SOLR-16527 RuleBasedAuthorizationPluginBase NPE (#1164)
Fixed NPE on RuleBasedAuthorizationPluginBase#getPermissionNamesForRoles for null set of roles
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index 9538c62..99c9014 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -175,6 +175,8 @@
* SOLR-16502: Multiple CopyField should not limit to first maxChars (Fredrik Rodland, Kevin Risden)
+* SOLR-16527: RuleBasedAuthorizationPluginBase NPE (Alex Deparvu)
+
Other Changes
---------------------
* SOLR-16351: Upgrade Carrot2 to 4.4.3, upgrade randomizedtesting to 2.8.0. (Dawid Weiss)
diff --git a/solr/core/src/java/org/apache/solr/security/RuleBasedAuthorizationPluginBase.java b/solr/core/src/java/org/apache/solr/security/RuleBasedAuthorizationPluginBase.java
index fc917ca..ef81b09 100644
--- a/solr/core/src/java/org/apache/solr/security/RuleBasedAuthorizationPluginBase.java
+++ b/solr/core/src/java/org/apache/solr/security/RuleBasedAuthorizationPluginBase.java
@@ -120,6 +120,9 @@
/** Retrieves permission names for a given set of roles */
public Set<String> getPermissionNamesForRoles(Set<String> roles) {
+ if (roles == null) {
+ return Set.of();
+ }
return roles.stream()
.filter(roleToPermissionsMap::containsKey)
.flatMap(r -> roleToPermissionsMap.get(r).stream())
diff --git a/solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java b/solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java
index ef52229..97a7023 100644
--- a/solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java
+++ b/solr/core/src/test/org/apache/solr/security/BaseTestRuleBasedAuthorizationPlugin.java
@@ -717,6 +717,7 @@
assertEquals(
Set.of("schema-edit", "collection-admin-edit", "mycoll_update", "read"),
plugin.getPermissionNamesForRoles(Set.of("admin", "dev")));
+ assertEquals(emptySet(), plugin.getPermissionNamesForRoles(null));
} catch (IOException e) {
; // swallow error, otherwise you have to add a _lot_ of exceptions to methods.
}
