From ee521c39b2295d70a1e760e23f516b2bcb10202c Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Mon, 3 Dec 2018 12:15:52 +0100
Subject: [server] getPredefinedData: Check user token before returning data

---
 .../src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java         | 1 +
 1 file changed, 1 insertion(+)

(limited to 'dozentenmodulserver/src/main/java')

diff --git a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java
index 52ec6b21..347109dc 100644
--- a/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java
+++ b/dozentenmodulserver/src/main/java/org/openslx/bwlp/sat/thrift/ServerHandler.java
@@ -789,6 +789,7 @@ public class ServerHandler implements SatelliteServer.Iface {
 	@Override
 	public PredefinedData getPredefinedData(String userToken) throws TAuthorizationException,
 			TInvocationException, TException {
+		SessionManager.getOrFail(userToken); // Only logged in users
 		PredefinedData data = new PredefinedData(new ArrayList<NetShare>(), new ArrayList<LdapFilter>());
 		try {
 			data.ldapFilter = DbLectureFilter.getPredefinedLdapFilters();
-- 
cgit v1.2.3-55-g7522