добавленна проверка по логину

2023-05-11 16:29:35 +04:00 · 2023-05-11 16:29:35 +04:00 · 1317a2824d
commit 1317a2824d
parent b5c2db3e02
5 changed files with 76 additions and 53 deletions
--- a/src/main/java/com/LabWork/app/MangaStore/controller/Creator/CreatorActionMvcController.java
+++ b/src/main/java/com/LabWork/app/MangaStore/controller/Creator/CreatorActionMvcController.java
@ -48,28 +48,36 @@ public class CreatorActionMvcController {
        return "creatorAction";
    }

-    @GetMapping("/edit/{id}")
-    public String editManga(@PathVariable Long id, Model model) {
+    @GetMapping("/edit/{id}/{login}")
+    public String editManga(@PathVariable Long id, @PathVariable String login, Model model, Principal principal) {
+        if (login.equals(principal.getName())) {
            model.addAttribute("Id", id);
            model.addAttribute("mangaDto", new MangaDto(mangaService.findManga(id)));
            model.addAttribute("controller", "manga/");
            return "creatorAction-edit";
        }
+        return "creatorAction";
+    }

    @GetMapping("/create/{login}")
-    public String createManga(@PathVariable String login, Model model) {
+    public String createManga(@PathVariable String login, Model model, Principal principal) {
+        if (login.equals(principal.getName())) {
            model.addAttribute("login", login);
            model.addAttribute("mangaDto", new MangaDto());
            model.addAttribute("controller", "creator/");
            return "creatorAction-edit";
        }
+        return "creatorAction";
+    }

    @PostMapping( "/creator/{login}")
    public String saveManga(@PathVariable(value = "login", required = false) String login,
                            @RequestParam("multipartFile") MultipartFile multipartFile,
                            @ModelAttribute @Valid MangaDto mangaDto,
                            BindingResult bindingResult,
-                            Model model) throws IOException {
+                            Model model,
+                            Principal principal) throws IOException {
+        if (login.equals(principal.getName())) {
            if (bindingResult.hasErrors()) {
                model.addAttribute("errors", bindingResult.getAllErrors());
                return "creatorAction-edit";
@ -78,31 +86,39 @@ public class CreatorActionMvcController {
            mangaDto.setLogin(login);
            mangaService.addManga(mangaDto);
            return "redirect:/creatorAction?login=" + login;
-
+        }
+        return "creatorAction";
    }

-    @PostMapping( "/manga/{mangaId}")
-    public String updateManga(@PathVariable(value = "mangaId", required = false) Long mangaId, @RequestParam("multipartFile") MultipartFile multipartFile,
+    @PostMapping( "/manga/{mangaId}/{login}")
+    public String updateManga(@PathVariable(value = "mangaId", required = false) Long mangaId, @PathVariable(value = "login", required = false) String login, @RequestParam("multipartFile") MultipartFile multipartFile,
                              @ModelAttribute @Valid MangaDto mangaDto,
                              BindingResult bindingResult,
-                            Model model) throws IOException {
+                              Model model,
+                              Principal principal) throws IOException {
+        if (login.equals(principal.getName())) {
            if (bindingResult.hasErrors()) {
                model.addAttribute("errors", bindingResult.getAllErrors());
                return "creatorAction-edit";
            }
            mangaDto.setImage("data:" + multipartFile.getContentType() + ";base64," + Base64.getEncoder().encodeToString(multipartFile.getBytes()));
            mangaService.updateManga(mangaId, mangaDto.getChapterCount(), mangaDto.getImage());
-        return "redirect:/creatorAction?login=" + creatorService.findCreator(mangaService.findManga(mangaId).getCreatorId()).getUser().getLogin();
+            return "redirect:/creatorAction?login=" + login;
+        }
+        return "creatorAction";
    }

-    @PostMapping("/delete/{mangaId}")
-    public String deleteCreator(@PathVariable Long mangaId) {
+    @PostMapping("/delete/{mangaId}/{login}")
+    public String deleteCreator(@PathVariable Long mangaId, @PathVariable String login,Principal principal) {
+        if (login.equals(principal.getName())) {
            Long creatorId = mangaService.findManga(mangaId).getCreatorId();
            mangaService.deleteManga(mangaId);
            if (creatorId != null){
-            return "redirect:/creatorAction?creatorId=" + creatorId;
+                return "redirect:/creatorAction?login=" + login;
            } else {
                return "redirect:/creatorAction";
            }
        }
+        return "creatorAction";
+    }
 }
--- a/src/main/java/com/LabWork/app/MangaStore/controller/Manga/MangaMvcController.java
+++ b/src/main/java/com/LabWork/app/MangaStore/controller/Manga/MangaMvcController.java
@ -20,7 +20,7 @@ public class MangaMvcController {
    }

    @GetMapping()
-    public String getMangaAnfReaders(Model model) {
+    public String getMangaAndReaders(Model model) {
        model.addAttribute("mangaList", mangaService.findAllMangas().stream()
                .map(x -> new MangaDto(x))
                .toList());
@ -28,7 +28,7 @@ public class MangaMvcController {
    }

    @GetMapping("/{id}")
-    public String getMangaAnfReaders(@PathVariable Long id, Model model) {
+    public String getMangaAndReaders(@PathVariable Long id, Model model) {
        model.addAttribute("manga", new MangaReaderDto(mangaService.findManga(id), mangaService.getReader(id)));
        model.addAttribute("readers", mangaService.getReader(id).stream()
                .map(x -> new ReaderMangaDto(x))
--- a/src/main/java/com/LabWork/app/MangaStore/controller/Reader/ReaderActionMvcController.java
+++ b/src/main/java/com/LabWork/app/MangaStore/controller/Reader/ReaderActionMvcController.java
@ -72,7 +72,9 @@ public class ReaderActionMvcController {
                            @RequestParam("mangaId") Long mangaId,
                            @ModelAttribute @Valid MangaDto MangaDto,
                            BindingResult bindingResult,
-                            Model model){
+                            Model model,
+                            Principal principal){
+        if (readerLogin.equals(principal.getName())) {
            if (bindingResult.hasErrors()) {
                model.addAttribute("errors", bindingResult.getAllErrors());
                return "readerAction";
@ -80,10 +82,15 @@ public class ReaderActionMvcController {
            readerService.addManga(mangaId, readerLogin);
            return "redirect:/readerAction/?readerLogin=" + readerLogin;
        }
+        return "readerAction";
+    }

    @PostMapping("/{readerLogin}/removeManga/{mangaId}")
-    public String removeManga(@PathVariable String readerLogin, @PathVariable Long mangaId) {
+    public String removeManga(@PathVariable String readerLogin, @PathVariable Long mangaId, Principal principal) {
+        if (readerLogin.equals(principal.getName())) {
            readerService.removeManga(mangaId, readerLogin);
            return "redirect:/readerAction/?readerLogin=" + readerLogin;
        }
+        return "readerAction";
+    }
 }
--- a/src/main/resources/templates/creatorAction-edit.html
+++ b/src/main/resources/templates/creatorAction-edit.html
@ -7,7 +7,7 @@
 <body>
 <div layout:fragment="content">
    <div th:text="${errors}" class="margin-bottom alert-danger"></div>
-    <form th:if="${controller != 'creator/'}" action="#" th:action="@{/creatorAction/manga/{id}(id=${id})}" th:object="${mangaDto}" enctype="multipart/form-data" method="post">
+    <form th:if="${controller != 'creator/'}" action="#" th:action="@{/creatorAction/manga/{id}/{login}(login=${login}, id=${id})}" th:object="${mangaDto}" enctype="multipart/form-data" method="post">
        <div class="mb-3" th:if="${controller == 'creator/'}">
            <label for="mangaNameU" class="form-label">mangaName</label>
            <input id="mangaNameU" type='text' class="form-control" th:field="${mangaDto.mangaName}" required="true"/>
--- a/src/main/resources/templates/creatorAction.html
+++ b/src/main/resources/templates/creatorAction.html
@ -45,7 +45,7 @@
                            </h4>
                        </div>
                        <div>
-                            <a class="btn btn-primary" th:href="@{/creatorAction/edit/{id}(id=${manga.id})}">
+                            <a class="btn btn-primary" th:href="@{/creatorAction/edit/{id}/{login}(id=${manga.id}, login=${login})}">
                                <i class="fas fa-edit"></i>
                            </a>
                            </button>
@ -53,7 +53,7 @@
                                        th:attr="onclick=|confirm('Удалить запись?') && document.getElementById('remove-${manga.id}').click()|">
                                    <i class="fa fa-trash" aria-hidden="true"></i> Удалить
                                </button>
-                            <form th:action="@{/creatorAction/delete/{id}(id=${manga.id})}" method="post">
+                            <form th:action="@{/creatorAction/delete/{id}/{login}(id=${manga.id}, login=${login})}" method="post">
                                <button th:id="'remove-' + ${manga.id}" type="submit" style="display: none">
                                    Удалить
                                </button>