Skip to content

Fix NPE with ApiKeyPair during listApis call (from cmk) #13149

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
sureshanaparti wants to merge 1 commit into
base: main
Choose a base branch
from
+15 −3
Open

Fix NPE with ApiKeyPair during listApis call (from cmk) #13149

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 15 additions & 3 deletions server/src/main/java/com/cloud/user/AccountManagerImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3202,7 +3202,7 @@ public Pair<Boolean, Map<String, String>> getKeys(GetUserKeysCmd cmd) {
ApiKeyPair keyPair;
if (accessingApiKey != null) {
ApiKeyPair accessingKeyPair = apiKeyPairService.findByApiKey(accessingApiKey);
if (userId == accessingKeyPair.getUserId()) {
if (accessingKeyPair != null && userId == accessingKeyPair.getUserId()) {
keyPair = apiKeyPairService.findByApiKey(accessingApiKey);
} else {
keyPair = _accountService.getLatestUserKeyPair(userId);
Expand Down Expand Up @@ -3320,6 +3320,10 @@ private Boolean isAccessingKeypairSuperset(ApiKeyPair accessedKeyPair, BaseCmd c
return Boolean.TRUE;
}
ApiKeyPair accessingKeyPair = apiKeyPairService.findByApiKey(apiKey);
if (accessingKeyPair == null) {
logger.warn("Unable to find API key pair for the accessing API key: {}", apiKey);
return Boolean.TRUE;
}
return isApiKeySupersetOfPermission(new ArrayList<>(getAllKeypairPermissions(accessingKeyPair.getApiKey())), new ArrayList<>(getAllKeypairPermissions(accessedKeyPair.getApiKey())));
}

Expand All @@ -3335,7 +3339,7 @@ public String getAccessingApiKey(BaseCmd cmd) {
return accessingApiKey;
}
} catch (NullPointerException e) {
logger.info("Accessing API through session.");
logger.info("Accessing API through session.", e);
}
return null;
}
Expand Down Expand Up @@ -3582,6 +3586,10 @@ public List<RolePermissionEntity> getAllKeypairPermissions(String apiKey) {
throw new InvalidParameterValueException("API key not present in the request's URL and, thus, unable to fetch API key rules.");
}
ApiKeyPair apiKeyPair = keyPairManager.findByApiKey(apiKey);
if (apiKeyPair == null) {
logger.warn("Unable to find API key pair by API key: {}", apiKey);
return new ArrayList<>();
}
Account account = _accountDao.findById(apiKeyPair.getAccountId());
List<ApiKeyPairPermission> keyPairPermissions = keyPairManager.findAllPermissionsByKeyPairId(apiKeyPair.getId(), account.getRoleId());
return new ArrayList<>(keyPairPermissions);
Expand Down Expand Up @@ -3848,7 +3856,11 @@ public void buildACLViewSearchCriteria(SearchCriteria<? extends ControlledViewEn
@Override
public UserAccount getUserByApiKey(String apiKey) {
ApiKeyPairVO keyPair = apiKeyPairDao.findByApiKey(apiKey);
return userAccountDao.findById(keyPair.getUserId());
if (keyPair != null) {
return userAccountDao.findById(keyPair.getUserId());
}

return null;
}

@Override
Expand Down
Loading