syncope-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ilgro...@apache.org
Subject [2/2] syncope git commit: General NPE protections
Date Mon, 07 Aug 2017 15:48:12 GMT
General NPE protections


Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/2cab5d24
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/2cab5d24
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/2cab5d24

Branch: refs/heads/master
Commit: 2cab5d2476885ddac5cd997270614e16151f3f66
Parents: b27bed9
Author: Francesco Chicchiriccò <ilgrosso@apache.org>
Authored: Mon Aug 7 17:47:54 2017 +0200
Committer: Francesco Chicchiriccò <ilgrosso@apache.org>
Committed: Mon Aug 7 17:48:03 2017 +0200

----------------------------------------------------------------------
 .../syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java    | 7 ++++---
 .../apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java | 8 +++++---
 .../apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java  | 6 ++++--
 3 files changed, 13 insertions(+), 8 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/syncope/blob/2cab5d24/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java
b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java
index 457944b..046d9ea 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java
@@ -34,6 +34,7 @@ import javax.persistence.TypedQuery;
 import org.apache.commons.collections4.CollectionUtils;
 import org.apache.commons.collections4.IterableUtils;
 import org.apache.commons.collections4.Predicate;
+import org.apache.commons.collections4.SetUtils;
 import org.apache.commons.collections4.Transformer;
 import org.apache.syncope.common.lib.types.AnyEntitlement;
 import org.apache.syncope.common.lib.types.AnyTypeKind;
@@ -134,8 +135,8 @@ public class JPAAnyObjectDAO extends AbstractAnyDAO<AnyObject> implements
AnyObj
 
     @Override
     protected void securityChecks(final AnyObject anyObject) {
-        Set<String> authRealms = AuthContextUtils.getAuthorizations().get(
-                AnyEntitlement.READ.getFor(anyObject.getType().getKey()));
+        Set<String> authRealms = SetUtils.emptyIfNull(
+                AuthContextUtils.getAuthorizations().get(AnyEntitlement.READ.getFor(anyObject.getType().getKey())));
         boolean authorized = IterableUtils.matchesAny(authRealms, new Predicate<String>()
{
 
             @Override
@@ -146,7 +147,7 @@ public class JPAAnyObjectDAO extends AbstractAnyDAO<AnyObject> implements
AnyObj
         if (!authorized) {
             authorized = !CollectionUtils.intersection(findDynRealms(anyObject.getKey()),
authRealms).isEmpty();
         }
-        if (authRealms == null || authRealms.isEmpty() || !authorized) {
+        if (authRealms.isEmpty() || !authorized) {
             throw new DelegatedAdministrationException(
                     anyObject.getRealm().getFullPath(), AnyTypeKind.ANY_OBJECT.name(), anyObject.getKey());
         }

http://git-wip-us.apache.org/repos/asf/syncope/blob/2cab5d24/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java
b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java
index 0bc491a..9d28074 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java
@@ -32,6 +32,7 @@ import javax.persistence.TypedQuery;
 import org.apache.commons.collections4.CollectionUtils;
 import org.apache.commons.collections4.IterableUtils;
 import org.apache.commons.collections4.Predicate;
+import org.apache.commons.collections4.SetUtils;
 import org.apache.syncope.common.lib.types.AnyTypeKind;
 import org.apache.syncope.core.persistence.api.dao.GroupDAO;
 import org.apache.syncope.core.persistence.api.dao.UserDAO;
@@ -170,7 +171,8 @@ public class JPAGroupDAO extends AbstractAnyDAO<Group> implements
GroupDAO {
 
     @Override
     protected void securityChecks(final Group group) {
-        Set<String> authRealms = AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_READ);
+        Set<String> authRealms = SetUtils.emptyIfNull(
+                AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_READ));
         boolean authorized = IterableUtils.matchesAny(authRealms, new Predicate<String>()
{
 
             @Override
@@ -183,7 +185,7 @@ public class JPAGroupDAO extends AbstractAnyDAO<Group> implements
GroupDAO {
             authorized = !CollectionUtils.intersection(findDynRealms(group.getKey()), authRealms).isEmpty();
         }
 
-        if (authRealms == null || authRealms.isEmpty() || !authorized) {
+        if (authRealms.isEmpty() || !authorized) {
             throw new DelegatedAdministrationException(
                     group.getRealm().getFullPath(), AnyTypeKind.GROUP.name(), group.getKey());
         }
@@ -541,6 +543,6 @@ public class JPAGroupDAO extends AbstractAnyDAO<Group> implements
GroupDAO {
     @Transactional(readOnly = true)
     @Override
     public Collection<String> findAllResourceKeys(final String key) {
-        return CollectionUtils.collect(authFind(key).getResources(), EntityUtils.keyTransformer());
+        return CollectionUtils.collect(find(key).getResources(), EntityUtils.keyTransformer());
     }
 }

http://git-wip-us.apache.org/repos/asf/syncope/blob/2cab5d24/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
index 560ad44..7523681 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
@@ -35,6 +35,7 @@ import javax.persistence.TypedQuery;
 import org.apache.commons.collections4.CollectionUtils;
 import org.apache.commons.collections4.IterableUtils;
 import org.apache.commons.collections4.Predicate;
+import org.apache.commons.collections4.SetUtils;
 import org.apache.commons.collections4.Transformer;
 import org.apache.commons.lang3.tuple.ImmutablePair;
 import org.apache.commons.lang3.tuple.Pair;
@@ -178,7 +179,8 @@ public class JPAUserDAO extends AbstractAnyDAO<User> implements
UserDAO {
         if (!AuthContextUtils.getUsername().equals(anonymousUser)
                 && !AuthContextUtils.getUsername().equals(user.getUsername())) {
 
-            Set<String> authRealms = AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_READ);
+            Set<String> authRealms = SetUtils.emptyIfNull(
+                    AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_READ));
             boolean authorized = IterableUtils.matchesAny(authRealms, new Predicate<String>()
{
 
                 @Override
@@ -189,7 +191,7 @@ public class JPAUserDAO extends AbstractAnyDAO<User> implements
UserDAO {
             if (!authorized) {
                 authorized = !CollectionUtils.intersection(findDynRealms(user.getKey()),
authRealms).isEmpty();
             }
-            if (authRealms == null || authRealms.isEmpty() || !authorized) {
+            if (authRealms.isEmpty() || !authorized) {
                 throw new DelegatedAdministrationException(
                         user.getRealm().getFullPath(), AnyTypeKind.USER.name(), user.getKey());
             }


Mime
View raw message