#29 Add check in MockHttpServletRequest.isUserInRole

closed
Alwin Ibba
None
5
2008-06-27
2007-12-28
Trevor Brosnan
No

The current implementation of the isUserInRole() method of MockHttpServletRequest does not perform an 'exists' check for the role specified - it assumes it exists and goes on to use the value returned. Thus, in the case where one has not specified a value for a specific role (using setUserInRole()) that is later queried using isUserInRole() - a NullPointerException will result.

The current code is as follows:

public boolean isUserInRole(String role)
{
return ((Boolean)roles.get(role)).booleanValue();
}

Suggested code:

public boolean isUserInRole(String role)
{
if(roles.containsKey(role)){
return ((Boolean)roles.get(role)).booleanValue();
}
else
{
//default to false
return false;
}
}

This change will make the behavior more intuitive and inline with the Servlet API specification (which states that if a value for a role is not available, false should be returned) and the behavior of most Servlet containers (such as Catalina).

Discussion

  • Alwin Ibba
    Alwin Ibba
    2007-12-28

    • assigned_to: nobody --> aibba
     
  • Alwin Ibba
    Alwin Ibba
    2007-12-28

    Logged In: YES
    user_id=804648
    Originator: NO

    I don't consider this a bug, it's just the behaviour of MockHttpServletRequest, which requires to set up every role to work fine. However, your suggestion makes sense. I'll implement it this way.

     
  • Alwin Ibba
    Alwin Ibba
    2008-06-27

    • status: open --> closed