Accounts Detail REST API returns 404 for imported accounts [40015611]

Fixed

Bug

Status Update

No update yet.

Description

sy...@gmail.com

created issue #1

Jun 9, 2023 07:25AM

*************************************************************************
*** !!!! THIS BUG TRACKER IS FOR GERRIT CODE REVIEW !!!!
*** Do not submit bugs for chrome/android and issues with your company's
*** Gerrit setup here. Those issues belong in different issue trackers.
*************************************************************************

What steps will reproduce the problem?
1. Import accounts from other servers with different GerritServerId
2. Hit the GET /accounts/{id}/detail to get details about the user

What is the expected output?

The endpoint returns 404

What do you see instead?

The endpoint returns 200

Please provide any additional information below.

This is also visible in the UI, whereby if a change was commented upon by an imported user, the anonymousCoward name is used instead.

When rendering the user details associated to a comment, the an ajax call is made to the /accounts/{id}/detail endpoint with the user that is stored in the change metadata.

An example of how such data is stored in notedb is:

commit 1596cb7b8a5d3292aca43b9f93b4aa2ff0b0ac50 (refs/changes/94/202394/meta)  
Author: Gerrit User 97483 <97483@97ee7c02-f12f-4043-b43e-dea463d88b31>  
Date:   Wed Jun 7 21:02:50 2023 -0400  
  
    Update patch set 4  
  
    Patch Set 4:  
  
    (4 comments)  
  
    Patch-set: 4  
    Attention: {"person_ident":"Gerrit User 97483 \u003c97483@97ee7c02-f12f-4043-b43e-dea463d88b31\u003e","operation":"REMOVE","reason":"\u003cGERRIT_ACCOUNT_97483\u003e replied on the change"}  
    Attention: {"person_ident":"Gerrit User 4 \u003c4@97ee7c02-f12f-4043-b43e-dea463d88b31\u003e","operation":"ADD","reason":"\u003cGERRIT_ACCOUNT_97483\u003e replied on the change"}

So the UI makes the following requests:

GET https://review.gerrithub.io/accounts/97483/detail
GET https://review.gerrithub.io/accounts/4/detail

Both of them returns 404 because such users do not exist in GerritHub.

This change [1] introduced the ability to resolve accounts by imported externalId, but it was just applied to the parsing of NoteDb, whilst the REST API is still unaware of imported accounts.

I believe the accounts/{id}/detail endpoint, before returning 404, should check whether there is any user linked to the imported identity ( imported:97483 and imported:4), lookup for the user and return the detail of that one.

[1]https://gerrit-review.googlesource.com/c/gerrit/+/340014

Comments

sy...@gmail.com <sy...@gmail.com> #2Jun 13, 2023 07:50AM

Accepted by sy...@gmail.com.

https://gerrit-review.googlesource.com/c/gerrit/+/376515

gi...@appspot.gserviceaccount.com <gi...@appspot.gserviceaccount.com> #3Jun 13, 2023 01:28PM

The following revision refers to this bug:

https://gerrit.googlesource.com/gerrit/+/0c67ff3704bd0f7a884ecbdcbbfaf23b3a978ac8

commit 0c67ff3704bd0f7a884ecbdcbbfaf23b3a978ac8
Author: Antonio Barone <syntonyze@gmail.com>
Date: Fri Jun 09 15:59:50 2023

Always lookup imported users when parsing identities

Change I2f017af1cbb introduced the ability to resolve accounts by
imported external identities.

Not every consumer of account identities however were accounting for
imported accounts (i.e. changeNoesCache, AuditLogReader, etc).

The consequence of this is that REST APIs (/accounts/ for example),
were returning the _original_ imported account id rather than the one
associated in the new server.

Because of this, the UI might either show anonymous coward (when the
original user id does not exist in the new server) or an erroneous user
(where the original id maps to a different user on the new server).

Fix this by parsing identities in a way that is aware of imported
accounts.

Release-Notes: Fix parsing of identities for imported accounts
Forward-Compatible: checked
Bug:

https://crbug.com/gerrit/17030
Change-Id: I4882b461e0c95fc6e9981afd28b4c9ae38ddf9a4

[modify]

https://gerrit.googlesource.com/gerrit/+/0c67ff3704bd0f7a884ecbdcbbfaf23b3a978ac8/javatests/com/google/gerrit/server/notedb/AbstractChangeNotesTest.java
[modify]

https://gerrit.googlesource.com/gerrit/+/0c67ff3704bd0f7a884ecbdcbbfaf23b3a978ac8/java/com/google/gerrit/server/notedb/ChangeNoteUtil.java
[modify]

https://gerrit.googlesource.com/gerrit/+/0c67ff3704bd0f7a884ecbdcbbfaf23b3a978ac8/javatests/com/google/gerrit/server/notedb/ChangeNotesTest.java
[modify]

https://gerrit.googlesource.com/gerrit/+/0c67ff3704bd0f7a884ecbdcbbfaf23b3a978ac8/java/com/google/gerrit/server/notedb/NoteDbUtil.java
[modify]

https://gerrit.googlesource.com/gerrit/+/0c67ff3704bd0f7a884ecbdcbbfaf23b3a978ac8/java/com/google/gerrit/server/notedb/CommitRewriter.java
[modify]

https://gerrit.googlesource.com/gerrit/+/0c67ff3704bd0f7a884ecbdcbbfaf23b3a978ac8/javatests/com/google/gerrit/server/notedb/ChangeNotesParserTest.java
[modify]

https://gerrit.googlesource.com/gerrit/+/0c67ff3704bd0f7a884ecbdcbbfaf23b3a978ac8/javatests/com/google/gerrit/server/group/db/AbstractGroupTest.java
[modify]

https://gerrit.googlesource.com/gerrit/+/0c67ff3704bd0f7a884ecbdcbbfaf23b3a978ac8/java/com/google/gerrit/server/group/db/AuditLogReader.java
[modify]

https://gerrit.googlesource.com/gerrit/+/0c67ff3704bd0f7a884ecbdcbbfaf23b3a978ac8/javatests/com/google/gerrit/server/group/db/AuditLogReaderTest.java
[modify]

https://gerrit.googlesource.com/gerrit/+/0c67ff3704bd0f7a884ecbdcbbfaf23b3a978ac8/java/com/google/gerrit/server/notedb/ChangeNotesParser.java
[modify]

https://gerrit.googlesource.com/gerrit/+/0c67ff3704bd0f7a884ecbdcbbfaf23b3a978ac8/java/com/google/gerrit/server/notedb/ChangeNotesCache.java
[modify]

https://gerrit.googlesource.com/gerrit/+/0c67ff3704bd0f7a884ecbdcbbfaf23b3a978ac8/javatests/com/google/gerrit/server/notedb/ChangeNotesCommitTest.java

gi...@appspot.gserviceaccount.com <gi...@appspot.gserviceaccount.com> #4Jun 13, 2023 01:30PM

The following revision refers to this bug:

https://gerrit.googlesource.com/gerrit/+/c21a6d265b201cdc227f67b54b6890cbdd273450

commit c21a6d265b201cdc227f67b54b6890cbdd273450
Author: Antonio Barone <syntonyze@gmail.com>
Date: Fri Jun 09 16:09:09 2023

Parse author identities when exposing comments

When parsing human comments, noteDb data was just deserialized without
validating the author identity.

Whilst this is fine for changes that originated in the current Gerrit
instance, this logic breaks when dealing with changes that were imported
from a different server, since the user who made the comment is now
mapped to a different user id.

Parse author identities from comments so that their user id is correctly
mapped to the identity for the current Gerrit server.

Release-Notes: Fix identity parsing for imported human comments
Forward-Compatible: checked
Bug:

https://crbug.com/gerrit/17030
Change-Id: I4b0fe66899417d083e0e6c598b6acbe239657311

[modify]

https://gerrit.googlesource.com/gerrit/+/c21a6d265b201cdc227f67b54b6890cbdd273450/javatests/com/google/gerrit/server/notedb/ImportedChangeNotesTest.java
[modify]

https://gerrit.googlesource.com/gerrit/+/c21a6d265b201cdc227f67b54b6890cbdd273450/javatests/com/google/gerrit/server/notedb/AbstractChangeNotesTest.java
[modify]

https://gerrit.googlesource.com/gerrit/+/c21a6d265b201cdc227f67b54b6890cbdd273450/java/com/google/gerrit/server/notedb/ChangeNotesParser.java
[modify]

https://gerrit.googlesource.com/gerrit/+/c21a6d265b201cdc227f67b54b6890cbdd273450/java/com/google/gerrit/server/notedb/NoteDbUtil.java

sy...@gmail.com <sy...@gmail.com> Jul 3, 2023 06:53PM

Marked as fixed.

Issue 40015611

Description

Issue summary

Comments

sy...@gmail.com <sy...@gmail.com> #2Jun 13, 2023 07:50AM

gi...@appspot.gserviceaccount.com <gi...@appspot.gserviceaccount.com> #3Jun 13, 2023 01:28PM

gi...@appspot.gserviceaccount.com <gi...@appspot.gserviceaccount.com> #4Jun 13, 2023 01:30PM

sy...@gmail.com <sy...@gmail.com> Jul 3, 2023 06:53PM

Add comment

Issue metadata