Add a null check when assigning ldap groups

Prevent NullReferenceException by checking if the group list is null Fixes #8920
2025-10-07 10:04:21 +00:00 · 2023-10-28 00:32:54 +11:00
parent 09d25a9a5b
commit bb6498ed5e
1 changed files with 61 additions and 38 deletions
--- a/dspace-api/src/main/java/org/dspace/authenticate/LDAPAuthentication.java
+++ b/dspace-api/src/main/java/org/dspace/authenticate/LDAPAuthentication.java
@@ -713,8 +713,8 @@ public class LDAPAuthentication
    private void assignGroups(String dn, ArrayList<String> group, Context context) {
        if (StringUtils.isNotBlank(dn)) {
            System.out.println("dn:" + dn);
-            int i = 1;
-            String groupMap = configurationService.getProperty("authentication-ldap.login.groupmap." + i);
+            int groupmapIndex = 1;
+            String groupMap = configurationService.getProperty("authentication-ldap.login.groupmap." + groupmapIndex);
            boolean cmp;


@@ -725,6 +725,13 @@ public class LDAPAuthentication
                String ldapSearchString = t[0];
                String dspaceGroupName = t[1];

+                if (group == null) {
+                    cmp = StringUtils.containsIgnoreCase(dn, ldapSearchString + ",");
+
+                    if (cmp) {
+                        assignGroup(context, groupmapIndex, dspaceGroupName);
+                    }
+                } else {
                    // list of strings with dn from LDAP groups
                    // inner loop
                    Iterator<String> groupIterator = group.iterator();
@@ -741,7 +748,29 @@ public class LDAPAuthentication
                        }

                        if (cmp) {
-                        // assign user to this group
+                            assignGroup(context, groupmapIndex, dspaceGroupName);
+                        }
+                    }
+                }
+
+                groupMap = configurationService.getProperty("authentication-ldap.login.groupmap." + ++groupmapIndex);
+            }
+        }
+    }
+
+    /**
+     * Add the current authenticated user to the specified group
+     *
+     * @param context
+     *  DSpace context
+     *
+     * @param groupmapIndex
+     *  authentication-ldap.login.groupmap.* key index defined in dspace.cfg
+     *
+     * @param dspaceGroupName
+     *  The DSpace group to add the user to
+     */
+    private void assignGroup(Context context, int groupmapIndex, String dspaceGroupName) {
        try {
            Group ldapGroup = groupService.findByName(context, dspaceGroupName);
            if (ldapGroup != null) {
@@ -751,7 +780,7 @@ public class LDAPAuthentication
                // The group does not exist
                log.warn(LogHelper.getHeader(context,
                        "ldap_assignGroupsBasedOnLdapDn",
-                                                            "Group defined in authentication-ldap.login.groupmap." + i
+                        "Group defined in authentication-ldap.login.groupmap." + groupmapIndex
                        + " does not exist :: " + dspaceGroupName));
            }
        } catch (AuthorizeException ae) {
@@ -764,12 +793,6 @@ public class LDAPAuthentication
                    dspaceGroupName));
        }
    }
-                }
-
-                groupMap = configurationService.getProperty("authentication-ldap.login.groupmap." + ++i);
-            }
-        }
-    }

    @Override
    public boolean isUsed(final Context context, final HttpServletRequest request) {