Skip to content
Permalink
Browse files

Merge pull request #34 from oleg-nenashev/JENKINS-49236-npe-in-template

[JENKINS-49236] - Prevent NullPointerException when null authContext is passed to the AuthoritiesPopulator
  • Loading branch information
oleg-nenashev committed Jan 29, 2018
2 parents 38d822f + 025fec0 commit 99f83a854f84251495e88159ce3ae651355772f6
@@ -5,6 +5,8 @@
import org.acegisecurity.GrantedAuthority;
import org.jenkinsci.plugins.reverse_proxy_auth.data.SearchTemplate;

import javax.annotation.CheckForNull;

/**
* @author Wilder Rodrigues (wrodrigues@schubergphilis.com)
*/
@@ -14,7 +16,7 @@
return ce.executeWithContext();
}

public Set<String> searchForSingleAttributeValues(final SearchTemplate template, final GrantedAuthority [] authorities) {
public Set<String> searchForSingleAttributeValues(final SearchTemplate template, final @CheckForNull GrantedAuthority [] authorities) {

class SingleAttributeSearchCallback implements ContextExecutor {

@@ -30,6 +30,8 @@
import org.jenkinsci.plugins.reverse_proxy_auth.model.ReverseProxyUserDetails;
import org.springframework.util.Assert;

import javax.annotation.CheckForNull;


/**
* @author Wilder rodrigues (wrodrigues@schuberphilis.com)
@@ -56,14 +58,17 @@
private boolean convertToUpperCase = true;

//TODO: replace by a modern collection?
@CheckForNull
protected Hashtable<String, GrantedAuthority[]> authContext;

/**
* Constructor for group search scenarios. <tt>userRoleAttributes</tt> may still be
* set as a property.
* @param authContext Authentication context.
* May be {@code null}
*/
public DefaultReverseProxyAuthoritiesPopulator(Hashtable<String, GrantedAuthority[]> authContext) {
this.authContext = new Hashtable<>(authContext);
public DefaultReverseProxyAuthoritiesPopulator(@CheckForNull Hashtable<String, GrantedAuthority[]> authContext) {
this.authContext = authContext != null ? new Hashtable<>(authContext) : null;
reverseProxyTemplate = new ReverseProxySearchTemplate();
}

@@ -109,7 +114,7 @@ public DefaultReverseProxyAuthoritiesPopulator(Hashtable<String, GrantedAuthorit
public Set<GrantedAuthority> getGroupMembershipRoles(String username) {
Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();

GrantedAuthority[] contextAuthorities = authContext.get(username);
final @CheckForNull GrantedAuthority[] contextAuthorities = authContext != null ? authContext.get(username) : null;

SearchTemplate searchTemplate = new UserSearchTemplate(username);

@@ -26,6 +26,8 @@
import org.acegisecurity.GrantedAuthorityImpl;
import org.jenkinsci.plugins.reverse_proxy_auth.model.ReverseProxyUserDetails;

import javax.annotation.CheckForNull;


/**
* @author Wilder rodrigues (wrodrigues@schuberphilis.com)
@@ -36,7 +38,7 @@
boolean convertToUpperCase = true;

public ReverseProxyAuthoritiesPopulatorImpl(
Hashtable<String, GrantedAuthority[]> authContext) {
@CheckForNull Hashtable<String, GrantedAuthority[]> authContext) {
super(authContext);

super.setRolePrefix("");
@@ -16,16 +16,15 @@ public GroupSearchTemplate(String userOrGroup) {

@Override
public Set<String> processAuthorities(GrantedAuthority[] authorities) {
Set<String> authorityValues = this.doProcess(authorities);

return authorityValues;
return this.doProcess(authorities);
}

@Override
protected Set<String> doProcess(GrantedAuthority[] authorities) {
//TODO: refactoring: use singleton
Set<String> authorityValues = new HashSet<String>();
authorityValues.add(userOrGroup);

return authorityValues;
}
}
@@ -5,6 +5,9 @@

import org.acegisecurity.GrantedAuthority;

import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;

/**
* @author Wilder Rodrigues (wrodrigues@schubergphilis.com)
*/
@@ -17,8 +20,15 @@ public SearchTemplate(String userOrGroup) {
}

public abstract Set<String> processAuthorities(final GrantedAuthority [] authorities);

protected Set<String> doProcess(final GrantedAuthority [] authorities) {

/**
* Process authorities.
* @param authorities Authorities. Can be {@code null}.
* @return Set of group and user names
*/
@Nonnull
protected Set<String> doProcess(final @CheckForNull GrantedAuthority [] authorities) {
// TODO: refactoring: use emptySet() ?
Set<String> authorityValues = new HashSet<String>();
if (authorities != null) {
for (int i = 0; i < authorities.length; i++) {
@@ -15,7 +15,6 @@ public UserSearchTemplate(String userOrGroup) {

@Override
public Set<String> processAuthorities(GrantedAuthority[] authorities) {
Set<String> authorityValues = doProcess(authorities);
return authorityValues;
return doProcess(authorities);
}
}

0 comments on commit 99f83a8

Please sign in to comment.
You can’t perform that action at this time.