Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resolved the issue where a NullPointer occurs when the admin role is a trust role #2857

Merged
merged 2 commits into from
Jan 18, 2025
Merged

Resolved the issue where a NullPointer occurs when the admin role is a trust role #2857

merged 2 commits into from
Jan 18, 2025

Conversation

TakuyaMatsu
Copy link
Contributor

Description

It might be a rare case, but when the trust of the admin role is set, the admin role member cannot be retrieved, resulting in a NullPointerException.
I have modified it so that member checks are not performed when it is a role with trust set.

Contribution Checklist:

  • The pull request does not introduce any breaking changes
  • I have read the contribution guidelines.
  • Create an issue and link to the pull request.

Attach Screenshots (Optional)

havetisyan
havetisyan requested changes Jan 17, 2025
View reviewed changes
servers/zms/src/main/java/com/yahoo/athenz/zms/ZMSImpl.java Outdated
List<RoleMember> members = adminRole.getRoleMembers();
if (members.size() == 1 && members.get(0).getMemberName().equals(memberName)) {
throw ZMSUtils.forbiddenError("deleteDomainRoleMember: Cannot delete last member of 'admin' role", caller);
if (StringUtils.isEmpty(adminRole.trust)) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. Rather than checking the trust attribute, why not just add a members != null condition to the if line. It will all other edge cases when somehow we get a null for the member list.

  2. more importantly, we also have the same issue in the deleteMembership API which is probably more commonly used than deleteDomainRoleMember api. So can you please apply the same fix in that function as well.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've made the changes. Please check

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @TakuyaMatsu

@havetisyan havetisyan merged commit 0717450 into AthenZ:master Jan 18, 2025
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@havetisyan havetisyan havetisyan approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@TakuyaMatsu @havetisyan