From: senju Date: Tue, 18 Aug 2009 12:25:49 +0000 (+0900) Subject: ユーザー登録がデグレってたので修正 X-Git-Url: http://git.osdn.net/view?a=commitdiff_plain;h=80b0d51d30190a2a7047a42188578c6667579c03;p=rabbit-bts%2FRabbitBTS.git ユーザー登録がデグレってたので修正 継承元間違いを修正。 CSRFチェックのログが不正だったのを修正。 --- diff --git a/src/jp/sourceforge/rabbitBTS/controllers/BbsController.java b/src/jp/sourceforge/rabbitBTS/controllers/BbsController.java index 0a0ce8b..3ab05c0 100644 --- a/src/jp/sourceforge/rabbitBTS/controllers/BbsController.java +++ b/src/jp/sourceforge/rabbitBTS/controllers/BbsController.java @@ -36,7 +36,7 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @Controller -public class BbsController extends BaseController { +public final class BbsController extends BaseController { @Autowired private Validator validator; diff --git a/src/jp/sourceforge/rabbitBTS/controllers/IndexController.java b/src/jp/sourceforge/rabbitBTS/controllers/IndexController.java index 3dd087e..7ddc25d 100644 --- a/src/jp/sourceforge/rabbitBTS/controllers/IndexController.java +++ b/src/jp/sourceforge/rabbitBTS/controllers/IndexController.java @@ -21,7 +21,7 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @Controller -public class IndexController extends BaseController implements +public final class IndexController extends BaseController implements IPublicController { @RequestMapping(method = RequestMethod.GET, value = "/index.html") public void index() { diff --git a/src/jp/sourceforge/rabbitBTS/controllers/RegisterController.java b/src/jp/sourceforge/rabbitBTS/controllers/RegisterController.java index 495c371..6496c32 100644 --- a/src/jp/sourceforge/rabbitBTS/controllers/RegisterController.java +++ b/src/jp/sourceforge/rabbitBTS/controllers/RegisterController.java @@ -16,6 +16,7 @@ package jp.sourceforge.rabbitBTS.controllers; +import java.util.Date; import java.util.logging.Level; import javax.servlet.http.HttpServletRequest; @@ -35,7 +36,7 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @Controller -public class RegisterController extends BbsController implements +public final class RegisterController extends BaseController implements IPublicController { private static final String REDIRECT_HOME_HTML = "redirect:/home/"; @@ -101,10 +102,12 @@ public class RegisterController extends BbsController implements */ @RequestMapping(method = RequestMethod.POST) public String index(Account account, BindingResult result, ModelMap map) { - if (this.isCsrfSafe(result)) { + if (!this.isCsrfSafe(result)) { return null; } + account.setLastAccess(new Date()); + account.setEmail(Sht.user().getEmail()); this.validator.validate(account, result); if (result.hasErrors()) { @@ -124,6 +127,7 @@ public class RegisterController extends BbsController implements this.accountService.registAccount(account); } catch (final RabbitBTSException e) { Sht.log(this).log(Level.WARNING, "ユーザー登録で例外発生", e); + // TODO:resultにセット map.addAttribute("errorMessage", "登録に失敗しました。再度やりなおしてください。"); return null; } diff --git a/src/jp/sourceforge/rabbitBTS/interceptors/CSRFInterceptor.java b/src/jp/sourceforge/rabbitBTS/interceptors/CSRFInterceptor.java index 4ef4d77..8f2222b 100644 --- a/src/jp/sourceforge/rabbitBTS/interceptors/CSRFInterceptor.java +++ b/src/jp/sourceforge/rabbitBTS/interceptors/CSRFInterceptor.java @@ -72,8 +72,10 @@ public class CSRFInterceptor extends HandlerInterceptorAdapter { && handler instanceof IController) { // きちんとCSRFチェックが行われているかチェックする final IController c = (IController) handler; - Sht.log(this).severe("CSRFチェックを行っていないPOST"); - assert c.isCsrfChecked(); + if (!c.isCsrfChecked()) { + Sht.log(this).severe("CSRFチェックを行っていないPOST"); + } + assert c.isCsrfChecked() : "CSRFチェックを行っていないPOST"; } }