Fixed #177

000b9dbf · Liang Ding · fb087c43 · 000b9dbf · 000b9dbf
Commit 000b9dbf authored Jan 29, 2013 by Liang Ding
2 changed files
--- a/core/src/main/java/org/b3log/solo/processor/console/UserConsole.java
+++ b/core/src/main/java/org/b3log/solo/processor/console/UserConsole.java
@@ -41,7 +41,7 @@ import org.json.JSONObject;
 * User console request processing.
 *
 * @author <a href="mailto:DL88250@gmail.com">Liang Ding</a>
- * @version 1.0.0.1, Aug 9, 2012
+ * @version 1.0.0.2, Jan 29, 2013
 * @since 0.4.0
 */
 @RequestProcessor
@@ -335,7 +335,7 @@ public final class UserConsole {
    @RequestProcessing(value = "/console/user/*", method = HTTPRequestMethod.GET)
    public void getUser(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
        throws Exception {
-        if (!userUtils.isLoggedIn(request, response)) {
+        if (!userUtils.isAdminLoggedIn(request)) {
            response.sendError(HttpServletResponse.SC_FORBIDDEN);
            return;
        }

--- a/core/src/main/java/org/b3log/solo/processor/util/Filler.java
+++ b/core/src/main/java/org/b3log/solo/processor/util/Filler.java
@@ -69,7 +69,7 @@ import org.json.JSONObject;
 * Filler utilities.
 *
 * @author <a href="mailto:DL88250@gmail.com">Liang Ding</a>
- * @version 1.0.6.2, Jan 18, 2013
+ * @version 1.0.6.3, Jan 29, 2013
 * @since 0.3.1
 */
 public final class Filler {
@@ -506,6 +506,7 @@ public final class Filler {
            dataModel.put(User.USERS, userList);
            for (final JSONObject user : userList) {
                user.remove(User.USER_EMAIL);
+                user.remove(User.USER_PASSWORD);
            }
            final String skinDirName = (String) request.getAttribute(Keys.TEMAPLTE_DIR_NAME);