1 package org.springframework.samples.jpetstore.web.spring; 2 3 import javax.servlet.http.HttpServletRequest ; 4 import javax.servlet.http.HttpServletResponse ; 5 6 import org.springframework.samples.jpetstore.domain.Order; 7 import org.springframework.samples.jpetstore.domain.logic.PetStoreFacade; 8 import org.springframework.web.servlet.ModelAndView; 9 import org.springframework.web.servlet.mvc.Controller; 10 import org.springframework.web.util.WebUtils; 11 12 16 public class ViewOrderController implements Controller { 17 18 private PetStoreFacade petStore; 19 20 public void setPetStore(PetStoreFacade petStore) { 21 this.petStore = petStore; 22 } 23 24 public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) throws Exception { 25 UserSession userSession = (UserSession) WebUtils.getRequiredSessionAttribute(request, "userSession"); 26 int orderId = Integer.parseInt(request.getParameter("orderId")); 27 Order order = this.petStore.getOrder(orderId); 28 if (userSession.getAccount().getUsername().equals(order.getUsername())) { 29 return new ModelAndView("ViewOrder", "order", order); 30 } 31 else { 32 return new ModelAndView("Error", "message", "You may only view your own orders."); 33 } 34 } 35 36 } 37 | Popular Tags |