You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2017/08/07 15:48:12 UTC
[2/2] syncope git commit: General NPE protections
General NPE protections
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/2cab5d24
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/2cab5d24
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/2cab5d24
Branch: refs/heads/master
Commit: 2cab5d2476885ddac5cd997270614e16151f3f66
Parents: b27bed9
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Mon Aug 7 17:47:54 2017 +0200
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Mon Aug 7 17:48:03 2017 +0200
----------------------------------------------------------------------
.../syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java | 7 ++++---
.../apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java | 8 +++++---
.../apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java | 6 ++++--
3 files changed, 13 insertions(+), 8 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/2cab5d24/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java
index 457944b..046d9ea 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java
@@ -34,6 +34,7 @@ import javax.persistence.TypedQuery;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.IterableUtils;
import org.apache.commons.collections4.Predicate;
+import org.apache.commons.collections4.SetUtils;
import org.apache.commons.collections4.Transformer;
import org.apache.syncope.common.lib.types.AnyEntitlement;
import org.apache.syncope.common.lib.types.AnyTypeKind;
@@ -134,8 +135,8 @@ public class JPAAnyObjectDAO extends AbstractAnyDAO<AnyObject> implements AnyObj
@Override
protected void securityChecks(final AnyObject anyObject) {
- Set<String> authRealms = AuthContextUtils.getAuthorizations().get(
- AnyEntitlement.READ.getFor(anyObject.getType().getKey()));
+ Set<String> authRealms = SetUtils.emptyIfNull(
+ AuthContextUtils.getAuthorizations().get(AnyEntitlement.READ.getFor(anyObject.getType().getKey())));
boolean authorized = IterableUtils.matchesAny(authRealms, new Predicate<String>() {
@Override
@@ -146,7 +147,7 @@ public class JPAAnyObjectDAO extends AbstractAnyDAO<AnyObject> implements AnyObj
if (!authorized) {
authorized = !CollectionUtils.intersection(findDynRealms(anyObject.getKey()), authRealms).isEmpty();
}
- if (authRealms == null || authRealms.isEmpty() || !authorized) {
+ if (authRealms.isEmpty() || !authorized) {
throw new DelegatedAdministrationException(
anyObject.getRealm().getFullPath(), AnyTypeKind.ANY_OBJECT.name(), anyObject.getKey());
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/2cab5d24/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java
index 0bc491a..9d28074 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java
@@ -32,6 +32,7 @@ import javax.persistence.TypedQuery;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.IterableUtils;
import org.apache.commons.collections4.Predicate;
+import org.apache.commons.collections4.SetUtils;
import org.apache.syncope.common.lib.types.AnyTypeKind;
import org.apache.syncope.core.persistence.api.dao.GroupDAO;
import org.apache.syncope.core.persistence.api.dao.UserDAO;
@@ -170,7 +171,8 @@ public class JPAGroupDAO extends AbstractAnyDAO<Group> implements GroupDAO {
@Override
protected void securityChecks(final Group group) {
- Set<String> authRealms = AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_READ);
+ Set<String> authRealms = SetUtils.emptyIfNull(
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_READ));
boolean authorized = IterableUtils.matchesAny(authRealms, new Predicate<String>() {
@Override
@@ -183,7 +185,7 @@ public class JPAGroupDAO extends AbstractAnyDAO<Group> implements GroupDAO {
authorized = !CollectionUtils.intersection(findDynRealms(group.getKey()), authRealms).isEmpty();
}
- if (authRealms == null || authRealms.isEmpty() || !authorized) {
+ if (authRealms.isEmpty() || !authorized) {
throw new DelegatedAdministrationException(
group.getRealm().getFullPath(), AnyTypeKind.GROUP.name(), group.getKey());
}
@@ -541,6 +543,6 @@ public class JPAGroupDAO extends AbstractAnyDAO<Group> implements GroupDAO {
@Transactional(readOnly = true)
@Override
public Collection<String> findAllResourceKeys(final String key) {
- return CollectionUtils.collect(authFind(key).getResources(), EntityUtils.keyTransformer());
+ return CollectionUtils.collect(find(key).getResources(), EntityUtils.keyTransformer());
}
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/2cab5d24/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
index 560ad44..7523681 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
@@ -35,6 +35,7 @@ import javax.persistence.TypedQuery;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.IterableUtils;
import org.apache.commons.collections4.Predicate;
+import org.apache.commons.collections4.SetUtils;
import org.apache.commons.collections4.Transformer;
import org.apache.commons.lang3.tuple.ImmutablePair;
import org.apache.commons.lang3.tuple.Pair;
@@ -178,7 +179,8 @@ public class JPAUserDAO extends AbstractAnyDAO<User> implements UserDAO {
if (!AuthContextUtils.getUsername().equals(anonymousUser)
&& !AuthContextUtils.getUsername().equals(user.getUsername())) {
- Set<String> authRealms = AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_READ);
+ Set<String> authRealms = SetUtils.emptyIfNull(
+ AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_READ));
boolean authorized = IterableUtils.matchesAny(authRealms, new Predicate<String>() {
@Override
@@ -189,7 +191,7 @@ public class JPAUserDAO extends AbstractAnyDAO<User> implements UserDAO {
if (!authorized) {
authorized = !CollectionUtils.intersection(findDynRealms(user.getKey()), authRealms).isEmpty();
}
- if (authRealms == null || authRealms.isEmpty() || !authorized) {
+ if (authRealms.isEmpty() || !authorized) {
throw new DelegatedAdministrationException(
user.getRealm().getFullPath(), AnyTypeKind.USER.name(), user.getKey());
}