/**
   * Retrieves the current logged user based on the session key.
   *
   * @param session http session holding currently logged username.
   * @return User instance representing currently logged user.
   * @throws IllegalArgumentException if session is null.
   * @throws OPMException if there is any problem when executing the method.
   */
  protected User getCurrentUser(HttpSession session) throws OPMException {
    String signature = CLASS_NAME + "#getCurrentUser(HttpSession session)";

    LoggingHelper.logEntrance(logger, signature, new String[] {"session"}, new Object[] {session});

    Helper.checkNull(logger, signature, session, "session");

    try {
      String loggedUsername = (String) session.getAttribute(userSessionKey);

      User result = userService.getByUsername(loggedUsername);

      LoggingHelper.logExit(logger, signature, new Object[] {result});
      return result;
    } catch (IllegalArgumentException e) {
      throw LoggingHelper.logException(
          logger,
          signature,
          new OPMException(
              "The attribute of key '" + userSessionKey + "' can't be null/empty.", e));
    } catch (ClassCastException e) {
      throw LoggingHelper.logException(
          logger,
          signature,
          new OPMException("The attribute of key '" + userSessionKey + "' should be a string.", e));
    }
  }
  /**
   * This method is responsible for populating the model and view with the data about enabled
   * widgets.
   *
   * @param session current http session.
   * @param modelAndView the ModelAndView instance to populate
   * @return The populated ModelAndView instance.
   * @throws IllegalArgumentException if session or modelAndView instance is null.
   * @throws OPMException if there is any problem when executing the method.
   */
  protected ModelAndView populateModelAndView(HttpSession session, ModelAndView modelAndView)
      throws OPMException {
    String signature =
        CLASS_NAME + "#populateModelAndView(HttpSession session, ModelAndView modelAndView)";

    LoggingHelper.logEntrance(
        logger,
        signature,
        new String[] {"session", "modelAndView"},
        new Object[] {session, modelAndView});

    Helper.checkNull(logger, signature, modelAndView, "modelAndView");

    User user = getCurrentUser(session);
    if (user == null) {
      throw LoggingHelper.logException(
          logger, signature, new OPMException("The user is not logged in."));
    }
    for (String widgetId : widgetIds) {
      try {
        securityService.authorize(
            user.getUsername(), Arrays.asList(user.getRole().getName()), widgetId);
        modelAndView.addObject(widgetId, true);
      } catch (AuthorizationException e) {
        modelAndView.addObject(widgetId, false);
      }
    }

    LoggingHelper.logExit(logger, signature, new Object[] {modelAndView});
    return modelAndView;
  }