From cacedd3f161044da7a6f10f26b75777d68af3c2d Mon Sep 17 00:00:00 2001
From: hsiegeln <37154749+hsiegeln@users.noreply.github.com>
Date: Sun, 19 Apr 2026 17:19:37 +0200
Subject: [PATCH] fix(outbound): null-guard TRUST_PATHS check; add RBAC test
 for probe endpoint
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- OutboundConnectionRequest compact ctor: avoid NPE if tlsTrustMode is null
  (defense-in-depth alongside @NotNull Bean Validation).
- Add operatorCannotTest IT case to lock the ADMIN-only contract on
  POST /{id}/test — was previously untested.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 .../outbound/dto/OutboundConnectionRequest.java   |  2 +-
 .../OutboundConnectionAdminControllerIT.java      | 15 +++++++++++++++
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/cameleer-server-app/src/main/java/com/cameleer/server/app/outbound/dto/OutboundConnectionRequest.java b/cameleer-server-app/src/main/java/com/cameleer/server/app/outbound/dto/OutboundConnectionRequest.java
index 2a5897b2..b12b6fff 100644
--- a/cameleer-server-app/src/main/java/com/cameleer/server/app/outbound/dto/OutboundConnectionRequest.java
+++ b/cameleer-server-app/src/main/java/com/cameleer/server/app/outbound/dto/OutboundConnectionRequest.java
@@ -30,7 +30,7 @@ public record OutboundConnectionRequest(
         defaultHeaders = defaultHeaders == null ? Map.of() : defaultHeaders;
         tlsCaPemPaths = tlsCaPemPaths == null ? List.of() : tlsCaPemPaths;
         allowedEnvironmentIds = allowedEnvironmentIds == null ? List.of() : allowedEnvironmentIds;
-        if (tlsTrustMode == TrustMode.TRUST_PATHS && tlsCaPemPaths.isEmpty()) {
+        if (tlsTrustMode != null && tlsTrustMode == TrustMode.TRUST_PATHS && tlsCaPemPaths.isEmpty()) {
             throw new IllegalArgumentException("tlsCaPemPaths must not be empty when tlsTrustMode = TRUST_PATHS");
         }
     }
diff --git a/cameleer-server-app/src/test/java/com/cameleer/server/app/outbound/controller/OutboundConnectionAdminControllerIT.java b/cameleer-server-app/src/test/java/com/cameleer/server/app/outbound/controller/OutboundConnectionAdminControllerIT.java
index af8d2346..00fd8158 100644
--- a/cameleer-server-app/src/test/java/com/cameleer/server/app/outbound/controller/OutboundConnectionAdminControllerIT.java
+++ b/cameleer-server-app/src/test/java/com/cameleer/server/app/outbound/controller/OutboundConnectionAdminControllerIT.java
@@ -176,4 +176,19 @@ class OutboundConnectionAdminControllerIT extends AbstractPostgresIT {
         assertThat(body.path("tlsProtocol").asText()).isEqualTo("TLS");
         assertThat(body.path("error").isNull()).isTrue();
     }
+
+    @Test
+    void operatorCannotTest() throws Exception {
+        ResponseEntity<String> create = restTemplate.exchange(
+                "/api/v1/admin/outbound-connections", HttpMethod.POST,
+                new HttpEntity<>(CREATE_BODY, securityHelper.authHeaders(adminJwt)),
+                String.class);
+        String id = objectMapper.readTree(create.getBody()).path("id").asText();
+
+        ResponseEntity<String> test = restTemplate.exchange(
+                "/api/v1/admin/outbound-connections/" + id + "/test", HttpMethod.POST,
+                new HttpEntity<>(securityHelper.authHeaders(operatorJwt)),
+                String.class);
+        assertThat(test.getStatusCode()).isEqualTo(HttpStatus.FORBIDDEN);
+    }
 }