Ejemplo n.º 1
0
  // posting edited comment
  @RequestMapping(
      value = "/posts/{postId:\\d+}/comments/{commentId:\\d+}/edit",
      method = RequestMethod.POST)
  public String onPostCommentEdit(
      @PathVariable long postId,
      @PathVariable long commentId,
      Model model,
      Principal principal,
      @Valid Comment editedComment,
      BindingResult result) {

    Comment oldComment = commentService.findById(commentId);
    Post post = postService.findById(postId);
    if (oldComment != null
        && post != null
        && post.getPostId() == oldComment.getPost().getPostId()) {
      if (result.hasErrors()) {
        model.addAttribute("logged_user", principal.getName());
        model.addAttribute("post", post);
        model.addAttribute("comments", commentService.findAllCommentsOfPost(postId));
        return "comment_edit";
      } else {
        commentService.merge(oldComment, editedComment);
        return "redirect:/posts/" + postId + "/comments";
      }
    } else return "404";
  }
Ejemplo n.º 2
0
  // comment edit page
  @RequestMapping(
      value = "/posts/{postId:\\d+}/comments/{commentId:\\d+}/edit",
      method = RequestMethod.GET)
  public String onGetCommentEdit(
      @PathVariable long postId, @PathVariable long commentId, Model model, Principal principal) {

    Comment comment = commentService.findById(commentId);
    Post post = postService.findById(postId);
    if (comment != null && post != null && post.getPostId() == comment.getPost().getPostId()) {
      if (comment.getUser().getUserName().equals(principal.getName())) {
        model.addAttribute("logged_user", principal.getName());
        model.addAttribute("post", post);
        model.addAttribute("comments", commentService.findAllCommentsOfPost(postId));
        model.addAttribute("comment", comment);
        return "comment_edit";
      } else {
        logger.warn("NO Permission: " + principal.getName() + ". " + new Date().toString());
        return "redirect:/no_permission_to_edit";
      }
    } else return "404";
  }