Skip to content

PermitContext - Removed unnecessary null check and Corrected spelling #32

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
aniket414 wants to merge 1 commit into
base: master
Choose a base branch
from
Open

PermitContext - Removed unnecessary null check and Corrected spelling #32

aniket414 wants to merge 1 commit into from

Conversation

@aniket414
Copy link

@aniket414 aniket414 commented Mar 24, 2025

Changes:

  1. Renamed permittedEnviroment to permittedEnvironment (Spelling Fix)
  2. Removed unnecessary null check from verifyCanAccessProject and verifyCanAccessEnvironment. The equals() method already takes care of null check. Made the two methods above similar to verifyCanAccessOrg

@zeevmoney zeevmoney requested a review from Copilot December 16, 2025 14:05
Copilot AI reviewed Dec 16, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes a spelling error in a variable name and simplifies null check logic in verification methods. The changes rename permittedEnviroment to the correctly spelled permittedEnvironment throughout the codebase, and remove redundant null checks from access verification methods by relying on the equals() method's null-safe behavior.

  • Corrected spelling of permittedEnviroment to permittedEnvironment across all occurrences
  • Removed unnecessary null checks from verifyCanAccessProject and verifyCanAccessEnvironment methods

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

src/main/java/io/permit/sdk/PermitContext.java
private void verifyCanAccessProject(String org, String project) throws PermitContextChangeError {
verifyCanAccessOrg(org);
if (permittedProject != null && !project.equals(permittedProject)) {
if (!project.equals(permittedProject)) {
Copy link

Copilot AI Dec 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change introduces a potential NullPointerException if project is null. The original code checked permittedProject != null first, which was actually protecting against null values in permittedProject. However, if project (the parameter) is null, calling project.equals() will throw NPE. Consider using Objects.equals(project, permittedProject) or adding a null check for the project parameter.

Copilot uses AI. Check for mistakes.
src/main/java/io/permit/sdk/PermitContext.java
private void verifyCanAccessEnvironment(String org, String project, String environment) throws PermitContextChangeError {
verifyCanAccessProject(org, project);
if (permittedEnviroment != null && !environment.equals(permittedEnviroment)) {
if (!environment.equals(permittedEnvironment)) {
Copy link

Copilot AI Dec 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change introduces a potential NullPointerException if environment is null. The original code checked permittedEnviroment != null first, which was protecting against null values. If environment (the parameter) is null, calling environment.equals() will throw NPE. Consider using Objects.equals(environment, permittedEnvironment) or adding a null check for the environment parameter.

Copilot uses AI. Check for mistakes.
zeevmoney
zeevmoney requested changes Dec 16, 2025
View reviewed changes
Copy link

@zeevmoney zeevmoney left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @aniket414, thank you for the PR, I know it has been a long time, sorry for that, see my comments + the bot comments.

src/main/java/io/permit/sdk/PermitContext.java
private void verifyCanAccessProject(String org, String project) throws PermitContextChangeError {
verifyCanAccessOrg(org);
if (permittedProject != null && !project.equals(permittedProject)) {
if (!project.equals(permittedProject)) {
Copy link

@zeevmoney zeevmoney Dec 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Critical Bug: This change breaks the SDK for organization-level API keys.

The original null check is intentional business logic, not just null-safety:

  • When permittedProject == null, it means the API key has org-level access and can access any project
  • The original permittedProject != null && ... check allows null to pass through (no error thrown)

With this change:

  • project.equals(null) returns false
  • This causes an exception to be thrown, blocking org-level API keys from accessing any project

Note: verifyCanAccessOrg does not have a null check because permittedOrganization is never null in valid code paths (see saveApiKeyAccessibleScope - org is always set from the API key). In contrast, permittedProject can legitimately be null for org-level keys.

Please revert this change while keeping the spelling fix.

src/main/java/io/permit/sdk/PermitContext.java
private void verifyCanAccessEnvironment(String org, String project, String environment) throws PermitContextChangeError {
verifyCanAccessProject(org, project);
if (permittedEnviroment != null && !environment.equals(permittedEnviroment)) {
if (!environment.equals(permittedEnvironment)) {
Copy link

@zeevmoney zeevmoney Dec 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same issue here: This breaks project-level API keys trying to access environments.

When permittedEnvironment == null, the API key has project-level access and can access any environment within that project. The null check must be preserved.

Suggested fix: Keep the spelling correction (permittedEnvironment) but restore the null check:

if (permittedEnvironment != null && !environment.equals(permittedEnvironment)) {

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@zeevmoney zeevmoney zeevmoney requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aniket414 @zeevmoney