FORGE-2642: Fixed CCE in Security: Add Constraint

forge · Apr 25, 2016 · 2ea2745 · 2ea2745
1 parent 55913e7
commit 2ea2745
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 7 deletions.
diff --git a/.../src/main/java/org/jboss/forge/addon/javaee/security/ui/AddSecurityConstraintCommand.java b/.../src/main/java/org/jboss/forge/addon/javaee/security/ui/AddSecurityConstraintCommand.java
@@ -12,8 +12,10 @@
 import org.jboss.forge.addon.ui.context.UIBuilder;
 import org.jboss.forge.addon.ui.context.UIContext;
 import org.jboss.forge.addon.ui.context.UIExecutionContext;
+import org.jboss.forge.addon.ui.hints.InputType;
 import org.jboss.forge.addon.ui.input.UIInput;
 import org.jboss.forge.addon.ui.input.UIInputMany;
+import org.jboss.forge.addon.ui.input.UISelectOne;
 import org.jboss.forge.addon.ui.metadata.UICommandMetadata;
 import org.jboss.forge.addon.ui.metadata.WithAttributes;
 import org.jboss.forge.addon.ui.result.Result;
@@ -59,8 +61,8 @@ public class AddSecurityConstraintCommand extends AbstractJavaEECommand
    private UIInput<Boolean> enableUserDataConstraint;
 
    @Inject
-   @WithAttributes(label = "Transport guarantee", shortName = 't', description = "The type of requirement for used data constraint")
-   private UIInput<TransportGuarantee> transportGuarantee;
+   @WithAttributes(label = "Transport guarantee", shortName = 't', description = "The type of requirement for used data constraint", type = InputType.DROPDOWN)
+   private UISelectOne<TransportGuarantee> transportGuarantee;
 
    @Override
    public void initializeUI(UIBuilder builder) throws Exception

diff --git a/javaee/impl/src/main/java/org/jboss/forge/addon/javaee/servlet/AbstractServletFacet.java b/javaee/impl/src/main/java/org/jboss/forge/addon/javaee/servlet/AbstractServletFacet.java
@@ -215,8 +215,21 @@ public void addSecurityConstraint(String displayName, String webResourceName, St
       DESCRIPTOR webXml = getConfig();
 
       SecurityConstraintCommonType securityConstraint = webXml.createSecurityConstraint();
-      List<String> httpMethodsList = Lists.toList(httpMethods);
-      List<String> urlPatternsList = Lists.toList(urlPatterns);
+      List<String> httpMethodsList = new ArrayList<>();
+      if (httpMethods != null)
+      {
+         httpMethodsList.addAll(Lists.toList(httpMethods));
+      }
+      List<String> urlPatternsList = new ArrayList<>();
+      if (urlPatterns != null)
+      {
+         urlPatternsList.addAll(Lists.toList(urlPatterns));
+      }
+      List<String> securityRolesList = new ArrayList<>();
+      if (securityRoles != null)
+      {
+         securityRolesList.addAll(Lists.toList(securityRoles));
+      }
       if (displayName != null)
       {
          securityConstraint.displayName(displayName);
@@ -240,13 +253,11 @@ public void addSecurityConstraint(String displayName, String webResourceName, St
          resourceCollection.urlPattern(urlPatternsList.toArray(new String[urlPatternsList.size()]));
       }
 
-      List<String> securityRolesList = Lists.toList(securityRoles);
-      if (securityRolesList != null)
+      if (!securityRolesList.isEmpty())
       {
          AuthConstraintCommonType authConstraint = securityConstraint.getOrCreateAuthConstraint();
          authConstraint.roleName(securityRolesList.toArray(new String[securityRolesList.size()]));
       }
-
       if (transportGuarantee != null)
       {
          UserDataConstraintCommonType userDataConstraint = securityConstraint.getOrCreateUserDataConstraint();