Re: [PR] [SYNCOPE-1949] Allow to search AuthProfile owners [syncope]

Wed, 11 Feb 2026 01:32:37 -0800 


github-advanced-security[bot] commented on code in PR #1296:
URL: https://github.com/apache/syncope/pull/1296#discussion_r2792243269


##########
fit/core-reference/src/test/java/org/apache/syncope/fit/core/wa/GoogleMfaAuthTokenITCase.java:
##########
@@ -65,17 +65,49 @@
     }
 
     @Test
-    public void verifyProfile() {
-        String owner = UUID.randomUUID().toString();
-        GoogleMfaAuthToken token = createGoogleMfaAuthToken();
-        GOOGLE_MFA_AUTH_TOKEN_SERVICE.store(owner, token);
-        PagedResult<AuthProfileTO> results = AUTH_PROFILE_SERVICE.list(1, 100);
-        assertFalse(results.getResult().isEmpty());
-        AuthProfileTO profileTO = results.getResult().stream().
-                filter(p -> owner.equals(p.getOwner())).findFirst().get();
-        assertEquals(profileTO, AUTH_PROFILE_SERVICE.read(profileTO.getKey()));
-        AUTH_PROFILE_SERVICE.delete(profileTO.getKey());
-        assertThrows(SyncopeClientException.class, () -> 
AUTH_PROFILE_SERVICE.read(profileTO.getKey()));
+    public void listProfiles() {
+        String owner = "owner" + UUID.randomUUID();
+        String owner1 = "owner" + UUID.randomUUID();
+        String test = "test" + UUID.randomUUID();
+        PagedResult<AuthProfileTO> results = null;
+        PagedResult<AuthProfileTO> resultsTest = null;
+        try {
+            GoogleMfaAuthToken token = createGoogleMfaAuthToken();
+            GOOGLE_MFA_AUTH_TOKEN_SERVICE.store(owner, token);
+
+            GoogleMfaAuthToken token1 = createGoogleMfaAuthToken();
+            GOOGLE_MFA_AUTH_TOKEN_SERVICE.store(owner1, token1);
+
+            GoogleMfaAuthToken token2 = createGoogleMfaAuthToken();
+            GOOGLE_MFA_AUTH_TOKEN_SERVICE.store(test, token2);
+
+            results = AUTH_PROFILE_SERVICE.search(
+                    new 
AuthProfileQuery.Builder().page(1).size(100).keyword("owner*").build());
+
+            resultsTest = AUTH_PROFILE_SERVICE.search(
+                    new 
AuthProfileQuery.Builder().page(1).size(100).keyword("test*").build());
+
+            assertEquals(2, results.getTotalCount());
+            assertEquals(2, results.getResult().size());
+        } finally {
+            AuthProfileTO profileTO = results.getResult().stream().
+                    filter(p -> owner.equals(p.getOwner())).findFirst().get();
+            assertEquals(profileTO, 
AUTH_PROFILE_SERVICE.read(profileTO.getKey()));
+            AUTH_PROFILE_SERVICE.delete(profileTO.getKey());
+            assertThrows(SyncopeClientException.class, () -> 
AUTH_PROFILE_SERVICE.read(profileTO.getKey()));
+
+            AuthProfileTO profileTO1 = results.getResult().stream().
+                    filter(p -> owner1.equals(p.getOwner())).findFirst().get();
+            assertEquals(profileTO1, 
AUTH_PROFILE_SERVICE.read(profileTO1.getKey()));
+            AUTH_PROFILE_SERVICE.delete(profileTO1.getKey());
+            assertThrows(SyncopeClientException.class, () -> 
AUTH_PROFILE_SERVICE.read(profileTO1.getKey()));
+
+            AuthProfileTO profileTO2 = resultsTest.getResult().stream().

Review Comment:
   ## Dereferenced variable may be null
   
   Variable [resultsTest](1) may be null at this access because of [this](2) 
assignment.
   
   [Show more 
details](https://github.com/apache/syncope/security/code-scanning/2530)



##########
fit/core-reference/src/test/java/org/apache/syncope/fit/core/wa/GoogleMfaAuthTokenITCase.java:
##########
@@ -65,17 +65,49 @@
     }
 
     @Test
-    public void verifyProfile() {
-        String owner = UUID.randomUUID().toString();
-        GoogleMfaAuthToken token = createGoogleMfaAuthToken();
-        GOOGLE_MFA_AUTH_TOKEN_SERVICE.store(owner, token);
-        PagedResult<AuthProfileTO> results = AUTH_PROFILE_SERVICE.list(1, 100);
-        assertFalse(results.getResult().isEmpty());
-        AuthProfileTO profileTO = results.getResult().stream().
-                filter(p -> owner.equals(p.getOwner())).findFirst().get();
-        assertEquals(profileTO, AUTH_PROFILE_SERVICE.read(profileTO.getKey()));
-        AUTH_PROFILE_SERVICE.delete(profileTO.getKey());
-        assertThrows(SyncopeClientException.class, () -> 
AUTH_PROFILE_SERVICE.read(profileTO.getKey()));
+    public void listProfiles() {
+        String owner = "owner" + UUID.randomUUID();
+        String owner1 = "owner" + UUID.randomUUID();
+        String test = "test" + UUID.randomUUID();
+        PagedResult<AuthProfileTO> results = null;
+        PagedResult<AuthProfileTO> resultsTest = null;
+        try {
+            GoogleMfaAuthToken token = createGoogleMfaAuthToken();
+            GOOGLE_MFA_AUTH_TOKEN_SERVICE.store(owner, token);
+
+            GoogleMfaAuthToken token1 = createGoogleMfaAuthToken();
+            GOOGLE_MFA_AUTH_TOKEN_SERVICE.store(owner1, token1);
+
+            GoogleMfaAuthToken token2 = createGoogleMfaAuthToken();
+            GOOGLE_MFA_AUTH_TOKEN_SERVICE.store(test, token2);
+
+            results = AUTH_PROFILE_SERVICE.search(
+                    new 
AuthProfileQuery.Builder().page(1).size(100).keyword("owner*").build());
+
+            resultsTest = AUTH_PROFILE_SERVICE.search(
+                    new 
AuthProfileQuery.Builder().page(1).size(100).keyword("test*").build());
+
+            assertEquals(2, results.getTotalCount());
+            assertEquals(2, results.getResult().size());
+        } finally {
+            AuthProfileTO profileTO = results.getResult().stream().

Review Comment:
   ## Dereferenced variable may be null
   
   Variable [results](1) may be null at this access because of [this](2) 
assignment.
   
   [Show more 
details](https://github.com/apache/syncope/security/code-scanning/2529)



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to