diff options
author | Shawn Pearce <sop@google.com> | 2013-05-17 09:47:18 -0700 |
---|---|---|
committer | Shawn Pearce <sop@google.com> | 2013-05-17 09:47:18 -0700 |
commit | 4f6c76e758b3f1b279e720c285332db76cc03abb (patch) | |
tree | d58746551cd4acdfe36f1156ffe61a173b040807 | |
parent | af5d1dc36ed40828dad1ec5d9b1ed3126c0df165 (diff) |
Require preferred email to be a verified address
Warn the user if they attempt to select a preferred email
address that has not been previously verified and stored in the
account_external_ids table. This reduces the chances the server
will have email notifications bounce because a user subscribed to
changes and entered an invalid preferred email address.
Change-Id: Ib00fc25fb11445968bc4114a2b16ccb08437a699
-rw-r--r-- | gerrit-httpd/src/main/java/com/google/gerrit/httpd/rpc/account/AccountSecurityImpl.java | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/rpc/account/AccountSecurityImpl.java b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/rpc/account/AccountSecurityImpl.java index b62a10b06a..e3b7408c0c 100644 --- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/rpc/account/AccountSecurityImpl.java +++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/rpc/account/AccountSecurityImpl.java @@ -14,6 +14,7 @@ package com.google.gerrit.httpd.rpc.account; +import com.google.common.base.Strings; import com.google.gerrit.common.ChangeHooks; import com.google.gerrit.common.data.AccountSecurity; import com.google.gerrit.common.data.ContributorAgreement; @@ -22,6 +23,7 @@ import com.google.gerrit.common.errors.InvalidSshKeyException; import com.google.gerrit.common.errors.NameAlreadyUsedException; import com.google.gerrit.common.errors.NoSuchEntityException; import com.google.gerrit.common.errors.NoSuchGroupException; +import com.google.gerrit.common.errors.PermissionDeniedException; import com.google.gerrit.httpd.rpc.BaseServiceImplementation; import com.google.gerrit.httpd.rpc.Handler; import com.google.gerrit.reviewdb.client.Account; @@ -230,12 +232,17 @@ class AccountSecurityImpl extends BaseServiceImplementation implements final ContactInformation info, final AsyncCallback<Account> callback) { run(callback, new Action<Account>() { public Account run(ReviewDb db) throws OrmException, Failure { - final Account me = db.accounts().get(user.get().getAccountId()); + IdentifiedUser self = user.get(); + final Account me = db.accounts().get(self.getAccountId()); final String oldEmail = me.getPreferredEmail(); if (realm.allowsEdit(Account.FieldName.FULL_NAME)) { - me.setFullName(name != null && !name.isEmpty() ? name : null); + me.setFullName(Strings.emptyToNull(name)); } - me.setPreferredEmail(emailAddr); + if (!Strings.isNullOrEmpty(emailAddr) + && !self.getEmailAddresses().contains(emailAddr)) { + throw new Failure(new PermissionDeniedException("Email address must be verified")); + } + me.setPreferredEmail(Strings.emptyToNull(emailAddr)); if (useContactInfo) { if (ContactInformation.hasAddress(info) || (me.isContactFiled() && ContactInformation.hasData(info))) { |