From f4d195e007c774835c68b26b3575b53cc91c9482 Mon Sep 17 00:00:00 2001
From: Milan Kuchtiak <kuchtiak@ufal.mff.cuni.cz>
Date: Thu, 19 Mar 2026 15:08:23 +0100
Subject: [PATCH] Issue 1339: fixed NPE when hidden item metadata are checked
 for the item with deleted submitter (ufal/clarin-dspace#1344)

* Issue 1339: fixed NPE when hidden item metadata are checked for the item with deleted submitter

* resolve Copilot comments

(cherry picked from commit 64fda5054d9fef4eba8f7117486774677728ce4a)
---
 .../app/util/MetadataExposureServiceImpl.java       | 11 +++++++----
 .../org/dspace/app/rest/ItemRestRepositoryIT.java   | 13 +++++++++++++
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/dspace-api/src/main/java/org/dspace/app/util/MetadataExposureServiceImpl.java b/dspace-api/src/main/java/org/dspace/app/util/MetadataExposureServiceImpl.java
index c834e679e56e..55deff2853d2 100644
--- a/dspace-api/src/main/java/org/dspace/app/util/MetadataExposureServiceImpl.java
+++ b/dspace-api/src/main/java/org/dspace/app/util/MetadataExposureServiceImpl.java
@@ -21,6 +21,7 @@
 import org.dspace.authorize.service.AuthorizeService;
 import org.dspace.content.Item;
 import org.dspace.core.Context;
+import org.dspace.eperson.EPerson;
 import org.dspace.services.ConfigurationService;
 import org.springframework.beans.factory.annotation.Autowired;
 
@@ -117,10 +118,12 @@ public boolean isHidden(Context context, String schema, String element, String q
         }
 
         // The user is not administrator, but he could be a submitter
-        if (hidden && Objects.nonNull(context) && Objects.nonNull(item) &&
-                this.submitterShouldSee(schema, element, qualifier)) {
-            // the submitters override
-            hidden = !item.getSubmitter().equals(context.getCurrentUser());
+        if (hidden && Objects.nonNull(context) && Objects.nonNull(item)) {
+            EPerson submitter = item.getSubmitter();
+            if (Objects.nonNull(submitter) && this.submitterShouldSee(schema, element, qualifier)) {
+                // the submitters override
+                hidden = !submitter.equals(context.getCurrentUser());
+            }
         }
 
         return hidden;
diff --git a/dspace-server-webapp/src/test/java/org/dspace/app/rest/ItemRestRepositoryIT.java b/dspace-server-webapp/src/test/java/org/dspace/app/rest/ItemRestRepositoryIT.java
index ec7a8272d276..14d0be8202c5 100644
--- a/dspace-server-webapp/src/test/java/org/dspace/app/rest/ItemRestRepositoryIT.java
+++ b/dspace-server-webapp/src/test/java/org/dspace/app/rest/ItemRestRepositoryIT.java
@@ -5102,6 +5102,19 @@ public void submitterShouldSeeLocalNoteMetadata() throws Exception {
                 .andExpect(jsonPath("$", HalMatcher.matchNoEmbeds()))
                 .andExpect(jsonPath("$", existNoteLocalMetadataMatcher))
                 .andExpect(jsonPath("$", existDescriptionProvenanceMetadataMatcher));
+
+        // After the submitter is deleted, the response for the request made using the previously issued submitter
+        // token (which now authenticates as anonymous) should not contain
+        // `local.submission.note` and `dc.description.provenance` metadata
+        context.turnOffAuthorisationSystem();
+        EPersonBuilder.deleteEPerson(submitter.getID());
+        context.restoreAuthSystemState();
+
+        getClient(submitterToken).perform(get("/api/core/items/" + publicItem.getID()))
+                .andExpect(status().isOk())
+                .andExpect(jsonPath("$", HalMatcher.matchNoEmbeds()))
+                .andExpect(jsonPath("$", notExistNoteLocalMetadataMatcher))
+                .andExpect(jsonPath("$", notExistDescriptionProvenanceMetadataMatcher));
     }
 
     /**