diff options
author | Vitaly Takmazov | 2018-10-30 12:34:48 +0300 |
---|---|---|
committer | Vitaly Takmazov | 2018-10-30 12:34:48 +0300 |
commit | fff2c3a33de290bc80fd16b9b07c211b441bb268 (patch) | |
tree | ce74a91681fae6335f5963119fb8e485afb5f83c | |
parent | df3e5c725e3ce20b8d5600540ee6b648d587b46f (diff) |
delete notifications using POST
-rw-r--r-- | juick-server/src/main/java/com/juick/server/api/Notifications.java | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/juick-server/src/main/java/com/juick/server/api/Notifications.java b/juick-server/src/main/java/com/juick/server/api/Notifications.java index 67e52851..bc3d98bf 100644 --- a/juick-server/src/main/java/com/juick/server/api/Notifications.java +++ b/juick-server/src/main/java/com/juick/server/api/Notifications.java @@ -105,7 +105,32 @@ public class Notifications { public Status doDelete( @RequestBody List<ExternalToken> list) { User visitor = UserUtils.getCurrentUser(); - // FIXME: it is possible to delete other user's tokens + if ((visitor.isAnonymous()) || !(visitor.getName().equals("juick"))) { + throw new HttpForbiddenException(); + } + list.forEach(t -> { + switch (t.getType()) { + case "gcm": + pushQueriesService.deleteGCMToken(t.getToken()); + break; + case "apns": + pushQueriesService.deleteAPNSToken(t.getToken()); + break; + case "mpns": + pushQueriesService.deleteMPNSToken(t.getToken()); + break; + default: + throw new HttpBadRequestException(); + } + }); + + return Status.OK; + } + @ApiIgnore + @RequestMapping(value = "/api/notifications/delete", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE) + public Status doDeleteTokens( + @RequestBody List<ExternalToken> list) { + User visitor = UserUtils.getCurrentUser(); if ((visitor.isAnonymous()) || !(visitor.getName().equals("juick"))) { throw new HttpForbiddenException(); } |