cuba
cuba copied to clipboard
cuba-platform
Check permission on null value while creating role objects in security system
Environment
- Platform version: 7.2.*
Description of the bug or enhancement
When migrating from older versions of the platform (e.g 5.2), a situation is possible when permission is created with null value.
As the result, exception may be occur:
java.lang.NullPointerException: null
at com.haulmont.cuba.security.role.BasicRoleDefinition$BasicRoleDefinitionBuilder.withPermissions(BasicRoleDefinition.java:297) ~[cuba-global-7.2.19.jar:7.2.19]
at com.haulmont.cuba.security.app.role.RolesHelper.transformToRoleDefinition(RolesHelper.java:204) ~[cuba-core-7.2.19.jar:7.2.19]
at com.haulmont.cuba.security.app.role.RolesHelper.getRoleDefinitionsForUser(RolesHelper.java:149) ~[cuba-core-7.2.19.jar:7.2.19]
at com.haulmont.cuba.security.sys.UserSessionManager.createSession(UserSessionManager.java:139) ~[cuba-core-7.2.19.jar:7.2.19]
at com.haulmont.cuba.security.sys.UserSessionManager.createSession(UserSessionManager.java:110) ~[cuba-core-7.2.19.jar:7.2.19]
The error is a regression of 7.2 security subsystem changes. So security subsystem should ignore such type of permissions, how it was done in 7.1 or 5.2 platform versions.
