From 06fc60c2f69175a71fea9c8c9af44ab205a2636e Mon Sep 17 00:00:00 2001
From: jaymode <jay.modi@elasticsearch.com>
Date: Fri, 26 Feb 2016 15:03:56 -0500
Subject: [PATCH] shield: handle null tokens when parsing roles

The roles parsing does not currently handle null tokens since the YAML parser
was not emitting them. With the upgrade to Jackson 2.7.1, the parser is now
emitting the null token value.

Original commit: elastic/x-pack-elasticsearch@abcad633ad243ab2ccc053c676543f3cc844e67f
---
 .../elasticsearch/shield/authz/store/FileRolesStore.java    | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/store/FileRolesStore.java b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/store/FileRolesStore.java
index 637675ea16a..a1bcbe73622 100644
--- a/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/store/FileRolesStore.java
+++ b/elasticsearch/x-pack/shield/src/main/java/org/elasticsearch/shield/authz/store/FileRolesStore.java
@@ -203,6 +203,8 @@ public class FileRolesStore extends AbstractLifecycleComponent<RolesStore> imple
                                     if (!names.isEmpty()) {
                                         name = new Privilege.Name(names);
                                     }
+                                } else if (token == XContentParser.Token.VALUE_NULL) {
+                                    continue;
                                 } else {
                                     logger.error("invalid role definition [{}] in roles file [{}]. [cluster] field value can either " +
                                                     "be a string or a list of strings, but [{}] was found instead. skipping role...",
@@ -264,6 +266,8 @@ public class FileRolesStore extends AbstractLifecycleComponent<RolesStore> imple
                                                             } else {
                                                                 fields = Collections.singletonList(field);
                                                             }
+                                                        } else if (token == XContentParser.Token.VALUE_NULL) {
+                                                            fields = Collections.emptyList();
                                                         }
                                                     } else if ("query".equals(currentFieldName)) {
                                                         if (token == XContentParser.Token.START_OBJECT) {
@@ -320,6 +324,8 @@ public class FileRolesStore extends AbstractLifecycleComponent<RolesStore> imple
                                                     }
                                                 }
                                                 continue;
+                                            } else if (token == XContentParser.Token.VALUE_NULL) {
+                                                continue;
                                             } else {
                                                 logger.error("invalid role definition [{}] in roles file [{}]. " +
                                                         "could not parse [{}] as index privileges. privilege lists must either " +