This is an automated email from the ASF dual-hosted git repository.
solomax pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openmeetings.git
The following commit(s) were added to refs/heads/master by this push:
new fd3a6b1 [OPENMEETINGS-2465] invitation should be re-checked each time
in session
fd3a6b1 is described below
commit fd3a6b176a4e91ce0d4fd3931b67c48325b8f11c
Author: Maxim Solodovnik <solomax...@gmail.com>
AuthorDate: Wed Oct 14 19:30:37 2020 +0700
[OPENMEETINGS-2465] invitation should be re-checked each time in session
---
.../apache/openmeetings/web/app/WebSession.java | 35 ++++++++++++----------
1 file changed, 19 insertions(+), 16 deletions(-)
diff --git
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/app/WebSession.java
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/app/WebSession.java
index c56386c..9197201 100644
---
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/app/WebSession.java
+++
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/app/WebSession.java
@@ -114,7 +114,7 @@ public class WebSession extends
AbstractAuthenticatedWebSession implements IWebS
private FastDateFormat iso8601Format = null;
private FastDateFormat sdf = null;
private UserDashboard dashboard;
- private Invitation i = null;
+ private Invitation invitation = null;
private SOAPLogin soap = null;
private Long roomId = null;
private Long recordingId = null;
@@ -153,7 +153,7 @@ public class WebSession extends
AbstractAuthenticatedWebSession implements IWebS
iso8601Format = null;
sdf = null;
languageId = -1;
- i = null;
+ invitation = null;
soap = null;
roomId = null;
recordingId = null;
@@ -219,8 +219,8 @@ public class WebSession extends
AbstractAuthenticatedWebSession implements IWebS
}
}
- public void checkHashes(StringValue secure, StringValue invitation) {
- log.debug("checkHashes, secure: '{}', invitation: '{}'",
secure, invitation);
+ public void checkHashes(StringValue secure, StringValue inviteStr) {
+ log.debug("checkHashes, secure: '{}', invitation: '{}'",
secure, inviteStr);
try {
log.debug("checkHashes, has soap in session ? '{}'",
(soap != null));
if (!secure.isEmpty() && (soap == null ||
!soap.getHash().equals(secure.toString()))) {
@@ -231,29 +231,32 @@ public class WebSession extends
AbstractAuthenticatedWebSession implements IWebS
}
signIn(secure.toString(), true);
}
- if (!invitation.isEmpty() && (i == null ||
!i.getHash().equals(invitation.toString()))) {
+ if (!inviteStr.isEmpty()) {
+ // invitation should be re-checked each time,
due to PERIOD invitation can be
+ // 1) not ready
+ // 2) already expired
// otherwise already logged-in with the same
hash
if (isSignedIn()) {
log.debug("invitation: Session is
authorized, going to invalidate");
invalidateNow();
}
- i = inviteDao.getByHash(invitation.toString(),
false);
+ invitation =
inviteDao.getByHash(inviteStr.toString(), false);
Room r = null;
- if (i != null && i.isAllowEntry()) {
+ if (invitation != null &&
invitation.isAllowEntry()) {
Set<Right> hrights = new HashSet<>();
- if (i.getRoom() != null) {
- r = i.getRoom();
- } else if (i.getAppointment() != null
&& i.getAppointment().getRoom() != null) {
- r =
i.getAppointment().getRoom();
- } else if (i.getRecording() != null) {
- recordingId =
i.getRecording().getId();
+ if (invitation.getRoom() != null) {
+ r = invitation.getRoom();
+ } else if (invitation.getAppointment()
!= null && invitation.getAppointment().getRoom() != null) {
+ r =
invitation.getAppointment().getRoom();
+ } else if (invitation.getRecording() !=
null) {
+ recordingId =
invitation.getRecording().getId();
}
if (r != null) {
- redirectHash(r, () ->
inviteDao.markUsed(i));
+ redirectHash(r, () ->
inviteDao.markUsed(invitation));
hrights.add(Right.ROOM);
roomId = r.getId();
}
- setUser(i.getInvitee(), hrights);
+ setUser(invitation.getInvitee(),
hrights);
}
}
} catch (RedirectToUrlException e) {
@@ -430,7 +433,7 @@ public class WebSession extends
AbstractAuthenticatedWebSession implements IWebS
}
public Invitation getInvitation() {
- return i;
+ return invitation;
}
public SOAPLogin getSoapLogin() {
