Improve NPE Handling

jzheaux · jzheaux · commit bc9ae1eed6af · 2025-04-23T12:11:09.000-06:00
diff --git a/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java b/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java
@@ -29,6 +29,7 @@
 import org.springframework.context.ApplicationContextException;
 import org.springframework.core.log.LogMessage;
 import org.springframework.dao.IncorrectResultSizeDataAccessException;
+import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.jdbc.core.PreparedStatementSetter;
 import org.springframework.jdbc.core.RowMapper;
 import org.springframework.security.access.AccessDeniedException;
@@ -214,7 +215,7 @@ protected void initDao() throws ApplicationContextException {
 	 */
 	@Override
 	protected List<UserDetails> loadUsersByUsername(String username) {
-		return getJdbcTemplate().query(getUsersByUsernameQuery(), this.userDetailsMapper, username);
+		return requireJdbcTemplate().query(getUsersByUsernameQuery(), this.userDetailsMapper, username);
 	}
 
 	private UserDetails mapToUser(ResultSet rs, int rowNum) throws SQLException {
@@ -237,7 +238,7 @@ private UserDetails mapToUser(ResultSet rs, int rowNum) throws SQLException {
 	@Override
 	public void createUser(final UserDetails user) {
 		validateUserDetails(user);
-		getJdbcTemplate().update(this.createUserSql, (ps) -> {
+		requireJdbcTemplate().update(this.createUserSql, (ps) -> {
 			ps.setString(1, user.getUsername());
 			ps.setString(2, user.getPassword());
 			ps.setBoolean(3, user.isEnabled());
@@ -257,7 +258,7 @@ public void createUser(final UserDetails user) {
 	@Override
 	public void updateUser(final UserDetails user) {
 		validateUserDetails(user);
-		getJdbcTemplate().update(this.updateUserSql, (ps) -> {
+		requireJdbcTemplate().update(this.updateUserSql, (ps) -> {
 			ps.setString(1, user.getPassword());
 			ps.setBoolean(2, user.isEnabled());
 			int paramCount = ps.getParameterMetaData().getParameterCount();
@@ -281,7 +282,7 @@ public void updateUser(final UserDetails user) {
 
 	private void insertUserAuthorities(UserDetails user) {
 		for (GrantedAuthority auth : user.getAuthorities()) {
-			getJdbcTemplate().update(this.createAuthoritySql, user.getUsername(), auth.getAuthority());
+			requireJdbcTemplate().update(this.createAuthoritySql, user.getUsername(), auth.getAuthority());
 		}
 	}
 
@@ -290,12 +291,12 @@ public void deleteUser(String username) {
 		if (getEnableAuthorities()) {
 			deleteUserAuthorities(username);
 		}
-		getJdbcTemplate().update(this.deleteUserSql, username);
+		requireJdbcTemplate().update(this.deleteUserSql, username);
 		this.userCache.removeUserFromCache(username);
 	}
 
 	private void deleteUserAuthorities(String username) {
-		getJdbcTemplate().update(this.deleteUserAuthoritiesSql, username);
+		requireJdbcTemplate().update(this.deleteUserAuthoritiesSql, username);
 	}
 
 	@Override
@@ -318,7 +319,7 @@ public void changePassword(String oldPassword, String newPassword) throws Authen
 			this.logger.debug("No authentication manager set. Password won't be re-checked.");
 		}
 		this.logger.debug("Changing password for user '" + username + "'");
-		getJdbcTemplate().update(this.changePasswordSql, newPassword, username);
+		requireJdbcTemplate().update(this.changePasswordSql, newPassword, username);
 		Authentication authentication = createNewAuthentication(currentUser, newPassword);
 		SecurityContext context = this.securityContextHolderStrategy.createEmptyContext();
 		context.setAuthentication(authentication);
@@ -336,7 +337,7 @@ protected Authentication createNewAuthentication(Authentication currentAuth, Str
 
 	@Override
 	public boolean userExists(String username) {
-		List<String> users = getJdbcTemplate().queryForList(this.userExistsSql, String.class, username);
+		List<String> users = requireJdbcTemplate().queryForList(this.userExistsSql, String.class, username);
 		if (users.size() > 1) {
 			throw new IncorrectResultSizeDataAccessException("More than one user found with name '" + username + "'",
 					1);
@@ -346,13 +347,13 @@ public boolean userExists(String username) {
 
 	@Override
 	public List<String> findAllGroups() {
-		return getJdbcTemplate().queryForList(this.findAllGroupsSql, String.class);
+		return requireJdbcTemplate().queryForList(this.findAllGroupsSql, String.class);
 	}
 
 	@Override
 	public List<String> findUsersInGroup(String groupName) {
 		Assert.hasText(groupName, "groupName should have text");
-		return getJdbcTemplate().queryForList(this.findUsersInGroupSql, String.class, groupName);
+		return requireJdbcTemplate().queryForList(this.findUsersInGroupSql, String.class, groupName);
 	}
 
 	@Override
@@ -361,11 +362,11 @@ public void createGroup(final String groupName, final List<GrantedAuthority> aut
 		Assert.notNull(authorities, "authorities cannot be null");
 		this.logger.debug("Creating new group '" + groupName + "' with authorities "
 				+ AuthorityUtils.authorityListToSet(authorities));
-		getJdbcTemplate().update(this.insertGroupSql, groupName);
+		requireJdbcTemplate().update(this.insertGroupSql, groupName);
 		int groupId = findGroupId(groupName);
 		for (GrantedAuthority a : authorities) {
 			String authority = a.getAuthority();
-			getJdbcTemplate().update(this.insertGroupAuthoritySql, (ps) -> {
+			requireJdbcTemplate().update(this.insertGroupAuthoritySql, (ps) -> {
 				ps.setInt(1, groupId);
 				ps.setString(2, authority);
 			});
@@ -378,17 +379,17 @@ public void deleteGroup(String groupName) {
 		Assert.hasText(groupName, "groupName should have text");
 		int id = findGroupId(groupName);
 		PreparedStatementSetter groupIdPSS = (ps) -> ps.setInt(1, id);
-		getJdbcTemplate().update(this.deleteGroupMembersSql, groupIdPSS);
-		getJdbcTemplate().update(this.deleteGroupAuthoritiesSql, groupIdPSS);
-		getJdbcTemplate().update(this.deleteGroupSql, groupIdPSS);
+		requireJdbcTemplate().update(this.deleteGroupMembersSql, groupIdPSS);
+		requireJdbcTemplate().update(this.deleteGroupAuthoritiesSql, groupIdPSS);
+		requireJdbcTemplate().update(this.deleteGroupSql, groupIdPSS);
 	}
 
 	@Override
 	public void renameGroup(String oldName, String newName) {
 		this.logger.debug("Changing group name from '" + oldName + "' to '" + newName + "'");
 		Assert.hasText(oldName, "oldName should have text");
 		Assert.hasText(newName, "newName should have text");
-		getJdbcTemplate().update(this.renameGroupSql, newName, oldName);
+		requireJdbcTemplate().update(this.renameGroupSql, newName, oldName);
 	}
 
 	@Override
@@ -397,7 +398,7 @@ public void addUserToGroup(final String username, final String groupName) {
 		Assert.hasText(username, "username should have text");
 		Assert.hasText(groupName, "groupName should have text");
 		int id = findGroupId(groupName);
-		getJdbcTemplate().update(this.insertGroupMemberSql, (ps) -> {
+		requireJdbcTemplate().update(this.insertGroupMemberSql, (ps) -> {
 			ps.setInt(1, id);
 			ps.setString(2, username);
 		});
@@ -410,7 +411,7 @@ public void removeUserFromGroup(final String username, final String groupName) {
 		Assert.hasText(username, "username should have text");
 		Assert.hasText(groupName, "groupName should have text");
 		int id = findGroupId(groupName);
-		getJdbcTemplate().update(this.deleteGroupMemberSql, (ps) -> {
+		requireJdbcTemplate().update(this.deleteGroupMemberSql, (ps) -> {
 			ps.setInt(1, id);
 			ps.setString(2, username);
 		});
@@ -421,7 +422,7 @@ public void removeUserFromGroup(final String username, final String groupName) {
 	public List<GrantedAuthority> findGroupAuthorities(String groupName) {
 		this.logger.debug("Loading authorities for group '" + groupName + "'");
 		Assert.hasText(groupName, "groupName should have text");
-		return getJdbcTemplate().query(this.groupAuthoritiesSql, this.grantedAuthorityMapper, groupName);
+		return requireJdbcTemplate().query(this.groupAuthoritiesSql, this.grantedAuthorityMapper, groupName);
 	}
 
 	private GrantedAuthority mapToGrantedAuthority(ResultSet rs, int rowNum) throws SQLException {
@@ -435,7 +436,7 @@ public void removeGroupAuthority(String groupName, final GrantedAuthority author
 		Assert.hasText(groupName, "groupName should have text");
 		Assert.notNull(authority, "authority cannot be null");
 		int id = findGroupId(groupName);
-		getJdbcTemplate().update(this.deleteGroupAuthoritySql, (ps) -> {
+		requireJdbcTemplate().update(this.deleteGroupAuthoritySql, (ps) -> {
 			ps.setInt(1, id);
 			ps.setString(2, authority.getAuthority());
 		});
@@ -447,14 +448,20 @@ public void addGroupAuthority(final String groupName, final GrantedAuthority aut
 		Assert.hasText(groupName, "groupName should have text");
 		Assert.notNull(authority, "authority cannot be null");
 		int id = findGroupId(groupName);
-		getJdbcTemplate().update(this.insertGroupAuthoritySql, (ps) -> {
+		requireJdbcTemplate().update(this.insertGroupAuthoritySql, (ps) -> {
 			ps.setInt(1, id);
 			ps.setString(2, authority.getAuthority());
 		});
 	}
 
 	private int findGroupId(String group) {
-		return getJdbcTemplate().queryForObject(this.findGroupIdSql, Integer.class, group);
+		return requireJdbcTemplate().queryForObject(this.findGroupIdSql, Integer.class, group);
+	}
+
+	private JdbcTemplate requireJdbcTemplate() {
+		JdbcTemplate jdbc = getJdbcTemplate();
+		Assert.notNull(jdbc, "JdbcTemplate cannot be null");
+		return jdbc;
 	}
 
 	/**
