Wiki: Make editing work.

Change-Id: Ibff52be5c595deba96b3f7642307ba1208eff9cf
author: Matthias Andreas Benkard <code@mail.matthias.benkard.de> 2020-01-27 05:53:07 +0100
committer: Matthias Andreas Benkard <code@mail.matthias.benkard.de> 2020-01-27 05:53:07 +0100
commit: d50bbb75b8018be054b840cbae6b8e0c48b514ea (patch)
tree: 86d275cffe723ae04ec6d1bf92888b7ee10d4951 /src/main/java
parent: 0246c3e491685e7e3169615c526d627ed989f353 (diff)
1 files changed, 25 insertions, 6 deletions
diff --git a/src/main/java/eu/mulk/mulkcms2/benki/wiki/WikiResource.java b/src/main/java/eu/mulk/mulkcms2/benki/wiki/WikiResource.java
index b5ece7e..30cae98 100644
--- a/src/main/java/eu/mulk/mulkcms2/benki/wiki/WikiResource.java
+++ b/src/main/java/eu/mulk/mulkcms2/benki/wiki/WikiResource.java
@@ -16,6 +16,8 @@ import java.time.format.FormatStyle;
 import java.time.temporal.TemporalAccessor;
 import java.util.Optional;
 import javax.inject.Inject;
+import javax.transaction.Transactional;
+import javax.ws.rs.BadRequestException;
 import javax.ws.rs.FormParam;
 import javax.ws.rs.GET;
 import javax.ws.rs.NotFoundException;
@@ -24,6 +26,8 @@ import javax.ws.rs.Path;
 import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
 import org.jboss.logging.Logger;
+import org.jsoup.Jsoup;
+import org.jsoup.safety.Whitelist;
 
 @Path("/wiki")
 public class WikiResource {
@@ -66,10 +70,25 @@ public class WikiResource {
   @POST
   @Path("/{pageName}")
   @Authenticated
+  @Transactional
   public void updatePage(
       @PathParam("pageName") String pageName,
-      @FormParam("title") String title,
-      @FormParam("content") String content) {
+      @FormParam("wiki-title") String title,
+      @FormParam("wiki-content") String content) {
+
+    if (title == null && content == null) {
+      // No changes, nothing to do.
+      return;
+    }
+
+    if (title != null) {
+      // Remove markup.  Reject whitespace.
+      title = Jsoup.clean(title, Whitelist.none());
+      if (!title.matches("\\w+")) {
+        throw new BadRequestException("title does not match \"\\w+\"");
+      }
+    }
+
     var userName = identity.getPrincipal().getName();
 
     Optional<WikiPageRevision> maybeCurrentRevision =
@@ -86,13 +105,13 @@ public class WikiResource {
     var pageRevision =
         new WikiPageRevision(
             OffsetDateTime.now(),
-            title,
-            content,
+            title != null ? title : currentRevision.title,
+            content != null ? content : currentRevision.content,
             "html5",
             currentRevision.page,
-            User.find("name = ?1", userName).singleResult());
+            User.find("from BenkiUser u join u.nicknames n where ?1 = n", userName).singleResult());
 
-    WikiPageRevision.persist(pageRevision);
+    pageRevision.persistAndFlush();
   }
 
   @GET
author	Matthias Andreas Benkard <code@mail.matthias.benkard.de>	2020-01-27 05:53:07 +0100
committer	Matthias Andreas Benkard <code@mail.matthias.benkard.de>	2020-01-27 05:53:07 +0100
commit	d50bbb75b8018be054b840cbae6b8e0c48b514ea (patch)
tree	86d275cffe723ae04ec6d1bf92888b7ee10d4951 /src/main/java
parent	0246c3e491685e7e3169615c526d627ed989f353 (diff)