Mirrors/Stirling-PDF
Mirrors/Stirling-PDF
1
0
Fork 0
mirror of https://github.com/Frooodle/Stirling-PDF.git synced 2025-11-16 01:21:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

refactor(common, core, proprietary): migrate boxed Booleans to primitive booleans and adopt is* accessors to reduce null checks/NPE risk (#4153)

Browse Source 
# Description of Changes

**What was changed**
- Switched multiple nullable `Boolean` fields to primitive `boolean` in
`ApplicationProperties`:
  - `Security.enableLogin`, `Security.csrfDisabled`
- `System.googlevisibility`, `System.showUpdateOnlyAdmin`,
`System.enableAlphaFunctionality`, `System.disableSanitize`,
`System.enableUrlToPDF`
  - `Metrics.enabled`
- Updated all consumers to use Lombok’s `is*` accessors instead of
`get*`:
- `AppConfig`, `PostHogService`, `CustomHtmlSanitizer`,
`EndpointConfiguration`, `InitialSetup`, `OpenApiConfig`,
`ConvertWebsiteToPDF`, `HomeWebController`, `MetricsController`,
proprietary `SecurityConfiguration`, `AccountWebController`
- Tests adjusted to mock `isDisableSanitize()` instead of
`getDisableSanitize()`
- Logic simplifications:
- Removed redundant null-handling/ternaries now that primitives have
defaults (e.g., `enableAlphaFunctionality` bean)
  - Replaced `Boolean.TRUE.equals(...)` with direct primitive checks
  - Used constant-first `equals` for NPE safety in string comparisons

**Why the change was made**
- Primitive booleans eliminate ambiguity, cut down on
`NullPointerException` risks, and simplify conditions
- Aligns with Java/Lombok conventions (`isX()` for `boolean`) for
clearer, more consistent APIs
- Spring provides sane defaults for missing booleans (`false`), reducing
boilerplate and cognitive load

---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
This commit is contained in:
Ludy 2025-11-11 18:16:48 +01:00 committed by GitHub
parent 57eb6dbed9
commit e932ca01f3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
17 changed files with 43 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/common/src/main/java/stirling/software/common/configuration/AppConfig.java
View File

@ -70,7 +70,7 @@ public class AppConfig {
@Bean(name = "loginEnabled") @Bean(name = "loginEnabled")
public boolean loginEnabled() { public boolean loginEnabled() {
return applicationProperties.getSecurity().getEnableLogin(); return applicationProperties.getSecurity().isEnableLogin();
} }
@Bean(name = "appName") @Bean(name = "appName")
@ -120,9 +120,7 @@ public class AppConfig {
@Bean(name = "enableAlphaFunctionality") @Bean(name = "enableAlphaFunctionality")
public boolean enableAlphaFunctionality() { public boolean enableAlphaFunctionality() {
return applicationProperties.getSystem().getEnableAlphaFunctionality() != null return applicationProperties.getSystem().isEnableAlphaFunctionality();
? applicationProperties.getSystem().getEnableAlphaFunctionality()
: false;
} }
@Bean(name = "rateLimit") @Bean(name = "rateLimit")

28
app/common/src/main/java/stirling/software/common/model/ApplicationProperties.java
View File

@ -112,8 +112,8 @@ public class ApplicationProperties {
@Data @Data
public static class Security { public static class Security {
private Boolean enableLogin; private boolean enableLogin;
private Boolean csrfDisabled; private boolean csrfDisabled;
private InitialLogin initialLogin = new InitialLogin(); private InitialLogin initialLogin = new InitialLogin();
private OAUTH2 oauth2 = new OAUTH2(); private OAUTH2 oauth2 = new OAUTH2();
private SAML2 saml2 = new SAML2(); private SAML2 saml2 = new SAML2();
@ -295,8 +295,8 @@ public class ApplicationProperties {
throw new UnsupportedProviderException( throw new UnsupportedProviderException(
"Logout from the provider " "Logout from the provider "
+ registrationId + registrationId
+ " is not supported. " + " is not supported. Report it at"
+ "Report it at https://github.com/Stirling-Tools/Stirling-PDF/issues"); + " https://github.com/Stirling-Tools/Stirling-PDF/issues");
}; };
} }
} }
@ -314,19 +314,19 @@ public class ApplicationProperties {
@Data @Data
public static class System { public static class System {
private String defaultLocale; private String defaultLocale;
private Boolean googlevisibility; private boolean googlevisibility;
private boolean showUpdate; private boolean showUpdate;
private Boolean showUpdateOnlyAdmin; private boolean showUpdateOnlyAdmin;
private boolean customHTMLFiles; private boolean customHTMLFiles;
private String tessdataDir; private String tessdataDir;
private Boolean enableAlphaFunctionality; private boolean enableAlphaFunctionality;
private Boolean enableAnalytics; private Boolean enableAnalytics;
private Boolean enablePosthog; private Boolean enablePosthog;
private Boolean enableScarf; private Boolean enableScarf;
private Datasource datasource; private Datasource datasource;
private Boolean disableSanitize; private boolean disableSanitize;
private int maxDPI; private int maxDPI;
private Boolean enableUrlToPDF; private boolean enableUrlToPDF;
private Html html = new Html(); private Html html = new Html();
private CustomPaths customPaths = new CustomPaths(); private CustomPaths customPaths = new CustomPaths();
private String fileUploadLimit; private String fileUploadLimit;
@ -453,10 +453,10 @@ public class ApplicationProperties {
@Override @Override
public String toString() { public String toString() {
return """ return """
Driver { Driver {
driverName='%s' driverName='%s'
} }
""" """
.formatted(driverName); .formatted(driverName);
} }
} }
@ -491,7 +491,7 @@ public class ApplicationProperties {
@Data @Data
public static class Metrics { public static class Metrics {
private Boolean enabled; private boolean enabled;
} }
@Data @Data

12
app/common/src/main/java/stirling/software/common/service/PostHogService.java
View File

@ -253,11 +253,11 @@ public class PostHogService {
addIfNotEmpty( addIfNotEmpty(
properties, properties,
"security_enableLogin", "security_enableLogin",
applicationProperties.getSecurity().getEnableLogin()); applicationProperties.getSecurity().isEnableLogin());
addIfNotEmpty( addIfNotEmpty(
properties, properties,
"security_csrfDisabled", "security_csrfDisabled",
applicationProperties.getSecurity().getCsrfDisabled()); applicationProperties.getSecurity().isCsrfDisabled());
addIfNotEmpty( addIfNotEmpty(
properties, properties,
"security_loginAttemptCount", "security_loginAttemptCount",
@ -302,13 +302,13 @@ public class PostHogService {
addIfNotEmpty( addIfNotEmpty(
properties, properties,
"system_googlevisibility", "system_googlevisibility",
applicationProperties.getSystem().getGooglevisibility()); applicationProperties.getSystem().isGooglevisibility());
addIfNotEmpty( addIfNotEmpty(
properties, "system_showUpdate", applicationProperties.getSystem().isShowUpdate()); properties, "system_showUpdate", applicationProperties.getSystem().isShowUpdate());
addIfNotEmpty( addIfNotEmpty(
properties, properties,
"system_showUpdateOnlyAdmin", "system_showUpdateOnlyAdmin",
applicationProperties.getSystem().getShowUpdateOnlyAdmin()); applicationProperties.getSystem().isShowUpdateOnlyAdmin());
addIfNotEmpty( addIfNotEmpty(
properties, properties,
"system_customHTMLFiles", "system_customHTMLFiles",
@ -320,7 +320,7 @@ public class PostHogService {
addIfNotEmpty( addIfNotEmpty(
properties, properties,
"system_enableAlphaFunctionality", "system_enableAlphaFunctionality",
applicationProperties.getSystem().getEnableAlphaFunctionality()); applicationProperties.getSystem().isEnableAlphaFunctionality());
addIfNotEmpty( addIfNotEmpty(
properties, properties,
"system_enableAnalytics", "system_enableAnalytics",
@ -337,7 +337,7 @@ public class PostHogService {
// Capture Metrics properties // Capture Metrics properties
addIfNotEmpty( addIfNotEmpty(
properties, "metrics_enabled", applicationProperties.getMetrics().getEnabled()); properties, "metrics_enabled", applicationProperties.getMetrics().isEnabled());
// Capture EnterpriseEdition properties // Capture EnterpriseEdition properties
addIfNotEmpty( addIfNotEmpty(

3
app/common/src/main/java/stirling/software/common/util/CustomHtmlSanitizer.java
View File

@ -62,8 +62,7 @@ public class CustomHtmlSanitizer {
.and(new HtmlPolicyBuilder().disallowElements("noscript").toFactory()); .and(new HtmlPolicyBuilder().disallowElements("noscript").toFactory());
public String sanitize(String html) { public String sanitize(String html) {
boolean disableSanitize = boolean disableSanitize = applicationProperties.getSystem().isDisableSanitize();
Boolean.TRUE.equals(applicationProperties.getSystem().getDisableSanitize());
return disableSanitize ? html : POLICY.sanitize(html); return disableSanitize ? html : POLICY.sanitize(html);
} }
} }

4
app/common/src/test/java/stirling/software/common/util/CustomHtmlSanitizerTest.java
View File

@ -36,7 +36,7 @@ class CustomHtmlSanitizerTest {
// strict-stubbing failures when individual tests bypass certain branches. // strict-stubbing failures when individual tests bypass certain branches.
lenient().when(ssrfProtectionService.isUrlAllowed(anyString())).thenReturn(true); lenient().when(ssrfProtectionService.isUrlAllowed(anyString())).thenReturn(true);
lenient().when(applicationProperties.getSystem()).thenReturn(systemProperties); lenient().when(applicationProperties.getSystem()).thenReturn(systemProperties);
lenient().when(systemProperties.getDisableSanitize()).thenReturn(false); lenient().when(systemProperties.isDisableSanitize()).thenReturn(false);
customHtmlSanitizer = new CustomHtmlSanitizer(ssrfProtectionService, applicationProperties); customHtmlSanitizer = new CustomHtmlSanitizer(ssrfProtectionService, applicationProperties);
} }
@ -374,7 +374,7 @@ class CustomHtmlSanitizerTest {
"<p>ok</p><script>alert('XSS')</script><img src=\"http://blocked.local/a.png\">"; "<p>ok</p><script>alert('XSS')</script><img src=\"http://blocked.local/a.png\">";
// For this test, disable sanitize // For this test, disable sanitize
when(systemProperties.getDisableSanitize()).thenReturn(true); when(systemProperties.isDisableSanitize()).thenReturn(true);
// Also ensure SSRF would block it if sanitization were enabled (to prove bypass) // Also ensure SSRF would block it if sanitization were enabled (to prove bypass)
lenient().when(ssrfProtectionService.isUrlAllowed(anyString())).thenReturn(false); lenient().when(ssrfProtectionService.isUrlAllowed(anyString())).thenReturn(false);

2
app/common/src/test/java/stirling/software/common/util/EmlToPdfTest.java
View File

@ -48,7 +48,7 @@ class EmlToPdfTest {
when(mockSsrfProtectionService.isUrlAllowed(org.mockito.ArgumentMatchers.anyString())) when(mockSsrfProtectionService.isUrlAllowed(org.mockito.ArgumentMatchers.anyString()))
.thenReturn(true); .thenReturn(true);
when(mockApplicationProperties.getSystem()).thenReturn(mockSystem); when(mockApplicationProperties.getSystem()).thenReturn(mockSystem);
when(mockSystem.getDisableSanitize()).thenReturn(false); when(mockSystem.isDisableSanitize()).thenReturn(false);
customHtmlSanitizer = customHtmlSanitizer =
new CustomHtmlSanitizer(mockSsrfProtectionService, mockApplicationProperties); new CustomHtmlSanitizer(mockSsrfProtectionService, mockApplicationProperties);

2
app/common/src/test/java/stirling/software/common/util/FileToPdfTest.java
View File

@ -29,7 +29,7 @@ public class FileToPdfTest {
when(mockSsrfProtectionService.isUrlAllowed(org.mockito.ArgumentMatchers.anyString())) when(mockSsrfProtectionService.isUrlAllowed(org.mockito.ArgumentMatchers.anyString()))
.thenReturn(true); .thenReturn(true);
when(mockApplicationProperties.getSystem()).thenReturn(mockSystem); when(mockApplicationProperties.getSystem()).thenReturn(mockSystem);
when(mockSystem.getDisableSanitize()).thenReturn(false); when(mockSystem.isDisableSanitize()).thenReturn(false);
customHtmlSanitizer = customHtmlSanitizer =
new CustomHtmlSanitizer(mockSsrfProtectionService, mockApplicationProperties); new CustomHtmlSanitizer(mockSsrfProtectionService, mockApplicationProperties);

2
app/core/src/main/java/stirling/software/SPDF/config/EndpointConfiguration.java
View File

@ -475,7 +475,7 @@ public class EndpointConfiguration {
disableGroup("enterprise"); disableGroup("enterprise");
} }
if (!applicationProperties.getSystem().getEnableUrlToPDF()) { if (!applicationProperties.getSystem().isEnableUrlToPDF()) {
disableEndpoint("url-to-pdf"); disableEndpoint("url-to-pdf");
} }
} }

4
app/core/src/main/java/stirling/software/SPDF/config/InitialSetup.java
View File

@ -61,11 +61,9 @@ public class InitialSetup {
public void initEnableCSRFSecurity() throws IOException { public void initEnableCSRFSecurity() throws IOException {
if (GeneralUtils.isVersionHigher( if (GeneralUtils.isVersionHigher(
"0.46.0", applicationProperties.getAutomaticallyGenerated().getAppVersion())) { "0.46.0", applicationProperties.getAutomaticallyGenerated().getAppVersion())) {
Boolean csrf = applicationProperties.getSecurity().getCsrfDisabled(); boolean csrf = applicationProperties.getSecurity().isCsrfDisabled();
if (!csrf) { if (!csrf) {
GeneralUtils.saveKeyToSettings("security.csrfDisabled", false);
GeneralUtils.saveKeyToSettings("system.enableAnalytics", true); GeneralUtils.saveKeyToSettings("system.enableAnalytics", true);
applicationProperties.getSecurity().setCsrfDisabled(false);
} }
} }
} }

2
app/core/src/main/java/stirling/software/SPDF/config/OpenApiConfig.java
View File

@ -50,7 +50,7 @@ public class OpenApiConfig {
.url("https://www.stirlingpdf.com") .url("https://www.stirlingpdf.com")
.email("contact@stirlingpdf.com")) .email("contact@stirlingpdf.com"))
.description(DEFAULT_DESCRIPTION); .description(DEFAULT_DESCRIPTION);
if (!applicationProperties.getSecurity().getEnableLogin()) { if (!applicationProperties.getSecurity().isEnableLogin()) {
return new OpenAPI().components(new Components()).info(info); return new OpenAPI().components(new Components()).info(info);
} else { } else {
SecurityScheme apiKeyScheme = SecurityScheme apiKeyScheme =

2
app/core/src/main/java/stirling/software/SPDF/controller/api/converters/ConvertWebsiteToPDF.java
View File

@ -71,7 +71,7 @@ public class ConvertWebsiteToPDF {
URI location = null; URI location = null;
HttpStatus status = HttpStatus.SEE_OTHER; HttpStatus status = HttpStatus.SEE_OTHER;
if (!applicationProperties.getSystem().getEnableUrlToPDF()) { if (!applicationProperties.getSystem().isEnableUrlToPDF()) {
location = location =
uriComponentsBuilder uriComponentsBuilder
.queryParam("error", "error.endpointDisabled") .queryParam("error", "error.endpointDisabled")

4
app/core/src/main/java/stirling/software/SPDF/controller/web/HomeWebController.java
View File

@ -84,8 +84,8 @@ public class HomeWebController {
@ResponseBody @ResponseBody
@Hidden @Hidden
public String getRobotsTxt() { public String getRobotsTxt() {
Boolean allowGoogle = applicationProperties.getSystem().getGooglevisibility(); boolean allowGoogle = applicationProperties.getSystem().isGooglevisibility();
if (Boolean.TRUE.equals(allowGoogle)) { if (allowGoogle) {
return "User-agent: Googlebot\nAllow: /\n\nUser-agent: *\nAllow: /"; return "User-agent: Googlebot\nAllow: /\n\nUser-agent: *\nAllow: /";
} else { } else {
return "User-agent: Googlebot\nDisallow: /\n\nUser-agent: *\nDisallow: /"; return "User-agent: Googlebot\nDisallow: /\n\nUser-agent: *\nDisallow: /";

4
app/core/src/main/java/stirling/software/SPDF/controller/web/MetricsController.java
View File

@ -42,9 +42,7 @@ public class MetricsController {
@PostConstruct @PostConstruct
public void init() { public void init() {
Boolean metricsEnabled = applicationProperties.getMetrics().getEnabled(); metricsEnabled = applicationProperties.getMetrics().isEnabled();
if (metricsEnabled == null) metricsEnabled = true;
this.metricsEnabled = metricsEnabled;
} }
@GetMapping("/status") @GetMapping("/status")

10
app/core/src/test/java/stirling/software/SPDF/controller/web/HomeWebControllerTest.java
View File

@ -119,7 +119,7 @@ class HomeWebControllerTest {
@Test @Test
@DisplayName("googlevisibility=true -> allow all agents") @DisplayName("googlevisibility=true -> allow all agents")
void robots_allow() throws Exception { void robots_allow() throws Exception {
when(applicationProperties.getSystem().getGooglevisibility()).thenReturn(Boolean.TRUE); when(applicationProperties.getSystem().isGooglevisibility()).thenReturn(true);
mockMvc.perform(get("/robots.txt")) mockMvc.perform(get("/robots.txt"))
.andExpect(status().isOk()) .andExpect(status().isOk())
@ -136,7 +136,7 @@ class HomeWebControllerTest {
@Test @Test
@DisplayName("googlevisibility=false -> disallow all agents") @DisplayName("googlevisibility=false -> disallow all agents")
void robots_disallow() throws Exception { void robots_disallow() throws Exception {
when(applicationProperties.getSystem().getGooglevisibility()).thenReturn(Boolean.FALSE); when(applicationProperties.getSystem().isGooglevisibility()).thenReturn(false);
mockMvc.perform(get("/robots.txt")) mockMvc.perform(get("/robots.txt"))
.andExpect(status().isOk()) .andExpect(status().isOk())
@ -151,9 +151,9 @@ class HomeWebControllerTest {
} }
@Test @Test
@DisplayName("googlevisibility=null -> disallow all (default branch)") @DisplayName("googlevisibility not set (default false) -> disallow all")
void robots_disallowWhenNull() throws Exception { void robots_disallowWhenNotSet() throws Exception {
when(applicationProperties.getSystem().getGooglevisibility()).thenReturn(null); when(applicationProperties.getSystem().isGooglevisibility()).thenReturn(false);
mockMvc.perform(get("/robots.txt")) mockMvc.perform(get("/robots.txt"))
.andExpect(status().isOk()) .andExpect(status().isOk())

2
app/proprietary/src/main/java/stirling/software/proprietary/security/config/AccountWebController.java
View File

@ -126,7 +126,7 @@ public class AccountWebController {
SAML2 saml2 = securityProps.getSaml2(); SAML2 saml2 = securityProps.getSaml2();
if (securityProps.isSaml2Active() if (securityProps.isSaml2Active()
&& applicationProperties.getSystem().getEnableAlphaFunctionality() && applicationProperties.getSystem().isEnableAlphaFunctionality()
&& applicationProperties.getPremium().isEnabled()) { && applicationProperties.getPremium().isEnabled()) {
String samlIdp = saml2.getProvider(); String samlIdp = saml2.getProvider();
String saml2AuthenticationPath = "/saml2/authenticate/" + saml2.getRegistrationId(); String saml2AuthenticationPath = "/saml2/authenticate/" + saml2.getRegistrationId();

4
app/proprietary/src/main/java/stirling/software/proprietary/security/configuration/SecurityConfiguration.java
View File

@ -125,7 +125,7 @@ public class SecurityConfiguration {
@Bean @Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
if (securityProperties.getCsrfDisabled() || !loginEnabledValue) { if (securityProperties.isCsrfDisabled() || !loginEnabledValue) {
http.csrf(CsrfConfigurer::disable); http.csrf(CsrfConfigurer::disable);
} }
@ -146,7 +146,7 @@ public class SecurityConfiguration {
.addFilterAfter(rateLimitingFilter(), UserAuthenticationFilter.class) .addFilterAfter(rateLimitingFilter(), UserAuthenticationFilter.class)
.addFilterAfter(firstLoginFilter, UsernamePasswordAuthenticationFilter.class); .addFilterAfter(firstLoginFilter, UsernamePasswordAuthenticationFilter.class);
if (!securityProperties.getCsrfDisabled()) { if (!securityProperties.isCsrfDisabled()) {
CookieCsrfTokenRepository cookieRepo = CookieCsrfTokenRepository cookieRepo =
CookieCsrfTokenRepository.withHttpOnlyFalse(); CookieCsrfTokenRepository.withHttpOnlyFalse();
CsrfTokenRequestAttributeHandler requestHandler = CsrfTokenRequestAttributeHandler requestHandler =

2
app/proprietary/src/main/java/stirling/software/proprietary/security/service/AppUpdateAuthService.java
View File

@ -27,7 +27,7 @@ class AppUpdateAuthService implements ShowAdminInterface {
if (!showUpdate) { if (!showUpdate) {
return showUpdate; return showUpdate;
} }
boolean showUpdateOnlyAdmin = applicationProperties.getSystem().getShowUpdateOnlyAdmin(); boolean showUpdateOnlyAdmin = applicationProperties.getSystem().isShowUpdateOnlyAdmin();
Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication == null || !authentication.isAuthenticated()) { if (authentication == null || !authentication.isAuthenticated()) {
return !showUpdateOnlyAdmin; return !showUpdateOnlyAdmin;