RAVE-1274 | Ensure a null user won't throw an NPE
Project: http://git-wip-us.apache.org/repos/asf/rave/repo Commit: http://git-wip-us.apache.org/repos/asf/rave/commit/0f198448 Tree: http://git-wip-us.apache.org/repos/asf/rave/tree/0f198448 Diff: http://git-wip-us.apache.org/repos/asf/rave/diff/0f198448 Branch: refs/heads/master Commit: 0f198448f3ec01087720469e3d39926f71023558 Parents: 22e16c6 Author: Stanton Sievers <[email protected]> Authored: Mon Aug 11 11:37:00 2014 -0400 Committer: Stanton Sievers <[email protected]> Committed: Mon Aug 11 11:37:00 2014 -0400 ---------------------------------------------------------------------- .../portal/security/impl/DefaultRegionPermissionEvaluator.java | 3 ++- .../security/impl/DefaultRegionWidgetPermissionEvaluator.java | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/rave/blob/0f198448/rave-components/rave-core/src/main/java/org/apache/rave/portal/security/impl/DefaultRegionPermissionEvaluator.java ---------------------------------------------------------------------- diff --git a/rave-components/rave-core/src/main/java/org/apache/rave/portal/security/impl/DefaultRegionPermissionEvaluator.java b/rave-components/rave-core/src/main/java/org/apache/rave/portal/security/impl/DefaultRegionPermissionEvaluator.java index 41f5d48..fb6cc19 100644 --- a/rave-components/rave-core/src/main/java/org/apache/rave/portal/security/impl/DefaultRegionPermissionEvaluator.java +++ b/rave-components/rave-core/src/main/java/org/apache/rave/portal/security/impl/DefaultRegionPermissionEvaluator.java @@ -201,7 +201,8 @@ public class DefaultRegionPermissionEvaluator extends AbstractModelPermissionEva String viewer = ((User)authentication.getPrincipal()).getUsername(); do { for (PageUser pageUser:containerPage.getMembers()){ - if (userRepository.get(pageUser.getUserId()).getUsername().equals(viewer)){ + User user = userRepository.get(pageUser.getUserId()); + if (user != null && user.getUsername().equals(viewer)){ log.info("User "+viewer+" is a member of page "+containerPage.getId()); if(checkEditorStatus){ return pageUser.isEditor(); http://git-wip-us.apache.org/repos/asf/rave/blob/0f198448/rave-components/rave-core/src/main/java/org/apache/rave/portal/security/impl/DefaultRegionWidgetPermissionEvaluator.java ---------------------------------------------------------------------- diff --git a/rave-components/rave-core/src/main/java/org/apache/rave/portal/security/impl/DefaultRegionWidgetPermissionEvaluator.java b/rave-components/rave-core/src/main/java/org/apache/rave/portal/security/impl/DefaultRegionWidgetPermissionEvaluator.java index 61ea4b6..d521e7f 100644 --- a/rave-components/rave-core/src/main/java/org/apache/rave/portal/security/impl/DefaultRegionWidgetPermissionEvaluator.java +++ b/rave-components/rave-core/src/main/java/org/apache/rave/portal/security/impl/DefaultRegionWidgetPermissionEvaluator.java @@ -206,7 +206,8 @@ public class DefaultRegionWidgetPermissionEvaluator extends AbstractModelPermiss String viewer = ((User)authentication.getPrincipal()).getUsername(); do { for (PageUser pageUser:containerPage.getMembers()){ - if (userRepository.get(pageUser.getUserId()).getUsername().equals(viewer)){ + User user = userRepository.get(pageUser.getUserId()); + if (user != null && user.getUsername().equals(viewer)){ log.info("User "+viewer+" is a member of page "+containerPage.getId()); if(checkEditorStatus){ return pageUser.isEditor();
