... | ... | @@ -2,28 +2,19 @@ |
|
|
|
|
|
The container log of the Gerrit container holds a message like:
|
|
|
|
|
|
`WARN com.google.gerrit.server.account.AccountManager : Email user@example.org is already assigned to account [account_id]; cannot create external ID gerrit:[username] with the same email for account [account_id].`
|
|
|
`WARN com.google.gerrit.server.account.AccountManager : Email user@example.org is already assigned to account [account_id]; cannot create external ID gerrit:[username] with the same email for account [account_id].`
|
|
|
|
|
|
Check the user record by requesting his external IDs via the REST API (https://www.gerritcodereview.com/rest-api-accounts.html)
|
|
|
`https://review.typo3.org/accounts/[account_id]/external.ids`:
|
|
|
```
|
|
|
$ curl 'https://review.typo3.org/accounts/[account_id]/external.ids' -X GET \
|
|
|
-H 'x-gerrit-auth: xxx' -H 'cookie: GerritAccount=xxxx; XSRF_TOKEN=xxxx'
|
|
|
Check the user record by requesting his external IDs via the REST API (<https://www.gerritcodereview.com/rest-api-accounts.html>) `https://review.typo3.org/accounts/[account_id]/external.ids`:
|
|
|
|
|
|
```plaintext
|
|
|
export GERRIT_USER=username:password
|
|
|
curl --user ${GERRIT_USER} https://review.typo3.org/a/accounts/37172/external.ids
|
|
|
```
|
|
|
|
|
|
If the output contains the usual `"identity": "username:[username]"` and `"identity": "gerrit:[username]"` entries AND also a third identity `"identity": "mailto:user@example.org",` which contains the email address as value, then you need to delete that external id:
|
|
|
```POST https://review.typo3.org/a/accounts/[account_id]/external.ids:delete HTTP/1.0
|
|
|
Cookie: GerritAccount=XXXX; XSRF_TOKEN=XXX; GERRIT_UI=GWT
|
|
|
Content-Type: application/json;charset=UTF-8
|
|
|
X-Gerrit-Auth: XXX
|
|
|
<span dir="">If the output contains the usual </span>`"identity": "username:[username]"`<span dir=""> and </span>`"identity": "gerrit:[username]"`<span dir=""> entries AND also a third identity </span>`"identity": "mailto:user@example.org",`<span dir=""> which contains the email address as value, then you need to delete that external id:</span>
|
|
|
|
|
|
[
|
|
|
"mailto:user@example.org"
|
|
|
]
|
|
|
```
|
|
|
```
|
|
|
$ curl 'https://review.typo3.org/accounts/[account_id]/external.ids:delete' -X POST -H 'Content-Type: application/json' \
|
|
|
-H 'x-gerrit-auth: xxxx' -H 'cookie: GerritAccount=xxxx; XSRF_TOKEN=xxxx' --data '["mailto:user@example.org"]'
|
|
|
```plaintext
|
|
|
curl --user ${GERRIT_USER} https://review.typo3.org/a/accounts/37172/external.ids:delete --header 'Content-Type: application/json' --data '["mailto:user@example.org"]'
|
|
|
```
|
|
|
|
|
|
On the next login attempt the email address will be added as value to `"identity": "gerrit:[username]"` and the login succeeds.
|
... | ... | @@ -32,20 +23,19 @@ This operation can obviously only be executed by a member of the Administrators |
|
|
|
|
|
The error only ocurrs for users which had an account a long time ago (before LDAP), not used it for a long time and try logging in now.
|
|
|
|
|
|
|
|
|
## Additional steps if `"identity": "gerrit:[username]"` is missing
|
|
|
|
|
|
When no `"identity": "gerrit:[username]"` exists the login will still not work even if the `"identity": "mailto:user@example.org",` has been deleted.
|
|
|
|
|
|
The container log of the Gerrit container holds a message like:
|
|
|
|
|
|
`WARN com.google.gerrit.httpd.auth.ldap.LdapLoginServlet : 'dummyusername' failed to sign in
|
|
|
com.google.gerrit.server.account.AccountException: Cannot assign external ID "username:dummyusername" to account 4711; external ID already in use.`
|
|
|
`WARN com.google.gerrit.httpd.auth.ldap.LdapLoginServlet : 'dummyusername' failed to sign in com.google.gerrit.server.account.AccountException: Cannot assign external ID "username:dummyusername" to account 4711; external ID already in use.`
|
|
|
|
|
|
In order to fix this the [external.id](https://gerrit-review.googlesource.com/Documentation/config-accounts.html#external-ids) must be manually added.
|
|
|
|
|
|
Log in to the gerrit host, execute (obviously replacing `dummyusername` by the real users username, `4711` by the users user id and `dummyusername@example.org` by the email address used by the user in LDAP):
|
|
|
```
|
|
|
|
|
|
```plaintext
|
|
|
docker-compose exec gerrit bash
|
|
|
cd /var/gerrit
|
|
|
git clone /var/gerrit/git/All-Users.git
|
... | ... | @@ -70,7 +60,9 @@ exit |
|
|
```
|
|
|
|
|
|
Now from a local shell
|
|
|
```
|
|
|
|
|
|
```plaintext
|
|
|
ssh -p 29418 review.typo3.org gerrit flush-caches --all
|
|
|
```
|
|
|
Solution was derived from https://github.com/mildis/gerrit-update-username |
|
|
\ No newline at end of file |
|
|
|
|
|
Solution was derived from <https://github.com/mildis/gerrit-update-username> |
|
|
\ No newline at end of file |