X-Git-Url: https://git.pterodactylus.net/?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Fnet%2Fpterodactylus%2Fsone%2Fweb%2FDeletePostPage.java;h=517a07e56e4833e368452d4c299cf614bf49460a;hb=c4ae226ec5052116cefc542ae2017036a7bc6332;hp=ecbb36816f6d52ef82e88615ac8c06924c1c8722;hpb=9e4db46b86d084eba9029906e779ec1d96f78ac4;p=Sone.git diff --git a/src/main/java/net/pterodactylus/sone/web/DeletePostPage.java b/src/main/java/net/pterodactylus/sone/web/DeletePostPage.java index ecbb368..517a07e 100644 --- a/src/main/java/net/pterodactylus/sone/web/DeletePostPage.java +++ b/src/main/java/net/pterodactylus/sone/web/DeletePostPage.java @@ -1,5 +1,5 @@ /* - * Sone - DeletePostPage.java - Copyright © 2010 David Roden + * Sone - DeletePostPage.java - Copyright © 2010–2016 David Roden * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -17,11 +17,13 @@ package net.pterodactylus.sone.web; +import com.google.common.base.Optional; + import net.pterodactylus.sone.data.Post; -import net.pterodactylus.sone.data.Sone; -import net.pterodactylus.sone.web.page.Page.Request.Method; +import net.pterodactylus.sone.web.page.FreenetRequest; import net.pterodactylus.util.template.Template; import net.pterodactylus.util.template.TemplateContext; +import net.pterodactylus.util.web.Method; /** * Lets the user delete a post they made. @@ -50,25 +52,26 @@ public class DeletePostPage extends SoneTemplatePage { * {@inheritDoc} */ @Override - protected void processTemplate(Request request, TemplateContext templateContext) throws RedirectException { + protected void processTemplate(FreenetRequest request, TemplateContext templateContext) throws RedirectException { super.processTemplate(request, templateContext); if (request.getMethod() == Method.GET) { String postId = request.getHttpRequest().getParam("post"); String returnPage = request.getHttpRequest().getParam("returnPage"); - Post post = webInterface.getCore().getPost(postId); - templateContext.set("post", post); + Optional post = webInterface.getCore().getPost(postId); + if (!post.isPresent()) { + throw new RedirectException("noPermission.html"); + } + templateContext.set("post", post.get()); templateContext.set("returnPage", returnPage); - return; } else if (request.getMethod() == Method.POST) { String postId = request.getHttpRequest().getPartAsStringFailsafe("post", 36); String returnPage = request.getHttpRequest().getPartAsStringFailsafe("returnPage", 256); - Post post = webInterface.getCore().getPost(postId); - Sone currentSone = getCurrentSone(request.getToadletContext()); - if (!post.getSone().equals(currentSone)) { + Optional post = webInterface.getCore().getPost(postId); + if (!post.isPresent() || !post.get().getSone().isLocal()) { throw new RedirectException("noPermission.html"); } if (request.getHttpRequest().isPartSet("confirmDelete")) { - currentSone.removePost(post); + webInterface.getCore().deletePost(post.get()); throw new RedirectException(returnPage); } else if (request.getHttpRequest().isPartSet("abortDelete")) { throw new RedirectException(returnPage);