mirror of https://github.com/apache/cloudstack.git
Change session parameters to be their actual type (domainId and userId are saved to the session as Longs and not Strings)
This commit is contained in:
Kris McQueen
parent
9e2d1f5e70
commit
da660f2575
|
|
@ -380,7 +380,7 @@ public class ApiServer implements HttpRequestHandler {
|
|||
}
|
||||
}
|
||||
|
||||
public boolean verifyRequest(Map<String, Object[]> requestParameters, String userId) {
|
||||
public boolean verifyRequest(Map<String, Object[]> requestParameters, Long userId) {
|
||||
try {
|
||||
String apiKey = null;
|
||||
String secretKey = null;
|
||||
|
|
@ -397,7 +397,7 @@ public class ApiServer implements HttpRequestHandler {
|
|||
|
||||
//if userId not null, that mean that user is logged in
|
||||
if (userId != null) {
|
||||
Long accountId = _ms.findUserById(Long.valueOf(userId)).getAccountId();
|
||||
Long accountId = _ms.findUserById(userId).getAccountId();
|
||||
Account userAccount = _ms.findAccountById(accountId);
|
||||
short accountType = userAccount.getType();
|
||||
|
||||
|
|
@ -564,7 +564,7 @@ public class ApiServer implements HttpRequestHandler {
|
|||
systemVmUseLocalStorage = "false";
|
||||
|
||||
// set the userId and account object for everyone
|
||||
session.setAttribute("userid", userAcct.getId().toString());
|
||||
session.setAttribute("userid", userAcct.getId());
|
||||
session.setAttribute("username", userAcct.getUsername());
|
||||
session.setAttribute("firstname", userAcct.getFirstname());
|
||||
session.setAttribute("lastname", userAcct.getLastname());
|
||||
|
|
|
|||
|
|
@ -154,12 +154,12 @@ public class ApiServlet extends HttpServlet {
|
|||
// we no longer rely on web-session here, verifyRequest will populate user/account information
|
||||
// if a API key exists
|
||||
UserContext.registerContext(null, null, null, null, null, null, false);
|
||||
String userId = null;
|
||||
Long userId = null;
|
||||
|
||||
if (!isNew) {
|
||||
userId = (String)session.getAttribute("userid");
|
||||
userId = (Long)session.getAttribute("userid");
|
||||
String account = (String)session.getAttribute("account");
|
||||
String domainId = (String)session.getAttribute("domainid");
|
||||
Long domainId = (Long)session.getAttribute("domainid");
|
||||
Object accountObj = session.getAttribute("accountobj");
|
||||
String sessionKey = (String)session.getAttribute("sessionkey");
|
||||
String[] sessionKeyParam = (String[])params.get("sessionkey");
|
||||
|
|
@ -169,14 +169,14 @@ public class ApiServlet extends HttpServlet {
|
|||
}
|
||||
|
||||
// Do a sanity check here to make sure the user hasn't already been deleted
|
||||
if ((userId != null) && (account != null) && (accountObj != null) && _apiServer.verifyUser(Long.valueOf(userId))) {
|
||||
if ((userId != null) && (account != null) && (accountObj != null) && _apiServer.verifyUser(userId)) {
|
||||
String[] command = (String[])params.get("command");
|
||||
if (command == null) {
|
||||
s_logger.info("missing command, ignoring request...");
|
||||
resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "no command specified");
|
||||
return;
|
||||
}
|
||||
UserContext.updateContext(Long.valueOf(userId), accountObj, account, ((Account)accountObj).getId(), Long.valueOf(domainId), session.getId());
|
||||
UserContext.updateContext(userId, accountObj, account, ((Account)accountObj).getId(), domainId, session.getId());
|
||||
} else {
|
||||
// Invalidate the session to ensure we won't allow a request across management server restarts if the userId was serialized to the
|
||||
// stored session
|
||||
|
|
|
|||
Loading…
Reference in New Issue