From 2015da0e03d01cc4724b0d29958a4a5e7b40f9ff Mon Sep 17 00:00:00 2001
From: srosse <none@none>
Date: Mon, 5 Sep 2016 10:18:18 +0200
Subject: [PATCH] OO-2170: fix rs, minimize access to getUserSession()

---
 src/main/java/org/olat/course/site/CourseSiteDef.java | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/main/java/org/olat/course/site/CourseSiteDef.java b/src/main/java/org/olat/course/site/CourseSiteDef.java
index c8455e409bf..602d5bdc057 100644
--- a/src/main/java/org/olat/course/site/CourseSiteDef.java
+++ b/src/main/java/org/olat/course/site/CourseSiteDef.java
@@ -29,6 +29,7 @@ import org.olat.core.gui.control.navigation.SiteDefinitions;
 import org.olat.core.gui.control.navigation.SiteInstance;
 import org.olat.core.gui.control.navigation.SiteSecurityCallback;
 import org.olat.core.util.StringHelper;
+import org.olat.core.util.UserSession;
 import org.olat.course.site.model.CourseSiteConfiguration;
 import org.olat.course.site.model.LanguageConfiguration;
 
@@ -88,10 +89,13 @@ public class CourseSiteDef extends AbstractSiteDefinition implements SiteDefinit
 		
 		String secCallbackBeanId = config.getSecurityCallbackBeanId();
 		SiteSecurityCallback siteSecCallback = (SiteSecurityCallback)CoreSpringFactory.getBean(secCallbackBeanId);
+		
+		UserSession usess = ureq.getUserSession();
+		if(usess == null || usess.getRoles() == null) return null;
 
-		boolean canSeeToolController = ureq.getUserSession().getRoles().isAuthor()
-				|| ureq.getUserSession().getRoles().isOLATAdmin()
-				|| ureq.getUserSession().getRoles().isInstitutionalResourceManager();
+		boolean canSeeToolController = usess.getRoles().isAuthor()
+				|| usess.getRoles().isOLATAdmin()
+				|| usess.getRoles().isInstitutionalResourceManager();
 		boolean showToolController = true;
 		if (!canSeeToolController && !courseConfig.isToolbar()) {
 			showToolController = false;
-- 
GitLab