[Treebase-guts] SF.net SVN: treebase:[462] trunk/treebase-web/src/main/java/org/cipres/ treebase/web

[<rv...@us...>]

Revision: 462
          http://treebase.svn.sourceforge.net/treebase/?rev=462&view=rev
Author:   rvos
Date:     2010-01-15 17:19:50 +0000 (Fri, 15 Jan 2010)

Log Message:
-----------
Now stores access denied explicitly in session.

Modified Paths:
--------------
    trunk/treebase-web/src/main/java/org/cipres/treebase/web/Constants.java
    trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java

Modified: trunk/treebase-web/src/main/java/org/cipres/treebase/web/Constants.java
===================================================================
--- trunk/treebase-web/src/main/java/org/cipres/treebase/web/Constants.java	2010-01-15 17:09:07 UTC (rev 461)
+++ trunk/treebase-web/src/main/java/org/cipres/treebase/web/Constants.java	2010-01-15 17:19:50 UTC (rev 462)
@@ -26,6 +26,7 @@
 	 */
 	public static final String X_ACCESS_CODE = "x-access-code";
 	public static final String REVIEWER_ACCESS_GRANTED = "reviewerAccessGranted";
+	public static final String REVIEWER_ACCESS_DENIED = "reviewerAccessDenied";
 	
 	public static final String STUDY_MAP = "studyMap";
 	public static final String ANALYSIS_MAP = "analysisMap";

Modified: trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java
===================================================================
--- trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java	2010-01-15 17:09:07 UTC (rev 461)
+++ trunk/treebase-web/src/main/java/org/cipres/treebase/web/controllers/BaseFormController.java	2010-01-15 17:19:50 UTC (rev 462)
@@ -179,11 +179,6 @@
 	}
 
 	private boolean isReviewerAccessGranted(HttpServletRequest pRequest) {
-		if ( "cancel".equals(pRequest.getParameter("agreement")) ) {
-			pRequest.getSession().setAttribute(Constants.REVIEWER_ACCESS_GRANTED, false);
-			pRequest.getSession().setAttribute("displayAgreement",true);
-			return false;
-		}
 		boolean reviewerAccessGranted = false;
 		Object xAccesCodeObject = pRequest.getSession().getAttribute(Constants.X_ACCESS_CODE);
 		if ( xAccesCodeObject != null ) {
@@ -209,6 +204,7 @@
 					pRequest.getSession().setAttribute("displayAgreement",false);
 				}
 				pRequest.getSession().setAttribute(Constants.REVIEWER_ACCESS_GRANTED, reviewerAccessGranted);
+				pRequest.getSession().removeAttribute(Constants.REVIEWER_ACCESS_DENIED);
 			}
 			else {
 				LOGGER.info("x-access-code doesn't match computed hashed study id");
@@ -218,6 +214,12 @@
 		else {
 			LOGGER.info("No x-access-code parameter supplied");
 		}
+		if ( "cancel".equals(pRequest.getParameter("agreement")) || pRequest.getSession().getAttribute(Constants.REVIEWER_ACCESS_DENIED) != null) {
+			pRequest.getSession().setAttribute(Constants.REVIEWER_ACCESS_GRANTED, false);
+			pRequest.getSession().setAttribute("displayAgreement",true);
+			pRequest.getSession().setAttribute(Constants.REVIEWER_ACCESS_DENIED, true);
+			return false;
+		}		
 		return reviewerAccessGranted;
 	}
 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.