X-Git-Url: https://git.pterodactylus.net/?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Fnet%2Fpterodactylus%2Fsone%2Fweb%2FCreateAlbumPage.java;h=eaacb89510754e250d6414b6a3f91a2839595323;hb=00d6cb2688d8dda20ce55d71825b4446701a3a7a;hp=1c599e42d384d34849c8a3922b59b287f93594c5;hpb=0180e9f4ebbafc2846dec7727faf571e221a0b92;p=Sone.git diff --git a/src/main/java/net/pterodactylus/sone/web/CreateAlbumPage.java b/src/main/java/net/pterodactylus/sone/web/CreateAlbumPage.java index 1c599e4..eaacb89 100644 --- a/src/main/java/net/pterodactylus/sone/web/CreateAlbumPage.java +++ b/src/main/java/net/pterodactylus/sone/web/CreateAlbumPage.java @@ -19,6 +19,7 @@ package net.pterodactylus.sone.web; import net.pterodactylus.sone.data.Album; import net.pterodactylus.sone.data.Album.Modifier.AlbumTitleMustNotBeEmpty; +import net.pterodactylus.sone.data.IdBuilder; import net.pterodactylus.sone.data.Sone; import net.pterodactylus.sone.text.TextFilter; import net.pterodactylus.sone.web.page.FreenetRequest; @@ -26,6 +27,8 @@ import net.pterodactylus.util.template.Template; import net.pterodactylus.util.template.TemplateContext; import net.pterodactylus.util.web.Method; +import com.google.common.base.Optional; + /** * Page that lets the user create a new album. * @@ -53,8 +56,7 @@ public class CreateAlbumPage extends SoneTemplatePage { * {@inheritDoc} */ @Override - protected void processTemplate(FreenetRequest request, TemplateContext templateContext) throws RedirectException { - super.processTemplate(request, templateContext); + protected void processSonePage(FreenetRequest request, TemplateContext templateContext) throws RedirectException { if (request.getMethod() == Method.POST) { String name = request.getHttpRequest().getPartAsStringFailsafe("name", 64).trim(); if (name.length() == 0) { @@ -63,12 +65,17 @@ public class CreateAlbumPage extends SoneTemplatePage { } String description = request.getHttpRequest().getPartAsStringFailsafe("description", 256).trim(); Sone currentSone = getCurrentSone(request.getToadletContext()); - String parentId = request.getHttpRequest().getPartAsStringFailsafe("parent", 36); - Album parent = webInterface.getCore().getAlbum(parentId); + String parentId = request.getHttpRequest().getPartAsStringFailsafe("parent", IdBuilder.ID_STRING_LENGTH); + Optional parent; if (parentId.equals("")) { - parent = currentSone.getRootAlbum(); + parent = Optional.of(currentSone.getRootAlbum()); + } else { + parent = webInterface.getCore().getAlbum(parentId); + if (!parent.isPresent()) { + throw new RedirectException("noPermission.html"); + } } - Album album = webInterface.getCore().createAlbum(currentSone, parent); + Album album = webInterface.getCore().createAlbum(currentSone, parent.get()); try { album.modify().setTitle(name).setDescription(TextFilter.filter(request.getHttpRequest().getHeader("host"), description)).update(); } catch (AlbumTitleMustNotBeEmpty atmnbe) {