@RequestMapping(method=RequestMethod.GET)
public ModelAndView showForm(ServletRequest request, @PathVariable String nick) throws Exception {
Template tmpl = Template.getTemplate(request);
if (!tmpl.isSessionAuthorized()) {
throw new AccessViolationException("Not authorized");
}
ModelAndView mv = new ModelAndView("edit-remark");
User user = userDao.getUser(nick);
if (tmpl.isSessionAuthorized() && !tmpl.getNick().equals(nick) ) {
mv.getModel().put("remark", userDao.getRemark(tmpl.getCurrentUser() , user) );
}else{
throw new AccessViolationException("Not Authorized");
}
return mv;
}