You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@solr.apache.org by kr...@apache.org on 2022/11/08 00:54:05 UTC
[solr] branch main updated: SOLR-16527 RuleBasedAuthorizationPluginBase NPE (#1164)
This is an automated email from the ASF dual-hosted git repository.
krisden pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/solr.git
The following commit(s) were added to refs/heads/main by this push:
new f35e1a3ed2b SOLR-16527 RuleBasedAuthorizationPluginBase NPE (#1164)
f35e1a3ed2b is described below
commit f35e1a3ed2b092b14411b799fd6360c4993bf4a8
Author: Alex <st...@users.noreply.github.com>
AuthorDate: Mon Nov 7 16:54:00 2022 -0800
SOLR-16527 RuleBasedAuthorizationPluginBase NPE (#1164)
Fixed NPE on RuleBasedAuthorizationPluginBase#getPermissionNamesForRoles for null set of roles
---
solr/CHANGES.txt | 2 ++
.../org/apache/solr/security/RuleBasedAuthorizationPluginBase.java | 3 +++
.../org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java | 1 +
3 files changed, 6 insertions(+)
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index 8362dfca7f6..1289c6832a3 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -89,6 +89,8 @@ Bug Fixes
* SOLR-16274: HEAD request for managed resource returns 500 Server Error (Kevin Risden)
+* SOLR-16527: RuleBasedAuthorizationPluginBase NPE (Alex Deparvu)
+
Build
---------------------
* Upgrade forbiddenapis to 3.4 (Uwe Schindler)
diff --git a/solr/core/src/java/org/apache/solr/security/RuleBasedAuthorizationPluginBase.java b/solr/core/src/java/org/apache/solr/security/RuleBasedAuthorizationPluginBase.java
index 7c7de920e1d..9615d6dfcdc 100644
--- a/solr/core/src/java/org/apache/solr/security/RuleBasedAuthorizationPluginBase.java
+++ b/solr/core/src/java/org/apache/solr/security/RuleBasedAuthorizationPluginBase.java
@@ -120,6 +120,9 @@ public abstract class RuleBasedAuthorizationPluginBase
/** Retrieves permission names for a given set of roles */
public Set<String> getPermissionNamesForRoles(Set<String> roles) {
+ if (roles == null) {
+ return Set.of();
+ }
return roles.stream()
.filter(roleToPermissionsMap::containsKey)
.flatMap(r -> roleToPermissionsMap.get(r).stream())
diff --git a/solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java b/solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java
index e30aa9515ab..45c58ef68dd 100644
--- a/solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java
+++ b/solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java
@@ -718,6 +718,7 @@ public class BaseTestRuleBasedAuthorizationPlugin extends SolrTestCaseJ4 {
assertEquals(
Set.of("schema-edit", "collection-admin-edit", "mycoll_update", "read"),
plugin.getPermissionNamesForRoles(Set.of("admin", "dev")));
+ assertEquals(emptySet(), plugin.getPermissionNamesForRoles(null));
} catch (IOException e) {
; // swallow error, otherwise you have to add a _lot_ of exceptions to methods.
}