Line data    Source code

       1             : // Copyright (C) 2009 The Android Open Source Project
       2             : //
       3             : // Licensed under the Apache License, Version 2.0 (the "License");
       4             : // you may not use this file except in compliance with the License.
       5             : // You may obtain a copy of the License at
       6             : //
       7             : // http://www.apache.org/licenses/LICENSE-2.0
       8             : //
       9             : // Unless required by applicable law or agreed to in writing, software
      10             : // distributed under the License is distributed on an "AS IS" BASIS,
      11             : // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
      12             : // See the License for the specific language governing permissions and
      13             : // limitations under the License.
      14             : 
      15             : package com.google.gerrit.server;
      16             : 
      17             : import com.google.common.collect.ImmutableSet;
      18             : import com.google.gerrit.entities.Account;
      19             : import com.google.gerrit.server.account.GroupMembership;
      20             : import com.google.gerrit.server.account.externalids.ExternalId;
      21             : import com.google.inject.servlet.RequestScoped;
      22             : import java.util.Optional;
      23             : import java.util.function.Consumer;
      24             : 
      25             : /**
      26             :  * Information about the currently logged in user.
      27             :  *
      28             :  * <p>This is a {@link RequestScoped} property managed by Guice.
      29             :  *
      30             :  * @see AnonymousUser
      31             :  * @see IdentifiedUser
      32             :  */
      33             : public abstract class CurrentUser {
      34         153 :   public static final PropertyMap.Key<ExternalId.Key> LAST_LOGIN_EXTERNAL_ID_PROPERTY_KEY =
      35         153 :       PropertyMap.key();
      36             : 
      37             :   private final PropertyMap properties;
      38         152 :   private AccessPath accessPath = AccessPath.UNKNOWN;
      39             : 
      40         152 :   protected CurrentUser() {
      41         152 :     this.properties = PropertyMap.EMPTY;
      42         152 :   }
      43             : 
      44         151 :   protected CurrentUser(PropertyMap properties) {
      45         151 :     this.properties = properties;
      46         151 :   }
      47             : 
      48             :   /** How this user is accessing the Gerrit Code Review application. */
      49             :   public final AccessPath getAccessPath() {
      50          49 :     return accessPath;
      51             :   }
      52             : 
      53             :   public void setAccessPath(AccessPath path) {
      54         137 :     accessPath = path;
      55         137 :   }
      56             : 
      57             :   /**
      58             :    * Identity of the authenticated user.
      59             :    *
      60             :    * <p>In the normal case where a user authenticates as themselves {@code getRealUser() == this}.
      61             :    *
      62             :    * <p>If {@code X-Gerrit-RunAs} or {@code suexec} was used this method returns the identity of the
      63             :    * account that has permission to act on behalf of this user.
      64             :    */
      65             :   public CurrentUser getRealUser() {
      66           2 :     return this;
      67             :   }
      68             : 
      69             :   public boolean isImpersonating() {
      70          19 :     return false;
      71             :   }
      72             : 
      73             :   /**
      74             :    * If the {@link #getRealUser()} has an account ID associated with it, call the given setter with
      75             :    * that ID.
      76             :    */
      77             :   public void updateRealAccountId(Consumer<Account.Id> setter) {
      78          72 :     if (getRealUser().isIdentifiedUser()) {
      79          72 :       setter.accept(getRealUser().getAccountId());
      80             :     }
      81          72 :   }
      82             : 
      83             :   /**
      84             :    * Get the set of groups the user is currently a member of.
      85             :    *
      86             :    * <p>The returned set may be a subset of the user's actual groups; if the user's account is
      87             :    * currently deemed to be untrusted then the effective group set is only the anonymous and
      88             :    * registered user groups. To enable additional groups (and gain their granted permissions) the
      89             :    * user must update their account to use only trusted authentication providers.
      90             :    *
      91             :    * @return active groups for this user.
      92             :    */
      93             :   public abstract GroupMembership getEffectiveGroups();
      94             : 
      95             :   /**
      96             :    * Returns a unique identifier for this user that is intended to be used as a cache key. Returned
      97             :    * object should to implement {@code equals()} and {@code hashCode()} for effective caching.
      98             :    */
      99             :   public abstract Object getCacheKey();
     100             : 
     101             :   /** Unique name of the user on this server, if one has been assigned. */
     102             :   public Optional<String> getUserName() {
     103          55 :     return Optional.empty();
     104             :   }
     105             : 
     106             :   /** Returns unique name of the user for logging, never {@code null} */
     107             :   public String getLoggableName() {
     108          28 :     return getUserName().orElseGet(() -> getClass().getSimpleName());
     109             :   }
     110             : 
     111             :   /** Check if user is the IdentifiedUser */
     112             :   public boolean isIdentifiedUser() {
     113          61 :     return false;
     114             :   }
     115             : 
     116             :   /** Cast to IdentifiedUser if possible. */
     117             :   public IdentifiedUser asIdentifiedUser() {
     118           0 :     throw new UnsupportedOperationException(
     119           0 :         getClass().getSimpleName() + " is not an IdentifiedUser");
     120             :   }
     121             : 
     122             :   /**
     123             :    * Return account ID if {@link #isIdentifiedUser} is true.
     124             :    *
     125             :    * @throws UnsupportedOperationException if the user is not logged in.
     126             :    */
     127             :   public Account.Id getAccountId() {
     128           0 :     throw new UnsupportedOperationException(
     129           0 :         getClass().getSimpleName() + " is not an IdentifiedUser");
     130             :   }
     131             : 
     132             :   /**
     133             :    * Returns all email addresses associated with this user. For {@link AnonymousUser} and other
     134             :    * users that don't represent a person user or service account, this set will be empty.
     135             :    */
     136             :   public ImmutableSet<String> getEmailAddresses() {
     137           0 :     return ImmutableSet.of();
     138             :   }
     139             : 
     140             :   /**
     141             :    * Returns all {@link com.google.gerrit.server.account.externalids.ExternalId.Key}s associated
     142             :    * with this user. For {@link AnonymousUser} and other users that don't represent a person user or
     143             :    * service account, this set will be empty.
     144             :    */
     145             :   public ImmutableSet<ExternalId.Key> getExternalIdKeys() {
     146           0 :     return ImmutableSet.of();
     147             :   }
     148             : 
     149             :   /** Check if the CurrentUser is an InternalUser. */
     150             :   public boolean isInternalUser() {
     151         150 :     return false;
     152             :   }
     153             : 
     154             :   /**
     155             :    * Lookup a stored property.
     156             :    *
     157             :    * @param key unique property key. This key has to be the same instance that was used to store the
     158             :    *     value when constructing the {@link PropertyMap}
     159             :    * @return stored value, or {@code Optional#empty()}.
     160             :    */
     161             :   public <T> Optional<T> get(PropertyMap.Key<T> key) {
     162           5 :     return properties.get(key);
     163             :   }
     164             : 
     165             :   public Optional<ExternalId.Key> getLastLoginExternalIdKey() {
     166           5 :     return get(LAST_LOGIN_EXTERNAL_ID_PROPERTY_KEY);
     167             :   }
     168             : 
     169             :   /**
     170             :    * Checks if the current user has the same account id of another.
     171             :    *
     172             :    * <p>Provide a generic interface for allowing subclasses to define whether two accounts represent
     173             :    * the same account id.
     174             :    *
     175             :    * @param other user to compare
     176             :    * @return true if the two users have the same account id
     177             :    */
     178             :   public boolean hasSameAccountId(CurrentUser other) {
     179           0 :     return false;
     180             :   }
     181             : }