@RequestMapping(value = IMAGES, method = POST)
public String addImage(
@RequestParam("image") MultipartFile file,
DefaultMultipartHttpServletRequest request,
Locale locale)
throws IOException {
// NOTE: Checking user rights and CSRF-Token needs to be done here because HttpUserService gains
// NOTE org.eclipse.jetty.server.Request which is not able to handle parameters at
// multipartrequests
User currentUser = userService.getCurrentUser(false);
if (!currentUser.isOm()) {
throw new AccessDeniedException("Om rights required");
}
userService.verifyCSRFToken(request);
imageFinder.validateAndSaveFile(file);
return redirectWithMessage(
request.getHeader("Referer"), RequestMessage.EDITOR_UPLOAD_IMAGE, request);
}
@RequestMapping(
value = {NEWS_FI, NEWS_SV},
method = GET)
public String news(Model model, Locale locale) {
Urls urls = Urls.get(locale);
String pageUri = HelpPage.NEWS.getUri(locale.toLanguageTag());
model.addAttribute(ALT_URI_ATTR, urls.alt().news());
model.addAttribute("content", infoTextService.getPublished(pageUri));
model.addAttribute("pageUri", pageUri);
model.addAttribute("omUser", userService.getCurrentUser().isOm());
addPiwicIdIfNotAuthenticated(model);
return NEWS_VIEW;
}
@RequestMapping(
value = {HELP_FI, HELP_SV},
method = GET)
public String help(
@PathVariable("helpPage") String localizedPageName, Model model, Locale locale) {
Urls urls = Urls.get(locale);
model.addAttribute(ALT_URI_ATTR, urls.alt().help(""));
model.addAttribute("helpPage", localizedPageName);
model.addAttribute("categoryLinksMap", infoTextService.getPublicSubjectList(locale));
model.addAttribute("content", infoTextService.getPublished(localizedPageName));
model.addAttribute("urls", urls);
model.addAttribute("omUser", userService.getCurrentUser().isOm());
addPiwicIdIfNotAuthenticated(model);
return HELP_VIEW;
}