projects
/
Sone.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Check a reply’s post and its Sone before using those values.
[Sone.git]
/
src
/
main
/
java
/
net
/
pterodactylus
/
sone
/
web
/
ajax
/
DeletePostAjaxPage.java
diff --git
a/src/main/java/net/pterodactylus/sone/web/ajax/DeletePostAjaxPage.java
b/src/main/java/net/pterodactylus/sone/web/ajax/DeletePostAjaxPage.java
index
4389e57
..
8d3b414
100644
(file)
--- a/
src/main/java/net/pterodactylus/sone/web/ajax/DeletePostAjaxPage.java
+++ b/
src/main/java/net/pterodactylus/sone/web/ajax/DeletePostAjaxPage.java
@@
-18,7
+18,6
@@
package net.pterodactylus.sone.web.ajax;
import net.pterodactylus.sone.data.Post;
package net.pterodactylus.sone.web.ajax;
import net.pterodactylus.sone.data.Post;
-import net.pterodactylus.sone.data.Sone;
import net.pterodactylus.sone.web.WebInterface;
import net.pterodactylus.util.json.JsonObject;
import net.pterodactylus.sone.web.WebInterface;
import net.pterodactylus.util.json.JsonObject;
@@
-36,7
+35,7
@@
public class DeletePostAjaxPage extends JsonPage {
* The Sone web interface
*/
public DeletePostAjaxPage(WebInterface webInterface) {
* The Sone web interface
*/
public DeletePostAjaxPage(WebInterface webInterface) {
- super("
ajax/
deletePost.ajax", webInterface);
+ super("deletePost.ajax", webInterface);
}
//
}
//
@@
-49,19
+48,15
@@
public class DeletePostAjaxPage extends JsonPage {
@Override
protected JsonObject createJsonObject(Request request) {
String postId = request.getHttpRequest().getParam("post");
@Override
protected JsonObject createJsonObject(Request request) {
String postId = request.getHttpRequest().getParam("post");
- Post post = webInterface.getCore().getPost(postId);
- Sone currentSone = getCurrentSone(request.getToadletContext());
- if (post == null) {
- return new JsonObject().put("success", false).put("error", "invalid-post-id");
+ Post post = webInterface.getCore().getPost(postId, false);
+ if ((post == null) || (post.getSone() == null)) {
+ return createErrorJsonObject("invalid-post-id");
}
}
- if (
currentSone == null
) {
- return
new JsonObject().put("success", false).put("error", "auth-requir
ed");
+ if (
!webInterface.getCore().isLocalSone(post.getSone())
) {
+ return
createErrorJsonObject("not-authoriz
ed");
}
}
- if (!post.getSone().equals(currentSone)) {
- return new JsonObject().put("success", false).put("error", "not-authorized");
- }
- currentSone.removePost(post);
- return new JsonObject().put("success", true);
+ webInterface.getCore().deletePost(post);
+ return createSuccessJsonObject();
}
}
}
}