This is an automated email from the git hooks/post-receive script. unknown user pushed a commit to branch devel in repository Pollen. commit 4d1266d0a21c3328e78b046706f6f99b61f7c3e3 Author: Tony CHEMIT <chemit@codelutin.com> Date: Thu May 22 12:14:43 2014 +0200 change error code when session token is expired --- pollen-rest-api/src/main/resources/mapping | 5 ++- .../services/service/security/SecurityService.java | 45 +++++++++++----------- 2 files changed, 26 insertions(+), 24 deletions(-) diff --git a/pollen-rest-api/src/main/resources/mapping b/pollen-rest-api/src/main/resources/mapping index dcfdb6f..38cd416 100644 --- a/pollen-rest-api/src/main/resources/mapping +++ b/pollen-rest-api/src/main/resources/mapping @@ -11,9 +11,9 @@ default.render=org.chorem.pollen.rest.api.PollenRender [errors] org.chorem.pollen.services.service.security.PollenAuthenticationException ErrorAction.on401 +org.chorem.pollen.services.service.security.PollenInvalidSessionTokenException ErrorAction.on401 org.chorem.pollen.services.service.security.PollenUnauthorizedException ErrorAction.on403 org.chorem.pollen.services.service.security.PollenInvalidPermissionException ErrorAction.on403 -org.chorem.pollen.services.service.security.PollenInvalidSessionTokenException ErrorAction.on401 org.chorem.pollen.services.service.security.PollenInvalidEmailActivationTokenException ErrorAction.on403 org.chorem.pollen.services.service.InvalidFormException ErrorAction.on400Form org.nuiton.topia.persistence.TopiaNoResultException ErrorAction.on404 @@ -99,7 +99,8 @@ PUT /v1/users/{userId}?token={} PollenUserApi.validateUserEmail # VoteCountingApi -GET /v1/polls/{pollId}/results VoteCountingApi.getResult +GET /v1/polls/{pollId}/results VoteCountingApi.getMainResult +GET /v1/polls/{pollId}/groupResults VoteCountingApi.getGroupResult # VoterListApi diff --git a/pollen-services/src/main/java/org/chorem/pollen/services/service/security/SecurityService.java b/pollen-services/src/main/java/org/chorem/pollen/services/service/security/SecurityService.java index d5c62cb..26641c9 100644 --- a/pollen-services/src/main/java/org/chorem/pollen/services/service/security/SecurityService.java +++ b/pollen-services/src/main/java/org/chorem/pollen/services/service/security/SecurityService.java @@ -178,7 +178,9 @@ public class SecurityService extends PollenServiceSupport { sessionToken = getSessionTokenDao().findUniqueOrNullByToken(token); if (sessionToken == null) { + throw new PollenInvalidSessionTokenException(); + } // check that token is still valid @@ -193,37 +195,36 @@ public class SecurityService extends PollenServiceSupport { } getSessionTokenDao().delete(sessionToken); commit(); - sessionToken = null; - - } else { - int sessionTimeout = getPollenServiceConfig().getSessionTimeoutDelay(); + throw new PollenInvalidSessionTokenException(); - Calendar calendar = Calendar.getInstance(); - // From now - calendar.setTimeInMillis(now.getTime()); - // add session timeout delay - calendar.add(Calendar.SECOND, sessionTimeout); - // retrieve 5 minutes - calendar.add(Calendar.MINUTE, -5); + } - Date minEndDateToUpdate = calendar.getTime(); + int sessionTimeout = getPollenServiceConfig().getSessionTimeoutDelay(); - if (minEndDateToUpdate.after(endDate)) { + Calendar calendar = Calendar.getInstance(); + // From now + calendar.setTimeInMillis(now.getTime()); + // add session timeout delay + calendar.add(Calendar.SECOND, sessionTimeout); + // retrieve 5 minutes + calendar.add(Calendar.MINUTE, -5); - // update end date (now + sessionTimeout) - calendar.setTime(now); - calendar.add(Calendar.SECOND, sessionTimeout); - Date newEndDate = calendar.getTime(); + Date minEndDateToUpdate = calendar.getTime(); - if (log.isDebugEnabled()) { - log.debug(String.format("SessionToken %s update endDate : %s", sessionToken.getPollenToken().getToken(), newEndDate)); - } - sessionToken.getPollenToken().setEndDate(newEndDate); + if (minEndDateToUpdate.after(endDate)) { - commit(); + // update end date (now + sessionTimeout) + calendar.setTime(now); + calendar.add(Calendar.SECOND, sessionTimeout); + Date newEndDate = calendar.getTime(); + if (log.isDebugEnabled()) { + log.debug(String.format("SessionToken %s update endDate : %s", sessionToken.getPollenToken().getToken(), newEndDate)); } + sessionToken.getPollenToken().setEndDate(newEndDate); + + commit(); } -- To stop receiving notification emails like this one, please contact Chorem.org SCM administrator <admin+scm@chorem.org>.