fixes issue 9375: OBContext is not stored in session in case of login through REST
authorMartin Taal <martin.taal@openbravo.com>
Mon, 08 Jun 2009 13:49:27 +0200
changeset 3981 e4caff5b5554
parent 3980 7ea6521d32dc
child 3982 97e2fba62f90
fixes issue 9375: OBContext is not stored in session in case of login through REST
src-test/org/openbravo/test/webservice/BaseWSTest.java
src-test/org/openbravo/test/webservice/WSReadTest.java
src/org/openbravo/dal/core/OBContext.java
src/org/openbravo/service/web/BaseWebServiceServlet.java
--- a/src-test/org/openbravo/test/webservice/BaseWSTest.java	Mon Jun 08 13:44:56 2009 +0200
+++ b/src-test/org/openbravo/test/webservice/BaseWSTest.java	Mon Jun 08 13:49:27 2009 +0200
@@ -154,8 +154,8 @@
   }
 
   /**
-   * Executes a GET request. The content is validated against the XML schema retrieved using the
-   * /ws/dal/schema webservice call.
+   * Executes a GET request and validates the return against the schema. The content is validated
+   * against the XML schema retrieved using the /ws/dal/schema webservice call.
    * 
    * @param wsPart
    *          the actual webservice part of the url, is appended to the openbravo url (
@@ -168,6 +168,27 @@
    * @return the content returned from the GET request
    */
   protected String doTestGetRequest(String wsPart, String testContent, int responseCode) {
+    return doTestGetRequest(wsPart, testContent, responseCode, true);
+  }
+
+  /**
+   * Executes a GET request. The content is validated against the XML schema retrieved using the
+   * /ws/dal/schema webservice call.
+   * 
+   * @param wsPart
+   *          the actual webservice part of the url, is appended to the openbravo url (
+   *          {@link #getOpenbravoURL()}), includes any query parameters
+   * @param testContent
+   *          the system check that the returned content contains this testContent. if null is
+   *          passed for this parameter then this check is not done.
+   * @param responseCode
+   *          the expected HTTP response code
+   * @param validate
+   *          if true then the response content is validated against the Openbravo XML Schema
+   * @return the content returned from the GET request
+   */
+  protected String doTestGetRequest(String wsPart, String testContent, int responseCode,
+      boolean validate) {
     try {
       final HttpURLConnection hc = createConnection(wsPart, "GET");
       hc.connect();
@@ -182,7 +203,7 @@
       assertEquals(responseCode, hc.getResponseCode());
       is.close();
       // do not validate the xml schema itself, this results in infinite loops
-      if (!wsPart.contains("/ws/dal/schema")) {
+      if (validate) {
         validateXML(content);
       }
       return content;
@@ -283,7 +304,7 @@
       return xmlSchema;
     }
 
-    xmlSchema = doTestGetRequest("/ws/dal/schema", "<xs:element name=\"Openbravo\">", 200);
+    xmlSchema = doTestGetRequest("/ws/dal/schema", "<xs:element name=\"Openbravo\">", 200, false);
     return xmlSchema;
   }
 
--- a/src-test/org/openbravo/test/webservice/WSReadTest.java	Mon Jun 08 13:44:56 2009 +0200
+++ b/src-test/org/openbravo/test/webservice/WSReadTest.java	Mon Jun 08 13:49:27 2009 +0200
@@ -43,7 +43,7 @@
    * @throws Exception
    */
   public void testSchemaWebService() throws Exception {
-    doTestGetRequest("/ws/dal/schema", "<xs:element name=\"Openbravo\">", 200);
+    doTestGetRequest("/ws/dal/schema", "<xs:element name=\"Openbravo\">", 200, false);
   }
 
   /**
@@ -52,7 +52,7 @@
    * @throws Exception
    */
   public void testTypesWebService() throws Exception {
-    doTestGetRequest("/ws/dal", "<Types>", 200);
+    doTestGetRequest("/ws/dal", "<Types>", 200, false);
   }
 
   /**
--- a/src/org/openbravo/dal/core/OBContext.java	Mon Jun 08 13:44:56 2009 +0200
+++ b/src/org/openbravo/dal/core/OBContext.java	Mon Jun 08 13:49:27 2009 +0200
@@ -85,9 +85,12 @@
   private static OBContext adminContext = null;
 
   /**
-   * Sets the context to the 0 (SystemAdmin) user. Note overrides the current OBContext. This method
-   * should be used in case there is no real user context yet because the user still has to login
-   * (for example).
+   * Sets the context to the 0 (SystemAdmin) user.
+   * 
+   * Note overwrites the current OBContext! This method should be used in case there is no real user
+   * context yet because the user still has to login (for example).
+   * 
+   * In all other cases use the method {@link #setInAdministratorMode(boolean)}.
    */
   public static void setAdminContext() {
     if (adminContext == null) {
@@ -114,7 +117,7 @@
     if (context == null) {
       context = new OBContext();
       if (context.setFromRequest(request)) {
-        request.getSession().setAttribute(CONTEXT_PARAM, context);
+        setOBContextInSession(request, context);
         setOBContext(context);
       }
     } else {
@@ -126,6 +129,18 @@
   }
 
   /**
+   * Sets the passed OBContext in the http session.
+   * 
+   * @param request
+   *          the http request used to get the http session
+   * @param context
+   *          the context which will be stored in the session
+   */
+  public static void setOBContextInSession(HttpServletRequest request, OBContext context) {
+    request.getSession().setAttribute(CONTEXT_PARAM, getOBContext());
+  }
+
+  /**
    * Creates the context using the userId and sets it in the thread (as a ThreadLocal). The user
    * denoted by the userId will be automatically logged in.
    * 
--- a/src/org/openbravo/service/web/BaseWebServiceServlet.java	Mon Jun 08 13:44:56 2009 +0200
+++ b/src/org/openbravo/service/web/BaseWebServiceServlet.java	Mon Jun 08 13:49:27 2009 +0200
@@ -125,6 +125,7 @@
     }
     if (userId != null) {
       OBContext.setOBContext(UserContextCache.getInstance().getCreateOBContext(userId));
+      OBContext.setOBContextInSession(request, OBContext.getOBContext());
       return true;
     } else {
       return false;