From e19fa5cbac6a55ce91f1ef010ebe592858b2f10c Mon Sep 17 00:00:00 2001
From: Matthias Sohn <matthias.sohn@sap.com>
Date: Wed, 13 Jan 2021 00:42:33 +0100
Subject: AccountResolver: limit number of ambiguous accounts in error message

Don't list more than 3 ambiguous accounts in error message of
UnresolvableAccountException in order to prevent flooding the log and
displaying a lot of sensitive account data in an error dialog.

Bug: Issue 13803
Change-Id: I95fe697988f3d900cce29ca93114a725b1c17ca6
---
 java/com/google/gerrit/server/account/AccountResolver.java          | 5 ++++-
 javatests/com/google/gerrit/server/account/AccountResolverTest.java | 6 ++++--
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/java/com/google/gerrit/server/account/AccountResolver.java b/java/com/google/gerrit/server/account/AccountResolver.java
index 988d8713fa..23244659f8 100644
--- a/java/com/google/gerrit/server/account/AccountResolver.java
+++ b/java/com/google/gerrit/server/account/AccountResolver.java
@@ -109,7 +109,10 @@ public class AccountResolver {
 
     return result.asList().stream()
         .map(a -> formatForException(result, a))
-        .collect(joining("\n", "Account '" + result.input() + "' is ambiguous:\n", ""));
+        .limit(3)
+        .collect(
+            joining(
+                "\n", "Account '" + result.input() + "' is ambiguous (at most 3 shown):\n", ""));
   }
 
   private static String formatForException(Result result, AccountState state) {
diff --git a/javatests/com/google/gerrit/server/account/AccountResolverTest.java b/javatests/com/google/gerrit/server/account/AccountResolverTest.java
index 769370ac37..5f14d28c90 100644
--- a/javatests/com/google/gerrit/server/account/AccountResolverTest.java
+++ b/javatests/com/google/gerrit/server/account/AccountResolverTest.java
@@ -269,7 +269,8 @@ public class AccountResolverTest {
             () -> search("foo", searchers, allVisible()).asUnique());
     assertThat(thrown)
         .hasMessageThat()
-        .isEqualTo("Account 'foo' is ambiguous:\n1: Anonymous Name (1)\n2: Anonymous Name (2)");
+        .isEqualTo(
+            "Account 'foo' is ambiguous (at most 3 shown):\n1: Anonymous Name (1)\n2: Anonymous Name (2)");
   }
 
   @Test
@@ -311,7 +312,8 @@ public class AccountResolverTest {
                 .new Result(
                     "foo", ImmutableList.of(newAccount(3), newAccount(1)), ImmutableList.of())))
         .hasMessageThat()
-        .isEqualTo("Account 'foo' is ambiguous:\n1: Anonymous Name (1)\n3: Anonymous Name (3)");
+        .isEqualTo(
+            "Account 'foo' is ambiguous (at most 3 shown):\n1: Anonymous Name (1)\n3: Anonymous Name (3)");
   }
 
   @Test
-- 
cgit v1.2.3