@Override public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) throws Exception { // Long orderId = (Long) WebUtils.getRequiredSessionAttribute(request, "orderId"); int orderId = Integer.parseInt(request.getParameter("orderId")); Order order = this.orderService.getOrderById(orderId); UserSession userSession = (UserSession) WebUtils.getRequiredSessionAttribute(request, "userSession"); if (userSession.getUser().getUsername().equals(order.getUser().getUsername())) { String message = request.getParameter("message"); Map<String, Object> model = new HashMap<String, Object>(); model.put("order", order); if (message != null) { // after the new order, there's thanks message model.put("message", message); } return new ModelAndView("ViewOrder", model); } else { return new ModelAndView("ValidationError", "message", "You may only view your own orders."); } }
public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) throws Exception { UserSession userSession = (UserSession) WebUtils.getRequiredSessionAttribute(request, "userSession"); String username = userSession.getAccount().getUsername(); Map model = new HashMap(); model.put("orderList", this.petStore.getOrdersByUsername(username)); return new ModelAndView("ListOrders", model); }