diff --git a/navalplanner-webapp/src/main/java/org/navalplanner/web/common/TemplateModel.java b/navalplanner-webapp/src/main/java/org/navalplanner/web/common/TemplateModel.java index 450f9b286..bc1c9f727 100644 --- a/navalplanner-webapp/src/main/java/org/navalplanner/web/common/TemplateModel.java +++ b/navalplanner-webapp/src/main/java/org/navalplanner/web/common/TemplateModel.java @@ -51,12 +51,12 @@ import org.navalplanner.business.scenarios.entities.OrderVersion; import org.navalplanner.business.scenarios.entities.Scenario; import org.navalplanner.business.users.daos.IUserDAO; import org.navalplanner.business.users.entities.User; +import org.navalplanner.web.security.SecurityUtils; import org.navalplanner.web.users.bootstrap.MandatoryUser; import org.navalplanner.web.users.services.CustomUser; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.config.BeanDefinition; import org.springframework.context.annotation.Scope; -import org.springframework.security.context.SecurityContextHolder; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import org.zkoss.ganttz.adapters.PlannerConfiguration; @@ -231,8 +231,9 @@ public class TemplateModel implements ITemplateModel { private void associateToUser(Scenario scenario, User user) { user.setLastConnectedScenario(scenario); userDAO.save(user); - CustomUser customUser = (CustomUser) SecurityContextHolder.getContext() - .getAuthentication().getPrincipal(); + CustomUser customUser = SecurityUtils.getLoggedUser(); + assert customUser != null : "user must be logged for this method to be called"; + customUser.setScenario(scenario); } diff --git a/navalplanner-webapp/src/main/java/org/navalplanner/web/scenarios/CurrentUserScenarioAwareManager.java b/navalplanner-webapp/src/main/java/org/navalplanner/web/scenarios/CurrentUserScenarioAwareManager.java index 4aa1a0ceb..628f83fd6 100644 --- a/navalplanner-webapp/src/main/java/org/navalplanner/web/scenarios/CurrentUserScenarioAwareManager.java +++ b/navalplanner-webapp/src/main/java/org/navalplanner/web/scenarios/CurrentUserScenarioAwareManager.java @@ -28,10 +28,9 @@ import org.navalplanner.business.scenarios.IScenarioManager; import org.navalplanner.business.scenarios.bootstrap.IScenariosBootstrap; import org.navalplanner.business.scenarios.daos.IScenarioDAO; import org.navalplanner.business.scenarios.entities.Scenario; +import org.navalplanner.web.security.SecurityUtils; import org.navalplanner.web.users.services.CustomUser; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.Authentication; -import org.springframework.security.context.SecurityContextHolder; import org.springframework.transaction.annotation.Transactional; /** @@ -52,32 +51,33 @@ public class CurrentUserScenarioAwareManager implements IScenarioManager { @Override @Transactional(readOnly = true) public Scenario getCurrent() { - Authentication authentication = SecurityContextHolder.getContext() - .getAuthentication(); - Scenario scenario = authentication == null ? scenariosBootstrap - .getMain() : getScenarioFrom(authentication); + Scenario scenario = scenarioAssociatedToLoggedUser(); + return reload(scenario); + } + private Scenario scenarioAssociatedToLoggedUser() { + CustomUser loggedUser = SecurityUtils.getLoggedUser(); + if (loggedUser == null) { + return scenariosBootstrap.getMain(); + } + return loggedUser.getScenario(); + } + + private Scenario reload(Scenario scenario) { if (scenario.getId() == null) { return scenario; } - - scenario = scenarioDAO.findExistingEntity(scenario.getId()); - forceLoad(scenario); - return scenario; + return forceLoad(scenarioDAO.findExistingEntity(scenario.getId())); } - private void forceLoad(Scenario scenario) { + private Scenario forceLoad(Scenario scenario) { scenarioDAO.reattach(scenario); Set orders = scenario.getOrders().keySet(); for (Order order : orders) { orderDAO.reattach(order); order.getName(); } - } - - private Scenario getScenarioFrom(Authentication authentication) { - CustomUser user = (CustomUser) authentication.getPrincipal(); - return user.getScenario(); + return scenario; } } diff --git a/navalplanner-webapp/src/main/java/org/navalplanner/web/security/SecurityUtils.java b/navalplanner-webapp/src/main/java/org/navalplanner/web/security/SecurityUtils.java index 9479999c4..cebe81017 100644 --- a/navalplanner-webapp/src/main/java/org/navalplanner/web/security/SecurityUtils.java +++ b/navalplanner-webapp/src/main/java/org/navalplanner/web/security/SecurityUtils.java @@ -28,6 +28,7 @@ import javax.servlet.http.HttpServletRequest; import org.navalplanner.business.users.entities.UserRole; import org.navalplanner.web.users.bootstrap.MandatoryUser; import org.navalplanner.web.users.services.CustomUser; +import org.springframework.security.Authentication; import org.springframework.security.context.SecurityContextHolder; import org.zkoss.zk.ui.Executions; @@ -56,8 +57,18 @@ public final class SecurityUtils { return principal.getName(); } + /** + * @return null if not user is logged + */ public final static CustomUser getLoggedUser() { - return (CustomUser) SecurityContextHolder.getContext() - .getAuthentication().getPrincipal(); + Authentication authentication = getAuthentication(); + if (authentication == null) { + return null; + } + return (CustomUser) authentication.getPrincipal(); + } + + private static Authentication getAuthentication() { + return SecurityContextHolder.getContext().getAuthentication(); } }