From: Lukasz Jarocki Date: Thu, 1 Jul 2021 14:20:08 +0000 (+0200) Subject: SONAR-15074 allow users without an email in database to login with a new email X-Git-Tag: 9.0.0.45539~2 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=c82cfcc86efa93863de8229a0d6b836ad16275b6;p=sonarqube.git SONAR-15074 allow users without an email in database to login with a new email --- diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/UserRegistrarImpl.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/UserRegistrarImpl.java index ef61f3ee8e9..c02b8b9c9a4 100644 --- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/UserRegistrarImpl.java +++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/UserRegistrarImpl.java @@ -117,17 +117,17 @@ public class UserRegistrarImpl implements UserRegistrar { } private static void validateEmailToAvoidLoginRecycling(UserIdentity userIdentity, UserDto user, AuthenticationEvent.Source source) { - String userEmail = user.getEmail(); + String dbEmail = user.getEmail(); - if (userEmail == null) { - LOGGER.warn("User with login '{}' tried to login with email '{}' but we don't have a email on record", - userIdentity.getProviderLogin(), userIdentity.getEmail()); - throw loginAlreadyUsedException(userIdentity, source); + if (dbEmail == null) { + return; } - if (!userEmail.equals(userIdentity.getEmail())) { + String externalEmail = userIdentity.getEmail(); + + if (!dbEmail.equals(externalEmail)) { LOGGER.warn("User with login '{}' tried to login with email '{}' which doesn't match the email on record '{}'", - userIdentity.getProviderLogin(), userIdentity.getEmail(), userEmail); + userIdentity.getProviderLogin(), externalEmail, dbEmail); throw loginAlreadyUsedException(userIdentity, source); } } @@ -278,7 +278,7 @@ public class UserRegistrarImpl implements UserRegistrar { } private static UserDto[] toArray(Optional userDto) { - return userDto.map(u -> new UserDto[] {u}).orElse(new UserDto[] {}); + return userDto.map(u -> new UserDto[]{u}).orElse(new UserDto[]{}); } private static AuthenticationException generateExistingEmailError(UserRegistration authenticatorParameters, String email) { diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/UserRegistrarImplTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/UserRegistrarImplTest.java index 6276d1ba27f..e9ac84f8095 100644 --- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/UserRegistrarImplTest.java +++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/UserRegistrarImplTest.java @@ -447,7 +447,7 @@ public class UserRegistrarImplTest { } @Test - public void do_not_authenticate_and_update_existing_user_matching_external_login_if_email_is_missing() { + public void authenticate_and_update_existing_user_matching_external_login_if_email_is_missing() { db.users().insertUser(u -> u .setLogin("Old login") .setName("Old name") @@ -456,12 +456,11 @@ public class UserRegistrarImplTest { .setExternalLogin(USER_IDENTITY.getProviderLogin()) .setExternalIdentityProvider(IDENTITY_PROVIDER.getKey())); - assertThatThrownBy(() -> underTest.register(newUserRegistration())) - .isInstanceOf(AuthenticationException.class) - .hasMessage(String.format("Login '%s' is already used", USER_IDENTITY.getProviderLogin())); + underTest.register(newUserRegistration()); - assertThat(logTester.logs()).contains(String.format("User with login '%s' tried to login with email '%s' but we don't have a email on record", - USER_IDENTITY.getProviderLogin(), USER_IDENTITY.getEmail())); + Optional user = db.users().selectUserByLogin("Old login"); + assertThat(user).isPresent(); + assertThat(user.get().getEmail()).isEqualTo(USER_IDENTITY.getEmail()); } @Test