[james-project] 04/04: [FIX] DelegationStoreAuthorizator::isAdministrator should fallback to false

[bt...@apache.org]

This is an automated email from the ASF dual-hosted git repository.

btellier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git

commit 216315e784b9b370cb44b3923924672b7945d001
Author: Benoit Tellier <bt...@linagora.com>
AuthorDate: Fri Jan 27 22:40:43 2023 +0700

    [FIX] DelegationStoreAuthorizator::isAdministrator should fallback to false
---
 .../mailbox/DelegationStoreAuthorizator.java       | 11 +++++++--
 .../mailbox/DelegationStoreAuthorizatorTest.java   | 27 ++++++++++++++++++++++
 2 files changed, 36 insertions(+), 2 deletions(-)

diff --git a/server/container/mailbox-adapter/src/main/java/org/apache/james/adapter/mailbox/DelegationStoreAuthorizator.java b/server/container/mailbox-adapter/src/main/java/org/apache/james/adapter/mailbox/DelegationStoreAuthorizator.java
index a8a5733380..6b3bdc72af 100644
--- a/server/container/mailbox-adapter/src/main/java/org/apache/james/adapter/mailbox/DelegationStoreAuthorizator.java
+++ b/server/container/mailbox-adapter/src/main/java/org/apache/james/adapter/mailbox/DelegationStoreAuthorizator.java
@@ -30,6 +30,8 @@ import org.apache.james.user.api.DelegationStore;
 import org.apache.james.user.api.UsersRepository;
 import org.apache.james.user.api.UsersRepositoryException;
 
+import com.google.common.annotations.VisibleForTesting;
+
 import reactor.core.publisher.Flux;
 
 /**
@@ -61,11 +63,16 @@ public class DelegationStoreAuthorizator implements Authorizator {
         }
     }
 
-    private boolean isAdministrator(Username userId) throws UsersRepositoryException {
+    @VisibleForTesting
+    boolean isAdministrator(Username userId) throws UsersRepositoryException {
         if (userId.hasDomainPart() ^ usersRepository.supportVirtualHosting()) {
             return false;
         }
-        return usersRepository.isAdministrator(userId);
+        try {
+            return usersRepository.isAdministrator(userId);
+        } catch (Exception e) {
+            return false;
+        }
     }
 
     @Override
diff --git a/server/container/mailbox-adapter/src/test/java/org/apache/james/adapter/mailbox/DelegationStoreAuthorizatorTest.java b/server/container/mailbox-adapter/src/test/java/org/apache/james/adapter/mailbox/DelegationStoreAuthorizatorTest.java
index 1aba300da4..6f320202d2 100644
--- a/server/container/mailbox-adapter/src/test/java/org/apache/james/adapter/mailbox/DelegationStoreAuthorizatorTest.java
+++ b/server/container/mailbox-adapter/src/test/java/org/apache/james/adapter/mailbox/DelegationStoreAuthorizatorTest.java
@@ -59,6 +59,33 @@ class DelegationStoreAuthorizatorTest {
         assertThat(testee.canLoginAsOtherUser(ADMIN_USER, OTHER_USER)).isEqualTo(Authorizator.AuthorizationState.ALLOWED);
     }
 
+    @Test
+    void isAdministratorShouldReturnTrueWhenAdministrator() throws Exception {
+        assertThat(testee.isAdministrator(ADMIN_USER)).isTrue();
+    }
+
+    @Test
+    void isAdministratorShouldReturnFalseWhenNotAdministrator() throws Exception {
+        assertThat(testee.isAdministrator(OTHER_USER)).isFalse();
+    }
+
+    @Test
+    void isAdministratorShouldReturnFalseWhenWrongVirtualHosting() throws Exception {
+        assertThat(testee.isAdministrator(Username.of("a@b.com"))).isFalse();
+    }
+
+    @Test
+    void isAdministratorShouldReturnFalseWhenWrongVirtualHosting2() throws Exception {
+        MemoryUsersRepository usersRepository = MemoryUsersRepository.withVirtualHosting(null);
+        BaseHierarchicalConfiguration configuration = new BaseHierarchicalConfiguration();
+        configuration.addProperty("administratorId", "admin");
+        usersRepository.configure(configuration);
+        delegationStore = new MemoryDelegationStore();
+        testee = new DelegationStoreAuthorizator(delegationStore, usersRepository);
+
+        assertThat(testee.isAdministrator(OTHER_USER)).isFalse();
+    }
+
     @Test
     void canLoginAsOtherUserShouldReturnForbiddenWhenWrongVirtualHosting() throws Exception {
         usersRepository.addUser(OTHER_USER, "secret");


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@james.apache.org
For additional commands, e-mail: notifications-help@james.apache.org