From 0bdc36b2f6aa42dc942c009444f4a56279be2fdf Mon Sep 17 00:00:00 2001
From: "rogan.dawes" <rogan.dawes@4033779f-a91e-0410-96ef-6bf7bf53c507>
Date: Tue, 10 Jul 2007 11:55:10 +0000
Subject: [PATCH] Remove duplication of isAuthorizedForEmployee

git-svn-id: http://webgoat.googlecode.com/svn/trunk@149 4033779f-a91e-0410-96ef-6bf7bf53c507
---
 .../org/owasp/webgoat/lessons/DefaultLessonAction.java      | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DefaultLessonAction.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DefaultLessonAction.java
index dd4d738fa..9bf70ce8a 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DefaultLessonAction.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DefaultLessonAction.java	
@@ -259,11 +259,7 @@ public abstract class DefaultLessonAction implements LessonAction
 				/* User is validated for function, but can the user perform that function on the specified user? */
 				if(authorized)
 				{
-					query = "SELECT * FROM ownership WHERE employer_id = " + Integer.parseInt(employer_id) +
-							" AND employee_id = " + employeeId;
-					answer_statement = WebSession.getConnection(s).createStatement( ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY );
-					answer_results = answer_statement.executeQuery( query );
-					authorized = answer_results.first();
+					authorized = isAuthorizedForEmployee(s, Integer.parseInt(employer_id), employeeId);
 				}
 			}
 			catch ( SQLException sqle )