BecomeAnyAccountLoginServlet: Resolve external ID via account index
BecomeAnyAccountLoginServlet needs to find the account for a given
username. Lookup the coresponding external ID via the account index
instead of loading it from the database.
Change-Id: I87b503439b80a372c89c7866640256c14dd35b2b
Signed-off-by: Edwin Kempin <ekempin@google.com>
diff --git a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/auth/become/BecomeAnyAccountLoginServlet.java b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/auth/become/BecomeAnyAccountLoginServlet.java
index 8ede324..8d5aff6 100644
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/auth/become/BecomeAnyAccountLoginServlet.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/auth/become/BecomeAnyAccountLoginServlet.java
@@ -27,8 +27,10 @@
import com.google.gerrit.reviewdb.server.ReviewDb;
import com.google.gerrit.server.account.AccountException;
import com.google.gerrit.server.account.AccountManager;
+import com.google.gerrit.server.account.AccountState;
import com.google.gerrit.server.account.AuthRequest;
import com.google.gerrit.server.account.AuthResult;
+import com.google.gerrit.server.query.account.InternalAccountQuery;
import com.google.gwtexpui.server.CacheHeaders;
import com.google.gwtorm.server.OrmException;
import com.google.gwtorm.server.ResultSet;
@@ -58,16 +60,19 @@
private final DynamicItem<WebSession> webSession;
private final AccountManager accountManager;
private final SiteHeaderFooter headers;
+ private final InternalAccountQuery accountQuery;
@Inject
- BecomeAnyAccountLoginServlet(final DynamicItem<WebSession> ws,
- final SchemaFactory<ReviewDb> sf,
- final AccountManager am,
- SiteHeaderFooter shf) {
+ BecomeAnyAccountLoginServlet(DynamicItem<WebSession> ws,
+ SchemaFactory<ReviewDb> sf,
+ AccountManager am,
+ SiteHeaderFooter shf,
+ InternalAccountQuery aq) {
webSession = ws;
schema = sf;
accountManager = am;
headers = shf;
+ accountQuery = aq;
}
@Override
@@ -184,12 +189,25 @@
}
private AuthResult byUserName(final String userName) {
- try (ReviewDb db = schema.open()) {
- AccountExternalId.Key key =
+ try {
+ AccountExternalId.Key extKey =
new AccountExternalId.Key(SCHEME_USERNAME, userName);
- return auth(db.accountExternalIds().get(key));
+ List<AccountState> accountStates =
+ accountQuery.byExternalId(extKey.get());
+ if (accountStates.isEmpty()) {
+ getServletContext()
+ .log("No accounts with username " + userName + " found");
+ return null;
+ }
+ if (accountStates.size() > 1) {
+ getServletContext()
+ .log("Multiple accounts with username " + userName + " found");
+ return null;
+ }
+ return auth(new AccountExternalId(
+ accountStates.get(0).getAccount().getId(), extKey));
} catch (OrmException e) {
- getServletContext().log("cannot query database", e);
+ getServletContext().log("cannot query account index", e);
return null;
}
}
