;
   }

   @Override
   public Set<Change.Id> getStarredChanges() {
     if (starredChanges == null) {
       if (dbProvider == null) {
         throw new OutOfScopeException("Not in request scoped user");
       }
       final Set<Change.Id> h = new HashSet<Change.Id>();
       try {
         for (final StarredChange sc : dbProvider.get().starredChanges()
             .byAccount(getAccountId())) {
           h.add(sc.getChangeId());
         }
       } catch (ProvisionException e) {
         log.warn("Cannot query starred by user changes", e);
       } catch (OrmException e) {
         log.warn("Cannot query starred by user changes", e);
       }
       starredChanges = Collections.unmodifiableSet(h);
     }
     return starredChanges;
   }

   public PersonIdent newRefLogIdent() {
     return newRefLogIdent(new Date(), TimeZone.getDefault());
   }

   public PersonIdent newRefLogIdent(final Date when, final TimeZone tz) {
     final Account ua = getAccount();

     String name = ua.getFullName();
     if (name == null || name.isEmpty()) {
       name = ua.getPreferredEmail();
     }
     if (name == null || name.isEmpty()) {
       name = "Anonymous Coward";
     }

     String user = getUserName();
     if (user == null) {
       user = "";
     }
     user = user + "|" + "account-" + ua.getId().toString();

     String host = null;
     if (remotePeerProvider != null) {
       final SocketAddress remotePeer = remotePeerProvider.get();
       if (remotePeer instanceof InetSocketAddress) {
         final InetSocketAddress sa = (InetSocketAddress) remotePeer;
         final InetAddress in = sa.getAddress();

         host = in != null ? in.getCanonicalHostName() : sa.getHostName();
       }
     }
     if (host == null || host.isEmpty()) {
       host = "unknown";
     }

     return new PersonIdent(name, user + "@" + host, when, tz);
   }

   public PersonIdent newCommitterIdent(final Date when, final TimeZone tz) {
     final Account ua = getAccount();
     String name = ua.getFullName();
     String email = ua.getPreferredEmail();

     if (email == null || email.isEmpty()) {
       // No preferred email is configured. Use a generic identity so we
       // don't leak an address the user may have given us, but doesn't
       // necessarily want to publish through Git records.
       //
       String user = getUserName();
       if (user == null || user.isEmpty()) {
         user = "account-" + ua.getId().toString();
       }

       String host;
       if (canonicalUrl.get() != null) {
         try {
           host = new URL(canonicalUrl.get()).getHost();
         } catch (MalformedURLException e) {
           host = SystemReader.getInstance().getHostname();
         }
       } else {
         host = SystemReader.getInstance().getHostname();
       }

       email = user + "@" + host;
     }

     if (name == null || name.isEmpty()) {
       final int at = email.indexOf('@');
       if (0 < at) {
         name = email.substring(0, at);
       } else {
         name = "Anonymous Coward";
       }
     }

     return new PersonIdent(name, email, when, tz);
   }

   @Override
   public String toString() {
     return "IdentifiedUser[account " + getAccountId() + "]";
   }
 }
	// Copyright (C) 2009 The Android Open Source Project
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	package com.google.gerrit.server;

	import com.google.gerrit.reviewdb.Account;
	import com.google.gerrit.reviewdb.AccountGroup;
	import com.google.gerrit.reviewdb.Change;
	import com.google.gerrit.reviewdb.ReviewDb;
	import com.google.gerrit.reviewdb.StarredChange;
	import com.google.gerrit.server.account.AccountCache;
	import com.google.gerrit.server.account.AccountState;
	import com.google.gerrit.server.account.Realm;
	import com.google.gerrit.server.config.AuthConfig;
	import com.google.gerrit.server.config.CanonicalWebUrl;
	import com.google.gwtorm.client.OrmException;
	import com.google.inject.Inject;
	import com.google.inject.OutOfScopeException;
	import com.google.inject.Provider;
	import com.google.inject.ProvisionException;
	import com.google.inject.Singleton;

	import org.eclipse.jgit.lib.PersonIdent;
	import org.eclipse.jgit.util.SystemReader;
	import org.slf4j.Logger;
	import org.slf4j.LoggerFactory;

	import java.net.InetAddress;
	import java.net.InetSocketAddress;
	import java.net.MalformedURLException;
	import java.net.SocketAddress;
	import java.net.URL;
	import java.util.Collections;
	import java.util.Date;
	import java.util.HashSet;
	import java.util.Set;
	import java.util.TimeZone;

	import javax.annotation.Nullable;

	/** An authenticated user. */
	public class IdentifiedUser extends CurrentUser {
	/** Create an IdentifiedUser, ignoring any per-request state. */
	@Singleton
	public static class GenericFactory {
	private final AuthConfig authConfig;
	private final Provider<String> canonicalUrl;
	private final Realm realm;
	private final AccountCache accountCache;

	@Inject
	GenericFactory(final AuthConfig authConfig,
	final @CanonicalWebUrl Provider<String> canonicalUrl,
	final Realm realm, final AccountCache accountCache) {
	this.authConfig = authConfig;
	this.canonicalUrl = canonicalUrl;
	this.realm = realm;
	this.accountCache = accountCache;
	}

	public IdentifiedUser create(final Account.Id id) {
	return create(AccessPath.UNKNOWN, null, id);
	}

	public IdentifiedUser create(AccessPath accessPath,
	Provider<SocketAddress> remotePeerProvider, Account.Id id) {
	return new IdentifiedUser(accessPath, authConfig, canonicalUrl, realm,
	accountCache, remotePeerProvider, null, id);
	}
	}

	/**
	* Create an IdentifiedUser, relying on current request state.
	* <p>
	* Can only be used from within a module that has defined request scoped
	* {@code @RemotePeer SocketAddress} and {@code ReviewDb} providers.
	*/
	@Singleton
	public static class RequestFactory {
	private final AuthConfig authConfig;
	private final Provider<String> canonicalUrl;
	private final Realm realm;
	private final AccountCache accountCache;

	private final Provider<SocketAddress> remotePeerProvider;
	private final Provider<ReviewDb> dbProvider;

	@Inject
	RequestFactory(final AuthConfig authConfig,
	final @CanonicalWebUrl Provider<String> canonicalUrl,
	final Realm realm, final AccountCache accountCache,

	final @RemotePeer Provider<SocketAddress> remotePeerProvider,
	final Provider<ReviewDb> dbProvider) {
	this.authConfig = authConfig;
	this.canonicalUrl = canonicalUrl;
	this.realm = realm;
	this.accountCache = accountCache;

	this.remotePeerProvider = remotePeerProvider;
	this.dbProvider = dbProvider;
	}

	public IdentifiedUser create(final AccessPath accessPath,
	final Account.Id id) {
	return new IdentifiedUser(accessPath, authConfig, canonicalUrl, realm,
	accountCache, remotePeerProvider, dbProvider, id);
	}
	}

	private static final Logger log =
	LoggerFactory.getLogger(IdentifiedUser.class);

	private final Provider<String> canonicalUrl;
	private final Realm realm;
	private final AccountCache accountCache;

	@Nullable
	private final Provider<SocketAddress> remotePeerProvider;

	@Nullable
	private final Provider<ReviewDb> dbProvider;

	private final Account.Id accountId;

	private AccountState state;
	private Set<String> emailAddresses;
	private Set<AccountGroup.Id> effectiveGroups;
	private Set<Change.Id> starredChanges;

	private IdentifiedUser(final AccessPath accessPath,
	final AuthConfig authConfig, final Provider<String> canonicalUrl,
	final Realm realm, final AccountCache accountCache,
	@Nullable final Provider<SocketAddress> remotePeerProvider,
	@Nullable final Provider<ReviewDb> dbProvider, final Account.Id id) {
	super(accessPath, authConfig);
	this.canonicalUrl = canonicalUrl;
	this.realm = realm;
	this.accountCache = accountCache;
	this.remotePeerProvider = remotePeerProvider;
	this.dbProvider = dbProvider;
	this.accountId = id;
	}

	private AccountState state() {
	if (state == null) {
	state = accountCache.get(getAccountId());
	}
	return state;
	}

	/** The account identity for the user. */
	public Account.Id getAccountId() {
	return accountId;
	}

	/** @return the user's user name; null if one has not been selected/assigned. */
	public String getUserName() {
	return state().getUserName();
	}

	public Account getAccount() {
	return state().getAccount();
	}

	public Set<String> getEmailAddresses() {
	if (emailAddresses == null) {
	emailAddresses = state().getEmailAddresses();
	}
	return emailAddresses;
	}

	@Override
	public Set<AccountGroup.Id> getEffectiveGroups() {
	if (effectiveGroups == null) {
	if (authConfig.isIdentityTrustable(state().getExternalIds())) {
	effectiveGroups = realm.groups(state());

	} else {
	effectiveGroups = authConfig.getRegisteredGroups();
	}
	}
	return effectiveGroups;
	}

	@Override
	public Set<Change.Id> getStarredChanges() {
	if (starredChanges == null) {
	if (dbProvider == null) {
	throw new OutOfScopeException("Not in request scoped user");
	}
	final Set<Change.Id> h = new HashSet<Change.Id>();
	try {
	for (final StarredChange sc : dbProvider.get().starredChanges()
	.byAccount(getAccountId())) {
	h.add(sc.getChangeId());
	}
	} catch (ProvisionException e) {
	log.warn("Cannot query starred by user changes", e);
	} catch (OrmException e) {
	log.warn("Cannot query starred by user changes", e);
	}
	starredChanges = Collections.unmodifiableSet(h);
	}
	return starredChanges;
	}

	public PersonIdent newRefLogIdent() {
	return newRefLogIdent(new Date(), TimeZone.getDefault());
	}

	public PersonIdent newRefLogIdent(final Date when, final TimeZone tz) {
	final Account ua = getAccount();

	String name = ua.getFullName();
	if (name == null \|\| name.isEmpty()) {
	name = ua.getPreferredEmail();
	}
	if (name == null \|\| name.isEmpty()) {
	name = "Anonymous Coward";
	}

	String user = getUserName();
	if (user == null) {
	user = "";
	}
	user = user + "\|" + "account-" + ua.getId().toString();

	String host = null;
	if (remotePeerProvider != null) {
	final SocketAddress remotePeer = remotePeerProvider.get();
	if (remotePeer instanceof InetSocketAddress) {
	final InetSocketAddress sa = (InetSocketAddress) remotePeer;
	final InetAddress in = sa.getAddress();

	host = in != null ? in.getCanonicalHostName() : sa.getHostName();
	}
	}
	if (host == null \|\| host.isEmpty()) {
	host = "unknown";
	}

	return new PersonIdent(name, user + "@" + host, when, tz);
	}

	public PersonIdent newCommitterIdent(final Date when, final TimeZone tz) {
	final Account ua = getAccount();
	String name = ua.getFullName();
	String email = ua.getPreferredEmail();

	if (email == null \|\| email.isEmpty()) {
	// No preferred email is configured. Use a generic identity so we
	// don't leak an address the user may have given us, but doesn't
	// necessarily want to publish through Git records.
	//
	String user = getUserName();
	if (user == null \|\| user.isEmpty()) {
	user = "account-" + ua.getId().toString();
	}

	String host;
	if (canonicalUrl.get() != null) {
	try {
	host = new URL(canonicalUrl.get()).getHost();
	} catch (MalformedURLException e) {
	host = SystemReader.getInstance().getHostname();
	}
	} else {
	host = SystemReader.getInstance().getHostname();
	}

	email = user + "@" + host;
	}

	if (name == null \|\| name.isEmpty()) {
	final int at = email.indexOf('@');
	if (0 < at) {
	name = email.substring(0, at);
	} else {
	name = "Anonymous Coward";
	}
	}

	return new PersonIdent(name, email, when, tz);
	}

	@Override
	public String toString() {
	return "IdentifiedUser[account " + getAccountId() + "]";
	}
	}