You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2017/09/08 13:42:06 UTC

[4/6] syncope git commit: Ensure (user)name is always not null before checking regexp

Ensure (user)name is always not null before checking regexp


Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/cf2c965a
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/cf2c965a
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/cf2c965a

Branch: refs/heads/master
Commit: cf2c965a0ab2d69ef783f54d063057ec669f91dd
Parents: 6882751
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Fri Sep 8 10:43:08 2017 +0200
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Fri Sep 8 13:14:14 2017 +0200

----------------------------------------------------------------------
 .../org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java  | 4 ++++
 .../persistence/jpa/validation/entity/AnyObjectValidator.java    | 2 +-
 .../core/persistence/jpa/validation/entity/GroupValidator.java   | 2 +-
 3 files changed, 6 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/syncope/blob/cf2c965a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
index 02281fa..d4de448 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
@@ -363,6 +363,10 @@ public class JPAUserDAO extends AbstractAnyDAO<User> implements UserDAO {
         boolean suspend = false;
         boolean propagateSuspension = false;
         try {
+            if (user.getUsername() == null) {
+                throw new AccountPolicyException("Null username");
+            }
+
             if (adminUser.equals(user.getUsername()) || anonymousUser.equals(user.getUsername())) {
                 throw new AccountPolicyException("Not allowed: " + user.getUsername());
             }

http://git-wip-us.apache.org/repos/asf/syncope/blob/cf2c965a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyObjectValidator.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyObjectValidator.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyObjectValidator.java
index 67879b5..f63cb82 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyObjectValidator.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/AnyObjectValidator.java
@@ -28,7 +28,7 @@ public class AnyObjectValidator extends AbstractValidator<AnyObjectCheck, AnyObj
     public boolean isValid(final AnyObject anyObject, final ConstraintValidatorContext context) {
         context.disableDefaultConstraintViolation();
 
-        boolean isValid = KEY_PATTERN.matcher(anyObject.getName()).matches();
+        boolean isValid = anyObject.getName() != null && KEY_PATTERN.matcher(anyObject.getName()).matches();
 
         if (!isValid) {
             context.buildConstraintViolationWithTemplate(

http://git-wip-us.apache.org/repos/asf/syncope/blob/cf2c965a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/GroupValidator.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/GroupValidator.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/GroupValidator.java
index 50ed3b9..65fcac7 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/GroupValidator.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/GroupValidator.java
@@ -44,7 +44,7 @@ public class GroupValidator extends AbstractValidator<GroupCheck, Group> {
                     addPropertyNode("owner").addConstraintViolation();
         }
 
-        if (isValid && !KEY_PATTERN.matcher(group.getName()).matches()) {
+        if (isValid && (group.getName() == null || !KEY_PATTERN.matcher(group.getName()).matches())) {
             isValid = false;
 
             context.buildConstraintViolationWithTemplate(