Package ru.org.linux.topic

Source Code of ru.org.linux.topic.DeleteTopicController

/*
* Copyright 1998-2014 Linux.org.ru
*    Licensed under the Apache License, Version 2.0 (the "License");
*    you may not use this file except in compliance with the License.
*    You may obtain a copy of the License at
*
*        http://www.apache.org/licenses/LICENSE-2.0
*
*    Unless required by applicable law or agreed to in writing, software
*    distributed under the License is distributed on an "AS IS" BASIS,
*    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
*    See the License for the specific language governing permissions and
*    limitations under the License.
*/

package ru.org.linux.topic;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;
import ru.org.linux.auth.AccessViolationException;
import ru.org.linux.group.GroupPermissionService;
import ru.org.linux.search.SearchQueueSender;
import ru.org.linux.section.Section;
import ru.org.linux.section.SectionService;
import ru.org.linux.site.Template;
import ru.org.linux.user.User;
import ru.org.linux.user.UserDao;
import ru.org.linux.user.UserErrorException;

import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;

@Controller
public class DeleteTopicController {
  private static final Logger logger = LoggerFactory.getLogger(DeleteTopicController.class);

  @Autowired
  private SearchQueueSender searchQueueSender;

  @Autowired
  private SectionService sectionService;

  @Autowired
  private TopicDao messageDao;

  @Autowired
  private TopicService topicService;

  @Autowired
  private TopicPrepareService prepareService;

  @Autowired
  private GroupPermissionService permissionService;

  @Autowired
  private UserDao userDao;

  @RequestMapping(value="/delete.jsp", method= RequestMethod.GET)
  public ModelAndView showForm(
    @RequestParam("msgid") int msgid,
    HttpServletRequest request
  ) throws Exception {
    Template tmpl = Template.getTemplate(request);

    if (!tmpl.isSessionAuthorized()) {
      throw new AccessViolationException("Not authorized");
    }

    Topic msg = messageDao.getById(msgid);

    if (msg.isDeleted()) {
      throw new UserErrorException("Сообщение уже удалено");
    }

    if (!permissionService.isDeletable(msg, tmpl.getCurrentUser())) {
      throw new AccessViolationException("Вы не можете удалить это сообщение");
    }

    Section section = sectionService.getSection(msg.getSectionId());

    HashMap<String, Object> params = new HashMap<>();
    params.put("bonus", !section.isPremoderated() && !msg.isDraft());
    params.put("author", userDao.getUser(msg.getUid()));
    params.put("msgid", msgid);
    params.put("draft", msg.isDraft());
    params.put("uncommited", section.isPremoderated() && !msg.isCommited());

    return new ModelAndView("delete", params);
  }

  @RequestMapping(value="/delete.jsp", method= RequestMethod.POST)
  public ModelAndView deleteMessage(
    @RequestParam("msgid") int msgid,
    @RequestParam("reason") String reason,
    @RequestParam(value="bonus", defaultValue = "0") int bonus,
    HttpServletRequest request
  ) throws Exception {
    Template tmpl = Template.getTemplate(request);

    if (!tmpl.isSessionAuthorized()) {
      throw new AccessViolationException("Not authorized");
    }

    User user = tmpl.getCurrentUser();

    user.checkAnonymous();

    Topic message = messageDao.getById(msgid);

    if (message.isDeleted()) {
      throw new UserErrorException("Сообщение уже удалено");
    }

    if (!permissionService.isDeletable(message, user))  {
      throw new AccessViolationException("Вы не можете удалить это сообщение");
    }

    topicService.deleteWithBonus(message, user, reason, bonus);
    logger.info("Удалено сообщение " + msgid + " пользователем " + user.getNick() + " по причине `" + reason + '\'');

    // Delete msgs from search index
    searchQueueSender.updateMessage(msgid, true);

    return new ModelAndView("action-done", "message", "Сообщение удалено");
  }

  @RequestMapping(value = "/undelete.jsp", method = RequestMethod.GET)
  public ModelAndView undeleteForm(
    HttpServletRequest request,
    @RequestParam int msgid
  ) throws Exception {
    Template tmpl = Template.getTemplate(request);

    if (!tmpl.isModeratorSession()) {
      throw new AccessViolationException("Not authorized");
    }

    Topic message = messageDao.getById(msgid);

    checkUndeletable(message);

    ModelAndView mv = new ModelAndView("undelete");
    mv.getModel().put("message", message);
    mv.getModel().put("preparedMessage", prepareService.prepareTopic(message, request.isSecure(), tmpl.getCurrentUser()));

    return mv;
  }

  @RequestMapping(value="/undelete.jsp", method=RequestMethod.POST)
  public ModelAndView undelete(
    HttpServletRequest request,
    @RequestParam int msgid
  ) throws Exception {
    Template tmpl = Template.getTemplate(request);

    if (!tmpl.isModeratorSession()) {
      throw new AccessViolationException("Not authorized");
    }

    Topic message = messageDao.getById(msgid);

    checkUndeletable(message);

    if(message.isDeleted()) {
      messageDao.undelete(message);
    }

    logger.info("Восстановлено сообщение " + msgid + " пользователем " + tmpl.getNick());

    // Undelete msgs from search index
    searchQueueSender.updateMessage(msgid, true);

    return new ModelAndView("action-done", "message", "Сообщение восстановлено");
  }

  private static void checkUndeletable(Topic message) throws AccessViolationException {
    if (message.isExpired()) {
      throw new AccessViolationException("нельзя восстанавливать устаревшие сообщения");
    }

    if (!message.isDeleted()) {
      throw new AccessViolationException("Сообщение уже восстановлено");
    }
  }
}
TOP

Related Classes of ru.org.linux.topic.DeleteTopicController

TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.