Fixing sonar code smells

kiegroup · Jun 5, 2023 · 370bd4a · 370bd4a
1 parent c453d1f
commit 370bd4a
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 8 deletions.
diff --git a/...ces-jbpm/src/main/java/org/kie/server/services/jbpm/security/ElytronUserGroupAdapter.java b/...ces-jbpm/src/main/java/org/kie/server/services/jbpm/security/ElytronUserGroupAdapter.java
@@ -53,11 +53,7 @@ public List<String> getGroupsForUser(String userId) {
         String userName = getUserName();
         logger.debug("Identifier Elytron as {}", userId);
 
-        if (isActive()) {
-            if (userName == null) {
-                return new ArrayList<>();
-            }
-
+        if (isActive() && userName != null) {
             if (userId.equals(userName)) {
                 logger.debug("User identified as {} but auth as {}", userId, userName);
                 return toPrincipalRoles(userId);
@@ -70,10 +66,10 @@ public List<String> getGroupsForUser(String userId) {
                         return new ArrayList<>();
                     }
                 } catch (Exception e) {
+                    logger.debug("Run as {} failed", userId);
                     if (e.getClass().isAssignableFrom(authorizationFailureExceptionClass)) {
+                        logger.debug("Executing run as {} without authorization", userId);
                         return toRunAsPrincipalRoles(userId, false);
-                    } else if (e instanceof RealmUnavailableException || e instanceof SecurityException) {
-                        return new ArrayList<>();
                     }
                 }
             }

diff --git a/...jbpm/src/test/java/org/kie/server/services/jbpm/security/ElytronUserGroupAdapterTest.java b/...jbpm/src/test/java/org/kie/server/services/jbpm/security/ElytronUserGroupAdapterTest.java
@@ -121,7 +121,7 @@ public void testSecurityOnRealmUnavailable() throws RealmUnavailableException {
 
         Assertions.assertThat(roles)
                 .isNotNull()
-                .hasSize(0);
+                .isEmpty();
     }
 
     @Test
@@ -141,6 +141,27 @@ public void testSecurityOnAuthorizationFailure() throws AuthorizationFailureExce
                 .contains(ROLE_1, ROLE_2, ROLE_3);
     }
 
+    @Test
+    public void testSecurityElytronDisabled() throws RealmUnavailableException {
+        when(adapter.isActive()).thenCallRealMethod();
+        when(adapter.getGroupsForUser(Mockito.anyString())).thenCallRealMethod();
+        when(adapter.getUserName()).thenReturn(USER_ID);
+
+        List<String> roles = adapter.getGroupsForUser(USER_ID);
+
+        Assertions.assertThat(roles)
+                .isNotNull()
+                .isEmpty();
+    }
+
+    @Test
+    public void testToRolesWithEmptySecurityIdentity() {
+        List<String> roles = adapter.toRoles(null);
+        Assertions.assertThat(roles)
+                .isNotNull()
+                .isEmpty();
+    }
+
     private void setAuthorizationFailureExceptionClass() {
         Whitebox.setInternalState(adapter, Class.class, (Object) AuthorizationFailureException.class);
     }