[
https://issues.apache.org/jira/browse/OAK-2956?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14592065#comment-14592065
]
angela commented on OAK-2956:
-----------------------------
we can prevent the NPE but the xml you are providing is illegal and will fail
upon save with {{ContraintViolationException}}. the changes you propose cannot
be made without violating the contract of the XML import which expects the xml
to be _complete_. and btw: the principal name is *not* duplicate. it has a
total different semantic meaning than the ID and in fact it is (or used to be)
different from the ID for almost every single user in real world installations
that had LDAP integration.
> NPE in UserImporter when importing group with modified authorizable id
> ----------------------------------------------------------------------
>
> Key: OAK-2956
> URL: https://issues.apache.org/jira/browse/OAK-2956
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Components: core
> Affects Versions: 1.2.2
> Reporter: Alexander Klimetschek
> Priority: Minor
>
> When importing a file vault package with a group that exists before (same
> uuid in the .content.xml) but modified authorizable id, this NPE happens:
> {noformat}
> Caused by: java.lang.NullPointerException: null
> at
> org.apache.jackrabbit.oak.security.user.UserImporter.handlePropInfo(UserImporter.java:242)
> at
> org.apache.jackrabbit.oak.jcr.xml.ImporterImpl.importProperties(ImporterImpl.java:287)
> at
> org.apache.jackrabbit.oak.jcr.xml.ImporterImpl.startNode(ImporterImpl.java:470)
> at
> org.apache.jackrabbit.oak.jcr.xml.SysViewImportHandler.processNode(SysViewImportHandler.java:80)
> at
> org.apache.jackrabbit.oak.jcr.xml.SysViewImportHandler.startElement(SysViewImportHandler.java:117)
> at
> org.apache.jackrabbit.oak.jcr.xml.ImportHandler.startElement(ImportHandler.java:183)
> at
> org.apache.jackrabbit.vault.fs.impl.io.JcrSysViewTransformer.startNode(JcrSysViewTransformer.java:167)
> at
> org.apache.jackrabbit.vault.fs.impl.io.DocViewSAXImporter.startElement(DocViewSAXImporter.java:598)
> ... 87 common frames omitted
> {noformat}
> It looks like [this
> line|https://github.com/apache/jackrabbit-oak/blob/105f890e04ee990f0e71d88937955680670d96f7/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserImporter.java#L242],
> meaning {{userManager.getAuthorizable(id)}} returned null.
> While the use case might not be something to support (this happens during
> development, changing group names/details until "right"), at least the NPE
> should be guarded against and a better error message given.
> Looking closer, it seems like a difference between
> {{UserManager.getAuthorizable(Tree)}} (called earlier in the method) (I
> assume using UUID to look up the existing group successfully) and
> {{UserManager.getAuthorizable(String)}} (using the rep:authorizableId to look
> up the user, failing, because it changed).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
