Add Null Check for isAdmin (#16407)

* Remove Retry From Abstract Event Consumer

* - Add Check for null Or Empty in isAdmin

* - Fix Test

openmetadata-service/src/main/java/org/openmetadata/service/security/auth/AuthenticatorHandler.java

@@ -1,5 +1,6 @@
 package org.openmetadata.service.security.auth;
 
+import static org.openmetadata.common.utils.CommonUtil.nullOrEmpty;
 import static org.openmetadata.service.exception.CatalogExceptionMessage.NOT_IMPLEMENTED_METHOD;
 import static org.openmetadata.service.util.UserUtil.getRoleListFromUser;
 
@@ -106,7 +107,7 @@ public interface AuthenticatorHandler {
             .generateJWTToken(
                 storedUser.getName(),
                 getRoleListFromUser(storedUser),
-                storedUser.getIsAdmin(),
+                !nullOrEmpty(storedUser.getIsAdmin()) && storedUser.getIsAdmin(),
                 storedUser.getEmail(),
                 expireInSeconds,
                 false,

openmetadata-service/src/main/java/org/openmetadata/service/security/auth/BasicAuthenticator.java

@@ -16,6 +16,7 @@ package org.openmetadata.service.security.auth;
 import static javax.ws.rs.core.Response.Status.BAD_REQUEST;
 import static javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR;
 import static javax.ws.rs.core.Response.Status.NOT_IMPLEMENTED;
+import static org.openmetadata.common.utils.CommonUtil.nullOrEmpty;
 import static org.openmetadata.schema.api.teams.CreateUser.CreatePasswordType.ADMIN_CREATE;
 import static org.openmetadata.schema.auth.ChangePasswordRequest.RequestType.SELF;
 import static org.openmetadata.schema.auth.ChangePasswordRequest.RequestType.USER;
@@ -389,7 +390,7 @@ public class BasicAuthenticator implements AuthenticatorHandler {
             .generateJWTToken(
                 storedUser.getName(),
                 getRoleListFromUser(storedUser),
-                storedUser.getIsAdmin(),
+                !nullOrEmpty(storedUser.getIsAdmin()) && storedUser.getIsAdmin(),
                 storedUser.getEmail(),
                 loginConfiguration.getJwtTokenExpiryTime(),
                 false,

openmetadata-service/src/main/java/org/openmetadata/service/security/saml/SamlAssertionConsumerServlet.java

@@ -13,6 +13,7 @@
 
 package org.openmetadata.service.security.saml;
 
+import static org.openmetadata.common.utils.CommonUtil.nullOrEmpty;
 import static org.openmetadata.service.util.UserUtil.getRoleListFromUser;
 
 import com.onelogin.saml2.Auth;
@@ -90,7 +91,7 @@ public class SamlAssertionConsumerServlet extends HttpServlet {
                 .generateJWTToken(
                     username,
                     getRoleListFromUser(user),
-                    user.getIsAdmin(),
+                    !nullOrEmpty(user.getIsAdmin()) && user.getIsAdmin(),
                     email,
                     SamlSettingsHolder.getInstance().getTokenValidity(),
                     false,

openmetadata-service/src/test/java/org/openmetadata/service/resources/teams/UserResourceTest.java

@@ -1146,29 +1146,30 @@ public class UserResourceTest extends EntityResourceTest<User, CreateUser> {
     String user =
         "userImportExport,d,s,userImportExport@domain.com,America/Los_Angeles,true,teamImportExport,";
     String user1 =
-        "userImportExport1,,,userImportExport1@domain.com,,,teamImportExport1,DataConsumer";
-    String user11 = "userImportExport11,,,userImportExport11@domain.com,,,teamImportExport11,";
+        "userImportExport1,,,userImportExport1@domain.com,,false,teamImportExport1,DataConsumer";
+    String user11 = "userImportExport11,,,userImportExport11@domain.com,,false,teamImportExport11,";
     List<String> createRecords = listOf(user, user1, user11);
 
     // Update user descriptions
-    user = "userImportExport,displayName,,userImportExport@domain.com,,,teamImportExport,";
-    user1 = "userImportExport1,displayName1,,userImportExport1@domain.com,,,teamImportExport1,";
+    user = "userImportExport,displayName,,userImportExport@domain.com,,false,teamImportExport,";
+    user1 =
+        "userImportExport1,displayName1,,userImportExport1@domain.com,,false,teamImportExport1,";
     user11 =
-        "userImportExport11,displayName11,,userImportExport11@domain.com,,,teamImportExport11,";
+        "userImportExport11,displayName11,,userImportExport11@domain.com,,false,teamImportExport11,";
     List<String> updateRecords = listOf(user, user1, user11);
 
     // Add new users
     String user2 =
-        "userImportExport2,displayName2,,userImportExport2@domain.com,,,teamImportExport1,";
+        "userImportExport2,displayName2,,userImportExport2@domain.com,,false,teamImportExport1,";
     String user21 =
-        "userImportExport21,displayName21,,userImportExport21@domain.com,,,teamImportExport11,";
+        "userImportExport21,displayName21,,userImportExport21@domain.com,,false,teamImportExport11,";
     List<String> newRecords = listOf(user2, user21);
     testImportExport("teamImportExport", UserCsv.HEADERS, createRecords, updateRecords, newRecords);
 
     // Import to team11 a user in team1 - since team1 is not under team11 hierarchy, import should
     // fail
     String user3 =
-        "userImportExport3,displayName3,,userImportExport3@domain.com,,,teamImportExport1,";
+        "userImportExport3,displayName3,,userImportExport3@domain.com,,false,teamImportExport1,";
     csv = EntityCsvTest.createCsv(UserCsv.HEADERS, listOf(user3), null);
     result = importCsv("teamImportExport11", csv, false);
     String error =

openmetadata-spec/src/main/resources/json/schema/entity/teams/user.json

@@ -85,7 +85,8 @@
     },
     "isAdmin": {
       "description": "When true indicates user is an administrator for the system with superuser privileges.",
-      "type": "boolean"
+      "type": "boolean",
+      "default": false
     },
     "authenticationMechanism": {
       "$ref": "#/definitions/authenticationMechanism"