Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix nullability for JDK 25

Browse Source 
Closes gh-18511
This commit is contained in:
Robert Winch
2026-01-14 09:31:34 -06:00
parent 38b66e8407
commit 6e9b4f86a4
4 changed files with 25 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
core/src/main/java/org/springframework/security/authorization/method/PreFilterAuthorizationMethodInterceptor.java
+1 -1
View File
@@ -147,7 +147,7 @@ public final class PreFilterAuthorizationMethodInterceptor implements Authorizat
+ "' found in method."); + "' found in method.");
} }
else { else {
Object[] arguments = methodInvocation.getArguments(); @Nullable Object[] arguments = methodInvocation.getArguments();
Assert.state(arguments.length == 1, Assert.state(arguments.length == 1,
"Unable to determine the method argument for filtering. Specify the filter target."); "Unable to determine the method argument for filtering. Specify the filter target.");
filterTarget = arguments[0]; filterTarget = arguments[0];
core/src/main/java/org/springframework/security/authorization/method/PreFilterAuthorizationReactiveMethodInterceptor.java
+3 -3
View File
@@ -136,9 +136,9 @@ public final class PreFilterAuthorizationReactiveMethodInterceptor implements Au
Object target = mi.getThis(); Object target = mi.getThis();
Class<?> targetClass = (target != null) ? AopUtils.getTargetClass(target) : null; Class<?> targetClass = (target != null) ? AopUtils.getTargetClass(target) : null;
Method specificMethod = AopUtils.getMostSpecificMethod(mi.getMethod(), targetClass); Method specificMethod = AopUtils.getMostSpecificMethod(mi.getMethod(), targetClass);
String[] parameterNames = this.parameterNameDiscoverer.getParameterNames(specificMethod); @Nullable String @Nullable [] parameterNames = this.parameterNameDiscoverer.getParameterNames(specificMethod);
if (parameterNames != null && parameterNames.length > 0) { if (parameterNames != null && parameterNames.length > 0) {
Object[] arguments = mi.getArguments(); @Nullable Object[] arguments = mi.getArguments();
for (index = 0; index < parameterNames.length; index++) { for (index = 0; index < parameterNames.length; index++) {
if (name.equals(parameterNames[index])) { if (name.equals(parameterNames[index])) {
value = arguments[index]; value = arguments[index];
@@ -150,7 +150,7 @@ public final class PreFilterAuthorizationReactiveMethodInterceptor implements Au
} }
} }
else { else {
Object[] arguments = mi.getArguments(); @Nullable Object[] arguments = mi.getArguments();
Assert.state(arguments.length == 1, Assert.state(arguments.length == 1,
"Unable to determine the method argument for filtering. Specify the filter target."); "Unable to determine the method argument for filtering. Specify the filter target.");
value = arguments[0]; value = arguments[0];
core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java
+14 -2
View File
@@ -20,6 +20,8 @@ import java.sql.ResultSet;
import java.sql.SQLException; import java.sql.SQLException;
import java.util.Collection; import java.util.Collection;
import java.util.List; import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import javax.sql.DataSource; import javax.sql.DataSource;
@@ -356,13 +358,23 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl
@Override @Override
public List<String> findAllGroups() { public List<String> findAllGroups() {
return requireJdbcTemplate().queryForList(this.findAllGroupsSql, String.class); // @formatter:off
return requireJdbcTemplate().queryForList(this.findAllGroupsSql, String.class)
.stream()
.filter(Objects::nonNull)
.collect(Collectors.toList());
// @formatter:on
} }
@Override @Override
public List<String> findUsersInGroup(String groupName) { public List<String> findUsersInGroup(String groupName) {
Assert.hasText(groupName, "groupName should have text"); Assert.hasText(groupName, "groupName should have text");
return requireJdbcTemplate().queryForList(this.findUsersInGroupSql, String.class, groupName); // @formatter:off
return requireJdbcTemplate().queryForList(this.findUsersInGroupSql, String.class, groupName)
.stream()
.filter(Objects::nonNull)
.collect(Collectors.toList());
// @formatter:on
} }
@Override @Override
data/src/main/java/org/springframework/security/data/aot/hint/AuthorizeReturnObjectDataHintsRegistrar.java
+7 -3
View File
@@ -22,6 +22,8 @@ import java.util.HashSet;
import java.util.List; import java.util.List;
import java.util.Set; import java.util.Set;
import org.jspecify.annotations.Nullable;
import org.springframework.aot.hint.RuntimeHints; import org.springframework.aot.hint.RuntimeHints;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory; import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.core.ResolvableType; import org.springframework.core.ResolvableType;
@@ -33,6 +35,7 @@ import org.springframework.security.authorization.AuthorizationProxyFactory;
import org.springframework.security.authorization.method.AuthorizeReturnObject; import org.springframework.security.authorization.method.AuthorizeReturnObject;
import org.springframework.security.core.annotation.SecurityAnnotationScanner; import org.springframework.security.core.annotation.SecurityAnnotationScanner;
import org.springframework.security.core.annotation.SecurityAnnotationScanners; import org.springframework.security.core.annotation.SecurityAnnotationScanners;
import org.springframework.util.Assert;
/** /**
* A {@link SecurityHintsRegistrar} that scans all beans for implementations of * A {@link SecurityHintsRegistrar} that scans all beans for implementations of
@@ -82,14 +85,15 @@ public final class AuthorizeReturnObjectDataHintsRegistrar implements SecurityHi
if (!RepositoryFactoryBeanSupport.class.isAssignableFrom(type.toClass())) { if (!RepositoryFactoryBeanSupport.class.isAssignableFrom(type.toClass())) {
continue; continue;
} }
Class<?>[] generics = type.resolveGenerics(); @Nullable Class<?>[] generics = type.resolveGenerics();
Class<?> entity = generics[1]; @Nullable Class<?> entity = generics[1];
AuthorizeReturnObject authorize = beanFactory.findAnnotationOnBean(name, AuthorizeReturnObject.class); AuthorizeReturnObject authorize = beanFactory.findAnnotationOnBean(name, AuthorizeReturnObject.class);
if (authorize != null) { if (authorize != null) {
toProxy.add(entity); toProxy.add(entity);
continue; continue;
} }
Class<?> repository = generics[0]; @Nullable Class<?> repository = generics[0];
Assert.state(repository != null, "Repository resolved from " + type + " cannot be null");
for (Method method : repository.getDeclaredMethods()) { for (Method method : repository.getDeclaredMethods()) {
AuthorizeReturnObject returnObject = this.scanner.scan(method, repository); AuthorizeReturnObject returnObject = this.scanner.scan(method, repository);
if (returnObject == null) { if (returnObject == null) {