From 33af2da48a51f7e6e5c98016e308c61094cf2e0e Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Fri, 13 Jan 2017 17:40:17 +0300 Subject: juick-www: redirect UserThread to right author --- juick-www/src/main/java/com/juick/www/controllers/UserThread.java | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'juick-www/src/main/java/com/juick/www/controllers') diff --git a/juick-www/src/main/java/com/juick/www/controllers/UserThread.java b/juick-www/src/main/java/com/juick/www/controllers/UserThread.java index 5765e02d..6c2e0031 100644 --- a/juick-www/src/main/java/com/juick/www/controllers/UserThread.java +++ b/juick-www/src/main/java/com/juick/www/controllers/UserThread.java @@ -62,6 +62,7 @@ public class UserThread { @RequestMapping(value = "/{uname}/{mid}", method = RequestMethod.GET) protected void doGetThread(HttpServletRequest request, HttpServletResponse response, + @PathVariable String uname, @PathVariable int mid) throws ServletException, IOException { com.juick.User visitor = webApp.getVisitorUser(request, response); @@ -76,6 +77,12 @@ public class UserThread { throw new HttpNotFoundException(); } + com.juick.User user = userService.getUserByName(uname); + if (user.getUid() == 0 || !msg.getUser().equals(user)) { + response.sendRedirect(String.format("/%s/%d", msg.getUser().getName(), mid)); + return; + } + boolean listview = false; String paramView = request.getParameter("view"); if (paramView != null) { -- cgit v1.2.3