From 6eccd2f47cc9914a29494bf45e27528b0deb9fe5 Mon Sep 17 00:00:00 2001 From: Wikum Weerakutti Date: Tue, 8 Oct 2024 11:44:25 +0530 Subject: [PATCH] TRUNK-6259: Fixing the NullPointerException and ConcurrentModificationException --- .../org/openmrs/api/context/UserContext.java | 25 +++++++++++++------ 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/api/src/main/java/org/openmrs/api/context/UserContext.java b/api/src/main/java/org/openmrs/api/context/UserContext.java index df87b62b01c..70eee32cac5 100755 --- a/api/src/main/java/org/openmrs/api/context/UserContext.java +++ b/api/src/main/java/org/openmrs/api/context/UserContext.java @@ -29,6 +29,7 @@ import org.openmrs.api.LocationService; import org.openmrs.util.LocaleUtility; import org.openmrs.util.OpenmrsConstants; +import org.openmrs.util.PrivilegeConstants; import org.openmrs.util.RoleConstants; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -59,7 +60,7 @@ public class UserContext implements Serializable { /** * User's permission proxies */ - private List proxies = Collections.synchronizedList(new ArrayList<>()); + private List proxies = new ArrayList<>(); /** * User's locale @@ -329,11 +330,8 @@ public Set getAllRoles(User user) throws Exception { * Should not authorize if anonymous user does not have specified privilege */ public boolean hasPrivilege(String privilege) { - log.debug("Checking '{}' against proxies: {}", privilege, proxies); - // check proxied privileges - for (String s : new ArrayList<>(proxies)) { - if (s.equals(privilege)) { - notifyPrivilegeListeners(getAuthenticatedUser(), privilege, true); + if (StringUtils.equals(privilege, PrivilegeConstants.GET_ROLES)) { + if (proxies.contains(privilege)) { return true; } } @@ -341,13 +339,24 @@ public boolean hasPrivilege(String privilege) { // if a user has logged in, check their privileges if (isAuthenticated() && (getAuthenticatedUser().hasPrivilege(privilege) || getAuthenticatedRole().hasPrivilege(privilege))) { - + // check user's privileges notifyPrivilegeListeners(getAuthenticatedUser(), privilege, true); return true; - + + } + + log.debug("Checking '{}' against proxies: {}", privilege, proxies); + // check proxied privileges + for (String s : new ArrayList<>(proxies)) { + if (s.equals(privilege)) { + notifyPrivilegeListeners(getAuthenticatedUser(), privilege, true); + return true; + } } + + if (getAnonymousRole().hasPrivilege(privilege)) { notifyPrivilegeListeners(getAuthenticatedUser(), privilege, true); return true;