Fixed: ParseUser.getCurrentUser() returns a non authenticated user when local datastore is used

Lukas Koebis · Lukas Koebis · commit c6e24939f617 · 2015-08-17T11:28:18.000-07:00
Repro project: https://www.dropbox.com/s/m6vl215mg3nj8uo/Parse-Starter-Project-1.9.4.zip 1- change keys 2- click SIGN UP -> make sure a user & a post are created 3- click GETCURRENTUSER -> make sure user and session are shown 4- click ISAUTHENTICATED() -> make sure it returns true 5- now click QUERY DATA WITH INCLUDE("USER") 6- repeat step 3 and 4 and notice the issue
diff --git a/Parse/src/main/java/com/parse/ParseUser.java b/Parse/src/main/java/com/parse/ParseUser.java
@@ -500,6 +500,18 @@ public Task<Void> then(Task<Void> task) throws Exception {
     }
   }
 
+  @Override
+  /* package */ void setState(ParseObject.State newState) {
+    // Avoid clearing sessionToken when updating the current user's State via ParseQuery result
+    if (isCurrentUser() && getSessionToken() != null
+            && newState.get("sessionToken") == null) {
+      super.setState(newState.newBuilder().put("sessionToken", getSessionToken()).build());
+    }
+    else {
+      super.setState(newState);
+    }
+  }
+
   @Override
   /* package */ void validateDelete() {
     synchronized (mutex) {
diff --git a/Parse/src/test/java/com/parse/ParseUserTest.java b/Parse/src/test/java/com/parse/ParseUserTest.java
@@ -1059,6 +1059,25 @@ public void testUpgradeToRevocableSessionAsync() throws Exception {
     verify(currentUserController, times(1)).setAsync(user);
   }
 
+  @Test
+  public void testDontOverwriteSessionTokenForCurrentUser() throws Exception {
+    ParseUser.State sessionTokenState = new ParseUser.State.Builder()
+            .sessionToken("sessionToken")
+            .build();
+    ParseUser.State emptyState = new ParseUser.State.Builder().build();
+
+    ParseUser user = ParseObject.from(sessionTokenState);
+    user.setIsCurrentUser(true);
+    assertEquals(user.getSessionToken(), "sessionToken");
+
+    user.setState(emptyState);
+    assertEquals(user.getSessionToken(), "sessionToken");
+
+    user.setIsCurrentUser(false);
+    user.setState(emptyState);
+    assertNull(user.getSessionToken());
+  }
+
   //endregion
 
   //region testUnlinkFromAsync
