private AuthResult byUserName(final HttpServletResponse rsp, final String userName) {
try {
final ReviewDb db = schema.open();
try {
AccountExternalId.Key key = new AccountExternalId.Key(SCHEME_USERNAME, userName);
return auth(db.accountExternalIds().get(key));
} finally {
db.close();
}
} catch (OrmException e) {
getServletContext().log("cannot query database", e);
return null;
}
}
@Override
public List<AccountExternalId> call() throws OrmException {
final AccountExternalId.Key last = session.getLastLoginExternalId();
final List<AccountExternalId> ids =
db.accountExternalIds().byAccount(user.getAccountId()).toList();
for (final AccountExternalId e : ids) {
e.setTrusted(authConfig.isIdentityTrustable(Collections.singleton(e)));
// The identity can be deleted only if its not the one used to
// establish this web session, and if only if an identity was
// actually used to establish this web session.
//
if (e.isScheme(SCHEME_USERNAME)) {
e.setCanDelete(false);
} else {
e.setCanDelete(last != null && !last.equals(e.getKey()));
}
}
return ids;
}