// posting edited comment
@RequestMapping(
value = "/posts/{postId:\\d+}/comments/{commentId:\\d+}/edit",
method = RequestMethod.POST)
public String onPostCommentEdit(
@PathVariable long postId,
@PathVariable long commentId,
Model model,
Principal principal,
@Valid Comment editedComment,
BindingResult result) {
Comment oldComment = commentService.findById(commentId);
Post post = postService.findById(postId);
if (oldComment != null
&& post != null
&& post.getPostId() == oldComment.getPost().getPostId()) {
if (result.hasErrors()) {
model.addAttribute("logged_user", principal.getName());
model.addAttribute("post", post);
model.addAttribute("comments", commentService.findAllCommentsOfPost(postId));
return "comment_edit";
} else {
commentService.merge(oldComment, editedComment);
return "redirect:/posts/" + postId + "/comments";
}
} else return "404";
}
// comment edit page
@RequestMapping(
value = "/posts/{postId:\\d+}/comments/{commentId:\\d+}/edit",
method = RequestMethod.GET)
public String onGetCommentEdit(
@PathVariable long postId, @PathVariable long commentId, Model model, Principal principal) {
Comment comment = commentService.findById(commentId);
Post post = postService.findById(postId);
if (comment != null && post != null && post.getPostId() == comment.getPost().getPostId()) {
if (comment.getUser().getUserName().equals(principal.getName())) {
model.addAttribute("logged_user", principal.getName());
model.addAttribute("post", post);
model.addAttribute("comments", commentService.findAllCommentsOfPost(postId));
model.addAttribute("comment", comment);
return "comment_edit";
} else {
logger.warn("NO Permission: " + principal.getName() + ". " + new Date().toString());
return "redirect:/no_permission_to_edit";
}
} else return "404";
}
