temon
diff --git a/‎arangod/GeneralServer/AuthenticationFeature.cpp
Lines changed: 3 additions & 3 deletions b/‎arangod/GeneralServer/AuthenticationFeature.cpp
Lines changed: 3 additions & 3 deletions
diff --git a/‎arangod/GeneralServer/AuthenticationFeature.h
Lines changed: 2 additions & 2 deletions b/‎arangod/GeneralServer/AuthenticationFeature.h
Lines changed: 2 additions & 2 deletions
diff --git a/‎arangod/GeneralServer/GeneralCommTask.cpp
Lines changed: 5 additions & 1 deletion b/‎arangod/GeneralServer/GeneralCommTask.cpp
Lines changed: 5 additions & 1 deletion
diff --git a/‎arangod/RestHandler/RestAdminServerHandler.cpp
Lines changed: 7 additions & 2 deletions b/‎arangod/RestHandler/RestAdminServerHandler.cpp
Lines changed: 7 additions & 2 deletions
diff --git a/‎arangod/RestHandler/RestShutdownHandler.cpp
Lines changed: 6 additions & 1 deletion b/‎arangod/RestHandler/RestShutdownHandler.cpp
Lines changed: 6 additions & 1 deletion
diff --git a/‎arangod/Utils/ExecContext.cpp
Lines changed: 12 additions & 1 deletion b/‎arangod/Utils/ExecContext.cpp
Lines changed: 12 additions & 1 deletion
diff --git a/‎arangod/V8Server/v8-users.cpp
Lines changed: 6 additions & 3 deletions b/‎arangod/V8Server/v8-users.cpp
Lines changed: 6 additions & 3 deletions
@@ -50,10 +50,10 @@ AuthenticationFeature::AuthenticationFeature(
       _authCache(nullptr),
       _authenticationUnixSockets(true),
       _authenticationSystemOnly(true),
-      _authenticationTimeout(0.0),
       _localAuthentication(true),
-      _jwtSecretProgramOption(""),
-
_active(true) {      _active(true) {
+      _active(true),
+      _authenticationTimeout(0.0),
+      _jwtSecretProgramOption("") {
   setOptional(false);
   startsAfter("BasicsPhase");
 
 
@@ -77,11 +77,11 @@ class AuthenticationFeature final
   std::unique_ptr<auth::TokenCache> _authCache;
   bool _authenticationUnixSockets;
   bool _authenticationSystemOnly;
-  double _authenticationTimeout;
   bool _localAuthentication;
+  bool _active;
+  double _authenticationTimeout;
 
   std::string _jwtSecretProgramOption;
-  bool _active;
 
   static AuthenticationFeature* INSTANCE;
 
 
@@ -214,7 +214,11 @@ GeneralCommTask::RequestFlow GeneralCommTask::prepareExecution(GeneralRequest& r
       // prevent guessing database names (issue #5030)
       auth::Level lvl = auth::Level::NONE;
       if (req.authenticated()) {
-        lvl = _auth->userManager()->databaseAuthLevel(req.user(), req.databaseName());
+        if (_auth->userManager() != nullptr) {
+          lvl = _auth->userManager()->databaseAuthLevel(req.user(), req.databaseName());
+        } else {
+          lvl = auth::Level::RW;
+        }
       }
       if (lvl == auth::Level::NONE) {
         addErrorResponse(rest::ResponseCode::UNAUTHORIZED, req.contentTypeResponse(),
 
@@ -154,8 +154,13 @@ void RestAdminServerHandler::handleMode() {
 
     AuthenticationFeature* af = AuthenticationFeature::instance();
     if (af->isEnabled() && !_request->user().empty()) {
-      auth::Level lvl = af->userManager()->databaseAuthLevel(_request->user(),
-                                          TRI_VOC_SYSTEM_DATABASE, /*configured*/true);
+      auth::Level lvl = auth::Level::NONE;
+      if (af->userManager() != nullptr) {
+        lvl = af->userManager()->databaseAuthLevel(_request->user(),
+                                                   TRI_VOC_SYSTEM_DATABASE, /*configured*/true);
+      } else {
+        lvl = auth::Level::RW;
+      }
       if (lvl < auth::Level::RW) {
         generateError(rest::ResponseCode::FORBIDDEN, TRI_ERROR_FORBIDDEN);
         return;
 
@@ -52,7 +52,12 @@ RestStatus RestShutdownHandler::execute() {
 
   AuthenticationFeature* af = AuthenticationFeature::instance();
   if (af->isEnabled() && !_request->user().empty()) {
-    auth::Level lvl = af->userManager()->databaseAuthLevel(_request->user(), "_system", /*configured*/true);
+    auth::Level lvl = auth::Level::NONE;
+    if (af->userManager() != nullptr) {
+      lvl = af->userManager()->databaseAuthLevel(_request->user(), "_system", /*configured*/true);
+    } else {
+      lvl = auth::Level::RW;
+    }
     if (lvl < auth::Level::RW) {
       generateError(rest::ResponseCode::FORBIDDEN, TRI_ERROR_HTTP_FORBIDDEN,
                     "you need admin rights to trigger shutdown");
 
@@ -52,6 +52,9 @@ ExecContext* ExecContext::create(std::string const& user,
   if (af->isActive()) {
     auth::UserManager* um = af->userManager();
     TRI_ASSERT(um != nullptr);
+    if (um == nullptr) {
+      THROW_ARANGO_EXCEPTION_MESSAGE(TRI_ERROR_INTERNAL, "unable to find userManager instance");
+    }
     dbLvl = sysLvl = um->databaseAuthLevel(user, dbname);
     if (dbname != TRI_VOC_SYSTEM_DATABASE) {
       sysLvl = um->databaseAuthLevel(user, TRI_VOC_SYSTEM_DATABASE);
@@ -70,7 +73,12 @@ bool ExecContext::canUseDatabase(std::string const& db,
   AuthenticationFeature* af = AuthenticationFeature::instance();
   TRI_ASSERT(af != nullptr);
   if (af->isActive()) {
-    auth::Level allowed = af->userManager()->databaseAuthLevel(_user, db);
+    auth::UserManager* um = af->userManager();
+    TRI_ASSERT(um != nullptr);
+    if (um == nullptr) {
+      THROW_ARANGO_EXCEPTION_MESSAGE(TRI_ERROR_INTERNAL, "unable to find userManager instance");
+    }
+    auth::Level allowed = um->databaseAuthLevel(_user, db);
     return requested <= allowed;
   }
   return true;
@@ -102,5 +110,8 @@ auth::Level ExecContext::collectionAuthLevel(std::string const& dbname,
 
   auth::UserManager* um = af->userManager();
   TRI_ASSERT(um != nullptr);
+  if (um == nullptr) {
+    THROW_ARANGO_EXCEPTION_MESSAGE(TRI_ERROR_INTERNAL, "unable to find userManager instance");
+  }
   return um->collectionAuthLevel(_user, dbname, coll);
 }
@@ -183,8 +183,12 @@ static void JS_UpdateUser(v8::FunctionCallbackInfo<v8::Value> const& args) {
     }
   }
 
-  AuthenticationFeature* af = AuthenticationFeature::instance();
-  af->userManager()->updateUser(username, [&](auth::User& u) {
+  auth::UserManager* um = AuthenticationFeature::instance()->userManager();
+  if (um == nullptr) {
+    TRI_V8_THROW_EXCEPTION_MESSAGE(TRI_ERROR_NOT_IMPLEMENTED,
+                                   "users are not supported on this server");
+  }
+  um->updateUser(username, [&](auth::User& u) {
     if (args.Length() > 1 && args[1]->IsString()) {
       u.updatePassword(TRI_ObjectToString(args[1]));
     }
@@ -355,7 +359,6 @@ static void JS_GrantCollection(
   }
 
   auth::UserManager* um = AuthenticationFeature::instance()->userManager();
-
   if (um == nullptr) {
     TRI_V8_THROW_EXCEPTION_MESSAGE(TRI_ERROR_NOT_IMPLEMENTED,
                                    "user are not supported on this server");
Original file line number	Diff line number	Diff line change
`@@ -183,8 +183,12 @@ static void JS_UpdateUser(v8::FunctionCallbackInfo<v8::Value> const& args) {`
`183`	`183`	`}`
`184`	`184`	`}`
`185`	`185`
`186`		`- AuthenticationFeature* af = AuthenticationFeature::instance();`
`187`		`- af->userManager()->updateUser(username, [&](auth::User& u) {`
	`186`	`+ auth::UserManager* um = AuthenticationFeature::instance()->userManager();`
	`187`	`+ if (um == nullptr) {`
	`188`	`+ TRI_V8_THROW_EXCEPTION_MESSAGE(TRI_ERROR_NOT_IMPLEMENTED,`
	`189`	`+ "users are not supported on this server");`
	`190`	`+ }`
	`191`	`+ um->updateUser(username, [&](auth::User& u) {`
`188`	`192`	`if (args.Length() > 1 && args[1]->IsString()) {`
`189`	`193`	`u.updatePassword(TRI_ObjectToString(args[1]));`
`190`	`194`	`}`
`@@ -355,7 +359,6 @@ static void JS_GrantCollection(`
`355`	`359`	`}`
`356`	`360`
`357`	`361`	`auth::UserManager* um = AuthenticationFeature::instance()->userManager();`
`358`		`-`
`359`	`362`	`if (um == nullptr) {`
`360`	`363`	`TRI_V8_THROW_EXCEPTION_MESSAGE(TRI_ERROR_NOT_IMPLEMENTED,`
`361`	`364`	`"user are not supported on this server");`