Página inicial Explorar Ajuda
Registrar Entrar
github
/
spring-security
mirror de https://github.com/spring-projects/spring-security
2
0
Fork 0
Arquivos Issues 0 Wiki
Ver código fonte

Detect nulls within GrantedAuthority[] passed to constructor. This ensures end-user DAO implementations are creating the User correctly.

Ben Alex 21 anos atrás
pai
a0f809991d
commit
f38ed01b29
2 arquivos alterados com 23 adições e 0 exclusões
Visão dividida Mostrar estatísticas do Diff
  1. 10 0
      core/src/main/java/org/acegisecurity/userdetails/User.java
  2. 13 0
      core/src/test/java/org/acegisecurity/providers/dao/UserTests.java

+ 10 - 0
core/src/main/java/org/acegisecurity/userdetails/User.java
Ver arquivo 

@@ -48,6 +48,8 @@ public class User {
 
      *        is enabled
 
      *
 
      * @throws IllegalArgumentException if a <code>null</code> value was passed
 
+     *         either as a parameter or as an element in the
 
+     *         <code>GrantedAuthority[]</code> array
 
      */
 
     public User(String username, String password, boolean enabled,
 
         GrantedAuthority[] authorities) throws IllegalArgumentException {
 
@@ -56,6 +58,14 @@ public class User {
 
                 "Cannot pass null values to constructor");
 
         }
 
 
+        for (int i = 0; i < authorities.length; i++) {
 
+            if (authorities[i] == null) {
 
+                throw new IllegalArgumentException("Granted authority element "
 
+                    + i
 
+                    + " is null - GrantedAuthority[] cannot contain any null elements");
 
+            }
 
+        }
 
+
 
         this.username = username;
 
         this.password = password;
 
         this.enabled = enabled;

+ 13 - 0
core/src/test/java/org/acegisecurity/providers/dao/UserTests.java
Ver arquivo 

@@ -84,6 +84,19 @@ public class UserTests extends TestCase {
 
         }
 
     }
 
 
+    public void testNullWithinGrantedAuthorityElementIsRejected()
 
+        throws Exception {
 
+        try {
 
+            User user = new User(null, "koala", true,
 
+                    new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(
 
+                            "ROLE_TWO"), null, new GrantedAuthorityImpl(
 
+                            "ROLE_THREE")});
 
+            fail("Should have thrown IllegalArgumentException");
 
+        } catch (IllegalArgumentException expected) {
 
+            assertTrue(true);
 
+        }
 
+    }
 
+
 
     public void testUserGettersSetter() throws Exception {
 
         User user = new User("marissa", "koala", true,
 
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl(