Exemplo n.º 1
0
  @RequestMapping(
      value = "/memories.jsp",
      params = {"remove"},
      method = RequestMethod.POST)
  public @ResponseBody void remove(ServletRequest request, @RequestParam("id") int id)
      throws Exception {
    Template tmpl = Template.getTemplate(request);

    if (!tmpl.isSessionAuthorized()) {
      throw new AccessViolationException("Not authorized");
    }

    User user = tmpl.getCurrentUser();
    user.checkBlocked();
    user.checkAnonymous();

    MemoriesListItem m = memoriesDao.getMemoriesListItem(id);

    if (m != null) {
      if (m.getUserid() != user.getId()) {
        throw new AccessViolationException("Нельзя удалить чужую запись");
      }

      memoriesDao.delete(id);
    }
  }
Exemplo n.º 2
0
  @RequestMapping(
      value = "/memories.jsp",
      params = {"add"},
      method = RequestMethod.POST)
  public @ResponseBody Integer add(ServletRequest request, @RequestParam("msgid") int msgid)
      throws Exception {
    Template tmpl = Template.getTemplate(request);

    if (!tmpl.isSessionAuthorized()) {
      throw new AccessViolationException("Not authorized");
    }

    User user = tmpl.getCurrentUser();
    user.checkBlocked();
    user.checkAnonymous();

    Topic topic = messageDao.getById(msgid);
    if (topic.isDeleted()) {
      throw new UserErrorException("Тема удалена");
    }

    return memoriesDao.addToMemories(user.getId(), topic.getId());
  }