Merge pull request #403 from WildMeOrg/notification-check-optimization

Prevent unauthenticated users from opening an unneeded database conne…
WildMeOrg · Mar 8, 2024 · c82c789 · c82c789
2 parents 57abe8e + 9b11414
commit c82c789
Showing 1 changed file with 30 additions and 28 deletions.
diff --git a/src/main/webapp/header.jsp b/src/main/webapp/header.jsp
@@ -41,8 +41,6 @@ context=ServletUtilities.getContext(request);
 String langCode=ServletUtilities.getLanguageCode(request);
 Properties props = new Properties();
 props = ShepherdProperties.getProperties("header.properties", langCode, context);
-Shepherd myShepherd = new Shepherd(context);
-myShepherd.setAction("header.jsp");
 String urlLoc = "//" + CommonConfiguration.getURLLocation(request);
 
 
@@ -65,33 +63,37 @@ if (organization!=null && organization.toLowerCase().equals("indocet"))  {
   indocetUser = true;
 }
 String notifications="";
-myShepherd.beginDBTransaction();
-try {
-
-	notifications=Collaboration.getNotificationsWidgetHtml(request, myShepherd);
-
-  if(!indocetUser && request.getUserPrincipal()!=null && !loggingOut){
-    user = myShepherd.getUser(request);
-    username = (user!=null) ? user.getUsername() : null;
-    String orgName = "indocet";
-    Organization indocetOrg = myShepherd.getOrganizationByName(orgName);
-    indocetUser = ((user!=null && user.hasAffiliation(orgName)) || (indocetOrg!=null && indocetOrg.hasMember(user)));
-  	if(user.getUserImage()!=null){
-  	  profilePhotoURL="/"+CommonConfiguration.getDataDirectoryName(context)+"/users/"+user.getUsername()+"/"+user.getUserImage().getFilename();
-  	}
-  }
-}
-catch(Exception e){
-  System.out.println("Exception on indocetCheck in header.jsp:");
-  e.printStackTrace();
-  myShepherd.closeDBTransaction();
-}
-finally{
-  myShepherd.rollbackDBTransaction();
-  myShepherd.closeDBTransaction();
-}
-
+//check if user is logged in and has pending notifications
+if(request.getUserPrincipal()!=null){
+	Shepherd myShepherd = new Shepherd(context);
+	myShepherd.setAction("header.jsp");
+	myShepherd.beginDBTransaction();
+	try {
+	
+	  notifications=Collaboration.getNotificationsWidgetHtml(request, myShepherd);
+	
+	  if(!indocetUser && request.getUserPrincipal()!=null && !loggingOut){
+	    user = myShepherd.getUser(request);
+	    username = (user!=null) ? user.getUsername() : null;
+	    String orgName = "indocet";
+	    Organization indocetOrg = myShepherd.getOrganizationByName(orgName);
+	    indocetUser = ((user!=null && user.hasAffiliation(orgName)) || (indocetOrg!=null && indocetOrg.hasMember(user)));
+	  	if(user.getUserImage()!=null){
+	  	  profilePhotoURL="/"+CommonConfiguration.getDataDirectoryName(context)+"/users/"+user.getUsername()+"/"+user.getUserImage().getFilename();
+	  	}
+	  }
+	}
+	catch(Exception e){
+	  System.out.println("Exception on indocetCheck in header.jsp:");
+	  e.printStackTrace();
+	  myShepherd.closeDBTransaction();
+	}
+	finally{
+	  myShepherd.rollbackDBTransaction();
+	  myShepherd.closeDBTransaction();
+	}
 
+}
 %>