Task #3808: Check if current user is creator of session

A session will be returned if one of the following cases are true: * the session is active * the session is inactive AND current (logged in) user is the creator

Task #3808: Check if current user is creator of session
A session will be returned if one of the following cases are true: * the session is active * the session is inactive AND current (logged in) user is the creator
558cdfce · Paul-Christian Volkmer · 3e1c2aeb · 558cdfce
Commit 558cdfce authored 12 years ago by Paul-Christian Volkmer
--- a/src/main/java/de/thm/arsnova/services/SessionService.java
+++ b/src/main/java/de/thm/arsnova/services/SessionService.java
@@ -26,6 +26,9 @@ import net.sf.json.JSONObject;

 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.User;
 import org.springframework.stereotype.Service;

 import com.fourspaces.couchdb.Database;
@@ -58,9 +61,10 @@ public class SessionService implements ISessionService {
 				results.getJSONArray("rows").optJSONObject(0)
 						.optJSONObject("value"), Session.class);

-		if (result.isActive())
+		if (result.isActive() || result.getCreator().equals(this.actualUserName())) {
 			return result;
-
+		}
+		
 		return null;
 	}

@@ -137,4 +141,13 @@ public class SessionService implements ISessionService {
 	private String currentTimestamp() {
 		return Long.toString(System.currentTimeMillis());
 	}
+	
+	private String actualUserName() {
+		try {
+			Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+			User user = (User) authentication.getPrincipal();
+			return user.getUsername();
+		} catch (ClassCastException e) {}
+		return null;
+	}
 }