Repository: openmeetings Updated Branches: refs/heads/master ac077c5f5 -> 2357db3f9
[OPENMEETINGS-1714] more issues are fixed Project: http://git-wip-us.apache.org/repos/asf/openmeetings/repo Commit: http://git-wip-us.apache.org/repos/asf/openmeetings/commit/2357db3f Tree: http://git-wip-us.apache.org/repos/asf/openmeetings/tree/2357db3f Diff: http://git-wip-us.apache.org/repos/asf/openmeetings/diff/2357db3f Branch: refs/heads/master Commit: 2357db3f9df3eee1568d371895a1a5c889c06013 Parents: ac077c5 Author: Maxim Solodovnik <[email protected]> Authored: Sun Oct 1 16:22:36 2017 +0700 Committer: Maxim Solodovnik <[email protected]> Committed: Sun Oct 1 16:22:36 2017 +0700 ---------------------------------------------------------------------- .../apache/openmeetings/db/dao/server/SOAPLoginDao.java | 11 +++++++++-- .../openmeetings/db/dao/server/SessiondataDao.java | 11 +++++++---- .../apache/openmeetings/webservice/TestUserService.java | 4 ++-- 3 files changed, 18 insertions(+), 8 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/openmeetings/blob/2357db3f/openmeetings-db/src/main/java/org/apache/openmeetings/db/dao/server/SOAPLoginDao.java ---------------------------------------------------------------------- diff --git a/openmeetings-db/src/main/java/org/apache/openmeetings/db/dao/server/SOAPLoginDao.java b/openmeetings-db/src/main/java/org/apache/openmeetings/db/dao/server/SOAPLoginDao.java index 26780f7..49c0adf 100644 --- a/openmeetings-db/src/main/java/org/apache/openmeetings/db/dao/server/SOAPLoginDao.java +++ b/openmeetings-db/src/main/java/org/apache/openmeetings/db/dao/server/SOAPLoginDao.java @@ -75,6 +75,9 @@ public class SOAPLoginDao { } public SOAPLogin get(String hash) { + if (hash == null) { + return null; + } try { //MSSql find nothing in case SID is passed as-is without wildcarting '%hash%' List<SOAPLogin> sList = em.createNamedQuery("getSoapLoginByHash", SOAPLogin.class) @@ -82,9 +85,13 @@ public class SOAPLoginDao { .getResultList(); if (sList.size() == 1) { - return sList.get(0); + SOAPLogin sl = sList.get(0); + if (hash.equals(sl.getHash())) { + return sl; + } else { + log.error("[get]: Wrong SOAPLogin was found by hash! {}", hash); + } } - if (sList.size() > 1) { log.error("[get]: there are more then one SOAPLogin with identical hash! {}", hash); } http://git-wip-us.apache.org/repos/asf/openmeetings/blob/2357db3f/openmeetings-db/src/main/java/org/apache/openmeetings/db/dao/server/SessiondataDao.java ---------------------------------------------------------------------- diff --git a/openmeetings-db/src/main/java/org/apache/openmeetings/db/dao/server/SessiondataDao.java b/openmeetings-db/src/main/java/org/apache/openmeetings/db/dao/server/SessiondataDao.java index 00a22fc..35e60d7 100644 --- a/openmeetings-db/src/main/java/org/apache/openmeetings/db/dao/server/SessiondataDao.java +++ b/openmeetings-db/src/main/java/org/apache/openmeetings/db/dao/server/SessiondataDao.java @@ -94,19 +94,22 @@ public class SessiondataDao { /** * Serches {@link Sessiondata} object by sessionId * - * @param SID - sessionId + * @param sid - sessionId * @return {@link Sessiondata} with sessionId == SID, or null if not found */ - public Sessiondata find(String SID) { + public Sessiondata find(String sid) { + if (sid == null) { + return null; + } //MSSql find nothing in case SID is passed as-is without wildcarting '%SID%' List<Sessiondata> sessions = em.createNamedQuery("getSessionById", Sessiondata.class) - .setParameter("sessionId", String.format("%%%s%%", SID)).getResultList(); + .setParameter("sessionId", String.format("%%%s%%", sid)).getResultList(); if (sessions == null || sessions.isEmpty()) { return null; } Sessiondata sd = sessions.get(0); - if (sd == null || sd.getUserId() == null || sd.getUserId().equals(new Long(0))) { + if (sd == null || sd.getUserId() == null || sd.getUserId().equals(new Long(0)) || !sid.equals(sd.getSessionId())) { return null; } return sd; http://git-wip-us.apache.org/repos/asf/openmeetings/blob/2357db3f/openmeetings-web/src/test/java/org/apache/openmeetings/webservice/TestUserService.java ---------------------------------------------------------------------- diff --git a/openmeetings-web/src/test/java/org/apache/openmeetings/webservice/TestUserService.java b/openmeetings-web/src/test/java/org/apache/openmeetings/webservice/TestUserService.java index f21318f..7428c83 100644 --- a/openmeetings-web/src/test/java/org/apache/openmeetings/webservice/TestUserService.java +++ b/openmeetings-web/src/test/java/org/apache/openmeetings/webservice/TestUserService.java @@ -81,14 +81,14 @@ public class TestUserService extends AbstractWebServiceTest { @Test public void hashTestNoAuth() { ServiceResult r = getHash("aa"); - assertEquals("OM Call should NOT be successful", r.getType(), Type.ERROR.name()); + assertEquals("OM Call should NOT be successful", Type.ERROR.name(), r.getType()); } @Test public void hashTest() throws OmException { ServiceResult r = login(); ServiceResult r1 = getHash(r.getMessage()); - assertEquals("OM Call should be successful", r1.getType(), Type.SUCCESS.name()); + assertEquals("OM Call should be successful", Type.SUCCESS.name(), r1.getType()); WebSession ws = WebSession.get(); assertTrue(ws.signIn(username, userpass, User.Type.user, null));
