Skip to content

Commit bc9ae1e

Browse files
jzheauxjzheaux
committed
Improve NPE Handling
1 parent 61d6fbc commit bc9ae1e

1 file changed

Lines changed: 29 additions & 22 deletions

File tree

core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java

Lines changed: 29 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,7 @@
2929
import org.springframework.context.ApplicationContextException;
3030
import org.springframework.core.log.LogMessage;
3131
import org.springframework.dao.IncorrectResultSizeDataAccessException;
32+
import org.springframework.jdbc.core.JdbcTemplate;
3233
import org.springframework.jdbc.core.PreparedStatementSetter;
3334
import org.springframework.jdbc.core.RowMapper;
3435
import org.springframework.security.access.AccessDeniedException;
@@ -214,7 +215,7 @@ protected void initDao() throws ApplicationContextException {
214215
*/
215216
@Override
216217
protected List<UserDetails> loadUsersByUsername(String username) {
217-
return getJdbcTemplate().query(getUsersByUsernameQuery(), this.userDetailsMapper, username);
218+
return requireJdbcTemplate().query(getUsersByUsernameQuery(), this.userDetailsMapper, username);
218219
}
219220

220221
private UserDetails mapToUser(ResultSet rs, int rowNum) throws SQLException {
@@ -237,7 +238,7 @@ private UserDetails mapToUser(ResultSet rs, int rowNum) throws SQLException {
237238
@Override
238239
public void createUser(final UserDetails user) {
239240
validateUserDetails(user);
240-
getJdbcTemplate().update(this.createUserSql, (ps) -> {
241+
requireJdbcTemplate().update(this.createUserSql, (ps) -> {
241242
ps.setString(1, user.getUsername());
242243
ps.setString(2, user.getPassword());
243244
ps.setBoolean(3, user.isEnabled());
@@ -257,7 +258,7 @@ public void createUser(final UserDetails user) {
257258
@Override
258259
public void updateUser(final UserDetails user) {
259260
validateUserDetails(user);
260-
getJdbcTemplate().update(this.updateUserSql, (ps) -> {
261+
requireJdbcTemplate().update(this.updateUserSql, (ps) -> {
261262
ps.setString(1, user.getPassword());
262263
ps.setBoolean(2, user.isEnabled());
263264
int paramCount = ps.getParameterMetaData().getParameterCount();
@@ -281,7 +282,7 @@ public void updateUser(final UserDetails user) {
281282

282283
private void insertUserAuthorities(UserDetails user) {
283284
for (GrantedAuthority auth : user.getAuthorities()) {
284-
getJdbcTemplate().update(this.createAuthoritySql, user.getUsername(), auth.getAuthority());
285+
requireJdbcTemplate().update(this.createAuthoritySql, user.getUsername(), auth.getAuthority());
285286
}
286287
}
287288

@@ -290,12 +291,12 @@ public void deleteUser(String username) {
290291
if (getEnableAuthorities()) {
291292
deleteUserAuthorities(username);
292293
}
293-
getJdbcTemplate().update(this.deleteUserSql, username);
294+
requireJdbcTemplate().update(this.deleteUserSql, username);
294295
this.userCache.removeUserFromCache(username);
295296
}
296297

297298
private void deleteUserAuthorities(String username) {
298-
getJdbcTemplate().update(this.deleteUserAuthoritiesSql, username);
299+
requireJdbcTemplate().update(this.deleteUserAuthoritiesSql, username);
299300
}
300301

301302
@Override
@@ -318,7 +319,7 @@ public void changePassword(String oldPassword, String newPassword) throws Authen
318319
this.logger.debug("No authentication manager set. Password won't be re-checked.");
319320
}
320321
this.logger.debug("Changing password for user '" + username + "'");
321-
getJdbcTemplate().update(this.changePasswordSql, newPassword, username);
322+
requireJdbcTemplate().update(this.changePasswordSql, newPassword, username);
322323
Authentication authentication = createNewAuthentication(currentUser, newPassword);
323324
SecurityContext context = this.securityContextHolderStrategy.createEmptyContext();
324325
context.setAuthentication(authentication);
@@ -336,7 +337,7 @@ protected Authentication createNewAuthentication(Authentication currentAuth, Str
336337

337338
@Override
338339
public boolean userExists(String username) {
339-
List<String> users = getJdbcTemplate().queryForList(this.userExistsSql, String.class, username);
340+
List<String> users = requireJdbcTemplate().queryForList(this.userExistsSql, String.class, username);
340341
if (users.size() > 1) {
341342
throw new IncorrectResultSizeDataAccessException("More than one user found with name '" + username + "'",
342343
1);
@@ -346,13 +347,13 @@ public boolean userExists(String username) {
346347

347348
@Override
348349
public List<String> findAllGroups() {
349-
return getJdbcTemplate().queryForList(this.findAllGroupsSql, String.class);
350+
return requireJdbcTemplate().queryForList(this.findAllGroupsSql, String.class);
350351
}
351352

352353
@Override
353354
public List<String> findUsersInGroup(String groupName) {
354355
Assert.hasText(groupName, "groupName should have text");
355-
return getJdbcTemplate().queryForList(this.findUsersInGroupSql, String.class, groupName);
356+
return requireJdbcTemplate().queryForList(this.findUsersInGroupSql, String.class, groupName);
356357
}
357358

358359
@Override
@@ -361,11 +362,11 @@ public void createGroup(final String groupName, final List<GrantedAuthority> aut
361362
Assert.notNull(authorities, "authorities cannot be null");
362363
this.logger.debug("Creating new group '" + groupName + "' with authorities "
363364
+ AuthorityUtils.authorityListToSet(authorities));
364-
getJdbcTemplate().update(this.insertGroupSql, groupName);
365+
requireJdbcTemplate().update(this.insertGroupSql, groupName);
365366
int groupId = findGroupId(groupName);
366367
for (GrantedAuthority a : authorities) {
367368
String authority = a.getAuthority();
368-
getJdbcTemplate().update(this.insertGroupAuthoritySql, (ps) -> {
369+
requireJdbcTemplate().update(this.insertGroupAuthoritySql, (ps) -> {
369370
ps.setInt(1, groupId);
370371
ps.setString(2, authority);
371372
});
@@ -378,17 +379,17 @@ public void deleteGroup(String groupName) {
378379
Assert.hasText(groupName, "groupName should have text");
379380
int id = findGroupId(groupName);
380381
PreparedStatementSetter groupIdPSS = (ps) -> ps.setInt(1, id);
381-
getJdbcTemplate().update(this.deleteGroupMembersSql, groupIdPSS);
382-
getJdbcTemplate().update(this.deleteGroupAuthoritiesSql, groupIdPSS);
383-
getJdbcTemplate().update(this.deleteGroupSql, groupIdPSS);
382+
requireJdbcTemplate().update(this.deleteGroupMembersSql, groupIdPSS);
383+
requireJdbcTemplate().update(this.deleteGroupAuthoritiesSql, groupIdPSS);
384+
requireJdbcTemplate().update(this.deleteGroupSql, groupIdPSS);
384385
}
385386

386387
@Override
387388
public void renameGroup(String oldName, String newName) {
388389
this.logger.debug("Changing group name from '" + oldName + "' to '" + newName + "'");
389390
Assert.hasText(oldName, "oldName should have text");
390391
Assert.hasText(newName, "newName should have text");
391-
getJdbcTemplate().update(this.renameGroupSql, newName, oldName);
392+
requireJdbcTemplate().update(this.renameGroupSql, newName, oldName);
392393
}
393394

394395
@Override
@@ -397,7 +398,7 @@ public void addUserToGroup(final String username, final String groupName) {
397398
Assert.hasText(username, "username should have text");
398399
Assert.hasText(groupName, "groupName should have text");
399400
int id = findGroupId(groupName);
400-
getJdbcTemplate().update(this.insertGroupMemberSql, (ps) -> {
401+
requireJdbcTemplate().update(this.insertGroupMemberSql, (ps) -> {
401402
ps.setInt(1, id);
402403
ps.setString(2, username);
403404
});
@@ -410,7 +411,7 @@ public void removeUserFromGroup(final String username, final String groupName) {
410411
Assert.hasText(username, "username should have text");
411412
Assert.hasText(groupName, "groupName should have text");
412413
int id = findGroupId(groupName);
413-
getJdbcTemplate().update(this.deleteGroupMemberSql, (ps) -> {
414+
requireJdbcTemplate().update(this.deleteGroupMemberSql, (ps) -> {
414415
ps.setInt(1, id);
415416
ps.setString(2, username);
416417
});
@@ -421,7 +422,7 @@ public void removeUserFromGroup(final String username, final String groupName) {
421422
public List<GrantedAuthority> findGroupAuthorities(String groupName) {
422423
this.logger.debug("Loading authorities for group '" + groupName + "'");
423424
Assert.hasText(groupName, "groupName should have text");
424-
return getJdbcTemplate().query(this.groupAuthoritiesSql, this.grantedAuthorityMapper, groupName);
425+
return requireJdbcTemplate().query(this.groupAuthoritiesSql, this.grantedAuthorityMapper, groupName);
425426
}
426427

427428
private GrantedAuthority mapToGrantedAuthority(ResultSet rs, int rowNum) throws SQLException {
@@ -435,7 +436,7 @@ public void removeGroupAuthority(String groupName, final GrantedAuthority author
435436
Assert.hasText(groupName, "groupName should have text");
436437
Assert.notNull(authority, "authority cannot be null");
437438
int id = findGroupId(groupName);
438-
getJdbcTemplate().update(this.deleteGroupAuthoritySql, (ps) -> {
439+
requireJdbcTemplate().update(this.deleteGroupAuthoritySql, (ps) -> {
439440
ps.setInt(1, id);
440441
ps.setString(2, authority.getAuthority());
441442
});
@@ -447,14 +448,20 @@ public void addGroupAuthority(final String groupName, final GrantedAuthority aut
447448
Assert.hasText(groupName, "groupName should have text");
448449
Assert.notNull(authority, "authority cannot be null");
449450
int id = findGroupId(groupName);
450-
getJdbcTemplate().update(this.insertGroupAuthoritySql, (ps) -> {
451+
requireJdbcTemplate().update(this.insertGroupAuthoritySql, (ps) -> {
451452
ps.setInt(1, id);
452453
ps.setString(2, authority.getAuthority());
453454
});
454455
}
455456

456457
private int findGroupId(String group) {
457-
return getJdbcTemplate().queryForObject(this.findGroupIdSql, Integer.class, group);
458+
return requireJdbcTemplate().queryForObject(this.findGroupIdSql, Integer.class, group);
459+
}
460+
461+
private JdbcTemplate requireJdbcTemplate() {
462+
JdbcTemplate jdbc = getJdbcTemplate();
463+
Assert.notNull(jdbc, "JdbcTemplate cannot be null");
464+
return jdbc;
458465
}
459466

460467
/**

0 commit comments

Comments
 (0)