Repository: zeppelin
Updated Branches:
refs/heads/branch-0.6 072e48596 -> f81b2eef8
[ZEPPELIN-1136] NPE in Zeppelin Logs
### What is this PR for?
Access Zeppelin without configuring any security, Zeppelin shows anoymous user
and notice the NPE in Zeppelin logs.
```
ERROR [2016-07-08 17:45:17,879] ({qtp1800659519-45}
SecurityRestApi.java[getUserList]:120) - Exception in retrieving Users from
realms
java.lang.NullPointerException
at org.apache.zeppelin.rest.GetUserList.getUserList(GetUserList.java:60)
at
org.apache.zeppelin.rest.SecurityRestApi.getUserList(SecurityRestApi.java:108)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at
org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:180)
at
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
```
### What type of PR is it?
[Bug Fix]
### What is the Jira issue?
* [ZEPPELIN-1136](https://issues.apache.org/jira/browse/ZEPPELIN-1136)
### How should this be tested?
Have shiro.ini with just following (minimal) content
```
[urls]
/api/version = anon
/** = anon
#/** = authc
```
and observe in logs, there should be no error logs.
### Questions:
* Does the licenses files need update? n/a
* Is there breaking changes for older versions? n/a
* Does this needs documentation? n/a
Author: Prabhjyot Singh <[email protected]>
Closes #1154 from prabhjyotsingh/ZEPPELIN-1136 and squashes the following
commits:
6aa03ea [Prabhjyot Singh] add unit test for search API
af461f0 [Prabhjyot Singh] ZEPPELIN-1136 NPE in Zeppelin Logs
(cherry picked from commit d343348bd14830238ff6964d090aec20a965c95d)
Signed-off-by: Mina Lee <[email protected]>
Project: http://git-wip-us.apache.org/repos/asf/zeppelin/repo
Commit: http://git-wip-us.apache.org/repos/asf/zeppelin/commit/f81b2eef
Tree: http://git-wip-us.apache.org/repos/asf/zeppelin/tree/f81b2eef
Diff: http://git-wip-us.apache.org/repos/asf/zeppelin/diff/f81b2eef
Branch: refs/heads/branch-0.6
Commit: f81b2eef836d57fcd43a168f82d2b2a71da3047b
Parents: 072e485
Author: Prabhjyot Singh <[email protected]>
Authored: Sun Jul 10 12:17:58 2016 +0530
Committer: Mina Lee <[email protected]>
Committed: Tue Jul 19 03:18:25 2016 +0900
----------------------------------------------------------------------
.../org/apache/zeppelin/rest/GetUserList.java | 10 +++---
.../apache/zeppelin/rest/SecurityRestApi.java | 27 +++++++-------
.../zeppelin/rest/SecurityRestApiTest.java | 37 ++++++++++++++++++--
3 files changed, 55 insertions(+), 19 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/zeppelin/blob/f81b2eef/zeppelin-server/src/main/java/org/apache/zeppelin/rest/GetUserList.java
----------------------------------------------------------------------
diff --git
a/zeppelin-server/src/main/java/org/apache/zeppelin/rest/GetUserList.java
b/zeppelin-server/src/main/java/org/apache/zeppelin/rest/GetUserList.java
index b322561..2727fb4 100644
--- a/zeppelin-server/src/main/java/org/apache/zeppelin/rest/GetUserList.java
+++ b/zeppelin-server/src/main/java/org/apache/zeppelin/rest/GetUserList.java
@@ -57,10 +57,12 @@ public class GetUserList {
public List<String> getUserList(IniRealm r) {
List<String> userList = new ArrayList<>();
Map getIniUser = r.getIni().get("users");
- Iterator it = getIniUser.entrySet().iterator();
- while (it.hasNext()) {
- Map.Entry pair = (Map.Entry) it.next();
- userList.add(pair.getKey().toString().trim());
+ if (getIniUser != null) {
+ Iterator it = getIniUser.entrySet().iterator();
+ while (it.hasNext()) {
+ Map.Entry pair = (Map.Entry) it.next();
+ userList.add(pair.getKey().toString().trim());
+ }
}
return userList;
}
http://git-wip-us.apache.org/repos/asf/zeppelin/blob/f81b2eef/zeppelin-server/src/main/java/org/apache/zeppelin/rest/SecurityRestApi.java
----------------------------------------------------------------------
diff --git
a/zeppelin-server/src/main/java/org/apache/zeppelin/rest/SecurityRestApi.java
b/zeppelin-server/src/main/java/org/apache/zeppelin/rest/SecurityRestApi.java
index b8bfc9f..a079a44 100644
---
a/zeppelin-server/src/main/java/org/apache/zeppelin/rest/SecurityRestApi.java
+++
b/zeppelin-server/src/main/java/org/apache/zeppelin/rest/SecurityRestApi.java
@@ -101,21 +101,22 @@ public class SecurityRestApi {
try {
GetUserList getUserListObj = new GetUserList();
Collection realmsList = SecurityUtils.getRealmsList();
- for (Iterator<Realm> iterator = realmsList.iterator();
iterator.hasNext(); ) {
- Realm realm = iterator.next();
- String name = realm.getName();
- if (name.equals("iniRealm")) {
- usersList.addAll(getUserListObj.getUserList((IniRealm) realm));
- } else if (name.equals("ldapRealm")) {
- usersList.addAll(getUserListObj.getUserList((JndiLdapRealm) realm,
searchText));
- } else if (name.equals("activeDirectoryRealm")) {
-
usersList.addAll(getUserListObj.getUserList((ActiveDirectoryGroupRealm) realm,
- searchText));
- } else if (name.equals("jdbcRealm")) {
- usersList.addAll(getUserListObj.getUserList((JdbcRealm) realm));
+ if (realmsList != null) {
+ for (Iterator<Realm> iterator = realmsList.iterator();
iterator.hasNext(); ) {
+ Realm realm = iterator.next();
+ String name = realm.getName();
+ if (name.equals("iniRealm")) {
+ usersList.addAll(getUserListObj.getUserList((IniRealm) realm));
+ } else if (name.equals("ldapRealm")) {
+ usersList.addAll(getUserListObj.getUserList((JndiLdapRealm) realm,
searchText));
+ } else if (name.equals("activeDirectoryRealm")) {
+
usersList.addAll(getUserListObj.getUserList((ActiveDirectoryGroupRealm) realm,
+ searchText));
+ } else if (name.equals("jdbcRealm")) {
+ usersList.addAll(getUserListObj.getUserList((JdbcRealm) realm));
+ }
}
}
-
} catch (Exception e) {
LOG.error("Exception in retrieving Users from realms ", e);
}
http://git-wip-us.apache.org/repos/asf/zeppelin/blob/f81b2eef/zeppelin-server/src/test/java/org/apache/zeppelin/rest/SecurityRestApiTest.java
----------------------------------------------------------------------
diff --git
a/zeppelin-server/src/test/java/org/apache/zeppelin/rest/SecurityRestApiTest.java
b/zeppelin-server/src/test/java/org/apache/zeppelin/rest/SecurityRestApiTest.java
index b496f99..54c31c1 100644
---
a/zeppelin-server/src/test/java/org/apache/zeppelin/rest/SecurityRestApiTest.java
+++
b/zeppelin-server/src/test/java/org/apache/zeppelin/rest/SecurityRestApiTest.java
@@ -20,11 +20,15 @@ package org.apache.zeppelin.rest;
import com.google.gson.Gson;
import com.google.gson.reflect.TypeToken;
import org.apache.commons.httpclient.methods.GetMethod;
+import org.hamcrest.CoreMatchers;
import org.junit.AfterClass;
import org.junit.BeforeClass;
+import org.junit.Rule;
import org.junit.Test;
+import org.junit.rules.ErrorCollector;
import java.io.IOException;
+import java.util.List;
import java.util.Map;
import static org.junit.Assert.*;
@@ -32,6 +36,9 @@ import static org.junit.Assert.*;
public class SecurityRestApiTest extends AbstractTestRestApi {
Gson gson = new Gson();
+ @Rule
+ public ErrorCollector collector = new ErrorCollector();
+
@BeforeClass
public static void init() throws Exception {
AbstractTestRestApi.startUp();
@@ -49,10 +56,36 @@ public class SecurityRestApiTest extends
AbstractTestRestApi {
Map<String, Object> resp = gson.fromJson(get.getResponseBodyAsString(),
new TypeToken<Map<String, Object>>(){}.getType());
Map<String, String> body = (Map<String, String>) resp.get("body");
- assertEquals("anonymous", body.get("principal"));
- assertEquals("anonymous", body.get("ticket"));
+ collector.checkThat("Paramater principal", body.get("principal"),
+ CoreMatchers.equalTo("anonymous"));
+ collector.checkThat("Paramater ticket", body.get("ticket"),
+ CoreMatchers.equalTo("anonymous"));
get.releaseConnection();
}
+ @Test
+ public void testGetUserList() throws IOException {
+ GetMethod get = httpGet("/security/userlist/admi");
+ get.addRequestHeader("Origin", "http://localhost";);
+ Map<String, Object> resp = gson.fromJson(get.getResponseBodyAsString(),
+ new TypeToken<Map<String, Object>>(){}.getType());
+ List<String> userList = (List<String>) resp.get("body");
+ collector.checkThat("Search result size", userList.size(),
+ CoreMatchers.equalTo(1));
+ collector.checkThat("Search result contains admin",
userList.contains("admin"),
+ CoreMatchers.equalTo(true));
+ get.releaseConnection();
+
+ GetMethod notUser = httpGet("/security/userlist/randomString");
+ notUser.addRequestHeader("Origin", "http://localhost";);
+ Map<String, Object> notUserResp =
gson.fromJson(notUser.getResponseBodyAsString(),
+ new TypeToken<Map<String, Object>>(){}.getType());
+ List<String> emptyUserList = (List<String>) notUserResp.get("body");
+ collector.checkThat("Search result size", emptyUserList.size(),
+ CoreMatchers.equalTo(0));
+
+ notUser.releaseConnection();
+ }
+
}
