diff options
author | Shawn Pearce <sop@google.com> | 2014-03-08 00:36:40 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2014-03-08 00:36:40 +0000 |
commit | 65df1358a192fdeb75172a7b7e6061b5b57a6649 (patch) | |
tree | 5be7065b098fd34c308360ee1916e85d3a7ccace | |
parent | 2b0a393f7fe8e947d8f5a24fa91ad66a316778d9 (diff) | |
parent | a9abdf45892ff975aec11d2e8b605b2a90021b3d (diff) |
Merge "Validate email address when adding email or creating account"
-rw-r--r-- | gerrit-server/BUCK | 1 | ||||
-rw-r--r-- | gerrit-server/src/main/java/com/google/gerrit/server/account/CreateAccount.java | 14 | ||||
-rw-r--r-- | gerrit-server/src/main/java/com/google/gerrit/server/account/CreateEmail.java | 5 | ||||
-rw-r--r-- | lib/commons/BUCK | 7 |
4 files changed, 23 insertions, 4 deletions
diff --git a/gerrit-server/BUCK b/gerrit-server/BUCK index 12dd162175..070764ab53 100644 --- a/gerrit-server/BUCK +++ b/gerrit-server/BUCK @@ -53,6 +53,7 @@ java_library2( '//lib/commons:dbcp', '//lib/commons:lang', '//lib/commons:net', + '//lib/commons:validator', '//lib/guice:guice', '//lib/guice:guice-assistedinject', '//lib/guice:guice-servlet', diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/CreateAccount.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/CreateAccount.java index b657281ed2..2d42f0d3dc 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/CreateAccount.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/CreateAccount.java @@ -44,6 +44,8 @@ import com.google.inject.Inject; import com.google.inject.Provider; import com.google.inject.assistedinject.Assisted; +import org.apache.commons.validator.routines.EmailValidator; + import java.util.Collections; import java.util.List; import java.util.Set; @@ -122,10 +124,14 @@ public class CreateAccount implements RestModifyView<TopLevelResource, Input> { throw new ResourceConflictException( "username '" + username + "' already exists"); } - if (input.email != null - && db.accountExternalIds().get(getEmailKey(input.email)) != null) { - throw new UnprocessableEntityException( - "email '" + input.email + "' already exists"); + if (input.email != null) { + if (db.accountExternalIds().get(getEmailKey(input.email)) != null) { + throw new UnprocessableEntityException( + "email '" + input.email + "' already exists"); + } + if (!EmailValidator.getInstance().isValid(input.email)) { + throw new BadRequestException("invalid email address"); + } } try { diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/account/CreateEmail.java b/gerrit-server/src/main/java/com/google/gerrit/server/account/CreateEmail.java index b9ef19e6e6..60c448c152 100644 --- a/gerrit-server/src/main/java/com/google/gerrit/server/account/CreateEmail.java +++ b/gerrit-server/src/main/java/com/google/gerrit/server/account/CreateEmail.java @@ -36,6 +36,7 @@ import com.google.inject.Inject; import com.google.inject.Provider; import com.google.inject.assistedinject.Assisted; +import org.apache.commons.validator.routines.EmailValidator; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -92,6 +93,10 @@ public class CreateEmail implements RestModifyView<AccountResource, Input> { input = new Input(); } + if (!EmailValidator.getInstance().isValid(email)) { + throw new BadRequestException("invalid email address"); + } + if (input.noConfirmation && !self.get().getCapabilities().canAdministrateServer()) { throw new AuthException("must be administrator to use no_confirmation"); diff --git a/lib/commons/BUCK b/lib/commons/BUCK index aed2c68c09..ab8a036939 100644 --- a/lib/commons/BUCK +++ b/lib/commons/BUCK @@ -85,6 +85,13 @@ maven_jar( ) maven_jar( + name = 'validator', + id = 'commons-validator:commons-validator:1.4.0', + sha1 = '42fa1046955ade59f5354a1876cfc523cea33815', + license = 'Apache2.0', +) + +maven_jar( name = 'httpclient', id = 'org.apache.httpcomponents:httpclient:4.2.5', bin_sha1 = '666e26e76f2e87d84e4f16acb546481ae1b8e9a6', |