You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@solr.apache.org by kr...@apache.org on 2022/11/08 00:54:05 UTC

[solr] branch main updated: SOLR-16527 RuleBasedAuthorizationPluginBase NPE (#1164)

This is an automated email from the ASF dual-hosted git repository.

krisden pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/solr.git


The following commit(s) were added to refs/heads/main by this push:
     new f35e1a3ed2b SOLR-16527 RuleBasedAuthorizationPluginBase NPE (#1164)
f35e1a3ed2b is described below

commit f35e1a3ed2b092b14411b799fd6360c4993bf4a8
Author: Alex <st...@users.noreply.github.com>
AuthorDate: Mon Nov 7 16:54:00 2022 -0800

    SOLR-16527 RuleBasedAuthorizationPluginBase NPE (#1164)
    
    Fixed NPE on RuleBasedAuthorizationPluginBase#getPermissionNamesForRoles for null set of roles
---
 solr/CHANGES.txt                                                       | 2 ++
 .../org/apache/solr/security/RuleBasedAuthorizationPluginBase.java     | 3 +++
 .../org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java | 1 +
 3 files changed, 6 insertions(+)

diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index 8362dfca7f6..1289c6832a3 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -89,6 +89,8 @@ Bug Fixes
 
 * SOLR-16274: HEAD request for managed resource returns 500 Server Error (Kevin Risden)
 
+* SOLR-16527: RuleBasedAuthorizationPluginBase NPE (Alex Deparvu)
+
 Build
 ---------------------
 * Upgrade forbiddenapis to 3.4 (Uwe Schindler)
diff --git a/solr/core/src/java/org/apache/solr/security/RuleBasedAuthorizationPluginBase.java b/solr/core/src/java/org/apache/solr/security/RuleBasedAuthorizationPluginBase.java
index 7c7de920e1d..9615d6dfcdc 100644
--- a/solr/core/src/java/org/apache/solr/security/RuleBasedAuthorizationPluginBase.java
+++ b/solr/core/src/java/org/apache/solr/security/RuleBasedAuthorizationPluginBase.java
@@ -120,6 +120,9 @@ public abstract class RuleBasedAuthorizationPluginBase
 
   /** Retrieves permission names for a given set of roles */
   public Set<String> getPermissionNamesForRoles(Set<String> roles) {
+    if (roles == null) {
+      return Set.of();
+    }
     return roles.stream()
         .filter(roleToPermissionsMap::containsKey)
         .flatMap(r -> roleToPermissionsMap.get(r).stream())
diff --git a/solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java b/solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java
index e30aa9515ab..45c58ef68dd 100644
--- a/solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java
+++ b/solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java
@@ -718,6 +718,7 @@ public class BaseTestRuleBasedAuthorizationPlugin extends SolrTestCaseJ4 {
       assertEquals(
           Set.of("schema-edit", "collection-admin-edit", "mycoll_update", "read"),
           plugin.getPermissionNamesForRoles(Set.of("admin", "dev")));
+      assertEquals(emptySet(), plugin.getPermissionNamesForRoles(null));
     } catch (IOException e) {
       ; // swallow error, otherwise you have to add a _lot_ of exceptions to methods.
     }