This bean holds user and session object of the current user after he
joins a session and could be used to access those objects within the
application.

Added two simple URIs to get a JSON representation of the referenced
objects.

API specification.
Changed StatisticsController to allow requests without a trailing slash
to be consistent with the other **/statistics paths.

If the current session is linked to a course and there are other sessions
for this course, add a number to the name and short name of the session,
indicating which session is ment since all sessions will have the same
name and short name.

/questionbylecturer/* => [/session/{sessionKey}]/lecturerquestion/*
/questionbyaudience/* => [/session/{sessionKey}]/audiencequestion/*

API changes:
- /session/visitedsessions => /session/?filter=visited
- /session/mysessions => /session/?filter=owned
Added changed routes to LegacyController.

This allows expecting those exceptions in test classes.

/socketurl => /socket/url
/authorize => /socket/assign
Changed status code for /socket/assign to 204 (this does not create).

* rename methods to clearify that this are sockets

cthelen recently

remove methods from session controller which are now in its own
controller

All relevant information about users (e.g. session mebership) are
accessible via UserService.
The method IUserService::getCurrentUser provides information about
the actual logged in user. If no user is logged in, this method will
throw a UnauthorizedException which will end up in 401 HTTP error.

This adds URI
"/session/mysessions"
in addition to the old URI which still can be used.

All feedback methods are available in class FeedbackController, all
question methods are available in class QuestionController.

None of the URIs are changed!

Added second URI for method QuestionController::getSkillQuestions that
matches common URI rules in ARSnova:
"/session/{sessionkey}/skillquestions"
Both, the old an the new URI can be used equally.

Currently, there is an issue with the response. It seems like Spring
is trying to resolve some view, but fails, and then displaying
a message stating POST is not allowed.

The properties are needed by the client and must not be ignored.

This checks if there is a user in current security context. If not, an
UnauthorizedException is thrown which will result in HTTP - 401.

This patch uses AbstractController class to add exception handlers
into controllers. These handlers are used to detect some runtime exceptions
which can be thrown in any layer e.g. DAO or service layer.
They recognize NotFoundException and ForbiddenException. Test classes are
able to check if any of these exceptions are thrown during runtime.

/getSkillQuestions/{sessionkey}, by default sort by subject but if
getSkillQuestions/{sessionkey}?sort=text the result will be sorted by
subject and text

doesnt throw exceptions if fields are not set. remove info output

If a session was not found in database this will result in http 404,
if the session is not accessable for the current user the request will
result in http 403.

The old behavior was to check for null. This was the response if the
session was not found or the current user could not access this session
(not owner and inactive sessions). Both ended up with http 404 - not found.