Esempio n. 1
0
  @Override
  public void doAdvice(final HTTPRequestContext context, final Object ret) {
    final AbstractHTTPResponseRenderer renderer = context.getRenderer();
    if (null != renderer) {
      final Map<String, Object> dataModel = renderer.getRenderDataModel();

      dataModel.put(Common.CSRF_TOKEN, Sessions.getCSRFToken(context.getRequest()));
    }
  }
Esempio n. 2
0
  /**
   * Shows update article.
   *
   * @param context the specified context
   * @param request the specified request
   * @param response the specified response
   * @throws Exception exception
   */
  @RequestProcessing(value = "/update", method = HTTPRequestMethod.GET)
  @Before(adviceClass = {StopwatchStartAdvice.class, LoginCheck.class})
  @After(adviceClass = {CSRFToken.class, StopwatchEndAdvice.class})
  public void showUpdateArticle(
      final HTTPRequestContext context,
      final HttpServletRequest request,
      final HttpServletResponse response)
      throws Exception {
    final String articleId = request.getParameter("id");
    if (Strings.isEmptyOrNull(articleId)) {
      response.sendError(HttpServletResponse.SC_NOT_FOUND);

      return;
    }

    final JSONObject article = articleQueryService.getArticleById(articleId);
    if (null == article) {
      response.sendError(HttpServletResponse.SC_NOT_FOUND);

      return;
    }

    final JSONObject currentUser = Sessions.currentUser(request);
    if (null == currentUser
        || !currentUser
            .optString(Keys.OBJECT_ID)
            .equals(article.optString(Article.ARTICLE_AUTHOR_ID))) {
      response.sendError(HttpServletResponse.SC_FORBIDDEN);

      return;
    }

    final AbstractFreeMarkerRenderer renderer = new SkinRenderer();
    context.setRenderer(renderer);

    renderer.setTemplateName("/home/post.ftl");
    final Map<String, Object> dataModel = renderer.getDataModel();

    dataModel.put(Article.ARTICLE, article);

    filler.fillHeaderAndFooter(request, response, dataModel);

    // Qiniu file upload authenticate
    final Auth auth =
        Auth.create(Symphonys.get("qiniu.accessKey"), Symphonys.get("qiniu.secretKey"));
    final String uploadToken = auth.uploadToken(Symphonys.get("qiniu.bucket"));
    dataModel.put("qiniuUploadToken", uploadToken);
    dataModel.put("qiniuDomain", Symphonys.get("qiniu.domain"));
  }