@PreAuthorize("isAuthenticated()") @RequestMapping(value = "/topic/update", method = RequestMethod.GET) public ModelAndView update( @RequestParam int topicId, @RequestParam int treeId, HttpServletRequest request) { ModelAndView modelAndView = UserUtils.getModelWithUser(request, "topic/topic_update_page", userService); String login = request.getUserPrincipal().getName(); UserDto author = userService.getUserByLogin(login); if (author == topicService.findById(topicId).getAuthor() || userService.isAdmin(author)) { modelAndView.addObject("topic", topicService.findById(topicId)); } else { modelAndView.addObject("topicList", topicTreeService.findById(treeId).getTopicList()); modelAndView.setViewName("topic/topics_list_page"); } modelAndView.addObject("treeId", treeId); return modelAndView; }
@PreAuthorize("isAuthenticated()") @RequestMapping(value = "/topic/delete", method = RequestMethod.POST) public ModelAndView delete( @RequestParam int topicId, @RequestParam int treeId, HttpServletRequest request) { ModelAndView modelAndView = UserUtils.getModelWithUser(request, "topic/topics_list_page", userService); String login = request.getUserPrincipal().getName(); UserDto user = userService.getUserByLogin(login); if (!userService.isAdmin(user)) { modelAndView.addObject("topic", topicService.findById(topicId)); modelAndView.setViewName("topic/topic_show_page"); return modelAndView; } TopicDto topic = topicService.findById(topicId); TopicTreeDto topicTree = topicTreeService.findById(treeId); List<TopicDto> topics = topicTree.getTopicList(); topics.remove(topic); topicTree.setTopicList(topics); topicTreeService.update(topicTree); List<CommentDto> list = topic.getComments(); topic.setComments(null); topicService.update(topic); for (CommentDto comment : list) { commentService.remove(comment.getId()); } topicService.remove(topicId); modelAndView.addObject("topicList", topicTreeService.findById(treeId).getTopicList()); modelAndView.addObject("treeId", treeId); modelAndView.addObject("topicId", topicId); return modelAndView; }
@PreAuthorize("isAuthenticated()") @RequestMapping(value = "/topic/create", method = RequestMethod.POST) public ModelAndView doCreate( @RequestParam String text, @RequestParam String theme, @RequestParam int treeId, HttpServletRequest request) { ModelAndView modelAndView = UserUtils.getModelWithUser(request, "topic/topics_list_page", userService); if (theme == "" || text == "") { modelAndView.addObject("topicList", topicService.list()); return modelAndView; } String login = request.getUserPrincipal().getName(); UserDto author = userService.getUserByLogin(login); TopicDto topic = new TopicDto(); topic.setCreatedDate(new Date(System.currentTimeMillis())); topic.setText(text); topic.setTheme(theme); topic.setAuthor(author); TopicTreeDto topicTree = topicTreeService.findById(treeId); List<TopicDto> list = topicTree.getTopicList(); list.add(topicService.create(topic)); topicTree.setTopicList(list); topicTreeService.update(topicTree); modelAndView.addObject("topicList", topicTreeService.findById(treeId).getTopicList()); modelAndView.addObject("treeId", treeId); return modelAndView; }