Beispiel #1
0
 /** 查看评论回复 */
 @RequestMapping(value = "/member/comment_replay.jspx")
 public String guestbook_replay(
     Integer id,
     String nextUrl,
     HttpServletRequest request,
     HttpServletResponse response,
     ModelMap model) {
   CmsSite site = CmsUtils.getSite(request);
   CmsUser user = CmsUtils.getUser(request);
   FrontUtils.frontData(request, model, site);
   MemberConfig mcfg = site.getConfig().getMemberConfig();
   // 没有开启会员功能
   if (!mcfg.isMemberOn()) {
     return FrontUtils.showMessage(request, model, "member.memberClose");
   }
   if (user == null) {
     return FrontUtils.showLogin(request, model, site);
   }
   CmsComment comment = commentMng.findById(id);
   if (!comment.getCommentUser().equals(user)) {
     WebErrors errors = WebErrors.create(request);
     errors.addErrorCode("error.noPermissionsView");
     return FrontUtils.showError(request, response, model, errors);
   }
   model.addAttribute("comment", comment);
   return FrontUtils.getTplPath(request, site.getSolutionPath(), TPLDIR_COMMENT, COMMENT_REPLY);
 }
Beispiel #2
0
 /**
  * 删除评论(id,评论人id,来访ip)
  *
  * <p>如果没有登录则跳转到登陆页
  *
  * @param request
  * @param response
  * @param model
  * @return
  */
 @RequestMapping(value = "/member/comment_delete.jspx")
 public String delete(
     Integer commentId,
     Integer userId,
     String ip,
     Integer pageNo,
     String nextUrl,
     HttpServletRequest request,
     HttpServletResponse response,
     ModelMap model) {
   CmsSite site = CmsUtils.getSite(request);
   CmsUser user = CmsUtils.getUser(request);
   FrontUtils.frontData(request, model, site);
   MemberConfig mcfg = site.getConfig().getMemberConfig();
   // 没有开启会员功能
   if (!mcfg.isMemberOn()) {
     return FrontUtils.showMessage(request, model, "member.memberClose");
   }
   if (user == null) {
     return FrontUtils.showLogin(request, model, site);
   }
   // 删除单条评论
   CmsComment bean;
   if (commentId != null) {
     CmsComment cmsComment = commentMng.findById(commentId);
     if (cmsComment == null) {
       return FrontUtils.showMessage(request, model, "comment.notFound");
     }
     if (!canDeleteComment(cmsComment, user)) {
       return FrontUtils.showMessage(request, model, "comment.deleteError");
     }
     bean = commentMng.deleteById(commentId);
     log.info("delete CmsComment id={}", bean.getId());
   } else {
     // 依据评论人或者评论ip删除评论
     List<CmsComment> comments = commentMng.getListForDel(site.getId(), user.getId(), userId, ip);
     for (int i = 0; i < comments.size(); i++) {
       bean = comments.get(i);
       if (!canDeleteComment(bean, user)) {
         return FrontUtils.showMessage(request, model, "comment.deleteError");
       }
       commentMng.deleteById(comments.get(i).getId());
       log.info("delete CmsComment id={}", bean.getId());
     }
   }
   /*
    * Pagination pagination = commentMng.getPageForMember(site.getId(),
    * null, null, user.getId(), null, null, null, true, cpn(pageNo),
    * CookieUtils.getPageSize(request)); model.addAttribute("pagination",
    * pagination);
    */
   // 返回评论列表
   return FrontUtils.showSuccess(request, model, nextUrl);
 }
Beispiel #3
0
 private boolean canDeleteComment(CmsComment comment, CmsUser user) {
   // 匿名用户评论文章的所有者可以删除
   if (comment.getCommentUser() == null && !comment.getContent().getUser().equals(user)) {
     return false;
   } else if (comment.getCommentUser() == null && comment.getContent().getUser().equals(user)) {
     return true;
   } else {
     // 非匿名用户评论 文章的所有者可以删除,评论者也可以删除
     if (comment.getCommentUser().equals(user) || comment.getContent().getUser().equals(user)) {
       return true;
     } else {
       return false;
     }
   }
 }