//# 2 errors, 68 messages
//#
/*
    //#AuthoritiesPopulator.java:1:1: class: org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator
    //#AuthoritiesPopulator.java:1:1: method: org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator.org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator__static_init
 * Licensed to the Apache Software Foundation (ASF) under one or more
 *  contributor license agreements.  The ASF licenses this file to You
 * under the Apache License, Version 2.0 (the "License"); you may not
 * use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.  For additional information regarding
 * copyright in this work, please see the NOTICE file in the top level
 * directory of this distribution.
 */
package org.apache.roller.weblogger.ui.core.security;

import java.util.Iterator;

import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.acegisecurity.ldap.LdapDataAccessException;
import org.acegisecurity.providers.ldap.LdapAuthoritiesPopulator;
import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.acegisecurity.userdetails.ldap.LdapUserDetails;
import org.apache.roller.weblogger.WebloggerException;
import org.apache.roller.weblogger.business.UserManager;
import org.apache.roller.weblogger.business.Weblogger;
import org.apache.roller.weblogger.business.WebloggerFactory;
import org.apache.roller.weblogger.pojos.User;
import org.apache.roller.weblogger.pojos.UserRole;
import org.springframework.util.Assert;


/**
 * @author Elias Torres (<a href="mailto:eliast@us.ibm.com">eliast@us.ibm.com</a>)
 */
public class AuthoritiesPopulator implements LdapAuthoritiesPopulator {
    //#AuthoritiesPopulator.java:40: method: void org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator.org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator()
    //#input(void org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator()): this
    //#output(void org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator()): this.defaultRole
    //#post(void org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator()): this.defaultRole == null

    /** A default role which will be assigned to all authenticated users if set */
    private GrantedAuthority defaultRole = null;
    //#AuthoritiesPopulator.java:43: end of method: void org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator.org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator()

    
    /* (non-Javadoc)
     * @see org.acegisecurity.providers.ldap.LdapAuthoritiesPopulator#getGrantedAuthorities(org.acegisecurity.userdetails.ldap.LdapUserDetails)
     */
    public GrantedAuthority[] getGrantedAuthorities(LdapUserDetails userDetails) throws LdapDataAccessException {


        User userData = null;
    //#AuthoritiesPopulator.java:52: method: GrantedAuthority[] org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator.getGrantedAuthorities(LdapUserDetails)
    //#AuthoritiesPopulator.java:52: Warning: unused assignment
    //#    unused assignment into userData
    //#    severity: SUPPRESSED
    //#    class: org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator
    //#    method: GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)
    //#    Attribs:  Uncertain
    //#input(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): "ERROR no user: "._tainted
    //#input(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): java.lang.Boolean.TRUE
    //#input(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): this
    //#input(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): this.defaultRole
    //#input(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): userDetails
    //#output(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): new GrantedAuthorityImpl(getGrantedAuthorities#5) num objects
    //#output(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): new GrantedAuthorityImpl[](getGrantedAuthorities#4) num objects
    //#output(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): new GrantedAuthorityImpl[](getGrantedAuthorities#4).length
    //#output(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): new GrantedAuthorityImpl[](getGrantedAuthorities#4)[0..4_294_967_295]
    //#output(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): return_value
    //#new obj(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): new GrantedAuthorityImpl(getGrantedAuthorities#5)
    //#new obj(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): new GrantedAuthorityImpl[](getGrantedAuthorities#4)
    //#pre[2] (GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): init'ed(this.defaultRole)
    //#pre[3] (GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): userDetails != null
    //#presumption(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): init'ed(java.lang.Boolean.TRUE)
    //#presumption(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): java.util.Iterator:next(...)@70 != null
    //#presumption(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): java.util.Set:size(...)@65 in 1..4_294_967_294
    //#presumption(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): org.apache.roller.weblogger.business.UserManager:getUserByUserName(...)@56 != null
    //#presumption(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): org.apache.roller.weblogger.business.Weblogger:getUserManager(...)@55 != null
    //#presumption(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): org.apache.roller.weblogger.business.WebloggerFactory:getWeblogger(...)@54 != null
    //#presumption(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): org.apache.roller.weblogger.pojos.User:getRoles(...)@65 != null
    //#presumption(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): org.apache.roller.weblogger.pojos.User:getRoles(...)@69 != null
    //#post(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): return_value == &new GrantedAuthorityImpl[](getGrantedAuthorities#4)
    //#post(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): init'ed(new GrantedAuthorityImpl(getGrantedAuthorities#5) num objects)
    //#post(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): new GrantedAuthorityImpl[](getGrantedAuthorities#4) num objects == 1
    //#post(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): (soft) new GrantedAuthorityImpl[](getGrantedAuthorities#4).length in 1..4_294_967_295
    //#post(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): new GrantedAuthorityImpl[](getGrantedAuthorities#4)[0..4_294_967_295] != null
    //#test_vector(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): this.defaultRole: Addr_Set{null}, Inverse{null}
    //#test_vector(GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)): java.util.Iterator:hasNext(...)@69: {0}, {1}
        try {
            Weblogger roller = WebloggerFactory.getWeblogger();
    //#AuthoritiesPopulator.java:54: Warning: method not available
    //#    -- call on Weblogger org.apache.roller.weblogger.business.WebloggerFactory:getWeblogger()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator
    //#    method: GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)
    //#    unanalyzed callee: Weblogger org.apache.roller.weblogger.business.WebloggerFactory:getWeblogger()
            UserManager umgr = roller.getUserManager();
    //#AuthoritiesPopulator.java:55: Warning: method not available
    //#    -- call on UserManager org.apache.roller.weblogger.business.Weblogger:getUserManager()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator
    //#    method: GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)
    //#    unanalyzed callee: UserManager org.apache.roller.weblogger.business.Weblogger:getUserManager()
            userData = umgr.getUserByUserName(userDetails.getUsername(), Boolean.TRUE);
    //#AuthoritiesPopulator.java:56: Warning: method not available
    //#    -- call on String org.acegisecurity.userdetails.ldap.LdapUserDetails:getUsername()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator
    //#    method: GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)
    //#    unanalyzed callee: String org.acegisecurity.userdetails.ldap.LdapUserDetails:getUsername()
    //#AuthoritiesPopulator.java:56: Warning: method not available
    //#    -- call on User org.apache.roller.weblogger.business.UserManager:getUserByUserName(String, Boolean)
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator
    //#    method: GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)
    //#    unanalyzed callee: User org.apache.roller.weblogger.business.UserManager:getUserByUserName(String, Boolean)
        } catch (WebloggerException ex) {
            throw new LdapDataAccessException("ERROR in user lookup", ex);
        }

        if (userData == null) {
            throw new LdapDataAccessException("ERROR no user: " + userDetails.getUsername());
        }

        int roleCount = userData.getRoles().size();
    //#AuthoritiesPopulator.java:65: Warning: method not available
    //#    -- call on Set org.apache.roller.weblogger.pojos.User:getRoles()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator
    //#    method: GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)
    //#    unanalyzed callee: Set org.apache.roller.weblogger.pojos.User:getRoles()
        if (defaultRole != null) roleCount++;
        GrantedAuthority[] authorities = new GrantedAuthorityImpl[roleCount];
        int i = 0;
        for (Iterator it = userData.getRoles().iterator(); it.hasNext();) {
    //#AuthoritiesPopulator.java:69: Warning: method not available
    //#    -- call on Set org.apache.roller.weblogger.pojos.User:getRoles()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator
    //#    method: GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)
    //#    unanalyzed callee: Set org.apache.roller.weblogger.pojos.User:getRoles()
            UserRole role = (UserRole) it.next();
            authorities[i++] = new GrantedAuthorityImpl(role.getRole());
    //#AuthoritiesPopulator.java:71: ?overflow
    //#    i in -2_147_483_649..4_294_967_294
    //#    severity: LOW
    //#    class: org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator
    //#    method: GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)
    //#    basic block: bb_10
    //#    assertion: i in -2_147_483_649..4_294_967_294
    //#    VN: i + 1
    //#    Expected: {-2_147_483_648..4_294_967_295, Invalid}
    //#    Bad: {4_294_967_296}
    //#    Attribs:  Int  Bad singleton  Bad > Exp
    //#AuthoritiesPopulator.java:71: Warning: method not available
    //#    -- call on String org.apache.roller.weblogger.pojos.UserRole:getRole()
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator
    //#    method: GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)
    //#    unanalyzed callee: String org.apache.roller.weblogger.pojos.UserRole:getRole()
    //#AuthoritiesPopulator.java:71: Warning: method not available
    //#    -- call on void org.acegisecurity.GrantedAuthorityImpl(String)
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator
    //#    method: GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)
    //#    unanalyzed callee: void org.acegisecurity.GrantedAuthorityImpl(String)
    //#AuthoritiesPopulator.java:71: ?array index out of bounds
    //#    i < authorities.length
    //#    severity: MEDIUM
    //#    class: org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator
    //#    method: GrantedAuthority[] getGrantedAuthorities(LdapUserDetails)
    //#    basic block: bb_10
    //#    assertion: i < authorities.length
    //#    VN: -(i - roleCount)
    //#    Expected: {1..+Inf}
    //#    Bad: {0}
    //#    Attribs:  Int  Bad singleton  Bad overlaps +/-1000  Bad < Exp
        }
        
        if (defaultRole != null) {
            authorities[roleCount-1] = defaultRole;
        }

        if (authorities.length == 0) {
            throw new UsernameNotFoundException("User has no GrantedAuthority");
        }

        return authorities;
    //#AuthoritiesPopulator.java:82: end of method: GrantedAuthority[] org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator.getGrantedAuthorities(LdapUserDetails)
    }

    /**
     * The default role which will be assigned to all users.
     *
     * @param defaultRole the role name, including any desired prefix.
     */
    public void setDefaultRole(String defaultRole) {
        Assert.notNull(defaultRole, "The defaultRole property cannot be set to null");
    //#AuthoritiesPopulator.java:91: method: void org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator.setDefaultRole(String)
    //#AuthoritiesPopulator.java:91: Warning: method not available
    //#    -- call on void org.springframework.util.Assert:notNull(Object, String)
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator
    //#    method: void setDefaultRole(String)
    //#    unanalyzed callee: void org.springframework.util.Assert:notNull(Object, String)
    //#input(void setDefaultRole(String)): defaultRole
    //#input(void setDefaultRole(String)): this
    //#output(void setDefaultRole(String)): new GrantedAuthorityImpl(setDefaultRole#1) num objects
    //#output(void setDefaultRole(String)): this.defaultRole
    //#new obj(void setDefaultRole(String)): new GrantedAuthorityImpl(setDefaultRole#1)
    //#post(void setDefaultRole(String)): this.defaultRole == &new GrantedAuthorityImpl(setDefaultRole#1)
    //#post(void setDefaultRole(String)): new GrantedAuthorityImpl(setDefaultRole#1) num objects == 1
        this.defaultRole = new GrantedAuthorityImpl(defaultRole);
    //#AuthoritiesPopulator.java:92: Warning: method not available
    //#    -- call on void org.acegisecurity.GrantedAuthorityImpl(String)
    //#    severity: INFORMATIONAL
    //#    class: org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator
    //#    method: void setDefaultRole(String)
    //#    unanalyzed callee: void org.acegisecurity.GrantedAuthorityImpl(String)
    }
    //#AuthoritiesPopulator.java:93: end of method: void org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator.setDefaultRole(String)
}
    //#output(org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator__static_init): __Descendant_Table[org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator]
    //#output(org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator__static_init): __Dispatch_Table.getGrantedAuthorities(Lorg/acegisecurity/userdetails/ldap/LdapUserDetails;)[Lorg/acegisecurity/GrantedAuthority;
    //#output(org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator__static_init): __Dispatch_Table.setDefaultRole(Ljava/lang/String;)V
    //#post(org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator__static_init): __Descendant_Table[org/apache/roller/weblogger/ui/core/security/AuthoritiesPopulator] == &__Dispatch_Table
    //#post(org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator__static_init): __Dispatch_Table.getGrantedAuthorities(Lorg/acegisecurity/userdetails/ldap/LdapUserDetails;)[Lorg/acegisecurity/GrantedAuthority; == &getGrantedAuthorities
    //#post(org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator__static_init): __Dispatch_Table.setDefaultRole(Ljava/lang/String;)V == &setDefaultRole
    //#AuthoritiesPopulator.java:: end of method: org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator.org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator__static_init
    //#AuthoritiesPopulator.java:: end of class: org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator
