@RequestMapping(value = "/remove-userpic.jsp", method = RequestMethod.POST)
public ModelAndView removeUserpic(ServletRequest request, @RequestParam("id") User user)
throws Exception {
Template tmpl = Template.getTemplate(request);
if (!tmpl.isSessionAuthorized()) {
throw new AccessViolationException("Not autorized");
}
User currentUser = tmpl.getCurrentUser();
if (!currentUser.isModerator() && currentUser.getId() != user.getId()) {
throw new AccessViolationException("Not permitted");
}
if (user.isModerator()) {
throw new AccessViolationException(
"Пользователю " + user.getNick() + " нельзя удалить картинку");
}
if (user.getPhoto() == null) {
throw new AccessViolationException("Пользователь " + user.getNick() + " картинки не имеет");
}
if (userDao.removePhoto(user, currentUser)) {
logger.info("Clearing " + user.getNick() + " userpic by " + currentUser.getNick());
} else {
logger.debug("SKIP Clearing " + user.getNick() + " userpic by " + currentUser.getNick());
}
return redirectToProfile(user);
}
