/**
* Edit post with provided id.
* It is not possible to edit if the user is not authenticated
* and if he is now the owner of the post
*
* @param id
* @param principal
* @return post model and postForm view, for editing post
*/
@RequestMapping(value = "/editPost/{id}", method = RequestMethod.GET)
public ModelAndView editPostWithId(@PathVariable Long id, Principal principal) {
ModelAndView modelAndView = new ModelAndView();
Post post = postService.findPostForId(id);
// Not possible to edit if user is not logged in, or if he is now the owner of the post
if (principal == null || !principal.getName().equals(post.getUser().getUsername())) {
modelAndView.setViewName("403");
}
if (post == null) {
modelAndView.setViewName("404");
} else {
modelAndView.addObject("post", post);
modelAndView.setViewName("postForm");
}
return modelAndView;
}
PostController.java 文件源码
java
阅读 37
收藏 0
点赞 0
评论 0
项目:spring-boot-blog
作者:
评论列表
文章目录
