Merge pull request #3187 from devgateway/bug/AMP-29441/fix-activity-f…

…orm-session-management AMP-29441: Fixed code that accessed invalidated session
devgateway · Nov 29, 2019 · 0ac881b · 0ac881b
2 parents 554f7bb + 2a28cf2
commit 0ac881b
Showing 1 changed file with 10 additions and 25 deletions.
diff --git a/amp/WEB-INF/src/org/dgfoundation/amp/onepager/AmpAuthWebSession.java b/amp/WEB-INF/src/org/dgfoundation/amp/onepager/AmpAuthWebSession.java
@@ -5,7 +5,6 @@
 package org.dgfoundation.amp.onepager;
 
 import java.util.Collection;
-import java.util.Locale;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
@@ -15,11 +14,11 @@
 import org.apache.wicket.authroles.authentication.AuthenticatedWebSession;
 import org.apache.wicket.authroles.authorization.strategies.role.Roles;
 import org.apache.wicket.request.Request;
+import org.apache.wicket.request.cycle.RequestCycle;
 import org.dgfoundation.amp.onepager.util.ActivityUtil;
 import org.dgfoundation.amp.onepager.util.FMFormCache;
 import org.digijava.kernel.request.Site;
 import org.digijava.kernel.request.SiteDomain;
-import org.digijava.kernel.request.TLSUtils;
 import org.digijava.kernel.util.SiteCache;
 import org.digijava.module.aim.dbentity.AmpTeamMember;
 import org.digijava.module.aim.helper.TeamMember;
@@ -44,8 +43,6 @@ public class AmpAuthWebSession extends AuthenticatedWebSession {
     private boolean fmMode;
     private TeamMember currentMember;
     private AmpTeamMember ampCurrentMember;
-    private HttpSession httpSession;
-    //private HttpServletRequest httpRequest;
     private Site site;
     private String isAdmin;
     private Long formType;
@@ -54,7 +51,7 @@ public class AmpAuthWebSession extends AuthenticatedWebSession {
 
     public String getIsAdmin() {
         if (isAdmin == null){
-            isAdmin = (String)httpSession.getAttribute("ampAdmin");
+            isAdmin = (String) getHttpSession().getAttribute("ampAdmin");
         }
         return isAdmin;
     }
@@ -68,7 +65,7 @@ public AmpAuthWebSession(final Request request) {
         fmMode = false;
         translatorMode = false;
         HttpServletRequest wRequest = (HttpServletRequest) request.getContainerRequest();
-        httpSession = wRequest.getSession();        
+        HttpSession httpSession = wRequest.getSession();
         currentMember = (TeamMember)httpSession.getAttribute("currentMember");
         isAdmin = (String)httpSession.getAttribute("ampAdmin");
         if (currentMember != null)
@@ -82,14 +79,18 @@ public AmpAuthWebSession(final Request request) {
 
     public void reset(){
         formType = ActivityUtil.ACTIVITY_TYPE_PROJECT;
-        currentMember = (TeamMember)httpSession.getAttribute("currentMember");
-        isAdmin = (String)httpSession.getAttribute("ampAdmin");
+        currentMember = (TeamMember) getHttpSession().getAttribute("currentMember");
+        isAdmin = (String) getHttpSession().getAttribute("ampAdmin");
         if (currentMember != null)
             ampCurrentMember = TeamMemberUtil.getAmpTeamMemberCached(currentMember.getMemberId());
         else
             ampCurrentMember = null;
         dirty();
     }
+
+    public HttpSession getHttpSession() {
+        return ((HttpServletRequest) RequestCycle.get().getRequest().getContainerRequest()).getSession();
+    }
 
 
     public Site getSite() {
@@ -114,30 +115,14 @@ public void setAmpCurrentMember(AmpTeamMember ampCurrentMember) {
 
     public TeamMember getCurrentMember() {
         if (currentMember == null){
-            currentMember = (TeamMember)httpSession.getAttribute("currentMember");
+            currentMember = (TeamMember) getHttpSession().getAttribute("currentMember");
         }
         return currentMember;
     }
     public void setCurrentMember(TeamMember currentMember) {
         this.currentMember = currentMember;
     }
 
-    public HttpSession getHttpSession() {
-        return httpSession;
-    }
-//  public void setHttpSession(HttpSession httpSession) {
-//      this.httpSession = httpSession;
-//  }
-
-//  public HttpServletRequest getHttpRequest()
-//  {
-//      return httpRequest;
-//  }
-    /*
-    public AmpAuthWebSession(final AuthenticatedWebApplication application, final Request request) {
-        super(application, request);
-    }
-    */
     public boolean isTranslatorMode() {
         return translatorMode;
     }