X-Git-Url: https://git.pterodactylus.net/?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Fnet%2Fpterodactylus%2Fsone%2Fweb%2FCreateAlbumPage.java;h=338056a5d7c450b8e33df17d46daed74aa285a6e;hb=00a434a23c9ea1e57c63d8a3c0fc4b09277af431;hp=1c599e42d384d34849c8a3922b59b287f93594c5;hpb=0e8f7804ce344bdd69f5ecc7febe25a60a53561d;p=Sone.git diff --git a/src/main/java/net/pterodactylus/sone/web/CreateAlbumPage.java b/src/main/java/net/pterodactylus/sone/web/CreateAlbumPage.java index 1c599e4..338056a 100644 --- a/src/main/java/net/pterodactylus/sone/web/CreateAlbumPage.java +++ b/src/main/java/net/pterodactylus/sone/web/CreateAlbumPage.java @@ -19,6 +19,7 @@ package net.pterodactylus.sone.web; import net.pterodactylus.sone.data.Album; import net.pterodactylus.sone.data.Album.Modifier.AlbumTitleMustNotBeEmpty; +import net.pterodactylus.sone.data.IdBuilder; import net.pterodactylus.sone.data.Sone; import net.pterodactylus.sone.text.TextFilter; import net.pterodactylus.sone.web.page.FreenetRequest; @@ -26,6 +27,8 @@ import net.pterodactylus.util.template.Template; import net.pterodactylus.util.template.TemplateContext; import net.pterodactylus.util.web.Method; +import com.google.common.base.Optional; + /** * Page that lets the user create a new album. * @@ -63,12 +66,17 @@ public class CreateAlbumPage extends SoneTemplatePage { } String description = request.getHttpRequest().getPartAsStringFailsafe("description", 256).trim(); Sone currentSone = getCurrentSone(request.getToadletContext()); - String parentId = request.getHttpRequest().getPartAsStringFailsafe("parent", 36); - Album parent = webInterface.getCore().getAlbum(parentId); + String parentId = request.getHttpRequest().getPartAsStringFailsafe("parent", IdBuilder.ID_STRING_LENGTH); + Optional parent; if (parentId.equals("")) { - parent = currentSone.getRootAlbum(); + parent = Optional.of(currentSone.getRootAlbum()); + } else { + parent = webInterface.getCore().getAlbum(parentId); + if (!parent.isPresent()) { + throw new RedirectException("noPermission.html"); + } } - Album album = webInterface.getCore().createAlbum(currentSone, parent); + Album album = webInterface.getCore().createAlbum(currentSone, parent.get()); try { album.modify().setTitle(name).setDescription(TextFilter.filter(request.getHttpRequest().getHeader("host"), description)).update(); } catch (AlbumTitleMustNotBeEmpty atmnbe) {