Uploaded image for project: 'MidPoint'
  1. MidPoint
  2. MID-6105

NullPointerException in users view when access denied

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 4.0.2
    • Fix Version/s: 4.1
    • Component/s: GUI
    • Labels:
      None
    • Subscription:
      Active subscription
    • Git Revision:
      0931345eefe47610ea698a64e7c66aaa41

      Description

      I found a minor bug getting NullPointerException (500 error page) in users view.
      It seems that the NPE is thrown when customizing the user view with adminGuiConfiguration and an access denied error occurs internally when displaying the user table.
       

      Reproduce steps

      To reproduce it, I create a role which causes access denied intentionally.

      1. Create the following role (authz-test).
        <role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3" xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3" xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3" xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3">
            <name>authz-test</name>
            <authorization>
                <name>users</name>
                <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#users</action>
            </authorization>
            <authorization>
                <name>users-read-ok</name>
                <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#read</action>
                <object>
                    <type>UserType</type>
                </object>
            </authorization>
            <authorization>
                <name>users-read-ng</name>
                <decision>deny</decision>
                <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#read</action>
                <phase>request</phase>
                <object>
                    <type>UserType</type>
                    <filter>
                        <q:equal>
                            <q:path>name</q:path>
                            <q:value>administrator</q:value>
                        </q:equal>
                    </filter>
                </object>
            </authorization>
            <adminGuiConfiguration>
                <objectLists>
                    <objectList>
                        <column>
                            <name>name</name>
                            <c:path>name</c:path>
                            <display>
                                <label>Name</label>
                            </display>
                        </column>
                        <column>
                            <name>fullName</name>
                            <c:path>fullName</c:path>
                            <display>
                                <label>Full name</label>
                            </display>
                            <previousColumn>name</previousColumn>
                        </column>
                        <type>c:UserType</type>
                    </objectList>
                </objectLists>
            </adminGuiConfiguration>
        </role>
        
      2. Create an user. Then assign "End User" and above new role.
      3. Log-in with the user and open the users view => 500 error.

       

        Attachments

          Activity

            People

            Assignee:
            h2-wada Hiroyuki Wada
            Reporter:
            h2-wada Hiroyuki Wada
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: