From ced35bcb0d5798ed5dc4a3818dbca9e05cf98f93 Mon Sep 17 00:00:00 2001
From: Tor-Einar Skog <tor-einar.skog@nibio.no>
Date: Fri, 14 Oct 2022 10:25:21 +0200
Subject: [PATCH] fix:Handle non-authorized request

---
 .../NotificationSubscriptionController.java      | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/src/main/java/no/nibio/vips/logic/controller/servlet/NotificationSubscriptionController.java b/src/main/java/no/nibio/vips/logic/controller/servlet/NotificationSubscriptionController.java
index d0cd5c29..64a65fe4 100755
--- a/src/main/java/no/nibio/vips/logic/controller/servlet/NotificationSubscriptionController.java
+++ b/src/main/java/no/nibio/vips/logic/controller/servlet/NotificationSubscriptionController.java
@@ -20,6 +20,8 @@ package no.nibio.vips.logic.controller.servlet;
 
 import freemarker.core.ParseException;
 import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.URLEncoder;
 import java.util.List;
 import javax.ejb.EJB;
 import javax.persistence.EntityManager;
@@ -80,7 +82,12 @@ public class NotificationSubscriptionController extends HttpServlet {
         
         String action = request.getParameter("action");
         VipsLogicUser user = (VipsLogicUser) request.getSession().getAttribute("user");
-        
+        if(user == null)
+        {
+            this.redirectToLogin(request, response);
+            return;
+        }
+
         try
         {
             // Default: View list of user subscriptions
@@ -173,6 +180,13 @@ public class NotificationSubscriptionController extends HttpServlet {
         }
     }
 
+    private void redirectToLogin(HttpServletRequest request, HttpServletResponse response) throws UnsupportedEncodingException, IOException
+    {
+        String nextPage = ServletUtil.getFullRequestURI(request);
+        String nextPageDirective= "?nextPage=" + URLEncoder.encode(nextPage, "UTF-8");
+        response.sendRedirect(Globals.PROTOCOL + "://" + ServletUtil.getServerName(request) + "/login" + nextPageDirective);
+    }
+
     // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
     /**
      * Handles the HTTP <code>GET</code> method.
-- 
GitLab