From b3fd54843490cca0421c4b18d814d76b992990e5 Mon Sep 17 00:00:00 2001
From: srosse <none@none>
Date: Mon, 20 Apr 2015 15:03:37 +0200
Subject: [PATCH] OO-1520: hardened the callback against null in user request,
 session and roles

---
 .../navigation/callback/AdminSecurityCallback.java        | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/src/main/java/org/olat/core/gui/control/navigation/callback/AdminSecurityCallback.java b/src/main/java/org/olat/core/gui/control/navigation/callback/AdminSecurityCallback.java
index 9badfcc5bd6..2a06d421a30 100644
--- a/src/main/java/org/olat/core/gui/control/navigation/callback/AdminSecurityCallback.java
+++ b/src/main/java/org/olat/core/gui/control/navigation/callback/AdminSecurityCallback.java
@@ -38,10 +38,8 @@ public class AdminSecurityCallback implements SiteSecurityCallback {
 	 */
 	@Override
 	public boolean isAllowedToLaunchSite(UserRequest ureq) {
-		if (ureq.getUserSession().getRoles().isOLATAdmin()) {
-			return true;
-		} else {
-			return false; 
-		}
+		return ureq != null && ureq.getUserSession() != null
+				&& ureq.getUserSession().getRoles() != null
+				&& ureq.getUserSession().getRoles().isOLATAdmin();
 	}
 }
-- 
GitLab