github-advanced-security[bot] commented on code in PR #1036:
URL: https://github.com/apache/syncope/pull/1036#discussion_r2029101818
##########
core/persistence-common/src/main/java/org/apache/syncope/core/persistence/common/dao/AnyFinder.java:
##########
@@ -143,19 +137,15 @@
// Create several clauses: one for eanch identifiers
for (int i = 0; i < identifiers.size() &&
!used.contains(identifiers.get(i)); i++) {
- // verify schema existence and get schema type
- PlainSchema schema =
plainSchemaDAO.findById(identifiers.get(i)).orElse(null);
-
- if (schema == null) {
- LOG.error("Invalid schema '{}', ignoring", identifiers.get(i));
- } else {
- used.add(identifiers.get(i));
-
- AttrCond cond = new AttrCond(ignoreCaseMatch ?
AttrCond.Type.IEQ : AttrCond.Type.EQ);
- cond.setSchema(schema.getKey());
- cond.setExpression(attrValues.get(i));
- andConditions.add(SearchCond.of(cond));
- }
+ used.add(identifiers.get(i));
+
+ AttrCond cond = plainSchemaDAO.findById(identifiers.get(i)).
+ map(schema -> new AttrCond()).
Review Comment:
## Useless parameter
The parameter 'schema' is never used.
[Show more
details](https://github.com/apache/syncope/security/code-scanning/2204)
##########
core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/LiveSyncJobDelegate.java:
##########
@@ -313,81 +389,24 @@
LOG.debug("Executing live sync on {}", task.getResource());
- while (!stopRequested) {
- profile.getResults().clear();
-
- TaskExec<SchedTask> execution = initExecution();
- execution.setTask(null);
-
- String message;
- String status;
- OpEvent.Outcome result;
- try {
- infos.forEach(info -> {
- setStatus("Live syncing " +
info.objectClass().getObjectClassValue());
-
- profile.getConnector().livesync(
- info.objectClass(),
- liveSyncDelta -> {
- try {
- LOG.debug("LiveSyncDelta: {}",
liveSyncDelta);
- SyncDelta syncDelta = info.provision() ==
null
- ? mapper.map(liveSyncDelta, info.orgUnit())
- : mapper.map(liveSyncDelta,
info.provision());
- LOG.debug("Mapped SyncDelta: {}",
syncDelta);
-
- return info.handler().handle(syncDelta);
- } catch (Exception e) {
- LOG.error("While live syncing from {} with
{}",
- task.getResource().getKey(),
liveSyncDelta, e);
- return false;
- }
- },
- info.options());
-
- if (info.uidOnCreate() != null) {
- AnyUtils anyUtils =
anyUtilsFactory.getInstance(info.anyTypeKind());
- profile.getResults().stream().
- filter(r -> r.getUidValue() != null &&
r.getKey() != null
- && r.getOperation() == ResourceOperation.CREATE
- &&
r.getAnyType().equals(info.provision().getAnyType())).
- forEach(r -> anyUtils.addAttr(
- validator,
- r.getKey(),
- info.uidOnCreate(),
- r.getUidValue()));
+ Object lock = new Object();
+ synchronized (lock) {
+ while (!stopRequested) {
+ try {
+ doLivesync();
+ } finally {
+ try {
+ lock.wait(delaySecondsAcrossInvocations * 1000);
Review Comment:
## Result of multiplication cast to wider type
Potential overflow in [int multiplication](1) before it is converted to long
by use in an invocation context.
[Show more
details](https://github.com/apache/syncope/security/code-scanning/2205)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
