github-advanced-security[bot] commented on code in PR #709:
URL: https://github.com/apache/syncope/pull/709#discussion_r1593986988
##########
client/idrepo/console/src/main/java/org/apache/syncope/client/console/audit/AuditHistoryDetails.java:
##########
@@ -323,30 +324,36 @@
return output;
}
- protected Model<String> toJSON(final AuditEventTO auditEntry, final
Class<T> reference) {
+ protected Model<String> toJSON(final AuditEventTO auditEvent, final
Class<T> reference) {
+ if (auditEvent == null) {
+ return Model.of();
+ }
+
try {
- if (auditEntry == null) {
- return Model.of();
+ String content;
+ if (auditEvent.getBefore() == null) {
+ JsonNode output = MAPPER.readTree(auditEvent.getOutput());
+ if (output.has("entity")) {
+ content = output.get("entity").toPrettyString();
+ } else {
+ content = output.toPrettyString();
+ }
+ } else {
+ content = auditEvent.getBefore();
}
- String content = auditEntry.getBefore() == null
- ? MAPPER.readTree(auditEntry.getOutput()).get("entity") ==
null
- ? MAPPER.readTree(auditEntry.getOutput()).toPrettyString()
- :
MAPPER.readTree(auditEntry.getOutput()).get("entity").toPrettyString()
- : auditEntry.getBefore();
T entity = MAPPER.reader().
with(StreamReadFeature.STRICT_DUPLICATE_DETECTION).
readValue(content, reference);
- if (entity instanceof UserTO) {
- UserTO userTO = (UserTO) entity;
+ if (entity instanceof UserTO userTO) {
userTO.setPassword(null);
userTO.setSecurityAnswer(null);
}
return
Model.of(MAPPER.writerWithDefaultPrettyPrinter().writeValueAsString(entity));
} catch (Exception e) {
- LOG.error("While (de)serializing entity {}", auditEntry, e);
- throw new WicketRuntimeException(e);
+ LOG.error("While (de)serializing entity {}", auditEvent, e);
Review Comment:
## Use of default toString()
Default toString(): AuditEventTO inherits toString() from Object, and so is
not suitable for printing.
[Show more
details](https://github.com/apache/syncope/security/code-scanning/1595)
##########
core/persistence-neo4j/src/main/java/org/apache/syncope/core/persistence/neo4j/entity/SortedSetList.java:
##########
@@ -54,21 +56,21 @@
}
}
- private static class SortedSetListSplitIterator implements
Spliterator<Neo4jImplementation> {
+ private class SortedSetListSplitIterator implements Spliterator<E> {
Review Comment:
## Inner class could be static
SortedSetListSplitIterator should be made static, since the enclosing
instance is not used.
[Show more
details](https://github.com/apache/syncope/security/code-scanning/1594)
##########
core/persistence-neo4j/src/main/java/org/apache/syncope/core/persistence/neo4j/entity/SortedSetList.java:
##########
@@ -25,16 +25,18 @@
import java.util.ListIterator;
import java.util.SortedSet;
import java.util.Spliterator;
+import java.util.function.BiFunction;
import java.util.function.Consumer;
import java.util.stream.Stream;
+import org.apache.syncope.core.persistence.api.entity.Entity;
-public class SortedSetList implements List<Neo4jImplementation> {
+public class SortedSetList<E extends Entity, R extends
Neo4jSortedRelationsihip<E>> implements List<E> {
- private static class SortedSetListIterator implements
Iterator<Neo4jImplementation> {
+ private class SortedSetListIterator implements Iterator<E> {
Review Comment:
## Inner class could be static
SortedSetListIterator should be made static, since the enclosing instance is
not used.
[Show more
details](https://github.com/apache/syncope/security/code-scanning/1593)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
