From 80b0d51d30190a2a7047a42188578c6667579c03 Mon Sep 17 00:00:00 2001
From: senju <senju@users.sourceforge.jp>
Date: Tue, 18 Aug 2009 21:25:49 +0900
Subject: [PATCH] =?utf8?q?=E3=83=A6=E3=83=BC=E3=82=B6=E3=83=BC=E7=99=BB?=
 =?utf8?q?=E9=8C=B2=E3=81=8C=E3=83=87=E3=82=B0=E3=83=AC=E3=81=A3=E3=81=A6?=
 =?utf8?q?=E3=81=9F=E3=81=AE=E3=81=A7=E4=BF=AE=E6=AD=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

継承元間違いを修正。
CSRFチェックのログが不正だったのを修正。
---
 src/jp/sourceforge/rabbitBTS/controllers/BbsController.java      | 2 +-
 src/jp/sourceforge/rabbitBTS/controllers/IndexController.java    | 2 +-
 src/jp/sourceforge/rabbitBTS/controllers/RegisterController.java | 8 ++++++--
 src/jp/sourceforge/rabbitBTS/interceptors/CSRFInterceptor.java   | 6 ++++--
 4 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/src/jp/sourceforge/rabbitBTS/controllers/BbsController.java b/src/jp/sourceforge/rabbitBTS/controllers/BbsController.java
index 0a0ce8b..3ab05c0 100644
--- a/src/jp/sourceforge/rabbitBTS/controllers/BbsController.java
+++ b/src/jp/sourceforge/rabbitBTS/controllers/BbsController.java
@@ -36,7 +36,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
 @Controller
-public class BbsController extends BaseController {
+public final class BbsController extends BaseController {
 	@Autowired
 	private Validator validator;
 
diff --git a/src/jp/sourceforge/rabbitBTS/controllers/IndexController.java b/src/jp/sourceforge/rabbitBTS/controllers/IndexController.java
index 3dd087e..7ddc25d 100644
--- a/src/jp/sourceforge/rabbitBTS/controllers/IndexController.java
+++ b/src/jp/sourceforge/rabbitBTS/controllers/IndexController.java
@@ -21,7 +21,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
 @Controller
-public class IndexController extends BaseController implements
+public final class IndexController extends BaseController implements
 		IPublicController {
 	@RequestMapping(method = RequestMethod.GET, value = "/index.html")
 	public void index() {
diff --git a/src/jp/sourceforge/rabbitBTS/controllers/RegisterController.java b/src/jp/sourceforge/rabbitBTS/controllers/RegisterController.java
index 495c371..6496c32 100644
--- a/src/jp/sourceforge/rabbitBTS/controllers/RegisterController.java
+++ b/src/jp/sourceforge/rabbitBTS/controllers/RegisterController.java
@@ -16,6 +16,7 @@
 
 package jp.sourceforge.rabbitBTS.controllers;
 
+import java.util.Date;
 import java.util.logging.Level;
 
 import javax.servlet.http.HttpServletRequest;
@@ -35,7 +36,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
 @Controller
-public class RegisterController extends BbsController implements
+public final class RegisterController extends BaseController implements
 		IPublicController {
 	private static final String REDIRECT_HOME_HTML = "redirect:/home/";
 
@@ -101,10 +102,12 @@ public class RegisterController extends BbsController implements
 	 */
 	@RequestMapping(method = RequestMethod.POST)
 	public String index(Account account, BindingResult result, ModelMap map) {
-		if (this.isCsrfSafe(result)) {
+		if (!this.isCsrfSafe(result)) {
 			return null;
 		}
 
+		account.setLastAccess(new Date());
+
 		account.setEmail(Sht.user().getEmail());
 		this.validator.validate(account, result);
 		if (result.hasErrors()) {
@@ -124,6 +127,7 @@ public class RegisterController extends BbsController implements
 			this.accountService.registAccount(account);
 		} catch (final RabbitBTSException e) {
 			Sht.log(this).log(Level.WARNING, "ユーザー登録で例外発生", e);
+			// TODO:resultにセット
 			map.addAttribute("errorMessage", "登録に失敗しました。再度やりなおしてください。");
 			return null;
 		}
diff --git a/src/jp/sourceforge/rabbitBTS/interceptors/CSRFInterceptor.java b/src/jp/sourceforge/rabbitBTS/interceptors/CSRFInterceptor.java
index 4ef4d77..8f2222b 100644
--- a/src/jp/sourceforge/rabbitBTS/interceptors/CSRFInterceptor.java
+++ b/src/jp/sourceforge/rabbitBTS/interceptors/CSRFInterceptor.java
@@ -72,8 +72,10 @@ public class CSRFInterceptor extends HandlerInterceptorAdapter {
 				&& handler instanceof IController) {
 			// きちんとCSRFチェックが行われているかチェックする
 			final IController c = (IController) handler;
-			Sht.log(this).severe("CSRFチェックを行っていないPOST");
-			assert c.isCsrfChecked();
+			if (!c.isCsrfChecked()) {
+				Sht.log(this).severe("CSRFチェックを行っていないPOST");
+			}
+			assert c.isCsrfChecked() : "CSRFチェックを行っていないPOST";
 		}
 	}
 
-- 
2.11.0