General NPE protections
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/2cab5d24 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/2cab5d24 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/2cab5d24 Branch: refs/heads/master Commit: 2cab5d2476885ddac5cd997270614e16151f3f66 Parents: b27bed9 Author: Francesco Chicchiriccò <ilgro...@apache.org> Authored: Mon Aug 7 17:47:54 2017 +0200 Committer: Francesco Chicchiriccò <ilgro...@apache.org> Committed: Mon Aug 7 17:48:03 2017 +0200 ---------------------------------------------------------------------- .../syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java | 7 ++++--- .../apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java | 8 +++++--- .../apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java | 6 ++++-- 3 files changed, 13 insertions(+), 8 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/syncope/blob/2cab5d24/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java index 457944b..046d9ea 100644 --- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java +++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAAnyObjectDAO.java @@ -34,6 +34,7 @@ import javax.persistence.TypedQuery; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.collections4.IterableUtils; import org.apache.commons.collections4.Predicate; +import org.apache.commons.collections4.SetUtils; import org.apache.commons.collections4.Transformer; import org.apache.syncope.common.lib.types.AnyEntitlement; import org.apache.syncope.common.lib.types.AnyTypeKind; @@ -134,8 +135,8 @@ public class JPAAnyObjectDAO extends AbstractAnyDAO<AnyObject> implements AnyObj @Override protected void securityChecks(final AnyObject anyObject) { - Set<String> authRealms = AuthContextUtils.getAuthorizations().get( - AnyEntitlement.READ.getFor(anyObject.getType().getKey())); + Set<String> authRealms = SetUtils.emptyIfNull( + AuthContextUtils.getAuthorizations().get(AnyEntitlement.READ.getFor(anyObject.getType().getKey()))); boolean authorized = IterableUtils.matchesAny(authRealms, new Predicate<String>() { @Override @@ -146,7 +147,7 @@ public class JPAAnyObjectDAO extends AbstractAnyDAO<AnyObject> implements AnyObj if (!authorized) { authorized = !CollectionUtils.intersection(findDynRealms(anyObject.getKey()), authRealms).isEmpty(); } - if (authRealms == null || authRealms.isEmpty() || !authorized) { + if (authRealms.isEmpty() || !authorized) { throw new DelegatedAdministrationException( anyObject.getRealm().getFullPath(), AnyTypeKind.ANY_OBJECT.name(), anyObject.getKey()); } http://git-wip-us.apache.org/repos/asf/syncope/blob/2cab5d24/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java index 0bc491a..9d28074 100644 --- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java +++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAGroupDAO.java @@ -32,6 +32,7 @@ import javax.persistence.TypedQuery; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.collections4.IterableUtils; import org.apache.commons.collections4.Predicate; +import org.apache.commons.collections4.SetUtils; import org.apache.syncope.common.lib.types.AnyTypeKind; import org.apache.syncope.core.persistence.api.dao.GroupDAO; import org.apache.syncope.core.persistence.api.dao.UserDAO; @@ -170,7 +171,8 @@ public class JPAGroupDAO extends AbstractAnyDAO<Group> implements GroupDAO { @Override protected void securityChecks(final Group group) { - Set<String> authRealms = AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_READ); + Set<String> authRealms = SetUtils.emptyIfNull( + AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_READ)); boolean authorized = IterableUtils.matchesAny(authRealms, new Predicate<String>() { @Override @@ -183,7 +185,7 @@ public class JPAGroupDAO extends AbstractAnyDAO<Group> implements GroupDAO { authorized = !CollectionUtils.intersection(findDynRealms(group.getKey()), authRealms).isEmpty(); } - if (authRealms == null || authRealms.isEmpty() || !authorized) { + if (authRealms.isEmpty() || !authorized) { throw new DelegatedAdministrationException( group.getRealm().getFullPath(), AnyTypeKind.GROUP.name(), group.getKey()); } @@ -541,6 +543,6 @@ public class JPAGroupDAO extends AbstractAnyDAO<Group> implements GroupDAO { @Transactional(readOnly = true) @Override public Collection<String> findAllResourceKeys(final String key) { - return CollectionUtils.collect(authFind(key).getResources(), EntityUtils.keyTransformer()); + return CollectionUtils.collect(find(key).getResources(), EntityUtils.keyTransformer()); } } http://git-wip-us.apache.org/repos/asf/syncope/blob/2cab5d24/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java index 560ad44..7523681 100644 --- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java +++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java @@ -35,6 +35,7 @@ import javax.persistence.TypedQuery; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.collections4.IterableUtils; import org.apache.commons.collections4.Predicate; +import org.apache.commons.collections4.SetUtils; import org.apache.commons.collections4.Transformer; import org.apache.commons.lang3.tuple.ImmutablePair; import org.apache.commons.lang3.tuple.Pair; @@ -178,7 +179,8 @@ public class JPAUserDAO extends AbstractAnyDAO<User> implements UserDAO { if (!AuthContextUtils.getUsername().equals(anonymousUser) && !AuthContextUtils.getUsername().equals(user.getUsername())) { - Set<String> authRealms = AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_READ); + Set<String> authRealms = SetUtils.emptyIfNull( + AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_READ)); boolean authorized = IterableUtils.matchesAny(authRealms, new Predicate<String>() { @Override @@ -189,7 +191,7 @@ public class JPAUserDAO extends AbstractAnyDAO<User> implements UserDAO { if (!authorized) { authorized = !CollectionUtils.intersection(findDynRealms(user.getKey()), authRealms).isEmpty(); } - if (authRealms == null || authRealms.isEmpty() || !authorized) { + if (authRealms.isEmpty() || !authorized) { throw new DelegatedAdministrationException( user.getRealm().getFullPath(), AnyTypeKind.USER.name(), user.getKey()); }
