[#GDS-856] Tide.LOGGED_OUT event dispatched too early - Granite Data Services

GraniteDS

Tide.LOGGED_OUT event dispatched too early

Created: 28/Apr/11 08:01 PM Updated: 11/Oct/11 09:17 PM Resolved: 18/Aug/11 05:02 PM

Component/s:

Security

Affects Version/s:

2.2.0_SP1

Fix Version/s:

2.3.0.RC1

Description

« Hide

The Tide.LOGGED_OUT event is dispatched too early in the Tide.tryLogout() method.
The problem is this piece of code:

--------------------------------------------
if (ro.channelSet)
ro.channelSet.logout(); // Workaround described in BLZ-310
ro.logout();

log.info("Tide application logout");

_contextManager.destroyContexts();

_logoutInProgress = false;
_waitForLogout = 0;

getContext().raiseEvent(LOGGED_OUT);
--------------------------------------------

The ro.channelSet.logout() method is an asynchronous call which returns an AsyncToken, but nothing is done with this. At the last line the LOGGED_OUT event is dispatched before the asynchronous call has been made, so before the logout has been finished.

This is problematic in the following scenario:
1. user has to change his password upon login
2. user changes his password and the application logs him out to login automatically again with his new password.
3. the automatic login happens when the LOGGED_OUT event is dispatched, which then throws an error because the channelSet is still in an authenticated state.

Sort Order:

[ Permalink | « Hide ]

Yennick Trevels added a comment - 28/Apr/11 08:07 PM

Diff which solves this issue:

Index: aviga-client/src/main/actionscript/org/granite/tide/data/Tide.as
===================================================================
--- aviga-client/src/main/actionscript/org/granite/tide/data/Tide.as (revision )
+++ aviga-client/src/main/actionscript/org/granite/tide/Tide.as (revision )
@@ -18,8 +18,8 @@
   along with this library; if not, see <http://www.gnu.org/licenses/>.
*/

-package org.granite.tide {
-
+package org.granite.tide {
+
import flash.display.DisplayObject;
import flash.display.DisplayObjectContainer;
import flash.display.LoaderInfo;
@@ -36,7 +36,7 @@
import flash.utils.flash_proxy;
import flash.utils.getDefinitionByName;
import flash.utils.getQualifiedClassName;
-
+
import mx.binding.BindabilityInfo;
import mx.binding.utils.BindingUtils;
import mx.collections.ArrayCollection;
@@ -59,6 +59,7 @@
import mx.rpc.AbstractOperation;
import mx.rpc.AsyncToken;
import mx.rpc.Fault;
+ import mx.rpc.Responder;
import mx.rpc.events.FaultEvent;
import mx.rpc.events.InvokeEvent;
import mx.rpc.events.ResultEvent;
@@ -69,7 +70,7 @@
import mx.utils.ObjectProxy;
import mx.utils.ObjectUtil;
import mx.utils.StringUtil;
-
+
import org.granite.reflect.Annotation;
import org.granite.reflect.Field;
import org.granite.reflect.Method;
@@ -97,7 +98,7 @@
import org.granite.tide.service.IServiceInitializer;
import org.granite.tide.validators.ValidatorResponder;
import org.granite.util.ClassUtil;
-
+

[Bindable]
     /**
@@ -1407,17 +1408,24 @@

dispatchEvent(new TidePluginEvent(PLUGIN_LOGOUT));

- if (ro.channelSet)
- ro.channelSet.logout(); // Workaround described in BLZ-310
+ if (ro.channelSet){
+ var token:AsyncToken = ro.channelSet.logout(); // Workaround described in BLZ-310
+ token.addResponder(new Responder(remoteObject_logoutComplete, null));
+ } else {
+ remoteObject_logoutComplete(null);
+ }
+ }
+
+ private function remoteObject_logoutComplete(event:Event):void {
ro.logout();
-
+
log.info("Tide application logout");
-
+
_contextManager.destroyContexts();
-
+
_logoutInProgress = false;
_waitForLogout = 0;
-
+
getContext().raiseEvent(LOGGED_OUT);
}

[ Show » ]

Yennick Trevels added a comment - 28/Apr/11 08:07 PM Diff which solves this issue: Index: aviga-client/src/main/actionscript/org/granite/tide/data/Tide.as =================================================================== --- aviga-client/src/main/actionscript/org/granite/tide/data/Tide.as (revision ) +++ aviga-client/src/main/actionscript/org/granite/tide/Tide.as (revision ) @@ -18,8 +18,8 @@ along with this library; if not, see <http://www.gnu.org/licenses/>. */ -package org.granite.tide { - +package org.granite.tide { + import flash.display.DisplayObject; import flash.display.DisplayObjectContainer; import flash.display.LoaderInfo; @@ -36,7 +36,7 @@ import flash.utils.flash_proxy; import flash.utils.getDefinitionByName; import flash.utils.getQualifiedClassName; - + import mx.binding.BindabilityInfo; import mx.binding.utils.BindingUtils; import mx.collections.ArrayCollection; @@ -59,6 +59,7 @@ import mx.rpc.AbstractOperation; import mx.rpc.AsyncToken; import mx.rpc.Fault; + import mx.rpc.Responder; import mx.rpc.events.FaultEvent; import mx.rpc.events.InvokeEvent; import mx.rpc.events.ResultEvent; @@ -69,7 +70,7 @@ import mx.utils.ObjectProxy; import mx.utils.ObjectUtil; import mx.utils.StringUtil; - + import org.granite.reflect.Annotation; import org.granite.reflect.Field; import org.granite.reflect.Method; @@ -97,7 +98,7 @@ import org.granite.tide.service.IServiceInitializer; import org.granite.tide.validators.ValidatorResponder; import org.granite.util.ClassUtil; - + [Bindable] /** @@ -1407,17 +1408,24 @@ dispatchEvent(new TidePluginEvent(PLUGIN_LOGOUT)); - if (ro.channelSet) - ro.channelSet.logout(); // Workaround described in BLZ-310 + if (ro.channelSet){ + var token:AsyncToken = ro.channelSet.logout(); // Workaround described in BLZ-310 + token.addResponder(new Responder(remoteObject_logoutComplete, null)); + } else { + remoteObject_logoutComplete(null); + } + } + + private function remoteObject_logoutComplete(event:Event):void { ro.logout(); - + log.info("Tide application logout"); - + _contextManager.destroyContexts(); - + _logoutInProgress = false; _waitForLogout = 0; - + getContext().raiseEvent(LOGGED_OUT); }