Allow Gerrit admins to add email addresses without confirmation
Change-Id: I386979ef6d8f693e3e4de3f60cd52828b690b4a3
Signed-off-by: Edwin Kempin <edwin.kempin@sap.com>
diff --git a/Documentation/rest-api-accounts.txt b/Documentation/rest-api-accounts.txt
index 0c9df42..0b9d58f 100644
--- a/Documentation/rest-api-accounts.txt
+++ b/Documentation/rest-api-accounts.txt
@@ -234,7 +234,9 @@
sent with a link that needs to be visited to confirm the email address,
unless `DEVELOPMENT_BECOME_ANY_ACCOUNT` is used as authentication type.
For the development mode email addresses are directly added without
-confirmation.
+confirmation. A Gerrit administrator may add an email address without
+confirmation by setting `no_confirmation` in the
+link:#email-input[EmailInput].
In the request body additional data for the email address can be
provided as link:#email-input[EmailInput].
@@ -869,15 +871,20 @@
email address.
[options="header",width="50%",cols="1,^1,5"]
-|========================
-|Field Name ||Description
-|`email` ||
+|==============================
+|Field Name ||Description
+|`email` ||
The email address. If provided, must match the email address from the
URL.
-|`preferred`|`false` if not set|
+|`preferred` |`false` if not set|
Whether the new email address should become the preferred email address
of the user.
-|========================
+|`no_confirmation`|`false` if not set|
+Whether the email address should be added without confirmation. In this
+case no verification email is sent to the user. +
+Only Gerrit administrators are allowed to add email addresses without
+confirmation.
+|==============================
[[query-limit-info]]
QueryLimitInfo
diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/CreateEmail.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/CreateEmail.java
index 28f8547..869c2e9 100644
--- a/gerrit-server/src/main/java/com/google/gerrit/server/account/CreateEmail.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/CreateEmail.java
@@ -44,6 +44,7 @@
@DefaultInput
String email;
boolean preferred;
+ boolean noConfirmation;
}
static interface Factory {
@@ -85,8 +86,13 @@
if (input.email != null && !email.equals(input.email)) {
throw new BadRequestException("email address must match URL");
}
+ if (input.noConfirmation && !self.get().getCapabilities().canAdministrateServer()) {
+ throw new AuthException("not allowed to add email address without confirmation, "
+ + "need to be Gerrit administrator");
+ }
- if (authConfig.getAuthType() == AuthType.DEVELOPMENT_BECOME_ANY_ACCOUNT) {
+ if (input.noConfirmation
+ || authConfig.getAuthType() == AuthType.DEVELOPMENT_BECOME_ANY_ACCOUNT) {
try {
accountManager.link(rsrc.getUser().getAccountId(),
AuthRequest.forEmail(email));
