You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@turbine.apache.org by tv...@apache.org on 2016/07/31 15:59:03 UTC
svn commit: r1754670 - in /turbine/core/trunk/src: changes/changes.xml
java/org/apache/turbine/modules/actions/LogoutUser.java
test/org/apache/turbine/pipeline/DefaultLoginValveTest.java
Author: tv
Date: Sun Jul 31 15:59:03 2016
New Revision: 1754670
URL: http://svn.apache.org/viewvc?rev=1754670&view=rev
Log:
Fix NPE in LogoutAction: draw user from session instead of RunData. Add test.
Modified:
turbine/core/trunk/src/changes/changes.xml
turbine/core/trunk/src/java/org/apache/turbine/modules/actions/LogoutUser.java
turbine/core/trunk/src/test/org/apache/turbine/pipeline/DefaultLoginValveTest.java
Modified: turbine/core/trunk/src/changes/changes.xml
URL: http://svn.apache.org/viewvc/turbine/core/trunk/src/changes/changes.xml?rev=1754670&r1=1754669&r2=1754670&view=diff
==============================================================================
--- turbine/core/trunk/src/changes/changes.xml (original)
+++ turbine/core/trunk/src/changes/changes.xml Sun Jul 31 15:59:03 2016
@@ -25,6 +25,9 @@
<body>
<release version="4.0" date="in Subversion">
+ <action type="fix" dev="tv">
+ Fix NPE in LogoutAction: draw user from session instead of RunData. Add test.
+ </action>
<action type="update" dev="tv">
Update BrowserDetector to support contemporary browsers.
</action>
Modified: turbine/core/trunk/src/java/org/apache/turbine/modules/actions/LogoutUser.java
URL: http://svn.apache.org/viewvc/turbine/core/trunk/src/java/org/apache/turbine/modules/actions/LogoutUser.java?rev=1754670&r1=1754669&r2=1754670&view=diff
==============================================================================
--- turbine/core/trunk/src/java/org/apache/turbine/modules/actions/LogoutUser.java (original)
+++ turbine/core/trunk/src/java/org/apache/turbine/modules/actions/LogoutUser.java Sun Jul 31 15:59:03 2016
@@ -63,7 +63,7 @@ public class LogoutUser
* If this action name is the value of action.logout then we are
* being run before the session validator, so we don't need to
* set the screen (we assume that the session validator will handle
- * that). This is basically still here simply to preserve old behaviour
+ * that). This is basically still here simply to preserve old behavior
* - it is recommended that action.logout is set to "LogoutUser" and
* that the session validator does handle setting the screen/template
* for a logged out (read not-logged-in) user.
@@ -77,7 +77,9 @@ public class LogoutUser
throws FulcrumSecurityException
{
RunData data = getRunData(pipelineData);
- User user = data.getUser();
+
+ // Session validator did not run, so RunData is not populated
+ User user = data.getUserFromSession();
if (!security.isAnonymousUser(user))
{
Modified: turbine/core/trunk/src/test/org/apache/turbine/pipeline/DefaultLoginValveTest.java
URL: http://svn.apache.org/viewvc/turbine/core/trunk/src/test/org/apache/turbine/pipeline/DefaultLoginValveTest.java?rev=1754670&r1=1754669&r2=1754670&view=diff
==============================================================================
--- turbine/core/trunk/src/test/org/apache/turbine/pipeline/DefaultLoginValveTest.java (original)
+++ turbine/core/trunk/src/test/org/apache/turbine/pipeline/DefaultLoginValveTest.java Sun Jul 31 15:59:03 2016
@@ -22,6 +22,7 @@ package org.apache.turbine.pipeline;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
@@ -61,6 +62,7 @@ public class DefaultLoginValveTest exten
private EnhancedMockHttpServletRequest request = null;
private EnhancedMockHttpSession session = null;
private HttpServletResponse response = null;
+ private SecurityService securityService = null;
@BeforeClass
@@ -89,15 +91,16 @@ public class DefaultLoginValveTest exten
session = new EnhancedMockHttpSession();
response = new MockHttpServletResponse();
- session.setupGetAttribute(User.SESSION_KEY, null);
-
request.setSession(session);
// User must exist
- SecurityService securityService = (SecurityService)TurbineServices.getInstance().getService(SecurityService.SERVICE_NAME);
- User user = securityService.getUserInstance();
- user.setName("username");
- securityService.addUser(user, "password");
+ securityService = (SecurityService)TurbineServices.getInstance().getService(SecurityService.SERVICE_NAME);
+ if (!securityService.accountExists("username"))
+ {
+ User user = securityService.getUserInstance();
+ user.setName("username");
+ securityService.addUser(user, "password");
+ }
}
/**
@@ -105,6 +108,8 @@ public class DefaultLoginValveTest exten
*/
@Test public void testDefaults() throws Exception
{
+ session.setupGetAttribute(User.SESSION_KEY, null);
+
Vector<String> v = new Vector<String>();
v.add(LoginUser.CGI_USERNAME);
v.add(LoginUser.CGI_PASSWORD);
@@ -130,6 +135,32 @@ public class DefaultLoginValveTest exten
assertTrue(user.hasLoggedIn());
}
+ /**
+ * Tests the LogoutAction.
+ */
+ @Test public void testLogout() throws Exception
+ {
+ User user = securityService.getUser("username");
+ user.setHasLoggedIn(Boolean.TRUE);
+ session.setupGetAttribute(User.SESSION_KEY, user);
+
+ RunData runData = getRunData(request,response,config);
+ runData.setAction(TurbineConstants.ACTION_LOGOUT_DEFAULT);
+
+ Pipeline pipeline = new TurbinePipeline();
+ PipelineData pipelineData = runData;
+
+ DefaultLoginValve valve = new DefaultLoginValve();
+ pipeline.addValve(valve);
+ pipeline.initialize();
+
+ pipeline.invoke(pipelineData);
+ user = runData.getUser();
+ assertNotNull(user);
+ assertTrue(securityService.isAnonymousUser(user));
+ assertFalse(user.hasLoggedIn());
+ }
+
@AfterClass
public static void destroy() {
tc.dispose();