From 2a41231c0eaf12e86b3bc562bedf37c568b3fa38 Mon Sep 17 00:00:00 2001
From: "Shawn O. Pearce" <sop@google.com>
Date: Mon, 1 Mar 2010 13:45:07 -0800
Subject: Fix editable username when authType is LDAP or HTTP_LDAP

If gerrit.config has ldap.accountSshUserName = "" then we need
to permit the user to modify their username through the web UI.
Unfortunately this data is static as part of the GerritConfig
singleton in the server and the client UI, so we can't wait until
the first LDAP query to determine the value.  Instead do it up
front during the LdapRealm init.

Change-Id: I32c24abc01b3eb4e656a3573b4bf254664428cdb
Signed-off-by: Shawn O. Pearce <sop@google.com>
---
 .../google/gerrit/server/auth/ldap/LdapRealm.java  | 28 ++++++++--------------
 1 file changed, 10 insertions(+), 18 deletions(-)

diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapRealm.java b/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapRealm.java
index e09a01d28b..0e6305356a 100644
--- a/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapRealm.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/auth/ldap/LdapRealm.java
@@ -80,6 +80,7 @@ class LdapRealm implements Realm {
   private final SchemaFactory<ReviewDb> schema;
   private final EmailExpander emailExpander;
   private final SelfPopulatingCache<String, Account.Id> usernameCache;
+  private final Set<Account.FieldName> readOnlyAccountFields;
 
   private final GroupCache groupCache;
   private final SelfPopulatingCache<String, Set<AccountGroup.Id>> membershipCache;
@@ -105,6 +106,14 @@ class LdapRealm implements Realm {
     this.username = optional(config, "username");
     this.password = optional(config, "password");
     this.sslVerify = config.getBoolean("ldap", "sslverify", true);
+    this.readOnlyAccountFields = new HashSet<Account.FieldName>();
+
+    if (optdef(config, "accountFullName", "DEFAULT") != null) {
+      readOnlyAccountFields.add(Account.FieldName.FULL_NAME);
+    }
+    if (optdef(config, "accountSshUserName", "DEFAULT") != null) {
+      readOnlyAccountFields.add(Account.FieldName.USER_NAME);
+    }
 
     membershipCache =
         new SelfPopulatingCache<String, Set<AccountGroup.Id>>(rawGroup) {
@@ -195,24 +204,7 @@ class LdapRealm implements Realm {
 
   @Override
   public boolean allowsEdit(final Account.FieldName field) {
-    switch (field) {
-      case FULL_NAME:
-        if (ldapSchema == null) {
-          return false; // Assume not until we've resolved the server type.
-        }
-        // only if not obtained from LDAP
-        return ldapSchema.accountFullName == null;
-
-      case USER_NAME:
-        if (ldapSchema == null) {
-          return false; // Assume not until we've resolved the server type.
-        }
-        // only if not obtained from LDAP
-        return ldapSchema.accountSshUserName == null;
-
-      default:
-        return true;
-    }
+    return !readOnlyAccountFields.contains(field);
   }
 
   private static String apply(ParamertizedString p, LdapQuery.Result m)
-- 
cgit v1.2.3