Google Git
Sign in
gerrit / plugins / serviceuser / refs/heads/stable-3.2^! / .
commit066c9d023c4493f17c134c18ede4582405a31355[log] [tgz]
authorThomas Draebing <thomas.draebing@sap.com>Fri Oct 29 15:11:04 2021 +0200
committerThomas Dräbing <thomas.draebing@sap.com>Fri Oct 29 14:03:31 2021 +0000
tree5da7d4a50b2e1d71c34a4b04db9796556913b888
parent9261a8d8112498a4223741585c1bd8fecf350b59 [diff]
Allow serviceuser owners to delete SSH keys

Owners of a serviceuser were not able to delete the
serviceuser's SSH key, because in Gerrit core except for
administrators only deletion of one's own SSH keys is
permitted.

Instead of reusing the DeleteSshKey.apply() method from
Gerrit core, it is now reimplemented in the plugin.
Checking the permissions was removed, since ownership
is already checked, when checking the visibility of the
serviceuser. Email-notifications were removed as well.

Change-Id: Ic530c26ded47c2da096cb8487a9217ba23c1bff0

diff --git a/src/main/java/com/googlesource/gerrit/plugins/serviceuser/DeleteSshKey.java b/src/main/java/com/googlesource/gerrit/plugins/serviceuser/DeleteSshKey.java
index 9ce83d3..4f59816 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/serviceuser/DeleteSshKey.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/serviceuser/DeleteSshKey.java

@@ -18,10 +18,11 @@
 import com.google.gerrit.extensions.restapi.AuthException;
 import com.google.gerrit.extensions.restapi.Response;
 import com.google.gerrit.extensions.restapi.RestModifyView;
-import com.google.gerrit.server.account.AccountResource;
+import com.google.gerrit.server.IdentifiedUser;
+import com.google.gerrit.server.account.VersionedAuthorizedKeys;
 import com.google.gerrit.server.permissions.PermissionBackendException;
+import com.google.gerrit.server.ssh.SshKeyCache;
 import com.google.inject.Inject;
-import com.google.inject.Provider;
 import com.google.inject.Singleton;
 import java.io.IOException;
 import org.eclipse.jgit.errors.ConfigInvalidException;
@@ -29,19 +30,23 @@
 
 @Singleton
 class DeleteSshKey implements RestModifyView<ServiceUserResource.SshKey, Input> {
-  private final Provider<com.google.gerrit.server.restapi.account.DeleteSshKey> deleteSshKey;
+  private final VersionedAuthorizedKeys.Accessor authorizedKeys;
+  private final SshKeyCache sshKeyCache;
 
   @Inject
-  DeleteSshKey(Provider<com.google.gerrit.server.restapi.account.DeleteSshKey> deleteSshKey) {
-    this.deleteSshKey = deleteSshKey;
+  DeleteSshKey(VersionedAuthorizedKeys.Accessor authorizedKeys, SshKeyCache sshKeyCache) {
+    this.authorizedKeys = authorizedKeys;
+    this.sshKeyCache = sshKeyCache;
   }
 
   @Override
   public Response<?> apply(ServiceUserResource.SshKey rsrc, Input input)
       throws AuthException, RepositoryNotFoundException, IOException, ConfigInvalidException,
           PermissionBackendException {
-    return deleteSshKey
-        .get()
-        .apply(new AccountResource.SshKey(rsrc.getUser(), rsrc.getSshKey()), input);
+    IdentifiedUser user = rsrc.getUser();
+    authorizedKeys.deleteKey(user.getAccountId(), rsrc.getSshKey().seq());
+    user.getUserName().ifPresent(sshKeyCache::evict);
+
+    return Response.none();
   }
 }