public String listUsers()

in app/src/main/java/com/amazon/aws/partners/saasfactory/pgrls/controller/TenantController.java [79:109]

• 26 lines of code
• 4 McCabe index (conditional complexity)

    public String listUsers(Authentication authentication, @RequestParam String tenantId, Model model) {
        Tenant authenticatedTenant = (Tenant) authentication.getPrincipal();
        Tenant tenant = new Tenant();
        try {
            tenant.setId(UUID.fromString(tenantId));
            try {
                // Load the list of tenant users as the currently logged in tenant.
                // But, ask for the users for a specific tenant id. If the 2 ids don't match,
                // RLS will prevent cross tenant access to the other tenant's resources without
                // having to specify ...WHERE tenant_id = ? in the SQL queries.
                Tenant tenantForEdit = tenantService.getTenant(tenant.getId());
                if (tenantForEdit == null) {
                    LOGGER.info("Database security policies prevented cross tenant access");
                    model.addAttribute("css", "danger");
                    model.addAttribute("msg", "Row Level Security policies prevented " + authenticatedTenant.getId().toString() + " from accessing data for " + tenantId);
                } else {
                    tenant = tenantForEdit;
                }
            } catch (Exception e) {
                model.addAttribute("css", "danger");
                model.addAttribute("msg", e.getMessage());
            }
        } catch (IllegalArgumentException e) {
            model.addAttribute("css", "danger");
            model.addAttribute("msg", "Invalid tenant id");
        }

        model.addAttribute("tenants", adminService.getTenants());
        model.addAttribute("selectedTenant", tenant);
        return "tenant";
    }