-
Notifications
You must be signed in to change notification settings - Fork 827
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[sonar] Short-circuit logic should be used in boolean contexts #2264
Conversation
We have created an issue in Pivotal Tracker to manage this: https://www.pivotaltracker.com/story/show/184821669 The labels on this github issue will be updated when the story is started. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually, let me review if not executing the add operation is OK here.
@@ -145,7 +145,7 @@ protected void performNestedSearch(String userDn, String username, Set<GrantedAu | |||
role = role.toUpperCase(); | |||
} | |||
role = getRolePrefix() + role; | |||
circular = circular | (!authorities.add(new LdapAuthority(role,dn,record))); | |||
circular = circular || (!authorities.add(new LdapAuthority(role, dn, record))); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It does appear that changing |
to ||
affects the outcome of the executing this line. In previous code, new LdapAuthroity
is always added to authorities
. In the changed code, new LdapAuthroity
is not added if circular
is true
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hi @hsinn0 i rotated, but it is not wanted to get this merged.
This code is not covered with junit or integration tests yet, so I wont touch it.
I wanted highlight the sonar findings and that sonars marks it as dangerous to use bit-wise OR .
There is another finding where we working on a fix because there is a test available
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My understanding of the intention of the existing code is that it wants to always execute authorities.add(new LdapAuthority(role,dn,record))
and combine the resulting boolean value with circular
. So it is proper use of bit-wise OR in my opinion. Of course, it can be written as:
circular |= !authorities.add(new LdapAuthority(role,dn,record)); // maybe the intention is clearer this way
or
circular = !authorities.add(new LdapAuthority(role,dn,record)) || circular; // to accomplish the same with ||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I made another comment before seeing this change, so you can ignore that another comment. This change looks good except the commit message, which just says "rotate". Approving, assuming that you will make the commit message better when merging.
@hsinn0 About commit messages. I always merge to UAA with squashed commit, so finally you dont see the seperate commits not in git history, only in the single commit they are visible in the commit text, therefore I dont care really about the intermediate commits..... |
Rule: java:S2178, e.g. https://rules.sonarsource.com/java/RSPEC-2178
https://sonarcloud.io/project/issues?resolved=false&severities=BLOCKER&id=cloudfoundry-identity-parent&open=AYBVU2mG8w5rn7tLse0R&tab=why