GUACAMOLE-5: Include the sensitive information of an active connection if the current user started that active connection.

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/activeconnection/ActiveConnectionService.java

@@ -80,6 +80,7 @@ public class ActiveConnectionService
     public Collection<TrackedActiveConnection> retrieveObjects(AuthenticatedUser user,
             Collection<String> identifiers) throws GuacamoleException {
 
+        String username = user.getIdentifier();
         boolean isAdmin = user.getUser().isAdministrator();
         Set<String> identifierSet = new HashSet<String>(identifiers);
 
@@ -90,10 +91,15 @@ public class ActiveConnectionService
         Collection<TrackedActiveConnection> activeConnections = new ArrayList<TrackedActiveConnection>(identifiers.size());
         for (ActiveConnectionRecord record : records) {
 
+            // Sensitive information should be included if the connection was
+            // started by the current user OR the user is an admin
+            boolean includeSensitiveInformation =
+                    isAdmin || username.equals(record.getUsername());
+
             // Add connection if within requested identifiers
             if (identifierSet.contains(record.getUUID().toString())) {
                 TrackedActiveConnection activeConnection = trackedActiveConnectionProvider.get();
-                activeConnection.init(user, record, isAdmin);
+                activeConnection.init(user, record, includeSensitiveInformation);
                 activeConnections.add(activeConnection);
             }