Implemented a fix for a NullPointerException as reported by Pierre-Antoine Gr�goire (pa.gregoire@free.fr)

"The error comes from line 115 in AuthorizeTag....It seems there's no control
for a null value here..."

* test/net/sf/acegisecurity/taglibs/authz/AuthorizeTagTests.java:
  Added a new test to confirm the existence of the bug.

* src/net/sf/acegisecurity/taglibs/authz/AuthorizeTag.java:
  And fixed the failing test.
This commit is contained in:
Francois Beausoleil 2004-05-19 12:34:52 +00:00
parent 4cac2f1a62
commit d5a6ea044d
2 changed files with 13 additions and 0 deletions

View File

@ -112,6 +112,10 @@ public class AuthorizeTag extends TagSupport {
Authentication currentUser = context.getAuthentication();
if (null == currentUser) {
return Collections.EMPTY_LIST;
}
Collection granted = Arrays.asList(currentUser.getAuthorities());
return granted;

View File

@ -42,6 +42,15 @@ public class AuthorizeTagTests extends TestCase {
//~ Methods ================================================================
public void testAlwaysReturnsUnauthorizedIfNoUserFound()
throws JspException {
context.setAuthentication(null);
authorizeTag.setIfAllGranted("ROLE_TELLER");
assertEquals("prevents request - no principal in Context",
Tag.SKIP_BODY, authorizeTag.doStartTag());
}
public void testDefaultsToNotOutputtingBodyWhenNoRequiredAuthorities()
throws JspException {
assertEquals("", authorizeTag.getIfAllGranted());