Author: bleny Date: 2014-07-21 11:39:43 +0200 (Mon, 21 Jul 2014) New Revision: 2159 Url: http://forge.codelutin.com/projects/wao/repository/revisions/2159 Log: fixes #5466 do not redirect to a page user cannot read Modified: trunk/wao-web/src/main/java/fr/ifremer/wao/web/action/administration/EditWaoUserAction.java Modified: trunk/wao-web/src/main/java/fr/ifremer/wao/web/action/administration/EditWaoUserAction.java =================================================================== --- trunk/wao-web/src/main/java/fr/ifremer/wao/web/action/administration/EditWaoUserAction.java 2014-07-21 08:58:50 UTC (rev 2158) +++ trunk/wao-web/src/main/java/fr/ifremer/wao/web/action/administration/EditWaoUserAction.java 2014-07-21 09:39:43 UTC (rev 2159) @@ -24,6 +24,7 @@ import com.google.common.base.Joiner; import com.google.common.base.Optional; import com.google.common.base.Strings; +import com.opensymphony.xwork2.ActionSupport; import com.opensymphony.xwork2.Preparable; import fr.ifremer.wao.services.service.administration.LoginMustBeUniqueException; import fr.ifremer.wao.services.service.administration.UnknownBoatImmatriculationsException; @@ -36,7 +37,8 @@ import org.nuiton.util.StringUtil; @Results({ - @Result(name="success", type="redirectAction", params = { "actionName", "wao-users", "companyId", "%{companyId}" }) + @Result(name= ActionSupport.SUCCESS, type="redirectAction", params = { "actionName", "wao-users", "companyId", "%{companyId}" }), + @Result(name= ActionSupport.NONE, type="redirectAction", params = { "actionName", "news" }) }) public class EditWaoUserAction extends WaoJspActionSupport implements Preparable { @@ -109,8 +111,15 @@ // for redirection setCompanyId(updateWaoUserCommand.getWaoUser().getCompany().getTopiaId()); - return SUCCESS; + String result; + if (getAuthenticatedWaoUser().isAuthorizedToViewCompanyUsers()) { + result = SUCCESS; + } else { + result = NONE; + } + return result; + } public String getWaoUserId() {