Skip to content

Commit a68a5bf

Browse files
authored
[ISSUE #9809] Fix NPE in getAcl when subject is null (#9810)
1 parent 963c0e2 commit a68a5bf

2 files changed

Lines changed: 34 additions & 12 deletions

File tree

auth/src/main/java/org/apache/rocketmq/auth/authorization/manager/AuthorizationMetadataManagerImpl.java

Lines changed: 19 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -176,19 +176,26 @@ public CompletableFuture<Void> deleteAcl(Subject subject, PolicyType policyType,
176176

177177
@Override
178178
public CompletableFuture<Acl> getAcl(Subject subject) {
179-
CompletableFuture<? extends Subject> subjectFuture;
180-
if (subject.isSubject(SubjectType.USER)) {
181-
User user = (User) subject;
182-
subjectFuture = this.getAuthenticationMetadataProvider().getUser(user.getUsername());
183-
} else {
184-
subjectFuture = CompletableFuture.completedFuture(subject);
185-
}
186-
return subjectFuture.thenCompose(sub -> {
187-
if (sub == null) {
188-
throw new AuthorizationException("The subject is not exist.");
179+
try {
180+
if (subject == null) {
181+
throw new AuthorizationException("The subject is null.");
189182
}
190-
return this.getAuthorizationMetadataProvider().getAcl(subject);
191-
});
183+
CompletableFuture<? extends Subject> subjectFuture;
184+
if (subject.isSubject(SubjectType.USER)) {
185+
User user = (User) subject;
186+
subjectFuture = this.getAuthenticationMetadataProvider().getUser(user.getUsername());
187+
} else {
188+
subjectFuture = CompletableFuture.completedFuture(subject);
189+
}
190+
return subjectFuture.thenCompose(sub -> {
191+
if (sub == null) {
192+
throw new AuthorizationException("The subject is not exist.");
193+
}
194+
return this.getAuthorizationMetadataProvider().getAcl(sub);
195+
});
196+
} catch (Exception e) {
197+
return this.handleException(e);
198+
}
192199
}
193200

194201
@Override

auth/src/test/java/org/apache/rocketmq/auth/authorization/manager/AuthorizationMetadataManagerTest.java

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -203,6 +203,21 @@ public void getAcl() {
203203
});
204204
}
205205

206+
@Test
207+
public void testGetAclWithNullSubject() {
208+
if (MixAll.isMac()) {
209+
return;
210+
}
211+
AuthorizationException authorizationException = Assert.assertThrows(AuthorizationException.class, () -> {
212+
try {
213+
this.authorizationMetadataManager.getAcl(null).join();
214+
} catch (Exception e) {
215+
AuthTestHelper.handleException(e);
216+
}
217+
});
218+
Assert.assertEquals("The subject is null.", authorizationException.getMessage());
219+
}
220+
206221
@Test
207222
public void listAcl() {
208223
if (MixAll.isMac()) {

0 commit comments

Comments
 (0)