Re: [PR] [SYNCOPE-1799] Spring Data JPA drives the persistence layer [syncope]

Tue, 16 Jan 2024 07:34:07 -0800 


github-advanced-security[bot] commented on code in PR #594:
URL: https://github.com/apache/syncope/pull/594#discussion_r1453600533


##########
core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAAnySearchDAO.java:
##########
@@ -443,16 +467,16 @@
             final SearchSupport svs,
             final OrderBySupport.Item item,
             final String fieldName,
-            final OrderByClause clause) {
+            final Sort.Order clause) {
 
-        item.select = svs.field().alias + '.' + fieldName;
+        item.select = svs.field().alias() + '.' + fieldName;
         item.where = StringUtils.EMPTY;
-        item.orderBy = svs.field().alias + '.' + fieldName + ' ' + 
clause.getDirection().name();
+        item.orderBy = svs.field().alias() + '.' + fieldName + ' ' + 
clause.getDirection().name();
     }
 
     protected void parseOrderByForCustom(
             final SearchSupport svs,
-            final OrderByClause clause,
+            final Sort.Order clause,

Review Comment:
   ## Useless parameter
   
   The parameter 'clause' is never used.
   
   [Show more 
details](https://github.com/apache/syncope/security/code-scanning/1447)



##########
core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/search/SyncopePage.java:
##########
@@ -74,18 +56,19 @@
         if (getClass() != obj.getClass()) {
             return false;
         }
-        final OrderByClause other = (OrderByClause) obj;
+        @SuppressWarnings("unchecked")
+        SyncopePage<T> other = (SyncopePage<T>) obj;

Review Comment:
   ## Unread local variable
   
   Variable 'SyncopePage other' is never read.
   
   [Show more 
details](https://github.com/apache/syncope/security/code-scanning/1442)



##########
core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/CommandLogic.java:
##########
@@ -61,14 +62,14 @@
 
     @PreAuthorize("hasRole('" + IdRepoEntitlement.IMPLEMENTATION_LIST + "')")
     @Transactional(readOnly = true)
-    public Pair<Integer, List<CommandTO>> search(final int page, final int 
size, final String keyword) {
+    public Page<CommandTO> search(final String keyword, final Pageable 
pageable) {
         List<Implementation> result = 
implementationDAO.findByTypeAndKeyword(IdRepoImplementationType.COMMAND, 
keyword);
 
-        int count = result.size();
+        long count = result.size();
 
         List<CommandTO> commands = result.stream().
-                skip((page - 1) * size).
-                limit(size).
+                skip((pageable.getPageNumber() - 1) * pageable.getPageSize()).

Review Comment:
   ## Result of multiplication cast to wider type
   
   Potential overflow in [int multiplication](1) before it is converted to long 
by use in an invocation context.
   
   [Show more 
details](https://github.com/apache/syncope/security/code-scanning/1445)



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to