From e5e7192e629ba93eed26d97f2c22c4d2b72066ca Mon Sep 17 00:00:00 2001
From: Anshu Anna Moncy <amoncy@redhat.com>
Date: Tue, 10 Oct 2023 15:54:15 +0100
Subject: [PATCH 1/2] Add null checks on  role mapping

---
 .../java/io/apicurio/registry/rest/v2/AdminResourceImpl.java   | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/app/src/main/java/io/apicurio/registry/rest/v2/AdminResourceImpl.java b/app/src/main/java/io/apicurio/registry/rest/v2/AdminResourceImpl.java
index c2ee91a1ce..4355c1bcb7 100644
--- a/app/src/main/java/io/apicurio/registry/rest/v2/AdminResourceImpl.java
+++ b/app/src/main/java/io/apicurio/registry/rest/v2/AdminResourceImpl.java
@@ -337,6 +337,9 @@ public RoleMapping getRoleMapping(String principalId) {
     @Authorized(style=AuthorizedStyle.None, level=AuthorizedLevel.Admin)
     @RoleBasedAccessApiOperation
     public void updateRoleMapping(String principalId, UpdateRole data) {
+        requireParameter("principalId", principalId);
+        requireParameter("roleName", data.getRole().name());
+
         storage.updateRoleMapping(principalId, data.getRole().name());
     }
 

From c6f6bb5f8387676ba1bb610128db2def4a6d5567 Mon Sep 17 00:00:00 2001
From: Anshu Anna Moncy <amoncy@redhat.com>
Date: Sun, 15 Oct 2023 18:35:40 +0100
Subject: [PATCH 2/2] Add check for Role and Unit Test

---
 .../apicurio/registry/rest/v2/AdminResourceImpl.java   |  3 +--
 .../io/apicurio/registry/rbac/AdminResourceTest.java   | 10 ++++++++++
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/app/src/main/java/io/apicurio/registry/rest/v2/AdminResourceImpl.java b/app/src/main/java/io/apicurio/registry/rest/v2/AdminResourceImpl.java
index 4355c1bcb7..3dca4636c0 100644
--- a/app/src/main/java/io/apicurio/registry/rest/v2/AdminResourceImpl.java
+++ b/app/src/main/java/io/apicurio/registry/rest/v2/AdminResourceImpl.java
@@ -338,8 +338,7 @@ public RoleMapping getRoleMapping(String principalId) {
     @RoleBasedAccessApiOperation
     public void updateRoleMapping(String principalId, UpdateRole data) {
         requireParameter("principalId", principalId);
-        requireParameter("roleName", data.getRole().name());
-
+        requireParameter("role", data.getRole());
         storage.updateRoleMapping(principalId, data.getRole().name());
     }
 
diff --git a/app/src/test/java/io/apicurio/registry/rbac/AdminResourceTest.java b/app/src/test/java/io/apicurio/registry/rbac/AdminResourceTest.java
index 3e201a331f..9f08c62980 100644
--- a/app/src/test/java/io/apicurio/registry/rbac/AdminResourceTest.java
+++ b/app/src/test/java/io/apicurio/registry/rbac/AdminResourceTest.java
@@ -720,6 +720,16 @@ public void testRoleMappings() throws Exception {
                 .body("error_code", equalTo(404))
                 .body("message", equalTo("No mapping for principal 'UnknownPrincipal' and role 'READ_ONLY' was found."));
 
+        //Update a mapping with null RoleType
+        update.setRole(null);
+        given()
+            .when()
+                .contentType(CT_JSON)
+                .body(update)
+                .put("/registry/v2/admin/roleMappings/TestUser")
+            .then()
+                .statusCode(400);
+
         // Delete a role mapping
         given()
             .when()