Skip to content

Commit

Permalink
Merge pull request #34 from oleg-nenashev/JENKINS-49236-npe-in-template
Browse files Browse the repository at this point in the history 
[JENKINS-49236] - Prevent NullPointerException when null authContext is passed to the AuthoritiesPopulator
  • Loading branch information
@oleg-nenashev
oleg-nenashev committed Jan 29, 2018
2 parents 38d822f + 025fec0 commit 99f83a8
Show file tree
Hide file tree
Showing 6 changed files with 30 additions and 13 deletions.
4 changes: 3 additions & 1 deletion src/main/java/org/jenkinsci/plugins/reverse_proxy_auth/ReverseProxySearchTemplate.java
View file
Expand Up @@ -5,6 +5,8 @@
import org.acegisecurity.GrantedAuthority; import org.acegisecurity.GrantedAuthority;
import org.jenkinsci.plugins.reverse_proxy_auth.data.SearchTemplate; import org.jenkinsci.plugins.reverse_proxy_auth.data.SearchTemplate;


import javax.annotation.CheckForNull;

/** /**
* @author Wilder Rodrigues (wrodrigues@schubergphilis.com) * @author Wilder Rodrigues (wrodrigues@schubergphilis.com)
*/ */
Expand All @@ -14,7 +16,7 @@ public Set<String> executeReadOnly(ContextExecutor ce) {
return ce.executeWithContext(); return ce.executeWithContext();
} }


public Set<String> searchForSingleAttributeValues(final SearchTemplate template, final GrantedAuthority [] authorities) { public Set<String> searchForSingleAttributeValues(final SearchTemplate template, final @CheckForNull GrantedAuthority [] authorities) {


class SingleAttributeSearchCallback implements ContextExecutor { class SingleAttributeSearchCallback implements ContextExecutor {


Expand Down
11 changes: 8 additions & 3 deletions ...rg/jenkinsci/plugins/reverse_proxy_auth/auth/DefaultReverseProxyAuthoritiesPopulator.java
View file
Expand Up @@ -30,6 +30,8 @@
import org.jenkinsci.plugins.reverse_proxy_auth.model.ReverseProxyUserDetails; import org.jenkinsci.plugins.reverse_proxy_auth.model.ReverseProxyUserDetails;
import org.springframework.util.Assert; import org.springframework.util.Assert;


import javax.annotation.CheckForNull;



/** /**
* @author Wilder rodrigues (wrodrigues@schuberphilis.com) * @author Wilder rodrigues (wrodrigues@schuberphilis.com)
Expand All @@ -56,14 +58,17 @@ public class DefaultReverseProxyAuthoritiesPopulator implements ReverseProxyAuth
private boolean convertToUpperCase = true; private boolean convertToUpperCase = true;


//TODO: replace by a modern collection? //TODO: replace by a modern collection?
@CheckForNull
protected Hashtable<String, GrantedAuthority[]> authContext; protected Hashtable<String, GrantedAuthority[]> authContext;


/** /**
* Constructor for group search scenarios. <tt>userRoleAttributes</tt> may still be * Constructor for group search scenarios. <tt>userRoleAttributes</tt> may still be
* set as a property. * set as a property.
* @param authContext Authentication context.
* May be {@code null}
*/ */
public DefaultReverseProxyAuthoritiesPopulator(Hashtable<String, GrantedAuthority[]> authContext) { public DefaultReverseProxyAuthoritiesPopulator(@CheckForNull Hashtable<String, GrantedAuthority[]> authContext) {
this.authContext = new Hashtable<>(authContext); this.authContext = authContext != null ? new Hashtable<>(authContext) : null;
reverseProxyTemplate = new ReverseProxySearchTemplate(); reverseProxyTemplate = new ReverseProxySearchTemplate();
} }


Expand Down Expand Up @@ -109,7 +114,7 @@ public final GrantedAuthority[] getGrantedAuthorities(ReverseProxyUserDetails us
public Set<GrantedAuthority> getGroupMembershipRoles(String username) { public Set<GrantedAuthority> getGroupMembershipRoles(String username) {
Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>(); Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();


GrantedAuthority[] contextAuthorities = authContext.get(username); final @CheckForNull GrantedAuthority[] contextAuthorities = authContext != null ? authContext.get(username) : null;


SearchTemplate searchTemplate = new UserSearchTemplate(username); SearchTemplate searchTemplate = new UserSearchTemplate(username);


Expand Down
4 changes: 3 additions & 1 deletion ...a/org/jenkinsci/plugins/reverse_proxy_auth/auth/ReverseProxyAuthoritiesPopulatorImpl.java
View file
Expand Up @@ -26,6 +26,8 @@
import org.acegisecurity.GrantedAuthorityImpl; import org.acegisecurity.GrantedAuthorityImpl;
import org.jenkinsci.plugins.reverse_proxy_auth.model.ReverseProxyUserDetails; import org.jenkinsci.plugins.reverse_proxy_auth.model.ReverseProxyUserDetails;


import javax.annotation.CheckForNull;



/** /**
* @author Wilder rodrigues (wrodrigues@schuberphilis.com) * @author Wilder rodrigues (wrodrigues@schuberphilis.com)
Expand All @@ -36,7 +38,7 @@ public final class ReverseProxyAuthoritiesPopulatorImpl extends DefaultReversePr
boolean convertToUpperCase = true; boolean convertToUpperCase = true;


public ReverseProxyAuthoritiesPopulatorImpl( public ReverseProxyAuthoritiesPopulatorImpl(
Hashtable<String, GrantedAuthority[]> authContext) { @CheckForNull Hashtable<String, GrantedAuthority[]> authContext) {
super(authContext); super(authContext);


super.setRolePrefix(""); super.setRolePrefix("");
Expand Down
7 changes: 3 additions & 4 deletions src/main/java/org/jenkinsci/plugins/reverse_proxy_auth/data/GroupSearchTemplate.java
View file
Expand Up @@ -16,16 +16,15 @@ public GroupSearchTemplate(String userOrGroup) {


@Override @Override
public Set<String> processAuthorities(GrantedAuthority[] authorities) { public Set<String> processAuthorities(GrantedAuthority[] authorities) {
Set<String> authorityValues = this.doProcess(authorities); return this.doProcess(authorities);

return authorityValues;
} }


@Override @Override
protected Set<String> doProcess(GrantedAuthority[] authorities) { protected Set<String> doProcess(GrantedAuthority[] authorities) {
//TODO: refactoring: use singleton
Set<String> authorityValues = new HashSet<String>(); Set<String> authorityValues = new HashSet<String>();
authorityValues.add(userOrGroup); authorityValues.add(userOrGroup);

return authorityValues; return authorityValues;
} }
} }
14 changes: 12 additions & 2 deletions src/main/java/org/jenkinsci/plugins/reverse_proxy_auth/data/SearchTemplate.java
View file
Expand Up @@ -5,6 +5,9 @@


import org.acegisecurity.GrantedAuthority; import org.acegisecurity.GrantedAuthority;


import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;

/** /**
* @author Wilder Rodrigues (wrodrigues@schubergphilis.com) * @author Wilder Rodrigues (wrodrigues@schubergphilis.com)
*/ */
Expand All @@ -17,8 +20,15 @@ public SearchTemplate(String userOrGroup) {
} }


public abstract Set<String> processAuthorities(final GrantedAuthority [] authorities); public abstract Set<String> processAuthorities(final GrantedAuthority [] authorities);


protected Set<String> doProcess(final GrantedAuthority [] authorities) { /**
* Process authorities.
* @param authorities Authorities. Can be {@code null}.
* @return Set of group and user names
*/
@Nonnull
protected Set<String> doProcess(final @CheckForNull GrantedAuthority [] authorities) {
// TODO: refactoring: use emptySet() ?
Set<String> authorityValues = new HashSet<String>(); Set<String> authorityValues = new HashSet<String>();
if (authorities != null) { if (authorities != null) {
for (int i = 0; i < authorities.length; i++) { for (int i = 0; i < authorities.length; i++) {
Expand Down
3 changes: 1 addition & 2 deletions src/main/java/org/jenkinsci/plugins/reverse_proxy_auth/data/UserSearchTemplate.java
View file
Expand Up @@ -15,7 +15,6 @@ public UserSearchTemplate(String userOrGroup) {


@Override @Override
public Set<String> processAuthorities(GrantedAuthority[] authorities) { public Set<String> processAuthorities(GrantedAuthority[] authorities) {
Set<String> authorityValues = doProcess(authorities); return doProcess(authorities);
return authorityValues;
} }
} }

0 comments on commit 99f83a8

Please sign in to comment.