You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@solr.apache.org by kr...@apache.org on 2022/11/08 01:15:23 UTC

[solr] branch branch_9_1 updated: SOLR-16527 RuleBasedAuthorizationPluginBase NPE (#1164)

This is an automated email from the ASF dual-hosted git repository.

krisden pushed a commit to branch branch_9_1
in repository https://gitbox.apache.org/repos/asf/solr.git


The following commit(s) were added to refs/heads/branch_9_1 by this push:
     new aa4f3d98ab1 SOLR-16527 RuleBasedAuthorizationPluginBase NPE (#1164)
aa4f3d98ab1 is described below

commit aa4f3d98ab19c201e7f3c74cd14c99174148616d
Author: Alex <st...@users.noreply.github.com>
AuthorDate: Mon Nov 7 16:54:00 2022 -0800

    SOLR-16527 RuleBasedAuthorizationPluginBase NPE (#1164)
    
    Fixed NPE on RuleBasedAuthorizationPluginBase#getPermissionNamesForRoles for null set of roles
---
 solr/CHANGES.txt                                                       | 2 ++
 .../org/apache/solr/security/RuleBasedAuthorizationPluginBase.java     | 3 +++
 .../org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java | 1 +
 3 files changed, 6 insertions(+)

diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index 9538c62db0d..99c9014b95f 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -175,6 +175,8 @@ Bug Fixes
 
 * SOLR-16502: Multiple CopyField should not limit to first maxChars (Fredrik Rodland, Kevin Risden)
 
+* SOLR-16527: RuleBasedAuthorizationPluginBase NPE (Alex Deparvu)
+
 Other Changes
 ---------------------
 * SOLR-16351: Upgrade Carrot2 to 4.4.3, upgrade randomizedtesting to 2.8.0. (Dawid Weiss)
diff --git a/solr/core/src/java/org/apache/solr/security/RuleBasedAuthorizationPluginBase.java b/solr/core/src/java/org/apache/solr/security/RuleBasedAuthorizationPluginBase.java
index fc917cad38a..ef81b093291 100644
--- a/solr/core/src/java/org/apache/solr/security/RuleBasedAuthorizationPluginBase.java
+++ b/solr/core/src/java/org/apache/solr/security/RuleBasedAuthorizationPluginBase.java
@@ -120,6 +120,9 @@ public abstract class RuleBasedAuthorizationPluginBase
 
   /** Retrieves permission names for a given set of roles */
   public Set<String> getPermissionNamesForRoles(Set<String> roles) {
+    if (roles == null) {
+      return Set.of();
+    }
     return roles.stream()
         .filter(roleToPermissionsMap::containsKey)
         .flatMap(r -> roleToPermissionsMap.get(r).stream())
diff --git a/solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java b/solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java
index ef52229219d..97a7023544c 100644
--- a/solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java
+++ b/solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java
@@ -717,6 +717,7 @@ public class BaseTestRuleBasedAuthorizationPlugin extends SolrTestCaseJ4 {
       assertEquals(
           Set.of("schema-edit", "collection-admin-edit", "mycoll_update", "read"),
           plugin.getPermissionNamesForRoles(Set.of("admin", "dev")));
+      assertEquals(emptySet(), plugin.getPermissionNamesForRoles(null));
     } catch (IOException e) {
       ; // swallow error, otherwise you have to add a _lot_ of exceptions to methods.
     }