|
15 | 15 | use Psr\Http\Message\ResponseInterface; |
16 | 16 | use TYPO3\CMS\Core\Error\Http\UnauthorizedException; |
17 | 17 | use TYPO3\CMS\Core\Http\RedirectResponse; |
| 18 | +use TYPO3\CMS\Core\Type\ContextualFeedbackSeverity; |
18 | 19 | use TYPO3\CMS\Core\Utility\GeneralUtility; |
19 | 20 | use TYPO3\CMS\Extbase\Persistence\ObjectStorage; |
20 | 21 |
|
@@ -53,14 +54,20 @@ public function showAction(?User $user = null): ResponseInterface |
53 | 54 | */ |
54 | 55 | public function imageDeleteAction(User $user): ResponseInterface |
55 | 56 | { |
56 | | - if (UserUtility::getCurrentUser()->getUid() !== $user->getUid()) { |
57 | | - throw new UnauthorizedException('You are not allowed to delete this image', 1516373759972); |
| 57 | + $currentUser = UserUtility::getCurrentUser(); |
| 58 | + if ($currentUser && $currentUser->getUid() === $user->getUid()) { |
| 59 | + $user->setImage(GeneralUtility::makeInstance(ObjectStorage::class)); |
| 60 | + $this->userRepository->update($user); |
| 61 | + $this->logUtility->log(Log::STATUS_PROFILEUPDATEIMAGEDELETE, $user); |
| 62 | + $this->addFlashMessage(LocalizationUtility::translateByState(Log::STATUS_PROFILEUPDATEIMAGEDELETE)); |
| 63 | + } else { |
| 64 | + $this->logUtility->log(Log::STATUS_PROFILEUPDATENOTAUTHORIZED, $user); |
| 65 | + $this->addFlashMessage( |
| 66 | + LocalizationUtility::translateByState(Log::STATUS_PROFILEUPDATENOTAUTHORIZED), |
| 67 | + '', |
| 68 | + ContextualFeedbackSeverity::ERROR); |
58 | 69 | } |
59 | 70 |
|
60 | | - $user->setImage(GeneralUtility::makeInstance(ObjectStorage::class)); |
61 | | - $this->userRepository->update($user); |
62 | | - $this->logUtility->log(Log::STATUS_PROFILEUPDATEIMAGEDELETE, $user); |
63 | | - $this->addFlashMessage(LocalizationUtility::translateByState(Log::STATUS_PROFILEUPDATEIMAGEDELETE)); |
64 | 71 | return $this->redirectToUri(FrontendUtility::getUriToCurrentPage()); |
65 | 72 | } |
66 | 73 |
|
|
0 commit comments