Disallow the discovery of other user's membership

GitHub may not allow users to discover other people's
group membership and instead throw an error permanently.
Having a group resolution to fail permanently causes
disruption due to the GitHub API throttling.

Do not throw any exceptions for not breaking the Gerrit
UI but simply return an empty membership which will
be gracefully rendered.

Change-Id: I41059be5cdbb86b0772f60aae0207571e4bf9b30

github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/group/GitHubGroupBackend.java

diff --git a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/group/GitHubGroupBackend.java b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/group/GitHubGroupBackend.java
index 5f74078..9e96c2b 100644
--- a/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/group/GitHubGroupBackend.java
+++ b/github-plugin/src/main/java/com/googlesource/gerrit/plugins/github/group/GitHubGroupBackend.java
@@ -30,6 +30,7 @@
 import com.google.gerrit.server.account.GroupMembership;
 import com.google.gerrit.server.project.ProjectState;
 import com.google.inject.Inject;
+import com.google.inject.Provider;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.Set;
@@ -41,12 +42,16 @@
   private static final Logger log = LoggerFactory.getLogger(GitHubGroupBackend.class);
   private final GitHubGroupMembership.Factory ghMembershipProvider;
   private final GitHubGroupsCache ghOrganisationCache;
+  private final Provider<CurrentUser> currentUserProvider;
 
   @Inject
   GitHubGroupBackend(
-      GitHubGroupMembership.Factory ghMembershipProvider, GitHubGroupsCache ghOrganisationCache) {
+      GitHubGroupMembership.Factory ghMembershipProvider,
+      GitHubGroupsCache ghOrganisationCache,
+      Provider<CurrentUser> currentUserProvider) {
     this.ghMembershipProvider = ghMembershipProvider;
     this.ghOrganisationCache = ghOrganisationCache;
+    this.currentUserProvider = currentUserProvider;
   }
 
   @Override
@@ -112,6 +117,13 @@
 
   @Override
   public GroupMembership membershipsOf(CurrentUser user) {
+    CurrentUser currentUser = currentUserProvider.get();
+    if (!currentUser.isIdentifiedUser()
+        || !currentUser.asIdentifiedUser().getAccountId().equals(user.getAccountId())) {
+      // Do not allow to perform group discovery of other users
+      return GroupMembership.EMPTY;
+    }
+
     String username = user.getUserName().orElse(null);
     if (Strings.isNullOrEmpty(username)) {
       return GroupMembership.EMPTY;