From 94ae3523216ffef10f1f1d85018c512cd7d4abe1 Mon Sep 17 00:00:00 2001
From: srosse <none@none>
Date: Tue, 11 Dec 2012 10:03:59 +0100
Subject: [PATCH] OO-447: secure concurrent changes of identity
---
.../user/SystemRolesAndRightsController.java | 3 +-
.../bulkChange/UserBulkChangeManager.java | 3 +-
.../delete/service/UserDeletionManager.java | 95 ++++++++----------
.../org/olat/basesecurity/BaseSecurity.java | 9 +-
.../basesecurity/BaseSecurityManager.java | 97 +++++++++----------
.../ui/I18nConfigSubNewLangController.java | 8 +-
.../login/auth/AuthenticationController.java | 2 +-
src/main/java/org/olat/user/UserManager.java | 5 -
.../java/org/olat/user/UserManagerImpl.java | 15 ++-
.../olat/basesecurity/BaseSecurityTest.java | 6 +-
10 files changed, 110 insertions(+), 133 deletions(-)
diff --git a/src/main/java/org/olat/admin/user/SystemRolesAndRightsController.java b/src/main/java/org/olat/admin/user/SystemRolesAndRightsController.java
index 0335af9bf64..85c05bd0453 100644
--- a/src/main/java/org/olat/admin/user/SystemRolesAndRightsController.java
+++ b/src/main/java/org/olat/admin/user/SystemRolesAndRightsController.java
@@ -179,8 +179,7 @@ public class SystemRolesAndRightsController extends BasicController {
updateSecurityGroup(myIdentity, secMgr, adminGroup, hasBeenAdmin, isAdmin);
}
if (iAmOlatAdmin && !myIdentity.getStatus().equals(form.getStatus()) ) {
- secMgr.saveIdentityStatus(myIdentity, form.getStatus());
- identity.setStatus(form.getStatus());
+ identity = secMgr.saveIdentityStatus(myIdentity, form.getStatus());
}
}
diff --git a/src/main/java/org/olat/admin/user/bulkChange/UserBulkChangeManager.java b/src/main/java/org/olat/admin/user/bulkChange/UserBulkChangeManager.java
index d375d3831d9..2fff30465fd 100644
--- a/src/main/java/org/olat/admin/user/bulkChange/UserBulkChangeManager.java
+++ b/src/main/java/org/olat/admin/user/bulkChange/UserBulkChangeManager.java
@@ -191,8 +191,7 @@ public class UserBulkChangeManager extends BasicManager {
// set status
if (roleChangeMap.containsKey("Status")) {
Integer status = Integer.parseInt(roleChangeMap.get("Status"));
- secMgr.saveIdentityStatus(identity, status);
- identity = (Identity) db.loadObject(identity);
+ identity = secMgr.saveIdentityStatus(identity, status);
}
// persist changes:
diff --git a/src/main/java/org/olat/admin/user/delete/service/UserDeletionManager.java b/src/main/java/org/olat/admin/user/delete/service/UserDeletionManager.java
index cf16fb278c4..1dba1513ced 100644
--- a/src/main/java/org/olat/admin/user/delete/service/UserDeletionManager.java
+++ b/src/main/java/org/olat/admin/user/delete/service/UserDeletionManager.java
@@ -70,6 +70,7 @@ import org.olat.repository.delete.service.DeletionModule;
import org.olat.user.UserDataDeletable;
import org.olat.user.UserManager;
import org.olat.user.propertyhandlers.UserPropertyHandler;
+import org.springframework.beans.factory.annotation.Autowired;
/**
@@ -101,6 +102,9 @@ public class UserDeletionManager extends BasicManager {
private boolean managersInitialized = false;
private DeletionModule deletionModule;
private CoordinatorManager coordinatorManager;
+
+ @Autowired
+ private BaseSecurity securityManager;
/**
* [used by spring]
@@ -166,9 +170,7 @@ public class UserDeletionManager extends BasicManager {
}
private void markSendEmailEvent(Identity identity) {
- identity = (Identity)DBFactory.getInstance().loadObject(identity);
LifeCycleManager.createInstanceFor(identity).markTimestampFor(SEND_DELETE_EMAIL_ACTION);
- DBFactory.getInstance().updateObject(identity);
}
/**
@@ -297,7 +299,7 @@ public class UserDeletionManager extends BasicManager {
logInfo("deleteUserProperties user=" + identity.getUser());
UserManager.getInstance().deleteUserProperties(identity.getUser());
// Delete all authentications for certain identity
- List<Authentication> authentications = BaseSecurityManager.getInstance().getAuthentications(identity);
+ List<Authentication> authentications = securityManager.getAuthentications(identity);
for (Iterator<Authentication> iter = authentications.iterator(); iter.hasNext();) {
Authentication auth = iter.next();
logInfo("deleteAuthentication auth=" + auth);
@@ -306,10 +308,9 @@ public class UserDeletionManager extends BasicManager {
}
//remove identity from its security groups
- BaseSecurity secMgr = BaseSecurityManager.getInstance();
- List<SecurityGroup> securityGroups = BaseSecurityManager.getInstance().getSecurityGroupsForIdentity(identity);
+ List<SecurityGroup> securityGroups = securityManager.getSecurityGroupsForIdentity(identity);
for (SecurityGroup secGroup : securityGroups) {
- secMgr.removeIdentityFromSecurityGroup(identity, secGroup);
+ securityManager.removeIdentityFromSecurityGroup(identity, secGroup);
logInfo("Removing user=" + identity + " from security group=" + secGroup.toString());
}
@@ -321,47 +322,39 @@ public class UserDeletionManager extends BasicManager {
rm.deleteTemporaryKey(tempKey);
}
- // can be used, if there is once the possibility to delete identities without db-constraints...
- //if neither email nor login should be kept, REALLY DELETE Identity
- /*if (!keepUserEmailAfterDeletion & !keepUserLoginAfterDeletion){
- identity = (Identity)DBFactory.getInstance().loadObject(identity);
- DBFactory.getInstance().deleteObject(identity.getUser());
- DBFactory.getInstance().deleteObject(identity);
- }
- else { */
- identity = (Identity)DBFactory.getInstance().loadObject(identity);
- //keep login-name only -> change email
- if (!keepUserEmailAfterDeletion){
- List<UserPropertyHandler> userPropertyHandlers = UserManager.getInstance().getUserPropertyHandlersFor("org.olat.admin.user.UsermanagerUserSearchForm", true);
- User persistedUser = identity.getUser();
- String actualProperty;
- for (UserPropertyHandler userPropertyHandler : userPropertyHandlers) {
- actualProperty = userPropertyHandler.getName();
- if (actualProperty.equals(UserConstants.EMAIL)){
- String oldEmail = userPropertyHandler.getUserProperty(persistedUser, null);
- String newEmail = "";
- if (StringHelper.containsNonWhitespace(oldEmail)){
- newEmail = getBackupStringWithDate(oldEmail);
- }
- logInfo("Update user-property user=" + persistedUser);
- userPropertyHandler.setUserProperty(persistedUser, newEmail);
+
+ identity = securityManager.loadIdentityByKey(identity.getKey());
+ //keep login-name only -> change email
+ if (!keepUserEmailAfterDeletion){
+ List<UserPropertyHandler> userPropertyHandlers = UserManager.getInstance().getUserPropertyHandlersFor("org.olat.admin.user.UsermanagerUserSearchForm", true);
+ User persistedUser = identity.getUser();
+ String actualProperty;
+ for (UserPropertyHandler userPropertyHandler : userPropertyHandlers) {
+ actualProperty = userPropertyHandler.getName();
+ if (actualProperty.equals(UserConstants.EMAIL)){
+ String oldEmail = userPropertyHandler.getUserProperty(persistedUser, null);
+ String newEmail = "";
+ if (StringHelper.containsNonWhitespace(oldEmail)){
+ newEmail = getBackupStringWithDate(oldEmail);
}
+ logInfo("Update user-property user=" + persistedUser);
+ userPropertyHandler.setUserProperty(persistedUser, newEmail);
}
}
-
- //keep email only -> change login-name
- if (!keepUserLoginAfterDeletion){
- identity.setName(newName);
- }
-
- //keep everything, change identity.status to deleted
- logInfo("Change stater identity=" + identity);
- identity.setStatus(Identity.STATUS_DELETED);
- DBFactory.getInstance().updateObject(identity);
- LifeCycleManager.createInstanceFor(identity).deleteTimestampFor(SEND_DELETE_EMAIL_ACTION);
- LifeCycleManager.createInstanceFor(identity).markTimestampFor(USER_DELETED_ACTION, createLifeCycleLogDataFor(identity));
- // }
+ }
+ //keep email only -> change login-name
+ if (!keepUserLoginAfterDeletion){
+ identity.setName(newName);
+ }
+
+ //keep everything, change identity.status to deleted
+ logInfo("Change stater identity=" + identity);
+ identity = securityManager.saveIdentityStatus(identity, Identity.STATUS_DELETED);
+
+ LifeCycleManager.createInstanceFor(identity).deleteTimestampFor(SEND_DELETE_EMAIL_ACTION);
+ LifeCycleManager.createInstanceFor(identity).markTimestampFor(USER_DELETED_ACTION, createLifeCycleLogDataFor(identity));
+
// TODO: chg: ev. logAudit at another place
logAudit("User-Deletion: Delete all userdata for identity=" + identity);
}
@@ -387,24 +380,22 @@ public class UserDeletionManager extends BasicManager {
* Re-activate an identity, lastLogin = now, reset deleteemaildate = null.
* @param identity
*/
- public void setIdentityAsActiv(final Identity anIdentity) {
+ public Identity setIdentityAsActiv(final Identity anIdentity) {
+ final Identity reloadedIdentity = securityManager.setIdentityLastLogin(anIdentity);
+
coordinatorManager.getCoordinator().getSyncer().doInSync(OresHelper.createOLATResourceableInstance(anIdentity.getClass(), anIdentity.getKey()) ,
new SyncerExecutor(){
public void execute() {
//o_clusterOK by:fj : must be fast
- Identity identity = (Identity)DBFactory.getInstance().loadObject(anIdentity, true);
- if (isLogDebugEnabled()) logDebug("setIdentityAsActiv beginSingleTransaction identity=" + identity);
- identity.setLastLogin(new Date());
- LifeCycleManager lifeCycleManagerForIdenitiy = LifeCycleManager.createInstanceFor(identity);
+ LifeCycleManager lifeCycleManagerForIdenitiy = LifeCycleManager.createInstanceFor(reloadedIdentity);
if (lifeCycleManagerForIdenitiy.lookupLifeCycleEntry(SEND_DELETE_EMAIL_ACTION) != null) {
- logAudit("User-Deletion: Remove from delete-list identity=" + identity);
+ logAudit("User-Deletion: Remove from delete-list identity=" + reloadedIdentity);
lifeCycleManagerForIdenitiy.deleteTimestampFor(SEND_DELETE_EMAIL_ACTION);
}
- if (isLogDebugEnabled()) logDebug("setIdentityAsActiv updateObject identity=" + identity);
- DBFactory.getInstance().updateObject(identity);
- if (isLogDebugEnabled()) logDebug("setIdentityAsActiv committed identity=" + identity);
}
});
+
+ return reloadedIdentity;
}
/**
diff --git a/src/main/java/org/olat/basesecurity/BaseSecurity.java b/src/main/java/org/olat/basesecurity/BaseSecurity.java
index b4b2350d812..dbe4ef76df3 100644
--- a/src/main/java/org/olat/basesecurity/BaseSecurity.java
+++ b/src/main/java/org/olat/basesecurity/BaseSecurity.java
@@ -573,7 +573,14 @@ public interface BaseSecurity {
/** Save an identity
* @param identity Save this identity
*/
- public void saveIdentityStatus(Identity identity, Integer status);
+ public Identity saveIdentityStatus(Identity identity, Integer status);
+
+ /**
+ * Set the date of the last login
+ * @param identity
+ * @return
+ */
+ public Identity setIdentityLastLogin(Identity identity);
/**
* Check if identity is visible. Deleted or login-denied users are not visible.
diff --git a/src/main/java/org/olat/basesecurity/BaseSecurityManager.java b/src/main/java/org/olat/basesecurity/BaseSecurityManager.java
index 098ed788f55..5c23cae5310 100644
--- a/src/main/java/org/olat/basesecurity/BaseSecurityManager.java
+++ b/src/main/java/org/olat/basesecurity/BaseSecurityManager.java
@@ -36,6 +36,7 @@ import java.util.Locale;
import java.util.Map;
import java.util.UUID;
+import javax.persistence.LockModeType;
import javax.persistence.TypedQuery;
import org.hibernate.type.StandardBasicTypes;
@@ -69,6 +70,7 @@ import org.olat.resource.OLATResourceManager;
import org.olat.user.ChangePasswordController;
import org.olat.user.PersonalSettingsController;
import org.olat.user.UserManager;
+import org.springframework.beans.factory.annotation.Autowired;
/**
* <h3>Description:</h3>
@@ -86,6 +88,9 @@ public class BaseSecurityManager extends BasicManager implements BaseSecurity {
private static String GUEST_USERNAME_PREFIX = "guest_";
public static final OLATResourceable IDENTITY_EVENT_CHANNEL = OresHelper.lookupType(Identity.class);
+ @Autowired
+ private DB dbInstance;
+
/**
* [used by spring]
*/
@@ -331,42 +336,6 @@ public class BaseSecurityManager extends BasicManager implements BaseSecurity {
.setParameter("resname", oresName)
.getSingleResult();
return count.longValue() > 0;
-
-
-
-/*
- String queryString;
- if (checkTypeRight) {
- queryString =
- "select count(poi) from"
- + " org.olat.basesecurity.SecurityGroupMembershipImpl as sgmsi,"
- + " org.olat.basesecurity.PolicyImpl as poi,"
- + " org.olat.resource.OLATResourceImpl as ori"
- + " where sgmsi.identity = :identitykey and sgmsi.securityGroup = poi.securityGroup"
- + " and poi.permission = :permission and poi.olatResource = ori"
- + " and (ori.resId = :resid or ori.resId = 0) and ori.resName = :resname";
- } else {
- queryString =
- "select count(poi) from"
- + " org.olat.basesecurity.SecurityGroupMembershipImpl as sgmsi,"
- + " org.olat.basesecurity.PolicyImpl as poi,"
- + " org.olat.resource.OLATResourceImpl as ori"
- + " where sgmsi.identity = :identitykey and sgmsi.securityGroup = poi.securityGroup"
- + " and poi.permission = :permission and poi.olatResource = ori"
- + " and (ori.resId = :resid) and ori.resName = :resname";
- }
-
- DBQuery query = DBFactory.getInstance().createQuery(queryString);
- query.setLong("identitykey", iimpl.getKey());
- query.setString("permission", permission);
- query.setLong("resid", oresid);
- query.setString("resname", oresName);
- query.setCacheable(true);
- List res = query.list();
- Long cntL = (Long) res.get(0);
- return (cntL.longValue() > 0); // can be > 1 if identity is in more the one group having
- // the permission on the olatresourceable
- */
}
/**
@@ -893,7 +862,7 @@ public class BaseSecurityManager extends BasicManager implements BaseSecurity {
*/
public Identity createAndPersistIdentity(String username, User user, String provider, String authusername, String credential) {
IdentityImpl iimpl = new IdentityImpl(username, user);
- DBFactory.getInstance().saveObject(iimpl);
+ dbInstance.getCurrentEntityManager().persist(iimpl);
if (provider != null) {
createAndPersistAuthentication(iimpl, provider, authusername, credential);
}
@@ -912,9 +881,9 @@ public class BaseSecurityManager extends BasicManager implements BaseSecurity {
* @return Identity
*/
public Identity createAndPersistIdentityAndUser(String username, User user, String provider, String authusername, String credential) {
- DBFactory.getInstance().saveObject(user);
+ dbInstance.getCurrentEntityManager().persist(user);
IdentityImpl iimpl = new IdentityImpl(username, user);
- DBFactory.getInstance().saveObject(iimpl);
+ dbInstance.getCurrentEntityManager().persist(iimpl);
if (provider != null) {
createAndPersistAuthentication(iimpl, provider, authusername, credential);
}
@@ -1260,7 +1229,7 @@ public class BaseSecurityManager extends BasicManager implements BaseSecurity {
*/
public Authentication createAndPersistAuthentication(Identity ident, String provider, String authUserName, String credential) {
AuthenticationImpl authImpl = new AuthenticationImpl(ident, provider, authUserName, credential);
- DBFactory.getInstance().saveObject(authImpl);
+ dbInstance.getCurrentEntityManager().persist(authImpl);
return authImpl;
}
@@ -1737,11 +1706,36 @@ public class BaseSecurityManager extends BasicManager implements BaseSecurity {
/**
* @see org.olat.basesecurity.Manager#saveIdentityStatus(org.olat.core.id.Identity)
*/
- public void saveIdentityStatus(Identity identity, Integer status) {
- //FIXME: cg: would be nice if the updated identity is returned. no loading required afterwards.
- identity = (Identity)DBFactory.getInstance().loadObject(identity.getClass(), identity.getKey());
- identity.setStatus(status);
- DBFactory.getInstance().updateObject(identity);
+ @Override
+ public Identity saveIdentityStatus(Identity identity, Integer status) {
+ Identity reloadedIdentity = loadForUpdate(identity.getKey());
+ reloadedIdentity.setStatus(status);
+ return dbInstance.getCurrentEntityManager().merge(reloadedIdentity);
+ }
+
+ @Override
+ public Identity setIdentityLastLogin(Identity identity) {
+ Identity reloadedIdentity = loadForUpdate(identity.getKey());
+ reloadedIdentity.setLastLogin(new Date());
+ return dbInstance.getCurrentEntityManager().merge(reloadedIdentity);
+ }
+
+ private IdentityImpl loadForUpdate(Long identityKey) {
+ StringBuilder sb = new StringBuilder();
+ sb.append("select id from ").append(IdentityImpl.class.getName()).append(" as id")
+ .append(" inner join fetch id.user user ")
+ .append(" where id.key=:identityKey");
+
+ List<IdentityImpl> identity = dbInstance.getCurrentEntityManager()
+ .createQuery(sb.toString(), IdentityImpl.class)
+ .setParameter("identityKey", identityKey)
+ .setLockMode(LockModeType.PESSIMISTIC_WRITE)
+ .getResultList();
+
+ if(identity.isEmpty()) {
+ return null;
+ }
+ return identity.get(0);
}
@Override
@@ -1774,15 +1768,12 @@ public class BaseSecurityManager extends BasicManager implements BaseSecurity {
guestIdentity = createAndPersistIdentityAndUser(guestUsername, guestUser, null, null, null);
SecurityGroup anonymousGroup = findSecurityGroupByName(Constants.GROUP_ANONYMOUS);
addIdentityToSecurityGroup(guestIdentity, anonymousGroup);
- return guestIdentity;
- } else {
- // Check if guest name has been updated in the i18n tool
- if ( ! guestIdentity.getUser().getProperty(UserConstants.FIRSTNAME, locale).equals(trans.translate("user.guest"))) {
- guestIdentity.getUser().setProperty(UserConstants.FIRSTNAME, trans.translate("user.guest"));
- DBFactory.getInstance().updateObject(guestIdentity);
- }
- return guestIdentity;
+ } else if (!guestIdentity.getUser().getProperty(UserConstants.FIRSTNAME, locale).equals(trans.translate("user.guest"))) {
+ //Check if guest name has been updated in the i18n tool
+ guestIdentity.getUser().setProperty(UserConstants.FIRSTNAME, trans.translate("user.guest"));
+ guestIdentity = dbInstance.getCurrentEntityManager().merge(guestIdentity);
}
+ return guestIdentity;
}
diff --git a/src/main/java/org/olat/core/util/i18n/ui/I18nConfigSubNewLangController.java b/src/main/java/org/olat/core/util/i18n/ui/I18nConfigSubNewLangController.java
index 2ffee1c5105..e937514971f 100644
--- a/src/main/java/org/olat/core/util/i18n/ui/I18nConfigSubNewLangController.java
+++ b/src/main/java/org/olat/core/util/i18n/ui/I18nConfigSubNewLangController.java
@@ -28,8 +28,6 @@ import java.util.HashSet;
import java.util.Locale;
import java.util.Set;
-import org.olat.core.commons.persistence.DB;
-import org.olat.core.commons.persistence.DBFactory;
import org.olat.core.dispatcher.DispatcherAction;
import org.olat.core.gui.UserRequest;
import org.olat.core.gui.components.form.flexible.FormItem;
@@ -52,6 +50,7 @@ import org.olat.core.util.StringHelper;
import org.olat.core.util.Util;
import org.olat.core.util.i18n.I18nManager;
import org.olat.core.util.i18n.I18nModule;
+import org.olat.user.UserManager;
/**
* Description:<br>
@@ -213,10 +212,9 @@ class I18nConfigSubNewLangController extends FormBasicController {
User currUser = ureq.getIdentity().getUser();
// direct DB calls have to be made here because the
// user manager is not available in the core
- DB db = DBFactory.getInstance();
- currUser = (User) db.loadObject(currUser);
+ currUser = UserManager.getInstance().loadUserByKey(currUser.getKey());
currUser.getPreferences().setLanguage(localeKey);
- db.saveObject(currUser);
+ UserManager.getInstance().updateUser(currUser);
DispatcherAction.redirectToDefaultDispatcher(ureq.getHttpResp());
}
diff --git a/src/main/java/org/olat/login/auth/AuthenticationController.java b/src/main/java/org/olat/login/auth/AuthenticationController.java
index 5eeab51bfb7..a1a8603ad0d 100644
--- a/src/main/java/org/olat/login/auth/AuthenticationController.java
+++ b/src/main/java/org/olat/login/auth/AuthenticationController.java
@@ -56,7 +56,7 @@ public abstract class AuthenticationController extends BasicController {
* @param identity
*/
public void authenticated(UserRequest ureq, Identity identity) {
- UserDeletionManager.getInstance().setIdentityAsActiv(identity);
+ identity = UserDeletionManager.getInstance().setIdentityAsActiv(identity);
fireEvent(ureq, new AuthenticationEvent(identity));
}
diff --git a/src/main/java/org/olat/user/UserManager.java b/src/main/java/org/olat/user/UserManager.java
index a4559252b0e..8d6876f4e5e 100644
--- a/src/main/java/org/olat/user/UserManager.java
+++ b/src/main/java/org/olat/user/UserManager.java
@@ -139,11 +139,6 @@ public abstract class UserManager extends BasicManager {
*/
public abstract void updateUser(User usr);
- /**
- * @param user The user to be saved
- */
- public abstract void saveUser(User user);
-
/**
* Updates the user object for a given identity
*
diff --git a/src/main/java/org/olat/user/UserManagerImpl.java b/src/main/java/org/olat/user/UserManagerImpl.java
index 9f369ff6ddc..c0351b4d22e 100644
--- a/src/main/java/org/olat/user/UserManagerImpl.java
+++ b/src/main/java/org/olat/user/UserManagerImpl.java
@@ -42,6 +42,7 @@ import org.olat.core.util.mail.MailHelper;
import org.olat.properties.Property;
import org.olat.properties.PropertyManager;
import org.olat.user.propertyhandlers.UserPropertyHandler;
+import org.springframework.beans.factory.annotation.Autowired;
/**
* <h3>Description:</h3>
@@ -57,6 +58,9 @@ public class UserManagerImpl extends UserManager {
private static final String CHARSET = "charset";
private UserDisplayNameCreator userDisplayNameCreator;
+ @Autowired
+ private DB dbInstance;
+
/**
* Use UserManager.getInstance(), this is a spring factory method to load the
* correct user manager
@@ -92,7 +96,7 @@ public class UserManagerImpl extends UserManager {
*/
public User createAndPersistUser(String firstName, String lastName, String email) {
User user = new UserImpl(firstName, lastName, email);
- DBFactory.getInstance().saveObject(user);
+ dbInstance.getCurrentEntityManager().persist(user);
return user;
}
@@ -266,20 +270,13 @@ public class UserManagerImpl extends UserManager {
public void updateUser(User usr) {
if (usr == null) throw new AssertException("User object is null!");
DBFactory.getInstance().updateObject(usr);
- }
-
- /**
- * @see org.olat.user.UserManager#saveUser(org.olat.core.id.User)
- */
- public void saveUser(User user) {
- DBFactory.getInstance().saveObject(user);
}
/**
* @see org.olat.user.UserManager#updateUserFromIdentity(org.olat.core.id.Identity)
*/
public boolean updateUserFromIdentity(Identity identity) {
- this.updateUser(identity.getUser());
+ updateUser(identity.getUser());
return true;
}
diff --git a/src/test/java/org/olat/basesecurity/BaseSecurityTest.java b/src/test/java/org/olat/basesecurity/BaseSecurityTest.java
index 1509406a3ac..a40b8aee7b7 100644
--- a/src/test/java/org/olat/basesecurity/BaseSecurityTest.java
+++ b/src/test/java/org/olat/basesecurity/BaseSecurityTest.java
@@ -73,7 +73,7 @@ public class BaseSecurityTest extends OlatTestCase {
Identity ident = getOrCreateIdentity("anIdentity");
Identity ident2 = getOrCreateTestIdentity("extremegroovy");
Identity deletedIdent = getOrCreateTestIdentity("delete");
- baseSecurityManager.saveIdentityStatus(deletedIdent, Identity.STATUS_DELETED);
+ deletedIdent = baseSecurityManager.saveIdentityStatus(deletedIdent, Identity.STATUS_DELETED);
SecurityGroup admins = baseSecurityManager.findSecurityGroupByName(Constants.GROUP_ADMIN);
baseSecurityManager.addIdentityToSecurityGroup(deletedIdent, admins);
@@ -179,8 +179,8 @@ public class BaseSecurityTest extends OlatTestCase {
Identity ident2 = getOrCreateTestIdentity("extremegroovy");
// add some stats
- baseSecurityManager.saveIdentityStatus(ident, Identity.STATUS_ACTIV);
- baseSecurityManager.saveIdentityStatus(ident2, Identity.STATUS_ACTIV);
+ ident = baseSecurityManager.saveIdentityStatus(ident, Identity.STATUS_ACTIV);
+ ident2 = baseSecurityManager.saveIdentityStatus(ident2, Identity.STATUS_ACTIV);
// check on those four default groups
SecurityGroup admins, authors, anonymous;
--
GitLab