add: ensure that for Support actions there is a valid Support Challenge

[gigi.git] / src / club / wpia / gigi / util / AuthorizationContext.java

diff --git a/src/club/wpia/gigi/util/AuthorizationContext.java b/src/club/wpia/gigi/util/AuthorizationContext.java
index 566436ac5e2834989f5074a07781704a7298b5d9..0cc653c18ced141565d9cd624a97e00dc9d34a9e 100644 (file)
--- a/src/club/wpia/gigi/util/AuthorizationContext.java
+++ b/src/club/wpia/gigi/util/AuthorizationContext.java
@@ -79,7 +79,7 @@ public class AuthorizationContext implements Outputable, Serializable {
     }
 
     public boolean canSupport() {
-        return getSupporterTicketId() != null && isInGroup(Group.SUPPORTER) && isStronglyAuthenticated();
+        return getSupporterTicketId() != null && isInGroup(Group.SUPPORTER) && isStronglyAuthenticated() && ((User) target).hasValidSupportChallenge();
     }
 
     private static final SprintfCommand sp = new SprintfCommand("Logged in as {0} via {1}.", Arrays.asList("${username", "${loginMethod"));
@@ -113,7 +113,7 @@ public class AuthorizationContext implements Outputable, Serializable {
     }
 
     public boolean canVerify() {
-        return target instanceof User && ((User) target).canVerify() && isStronglyAuthenticated();
+        return target instanceof User && ((User) target).canVerify() && isStronglyAuthenticated() && ((User) target).hasValidRAChallenge();
     }
 
     public boolean isStronglyAuthenticated() {