Internal server error with external groups

Fixes a null pointer exception resulting in an internal server error in the permission overview for users with external groups, for example from ldap or cas. Committed-by: Eduard Heimbuch <eduard.heimbuch@cloudogu.com> Co-authored-by: René Pfeuffer <rene.pfeuffer@cloudogu.com>
2026-01-06 15:42:12 +01:00 · 2023-06-21 09:34:53 +02:00
parent 4a7f6a77d8
commit 91b9946a72
3 changed files with 76 additions and 52 deletions
--- a/gradle/changelog/permission_overview.yaml
+++ b/gradle/changelog/permission_overview.yaml
@@ -0,0 +1,2 @@
+- type: fixed
+  description: Internal server error with external groups in permission overview
--- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/PermissionOverviewToPermissionOverviewDtoMapper.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/PermissionOverviewToPermissionOverviewDtoMapper.java
@@ -34,6 +34,7 @@ import sonia.scm.user.PermissionOverview;

 import javax.inject.Inject;
 import java.util.List;
+import java.util.Objects;

 import static de.otto.edison.hal.Links.linkingTo;
 import static java.util.stream.Collectors.toList;
@@ -83,6 +84,7 @@ abstract class PermissionOverviewToPermissionOverviewDtoMapper {
      .stream()
      .map(PermissionOverview.GroupEntry::getName)
      .map(groupManager::get)
+      .filter(Objects::nonNull)
      .map(groupToGroupDtoMapper::map)
      .collect(toList());
    Embedded.Builder embedded = new Embedded.Builder()
--- a/scm-webapp/src/test/java/sonia/scm/api/v2/resources/PermissionOverviewToPermissionOverviewDtoMapperTest.java
+++ b/scm-webapp/src/test/java/sonia/scm/api/v2/resources/PermissionOverviewToPermissionOverviewDtoMapperTest.java
@@ -26,6 +26,7 @@ package sonia.scm.api.v2.resources;

 import de.otto.edison.hal.Links;
 import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Nested;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.InjectMocks;
@@ -100,57 +101,78 @@ class PermissionOverviewToPermissionOverviewDtoMapperTest {
      .thenAnswer(invocation -> new NamespaceDto(invocation.getArgument(0, String.class), Links.emptyLinks()));
  }

-  @BeforeEach
-  void initGroupMapper() {
+  @Nested
+  class WithInternalGroups {
+    @BeforeEach
+    void initGroupMapper() {
+      when(groupManager.get(anyString()))
+        .thenAnswer(invocation -> new Group("xml", invocation.getArgument(0, String.class)));
+      when(groupToGroupDtoMapper.map(any()))
+        .thenAnswer(invocation -> {
+          GroupDto groupDto = new GroupDto();
+          groupDto.setName(invocation.getArgument(0, Group.class).getName());
+          return groupDto;
+        });
+    }
+
+    @Test
+    void shouldMapRepositories() {
+      PermissionOverviewDto dto = permissionOverviewToPermissionOverviewDtoMapper
+        .toDto(PERMISSION_OVERVIEW, "Neo");
+
+      assertThat(dto.getRelevantRepositories())
+        .extracting("namespace")
+        .contains("hog", "vogon");
+      assertThat(dto.getRelevantRepositories())
+        .extracting("name")
+        .contains("marvin", "jeltz");
+
+      assertThat(
+        dto.
+          getEmbedded()
+          .getItemsBy("repositories")
+      ).hasSize(2);
+    }
+
+    @Test
+    void shouldMapNamespaces() {
+      PermissionOverviewDto dto = permissionOverviewToPermissionOverviewDtoMapper
+        .toDto(PERMISSION_OVERVIEW, "Neo");
+
+      assertThat(dto.getRelevantNamespaces())
+        .contains("hog", "earth");
+
+      assertThat(dto.getEmbedded().getItemsBy("relevantNamespaces"))
+        .hasSize(2)
+        .extracting("namespace")
+        .contains("hog", "earth");
+      assertThat(dto.getEmbedded().getItemsBy("otherNamespaces"))
+        .hasSize(1)
+        .extracting("namespace")
+        .contains("vogon");
+    }
+
+    @Test
+    void shouldMapGroups() {
+      PermissionOverviewDto dto = permissionOverviewToPermissionOverviewDtoMapper
+        .toDto(PERMISSION_OVERVIEW, "Neo");
+
+      assertThat(dto.getRelevantGroups())
+        .extracting("name")
+        .contains("hitchhiker", "vogons");
+
+      assertThat(dto.getEmbedded().getItemsBy("groups"))
+        .hasSize(2)
+        .extracting("name")
+        .contains("hitchhiker", "vogons");
+    }
+  }
+
+  @Test
+  void shouldExcludeExternalGroups() {
    when(groupManager.get(anyString()))
-      .thenAnswer(invocation -> new Group("xml", invocation.getArgument(0, String.class)));
-    when(groupToGroupDtoMapper.map(any()))
-      .thenAnswer(invocation -> {
-        GroupDto groupDto = new GroupDto();
-        groupDto.setName(invocation.getArgument(0, Group.class).getName());
-        return groupDto;
-      });
-  }
+      .thenAnswer(invocation -> null);

-  @Test
-  void shouldMapRepositories() {
-    PermissionOverviewDto dto = permissionOverviewToPermissionOverviewDtoMapper
-      .toDto(PERMISSION_OVERVIEW, "Neo");
-
-    assertThat(dto.getRelevantRepositories())
-      .extracting("namespace")
-      .contains("hog", "vogon");
-    assertThat(dto.getRelevantRepositories())
-      .extracting("name")
-      .contains("marvin", "jeltz");
-
-    assertThat(
-      dto.
-        getEmbedded()
-        .getItemsBy("repositories")
-    ).hasSize(2);
-  }
-
-  @Test
-  void shouldMapNamespaces() {
-    PermissionOverviewDto dto = permissionOverviewToPermissionOverviewDtoMapper
-      .toDto(PERMISSION_OVERVIEW, "Neo");
-
-    assertThat(dto.getRelevantNamespaces())
-      .contains("hog", "earth");
-
-    assertThat(dto.getEmbedded().getItemsBy("relevantNamespaces"))
-      .hasSize(2)
-      .extracting("namespace")
-      .contains("hog", "earth");
-    assertThat(dto.getEmbedded().getItemsBy("otherNamespaces"))
-      .hasSize(1)
-      .extracting("namespace")
-      .contains("vogon");
-  }
-
-  @Test
-  void shouldMapGroups() {
    PermissionOverviewDto dto = permissionOverviewToPermissionOverviewDtoMapper
      .toDto(PERMISSION_OVERVIEW, "Neo");

@@ -159,8 +181,6 @@ class PermissionOverviewToPermissionOverviewDtoMapperTest {
      .contains("hitchhiker", "vogons");

    assertThat(dto.getEmbedded().getItemsBy("groups"))
-      .hasSize(2)
-      .extracting("name")
-      .contains("hitchhiker", "vogons");
+      .isEmpty();
  }
 }