Exemplo n.º 1
0
  @RequestMapping(value = IMAGES, method = POST)
  public String addImage(
      @RequestParam("image") MultipartFile file,
      DefaultMultipartHttpServletRequest request,
      Locale locale)
      throws IOException {

    // NOTE: Checking user rights and CSRF-Token needs to be done here because HttpUserService gains
    // NOTE org.eclipse.jetty.server.Request which is not able to handle parameters at
    // multipartrequests

    User currentUser = userService.getCurrentUser(false);
    if (!currentUser.isOm()) {
      throw new AccessDeniedException("Om rights required");
    }

    userService.verifyCSRFToken(request);

    imageFinder.validateAndSaveFile(file);
    return redirectWithMessage(
        request.getHeader("Referer"), RequestMessage.EDITOR_UPLOAD_IMAGE, request);
  }
Exemplo n.º 2
0
  @RequestMapping(
      value = {NEWS_FI, NEWS_SV},
      method = GET)
  public String news(Model model, Locale locale) {
    Urls urls = Urls.get(locale);

    String pageUri = HelpPage.NEWS.getUri(locale.toLanguageTag());

    model.addAttribute(ALT_URI_ATTR, urls.alt().news());
    model.addAttribute("content", infoTextService.getPublished(pageUri));
    model.addAttribute("pageUri", pageUri);
    model.addAttribute("omUser", userService.getCurrentUser().isOm());

    addPiwicIdIfNotAuthenticated(model);

    return NEWS_VIEW;
  }
Exemplo n.º 3
0
  @RequestMapping(
      value = {HELP_FI, HELP_SV},
      method = GET)
  public String help(
      @PathVariable("helpPage") String localizedPageName, Model model, Locale locale) {
    Urls urls = Urls.get(locale);

    model.addAttribute(ALT_URI_ATTR, urls.alt().help(""));
    model.addAttribute("helpPage", localizedPageName);
    model.addAttribute("categoryLinksMap", infoTextService.getPublicSubjectList(locale));
    model.addAttribute("content", infoTextService.getPublished(localizedPageName));
    model.addAttribute("urls", urls);
    model.addAttribute("omUser", userService.getCurrentUser().isOm());

    addPiwicIdIfNotAuthenticated(model);

    return HELP_VIEW;
  }