[SHIBUI-960]

Added a check to see if an EntityRoleWhitelistFilter has any retained roles or not. If not, we skip generating that xml element entirely. Includes accompanying unit test.
TIER · Jan 29, 2019 · 0f79e0b · 0f79e0b
1 parent 19e3f03
commit 0f79e0b
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 7 deletions.
diff --git a/...oovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/...oovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy
@@ -281,13 +281,15 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
     }
 
     void constructXmlNodeForFilter(EntityRoleWhiteListFilter filter, def markupBuilderDelegate) {
-        markupBuilderDelegate.MetadataFilter(
-                'xsi:type': 'EntityRoleWhiteList',
-                'xmlns:md': 'urn:oasis:names:tc:SAML:2.0:metadata'
-        ) {
-            filter.retainedRoles.each {
-                // TODO: fix
-                markupBuilderDelegate.RetainedRole(it.startsWith('md:') ? it : "md:${it}")
+        if (!filter.retainedRoles?.isEmpty()) {
+            markupBuilderDelegate.MetadataFilter(
+                    'xsi:type': 'EntityRoleWhiteList',
+                    'xmlns:md': 'urn:oasis:names:tc:SAML:2.0:metadata'
+            ) {
+                filter.retainedRoles.each {
+                    // TODO: fix
+                    markupBuilderDelegate.RetainedRole(it.startsWith('md:') ? it : "md:${it}")
+                }
             }
         }
     }

diff --git a/...edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy b/...edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy
@@ -8,6 +8,7 @@ import edu.internet2.tier.shibboleth.admin.ui.configuration.SearchConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.ShibUIConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilter
 import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilterTarget
+import edu.internet2.tier.shibboleth.admin.ui.domain.filters.MetadataFilter
 import edu.internet2.tier.shibboleth.admin.ui.domain.filters.RequiredValidUntilFilter
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ClasspathMetadataResource
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetadataResolver
@@ -239,6 +240,26 @@ class JPAMetadataResolverServiceImplTests extends Specification {
         generatedXmlIsTheSameAsExpectedXml('/conf/532.xml', domBuilder.parseText(writer.toString()))
     }
 
+    def 'SHIBUI-960 test generating FileBackedHttpMetadataResolver with empty EntityRoleWhitelistFilter produces no filter in the xml'() {
+        given:
+        def resolver = testObjectGenerator.fileBackedHttpMetadataResolver()
+        def erwFilter = testObjectGenerator.entityRoleWhitelistFilter()
+        erwFilter.retainedRoles.clear()
+        resolver.metadataFilters.add(erwFilter)
+
+        when:
+        genXmlSnippet(markupBuilder) {
+            JPAMetadataResolverServiceImpl.cast(metadataResolverService).constructXmlNodeForResolver(resolver, markupBuilder) {
+                resolver.metadataFilters.each { MetadataFilter filter ->
+                    JPAMetadataResolverServiceImpl.cast(metadataResolverService).constructXmlNodeForFilter(filter, markupBuilder)
+                }
+            }
+        }
+
+        then:
+        generatedXmlIsTheSameAsExpectedXml('/conf/532.xml', domBuilder.parseText(writer.toString()))
+    }
+
     def 'test generating ResourceBackedMetadataResolver with SVN resource type xml snippet'() {
         given:
         def resolver = new edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ResourceBackedMetadataResolver().with {