github-advanced-security[bot] commented on code in PR #594: URL: https://github.com/apache/syncope/pull/594#discussion_r1443095489
########## common/idrepo/lib/src/main/java/org/apache/syncope/common/lib/info/NumbersInfo.java: ########## @@ -125,47 +125,47 @@ this.anyType2 = anyType2; } - public Integer getTotalAny2() { + public Long getTotalAny2() { return totalAny2; } - public void setTotalAny2(final Integer totalAny2) { + public void setTotalAny2(final Long totalAny2) { this.totalAny2 = totalAny2; } - public int getTotalResources() { + public long getTotalResources() { return totalResources; } - public void setTotalResources(final int totalResources) { + public void setTotalResources(final long totalResources) { this.totalResources = totalResources; } - public int getTotalRoles() { + public long getTotalRoles() { return totalRoles; } - public void setTotalRoles(final int totalRoles) { + public void setTotalRoles(final long totalRoles) { this.totalRoles = totalRoles; } - public Map<String, Integer> getUsersByRealm() { + public Map<String, Long> getUsersByRealm() { return usersByRealm; } - public Map<String, Integer> getUsersByStatus() { + public Map<String, Long> getUsersByStatus() { return usersByStatus; } - public Map<String, Integer> getGroupsByRealm() { + public Map<String, Long> getGroupsByRealm() { return groupsByRealm; } - public Map<String, Integer> getAny1ByRealm() { + public Map<String, Long> getAny1ByRealm() { Review Comment: ## Exposing internal representation getAny1ByRealm exposes the internal representation stored in field any1ByRealm. The value may be modified [after this call to getAny1ByRealm](1). [Show more details](https://github.com/apache/syncope/security/code-scanning/1413) ########## common/idrepo/lib/src/main/java/org/apache/syncope/common/lib/info/NumbersInfo.java: ########## @@ -125,47 +125,47 @@ this.anyType2 = anyType2; } - public Integer getTotalAny2() { + public Long getTotalAny2() { return totalAny2; } - public void setTotalAny2(final Integer totalAny2) { + public void setTotalAny2(final Long totalAny2) { this.totalAny2 = totalAny2; } - public int getTotalResources() { + public long getTotalResources() { return totalResources; } - public void setTotalResources(final int totalResources) { + public void setTotalResources(final long totalResources) { this.totalResources = totalResources; } - public int getTotalRoles() { + public long getTotalRoles() { return totalRoles; } - public void setTotalRoles(final int totalRoles) { + public void setTotalRoles(final long totalRoles) { this.totalRoles = totalRoles; } - public Map<String, Integer> getUsersByRealm() { + public Map<String, Long> getUsersByRealm() { return usersByRealm; } - public Map<String, Integer> getUsersByStatus() { + public Map<String, Long> getUsersByStatus() { return usersByStatus; } - public Map<String, Integer> getGroupsByRealm() { + public Map<String, Long> getGroupsByRealm() { return groupsByRealm; } - public Map<String, Integer> getAny1ByRealm() { + public Map<String, Long> getAny1ByRealm() { return any1ByRealm; } - public Map<String, Integer> getAny2ByRealm() { + public Map<String, Long> getAny2ByRealm() { Review Comment: ## Exposing internal representation getAny2ByRealm exposes the internal representation stored in field any2ByRealm. The value may be modified [after this call to getAny2ByRealm](1). [Show more details](https://github.com/apache/syncope/security/code-scanning/1412) ########## client/idrepo/console/src/main/java/org/apache/syncope/client/console/rest/AbstractAnyRestClient.java: ########## @@ -54,7 +54,7 @@ protected abstract Class<? extends AnyService<TO>> getAnyServiceClass(); - public abstract int count(String realm, String fiql, String type); + public abstract long count(String realm, String fiql, String type); Review Comment: ## Useless parameter The parameter 'type' is never used. [Show more details](https://github.com/apache/syncope/security/code-scanning/1426) ########## common/idrepo/lib/src/main/java/org/apache/syncope/common/lib/info/NumbersInfo.java: ########## @@ -125,47 +125,47 @@ this.anyType2 = anyType2; } - public Integer getTotalAny2() { + public Long getTotalAny2() { return totalAny2; } - public void setTotalAny2(final Integer totalAny2) { + public void setTotalAny2(final Long totalAny2) { this.totalAny2 = totalAny2; } - public int getTotalResources() { + public long getTotalResources() { return totalResources; } - public void setTotalResources(final int totalResources) { + public void setTotalResources(final long totalResources) { this.totalResources = totalResources; } - public int getTotalRoles() { + public long getTotalRoles() { return totalRoles; } - public void setTotalRoles(final int totalRoles) { + public void setTotalRoles(final long totalRoles) { this.totalRoles = totalRoles; } - public Map<String, Integer> getUsersByRealm() { + public Map<String, Long> getUsersByRealm() { return usersByRealm; } - public Map<String, Integer> getUsersByStatus() { + public Map<String, Long> getUsersByStatus() { return usersByStatus; } - public Map<String, Integer> getGroupsByRealm() { + public Map<String, Long> getGroupsByRealm() { Review Comment: ## Exposing internal representation getGroupsByRealm exposes the internal representation stored in field groupsByRealm. The value may be modified [after this call to getGroupsByRealm](1). [Show more details](https://github.com/apache/syncope/security/code-scanning/1414) ########## common/idrepo/lib/src/main/java/org/apache/syncope/common/lib/info/NumbersInfo.java: ########## @@ -125,47 +125,47 @@ this.anyType2 = anyType2; } - public Integer getTotalAny2() { + public Long getTotalAny2() { return totalAny2; } - public void setTotalAny2(final Integer totalAny2) { + public void setTotalAny2(final Long totalAny2) { this.totalAny2 = totalAny2; } - public int getTotalResources() { + public long getTotalResources() { return totalResources; } - public void setTotalResources(final int totalResources) { + public void setTotalResources(final long totalResources) { this.totalResources = totalResources; } - public int getTotalRoles() { + public long getTotalRoles() { return totalRoles; } - public void setTotalRoles(final int totalRoles) { + public void setTotalRoles(final long totalRoles) { this.totalRoles = totalRoles; } - public Map<String, Integer> getUsersByRealm() { + public Map<String, Long> getUsersByRealm() { return usersByRealm; } - public Map<String, Integer> getUsersByStatus() { + public Map<String, Long> getUsersByStatus() { Review Comment: ## Exposing internal representation getUsersByStatus exposes the internal representation stored in field usersByStatus. The value may be modified [after this call to getUsersByStatus](1). [Show more details](https://github.com/apache/syncope/security/code-scanning/1415) ########## core/persistence-jpa-json/src/main/java/org/apache/syncope/core/persistence/jpa/dao/PGJPAJSONAnySearchDAO.java: ########## @@ -612,24 +607,20 @@ if (JAXRSService.PARAM_REALM.equals(cond.getSchema()) && !SyncopeConstants.UUID_PATTERN.matcher(cond.getExpression()).matches()) { - Realm realm = realmDAO.findByFullPath(cond.getExpression()); - if (realm == null) { - throw new IllegalArgumentException("Invalid Realm full path: " + cond.getExpression()); - } + Realm realm = realmDAO.findByFullPath(cond.getExpression()). + orElseThrow(() -> new IllegalArgumentException("Invalid Realm full path: " + cond.getExpression())); cond.setExpression(realm.getKey()); } Triple<PlainSchema, PlainAttrValue, AnyCond> checked = check(cond, svs.anyTypeKind); StringBuilder query = new StringBuilder(); - PlainSchema schema = plainSchemaDAO.find(cond.getSchema()); - if (schema == null) { - fillAttrQuery(query, checked.getMiddle(), checked.getLeft(), checked.getRight(), not, parameters, svs); - } else { - fillAttrQuery(anyUtilsFactory.getInstance(svs.anyTypeKind), - query, checked.getMiddle(), checked.getLeft(), checked.getRight(), not, parameters, svs); - } + plainSchemaDAO.findById(cond.getSchema()).ifPresentOrElse( + schema -> fillAttrQuery(anyUtilsFactory.getInstance(svs.anyTypeKind), Review Comment: ## Useless parameter The parameter 'schema' is never used. [Show more details](https://github.com/apache/syncope/security/code-scanning/1428) ########## client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/rest/AbstractAnyRestClient.java: ########## @@ -27,7 +27,7 @@ protected abstract Class<? extends AnyService<TO>> getAnyServiceClass(); - public abstract int count(String realm, String fiql, String type); + public abstract long count(String realm, String fiql, String type); Review Comment: ## Useless parameter The parameter 'type' is never used. [Show more details](https://github.com/apache/syncope/security/code-scanning/1427) ########## core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAAnyMatchDAO.java: ########## @@ -471,21 +483,25 @@ List<PlainAttrValue> anyAttrValues = new ArrayList<>(); anyAttrValues.add(anyUtils.newPlainAttrValue()); - if (anyAttrValue instanceof String) { - anyAttrValues.get(0).setStringValue((String) anyAttrValue); - } else if (anyAttrValue instanceof Long) { - anyAttrValues.get(0).setLongValue((Long) anyAttrValue); - } else if (anyAttrValue instanceof Double) { - anyAttrValues.get(0).setDoubleValue((Double) anyAttrValue); - } else if (anyAttrValue instanceof Boolean) { - anyAttrValues.get(0).setBooleanValue((Boolean) anyAttrValue); - } else if (anyAttrValue instanceof OffsetDateTime) { - anyAttrValues.get(0).setDateValue((OffsetDateTime) anyAttrValue); - } else if (anyAttrValue instanceof byte[]) { - anyAttrValues.get(0).setBinaryValue((byte[]) anyAttrValue); + switch (anyAttrValue) { Review Comment: ## Dereferenced variable may be null Variable [anyAttrValue](1) may be null at this access as suggested by [this](2) null guard. Variable [anyAttrValue](1) may be null at this access as suggested by [this](3) null guard. [Show more details](https://github.com/apache/syncope/security/code-scanning/1423) ########## common/idrepo/lib/src/main/java/org/apache/syncope/common/lib/info/NumbersInfo.java: ########## @@ -125,47 +125,47 @@ this.anyType2 = anyType2; } - public Integer getTotalAny2() { + public Long getTotalAny2() { return totalAny2; } - public void setTotalAny2(final Integer totalAny2) { + public void setTotalAny2(final Long totalAny2) { this.totalAny2 = totalAny2; } - public int getTotalResources() { + public long getTotalResources() { return totalResources; } - public void setTotalResources(final int totalResources) { + public void setTotalResources(final long totalResources) { this.totalResources = totalResources; } - public int getTotalRoles() { + public long getTotalRoles() { return totalRoles; } - public void setTotalRoles(final int totalRoles) { + public void setTotalRoles(final long totalRoles) { this.totalRoles = totalRoles; } - public Map<String, Integer> getUsersByRealm() { + public Map<String, Long> getUsersByRealm() { Review Comment: ## Exposing internal representation getUsersByRealm exposes the internal representation stored in field usersByRealm. The value may be modified [after this call to getUsersByRealm](1). [Show more details](https://github.com/apache/syncope/security/code-scanning/1416) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org