Skip to content

Commit 3af9c32

Browse files
Nico Verwerline-o
authored andcommitted
[bugfix] guard against NPE in securitymanager
fixes #4670
1 parent 1029a51 commit 3af9c32

File tree

2 files changed

+12
-7
lines changed

2 files changed

+12
-7
lines changed

exist-core/src/main/java/org/exist/xquery/functions/securitymanager/IdFunction.java

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -77,13 +77,18 @@ private org.exist.dom.memtree.DocumentImpl functionId() {
7777

7878
builder.startElement(new QName("id", SecurityManagerModule.NAMESPACE_URI, SecurityManagerModule.PREFIX), null);
7979

80-
builder.startElement(new QName("real", SecurityManagerModule.NAMESPACE_URI, SecurityManagerModule.PREFIX), null);
81-
subjectToXml(builder, context.getRealUser());
82-
builder.endElement();
80+
final Subject realUser = context.getRealUser();
81+
if (realUser != null) {
82+
builder.startElement(new QName("real", SecurityManagerModule.NAMESPACE_URI, SecurityManagerModule.PREFIX), null);
83+
subjectToXml(builder, realUser);
84+
builder.endElement();
85+
}
8386

84-
if (!sameUserWithSameGroups(context.getRealUser(), context.getEffectiveUser())) {
87+
final Subject effectiveUser = context.getEffectiveUser();
88+
if (effectiveUser != null && (
89+
realUser == null || !sameUserWithSameGroups(realUser, effectiveUser))) {
8590
builder.startElement(new QName("effective", SecurityManagerModule.NAMESPACE_URI, SecurityManagerModule.PREFIX), null);
86-
subjectToXml(builder, context.getEffectiveUser());
91+
subjectToXml(builder, effectiveUser);
8792
builder.endElement();
8893
}
8994

exist-core/src/test/java/org/exist/xquery/functions/securitymanager/IdFunctionTest.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -183,15 +183,15 @@ public void differingByGroupRealAndEffectiveUsers() throws XPathException, Xpath
183183
expect(mckContext.getDocumentBuilder()).andReturn(new MemTreeBuilder());
184184
mckContext.popDocumentContext();
185185
expectLastCall().once();
186-
expect(mckContext.getRealUser()).andReturn(mckRealUser).times(2);
186+
expect(mckContext.getRealUser()).andReturn(mckRealUser);
187187
expect(mckRealUser.getName()).andReturn(realUsername);
188188
expect(mckRealUser.getGroups()).andReturn(new String[]{"realGroup1"});
189189
expect(mckRealUser.getId()).andReturn(101);
190190
expect(mckRealUser.getGroupIds()).andReturn(new int[] {101});
191191

192192
final Subject mckEffectiveUser = EasyMock.createMock(Subject.class);
193193
final String effectiveUsername = "user1";
194-
expect(mckContext.getEffectiveUser()).andReturn(mckEffectiveUser).times(2);
194+
expect(mckContext.getEffectiveUser()).andReturn(mckEffectiveUser);
195195
expect(mckEffectiveUser.getId()).andReturn(101);
196196
expect(mckEffectiveUser.getName()).andReturn(effectiveUsername);
197197
expect(mckEffectiveUser.getGroups()).andReturn(new String[]{"realGroup1", "effectiveGroup1"});

0 commit comments

Comments
 (0)