Code Monkey home page Code Monkey logo

pure-java-web-app's People

Contributors

helen1337 avatar

Stargazers

avatar

Watchers

avatar

Forkers

rkondakov

pure-java-web-app's Issues

saveURL doesn't work

This form will never submit:

            <form action="/article" method="post">
                <input type="hidden" id="checkAuthor" name="checkAuthor" value="${sessionScope.user.login}">
                <c:if test="${sessionScope.user.login eq article.author}">
                    <nav class="blog-pagination" aria-label="Pagination">
                        <a class="btn btn-outline-primary rounded-pill" href="/my-blog/article?id=${article.id}&action=edit">Edit</a>
                        <a class="btn btn-outline-secondary rounded-pill" href="/my-blog/article?id=${article.id}&action=delete">Delete</a>
                    </nav>
                </c:if>
            </form>

Therefore, the checkAuthor parameter will never be retrieved, moreover the author parameter does not exist:

    /**
     * Checks if the current user has permission for the specified action.
     * Ensures data security when manually entering URL.
     *
     * @param request The HttpServletRequest object
     * @param action  The action to be performed
     * @return true if user's authenticated and is the article's author or action == "add"
     * otherwise false
     */
    private boolean saveURL(HttpServletRequest request, String action) {
        if (action.equals("add")) {
            return true;
        }
        if (!SessionManager.isUserInSession(request)) {
            return false;
        }
        String checkAuthor = request.getParameter("checkAuthor");
        String authorArticle = request.getParameter("author");
        return Objects.equals(authorArticle, checkAuthor);
    }

Need to solve the issue and rework the access logic in accordance with it.

linking published content (articles) and users

Now the author of an article is identified by comparing models.Article.author and models.User.login. It can lead to conflicts when deleting a user and creating a new one with an identical login. Thus, existing articles will be assigned to the new user based on the nickname criterion.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.