X-Git-Url: https://git.pterodactylus.net/?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Fnet%2Fpterodactylus%2Fsone%2Fweb%2FDeletePostPage.java;h=517a07e56e4833e368452d4c299cf614bf49460a;hb=c4ae226ec5052116cefc542ae2017036a7bc6332;hp=c8fd20f2edc680c62c846b652c16507a22e607dd;hpb=38cb6c5ec82298ee351d0eb15ddd8331db273af2;p=Sone.git diff --git a/src/main/java/net/pterodactylus/sone/web/DeletePostPage.java b/src/main/java/net/pterodactylus/sone/web/DeletePostPage.java index c8fd20f..517a07e 100644 --- a/src/main/java/net/pterodactylus/sone/web/DeletePostPage.java +++ b/src/main/java/net/pterodactylus/sone/web/DeletePostPage.java @@ -1,5 +1,5 @@ /* - * Sone - DeletePostPage.java - Copyright © 2010 David Roden + * Sone - DeletePostPage.java - Copyright © 2010–2016 David Roden * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -17,6 +17,8 @@ package net.pterodactylus.sone.web; +import com.google.common.base.Optional; + import net.pterodactylus.sone.data.Post; import net.pterodactylus.sone.web.page.FreenetRequest; import net.pterodactylus.util.template.Template; @@ -55,19 +57,21 @@ public class DeletePostPage extends SoneTemplatePage { if (request.getMethod() == Method.GET) { String postId = request.getHttpRequest().getParam("post"); String returnPage = request.getHttpRequest().getParam("returnPage"); - Post post = webInterface.getCore().getPost(postId); - templateContext.set("post", post); + Optional post = webInterface.getCore().getPost(postId); + if (!post.isPresent()) { + throw new RedirectException("noPermission.html"); + } + templateContext.set("post", post.get()); templateContext.set("returnPage", returnPage); - return; } else if (request.getMethod() == Method.POST) { String postId = request.getHttpRequest().getPartAsStringFailsafe("post", 36); String returnPage = request.getHttpRequest().getPartAsStringFailsafe("returnPage", 256); - Post post = webInterface.getCore().getPost(postId); - if (!webInterface.getCore().isLocalSone(post.getSone())) { + Optional post = webInterface.getCore().getPost(postId); + if (!post.isPresent() || !post.get().getSone().isLocal()) { throw new RedirectException("noPermission.html"); } if (request.getHttpRequest().isPartSet("confirmDelete")) { - webInterface.getCore().deletePost(post); + webInterface.getCore().deletePost(post.get()); throw new RedirectException(returnPage); } else if (request.getHttpRequest().isPartSet("abortDelete")) { throw new RedirectException(returnPage);