Allow deletion of posts of all local Sones, not only the logged in.

author David ‘Bombe’ Roden <bombe@pterodactylus.net>

Tue, 18 Jan 2011 05:57:24 +0000 (06:57 +0100)

committer David ‘Bombe’ Roden <bombe@pterodactylus.net>

Tue, 18 Jan 2011 05:57:24 +0000 (06:57 +0100)
author David ‘Bombe’ Roden <bombe@pterodactylus.net>
Tue, 18 Jan 2011 05:57:24 +0000 (06:57 +0100)
committer David ‘Bombe’ Roden <bombe@pterodactylus.net>
Tue, 18 Jan 2011 05:57:24 +0000 (06:57 +0100)
diff --git a/src/main/java/net/pterodactylus/sone/web/DeletePostPage.java b/src/main/java/net/pterodactylus/sone/web/DeletePostPage.java

index 5722ee3..78c9f22 100644 (file)
--- a/src/main/java/net/pterodactylus/sone/web/DeletePostPage.java
+++ b/src/main/java/net/pterodactylus/sone/web/DeletePostPage.java
@@ -18,7 +18,6 @@
  package net.pterodactylus.sone.web;
  
  import net.pterodactylus.sone.data.Post;
-import net.pterodactylus.sone.data.Sone;
  import net.pterodactylus.sone.web.page.Page.Request.Method;
  import net.pterodactylus.util.template.DataProvider;
  import net.pterodactylus.util.template.Template;
@@ -63,12 +62,11 @@ public class DeletePostPage extends SoneTemplatePage {
                         String postId = request.getHttpRequest().getPartAsStringFailsafe("post", 36);
                         String returnPage = request.getHttpRequest().getPartAsStringFailsafe("returnPage", 256);
                         Post post = webInterface.getCore().getPost(postId);
-                       Sone currentSone = getCurrentSone(request.getToadletContext());
-                       if (!post.getSone().equals(currentSone)) {
+                       if (!webInterface.getCore().isLocalSone(post.getSone())) {
                                 throw new RedirectException("noPermission.html");
                         }
                         if (request.getHttpRequest().isPartSet("confirmDelete")) {
-                               currentSone.removePost(post);
+                               webInterface.getCore().deletePost(post);
                                 throw new RedirectException(returnPage);
                         } else if (request.getHttpRequest().isPartSet("abortDelete")) {
                                 throw new RedirectException(returnPage);
diff --git a/src/main/java/net/pterodactylus/sone/web/ajax/DeletePostAjaxPage.java b/src/main/java/net/pterodactylus/sone/web/ajax/DeletePostAjaxPage.java

index 479e71e..8d3b414 100644 (file)
--- a/src/main/java/net/pterodactylus/sone/web/ajax/DeletePostAjaxPage.java
+++ b/src/main/java/net/pterodactylus/sone/web/ajax/DeletePostAjaxPage.java
@@ -18,7 +18,6 @@
  package net.pterodactylus.sone.web.ajax;
  
  import net.pterodactylus.sone.data.Post;
-import net.pterodactylus.sone.data.Sone;
  import net.pterodactylus.sone.web.WebInterface;
  import net.pterodactylus.util.json.JsonObject;
  
@@ -50,14 +49,10 @@ public class DeletePostAjaxPage extends JsonPage {
         protected JsonObject createJsonObject(Request request) {
                 String postId = request.getHttpRequest().getParam("post");
                 Post post = webInterface.getCore().getPost(postId, false);
-               Sone currentSone = getCurrentSone(request.getToadletContext());
                 if ((post == null) || (post.getSone() == null)) {
                         return createErrorJsonObject("invalid-post-id");
                 }
-               if (currentSone == null) {
-                       return createErrorJsonObject("auth-required");
-               }
-               if (!post.getSone().equals(currentSone)) {
+               if (!webInterface.getCore().isLocalSone(post.getSone())) {
                         return createErrorJsonObject("not-authorized");
                 }
                 webInterface.getCore().deletePost(post);
diff --git a/src/main/resources/templates/include/viewPost.html b/src/main/resources/templates/include/viewPost.html

index 5161dfe..b4f570f 100644 (file)
--- a/src/main/resources/templates/include/viewPost.html
+++ b/src/main/resources/templates/include/viewPost.html
@@ -62,7 +62,7 @@
                                         </form>
                                 <%/if>
                         <%/if>
-                       <%if post.sone.current>
+                       <%if post.sone.local>
                                 <span class='separator'>·</span>
                                 <form class="delete delete-post" action="deletePost.html" method="post">
                                         <input type="hidden" name="formPassword" value="<% formPassword|html>" />
diff --git a/src/main/resources/templates/include/viewReply.html b/src/main/resources/templates/include/viewReply.html

index 805626a..6b13776 100644 (file)
--- a/src/main/resources/templates/include/viewReply.html
+++ b/src/main/resources/templates/include/viewReply.html
@@ -54,7 +54,7 @@
                                         </form>
                                 <%/if>
                         <%/if>
-                       <%if reply.sone.current>
+                       <%if reply.sone.local>
                                 <span class='separator'>·</span>
                                 <form class="delete delete-reply" action="deleteReply.html" method="post">
                                         <input type="hidden" name="formPassword" value="<% formPassword|html>" />
author	David ‘Bombe’ Roden <bombe@pterodactylus.net>
	Tue, 18 Jan 2011 05:57:24 +0000 (06:57 +0100)
committer	David ‘Bombe’ Roden <bombe@pterodactylus.net>
	Tue, 18 Jan 2011 05:57:24 +0000 (06:57 +0100)
src/main/java/net/pterodactylus/sone/web/DeletePostPage.java		patch \| blob \| history
src/main/java/net/pterodactylus/sone/web/ajax/DeletePostAjaxPage.java		patch \| blob \| history
src/main/resources/templates/include/viewPost.html		patch \| blob \| history
src/main/resources/templates/include/viewReply.html		patch \| blob \| history