When a user had a certificate, i.e. an entry in the Gitblit Authority
database, but the user was deleted from the Gitblit database, then the
Authority application crashes upon loading. This patch prevents the
crash. The deleted user is no longer shown in the Authority. But the
database entry still is kept. This should be improved to show deleted
users and give the possibility to delete them from the Authority's
database.
This fixes #1359
html: ~
text: ~
security: ~
- fixes: ~
+ fixes:
+ - Fix crash in Gitblit Authority when users were deleted from Gitblit but still had entries (certificates) in the Authority.
changes:
- Minimum Java required increased to Java 8
additions: ~
List<UserCertificateModel> list = UserCertificateConfig.KEY.parse(config).list;\r
for (UserCertificateModel ucm : list) {\r
ucm.user = userService.getUserModel(ucm.user.username);\r
- map.put(ucm.user.username, ucm);\r
+ // Users may have been deleted, but are still present in authority.conf.\r
+ // TODO: Currently this only keeps the app from crashing. It should provide means to show obsolete user entries and delete them.\r
+ if (ucm.user != null) {\r
+ map.put(ucm.user.username, ucm);\r
+ }\r
}\r
} catch (IOException e) {\r
e.printStackTrace();\r