course_4_assignment's People
course_4_assignment's Issues
Error occurs if an image is created with the same title that has been used by another image
Currently, if you upload an image with the same exact title as a previously uploaded image, it will get uploaded. But then, if you try to navigate to one of the images with the same title, the image uploader will display an error.
Reproduction Step:
1. Create a new image with a title
2. Create a second image with the same title as the first image
3. You'll see a server error if you try to navigate to either the first or second image
The issue:
1. The ImageRepository class retrieves an image by its title in the ‘getImageByTitle()’ method. Please
see the following code in the ImageRepository class:
public Image getImageByTitle(String title) {
EntityManager em = emf.createEntityManager();
try {
TypedQuery<Image> typedQuery = em.createQuery("SELECT i from Image i where i.title =:title", Image.class).setParameter("title", title);
return typedQuery.getSingleResult();
} catch (NoResultException nre) {
return null;
}
}
- As you can see in the getImageByTitle() method, we are using a method called ‘getSingleResult()’
- The ‘getSingleResult()’ method will throw an exception if there is more than one matching result.
Possible Solution:
-
Instead of retrieving an image by its title, we should retrieve an image by a more unique
identifier, such as the image's table id. Implement this change in the whole code implementation
wherever we are retrieving the image by its title. -
In addition, we need to update the ImageController so that:
a. An image's URL includes its unique identifier. The URL of the page showing the details of the
particular image should be of type‘/images/{imageId}/{title}’
b. The image controller will then use that unique identifier to retrieve an image. -
In addition, you need to update
<a th:href="'/images/' +${i.title}">
in images.html’ file to
<a th:href="'/images/' +${i.id} +'/' +${i.title}">
which redirects to a request handling method with request mapping of type‘/images/{imageId}/{title}’
, when you click on the title of the image to display the details of that particular image.
Non-owner of the image can edit/delete the image
Currently, the user can edit/delete the image which has been uploaded by some other user.
Reproduction Step:
- Get the details of the image which has been uploaded by some other user
- Try to edit/delete the image
- The image gets edited/deleted
The issue:
There is no check on the details of the user when the image is edited/deleted. Before editing/deleting the image, the owner of the image is not compared to the user, who is trying to edit/delete the image.
Possible Solution:
- There must be a check on the user details who is trying to edit/delete the image. The details of the owner of the user can be compared to the details of the user who is trying to edit/delete the image.
- If the non-owner tries to edit/delete the image, print the error message.
Hint
How to print the error message?
Let us know how to print the error message in case the non-owner of the image tries to edit the image,
-
Declare and initialize a string with the message in the Controller logic as shown below:
String error = "Only the owner of the image can edit the image";
-
Add the string in the Model type object as shown below:
model.addAttribute("editError", error);
Note that the key is ‘editError’. -
Since we are returning the ‘image.html’ file, you need to provide the instructions to print the message in this HTML file, but with an if condition that displays the message only when the non-owner of the image is trying to edit the image. Therefore, we will add this message in the ‘image.html’ file with an if condition.
-
Since you have added the error string in the Model type object with ‘editError’ as the key in case the non-owner of the image is trying to edit the image, you need to use this as the if condition. If the Model type object contains the ‘editError’ attribute, display the message ‘Only the owner of the image can edit the image’ as shown below:
<div th:if="${editError}">Only the owner of the image can edit the image</div>
Uncomment the above code in the ‘image.html’ file. -
If the Model type object does not contain the ‘editError’ attribute, this message will not be displayed.
-
Note that the test cases are designed in such as way that you need to add the message "Only the owner of the image can edit the image" with the key as ‘editError’ for the test cases to pass.
-
Similarly, you need to restrict the deletion of the image by the non-owner of the image. The error message to be added in the Model type object when the non-owner of the image is trying to delete the image should be “Only the owner of the image can delete the image” and the key should be 'deleteError'.
Non-owner of the image can edit or delete the image in the application
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.