Skip to content

[#10166] Resolve NPE problem in grant/revoke permission's error handling when request body is null#10258

Closed
pithecuse527 wants to merge 1 commit intoapache:mainfrom
pithecuse527:fix/npe-revoke-roles-from-user
Closed

[#10166] Resolve NPE problem in grant/revoke permission's error handling when request body is null#10258
pithecuse527 wants to merge 1 commit intoapache:mainfrom
pithecuse527:fix/npe-revoke-roles-from-user

Conversation

@pithecuse527
Copy link

@pithecuse527 pithecuse527 commented Mar 5, 2026
edited
Loading

What changes were proposed in this pull request?

Build role-name string with a null guard in grant/revoke permission operation error handling logics

Why are the changes needed?

To avoid NPE

Fix: #10166

Does this PR introduce any user-facing change?

No

How was this patch tested?

UTs

Copilot AI review requested due to automatic review settings March 5, 2026 16:10
@pithecuse527 pithecuse527 changed the title Resolve NPE problem in revokeRolesFromUser error handling when request body is null Resolve NPE problem in grant/revoke permission's error handling when request body is null Mar 5, 2026
@pithecuse527 pithecuse527 force-pushed the fix/npe-revoke-roles-from-user branch from 4c3203f to f50e034 Compare March 5, 2026 16:13
Copilot AI reviewed Mar 5, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes a NullPointerException risk in PermissionOperations when role grant/revoke endpoints receive a null request body, ensuring error handling can still build the role-names string safely and return a proper error response.

Changes:

  • Add null-guarded roleNames construction in catch blocks for user/group role grant/revoke endpoints.
  • Add unit tests covering null request bodies for grant/revoke role endpoints.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File Description
server/src/main/java/org/apache/gravitino/server/web/rest/PermissionOperations.java Makes catch-block role name formatting null-safe for grant/revoke role operations.
server/src/test/java/org/apache/gravitino/server/web/rest/TestPermissionOperations.java Adds tests asserting endpoints don’t NPE when the request object is null.

@pithecuse527 pithecuse527 force-pushed the fix/npe-revoke-roles-from-user branch from f50e034 to d15a2b0 Compare March 5, 2026 17:47
@pithecuse527 pithecuse527 changed the title Resolve NPE problem in grant/revoke permission's error handling when request body is null [#10166] Resolve NPE problem in grant/revoke permission's error handling when request body is null Mar 5, 2026
@pithecuse527 pithecuse527 force-pushed the fix/npe-revoke-roles-from-user branch from d15a2b0 to 2dec471 Compare March 5, 2026 17:49
@github-actions
Copy link

github-actions bot commented Mar 5, 2026

Code Coverage Report

Overall Project 65.19% +0.05% 🟢
Files changed 100.0% 🟢

Module Coverage
aliyun 1.73% 🔴
api 46.15% 🟢
authorization-common 85.96% 🟢
aws 1.1% 🔴
azure 2.6% 🔴
catalog-common 10.0% 🔴
catalog-fileset 80.02% 🟢
catalog-hive 80.98% 🟢
catalog-jdbc-clickhouse 77.76% 🟢
catalog-jdbc-common 36.84% 🔴
catalog-jdbc-doris 80.28% 🟢
catalog-jdbc-hologres 57.71% 🟢
catalog-jdbc-mysql 79.23% 🟢
catalog-jdbc-oceanbase 78.38% 🟢
catalog-jdbc-postgresql 81.22% 🟢
catalog-jdbc-starrocks 78.27% 🟢
catalog-kafka 77.01% 🟢
catalog-lakehouse-generic 45.07% 🟢
catalog-lakehouse-hudi 79.1% 🟢
catalog-lakehouse-iceberg 87.25% 🟢
catalog-lakehouse-paimon 77.71% 🟢
catalog-model 77.72% 🟢
cli 44.51% 🟢
client-java 77.73% 🟢
common 49.23% 🟢
core 81.2% 🟢
filesystem-hadoop3 76.97% 🟢
flink 38.86% 🔴
flink-runtime 0.0% 🔴
gcp 14.2% 🔴
hadoop-common 10.39% 🔴
hive-metastore-common 45.82% 🟢
iceberg-common 50.21% 🟢
iceberg-rest-server 66.24% 🟢
integration-test-common 0.0% 🔴
jobs 62.55% 🟢
lance-common 23.78% 🔴
lance-rest-server 57.84% 🟢
lineage 53.02% 🟢
optimizer 82.64% 🟢
server 85.74% +0.54% 🟢
server-common 68.6% 🟢
spark 32.79% 🔴
spark-common 39.6% 🔴
trino-connector 31.62% 🔴
Files
Module File Coverage
server PermissionOperations.java 100.0% 🟢

jerryshao
jerryshao reviewed Mar 6, 2026
View reviewed changes
Copy link
Contributor

@jerryshao jerryshao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

The fix is correct — creating a local roleNames variable before the return in each catch block avoids the secondary NPE when request is null.

Important: PR #10183 covers the exact same catch blocks in PermissionOperations.java (and 15 other files) using the same inline ternary null-check pattern. These two PRs will conflict. Please coordinate with the author of #10183 — one of these PRs should be closed to avoid a merge conflict. Since #10183 is a broader, more comprehensive fix, consider whether this PR should be closed in its favor.

The unit tests added are good — they cover all four grant/revoke methods. If this PR proceeds independently, please ensure it is rebased on top of #10183 (or vice versa).

@jerryshao jerryshao mentioned this pull request Mar 6, 2026
Open
@pithecuse527
Copy link
Author

pithecuse527 commented Mar 6, 2026

I'll close the PR for now.
This will be covered in #10183

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jerryshao jerryshao jerryshao left review comments

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Improvement] Possible NPE in revokeRolesFromUser error handling when request body is null

3 participants

@pithecuse527 @jerryshao