diff options
author | Vitaly Takmazov | 2016-11-24 21:38:52 +0300 |
---|---|---|
committer | Vitaly Takmazov | 2016-11-24 23:26:57 +0300 |
commit | d233943fc29508dc37714852b11b96b0b46b55d9 (patch) | |
tree | 129cd564c021261247e72ac70605c1e559c6dac4 /juick-api/src/main/java/com/juick/api/controllers/Subscriptions.java | |
parent | bcd9ae221522fa779ea1fd1ff1ab5b561ca0895f (diff) |
juick-api: now on spring-webmvc
Diffstat (limited to 'juick-api/src/main/java/com/juick/api/controllers/Subscriptions.java')
-rw-r--r-- | juick-api/src/main/java/com/juick/api/controllers/Subscriptions.java | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/juick-api/src/main/java/com/juick/api/controllers/Subscriptions.java b/juick-api/src/main/java/com/juick/api/controllers/Subscriptions.java new file mode 100644 index 00000000..5426f853 --- /dev/null +++ b/juick-api/src/main/java/com/juick/api/controllers/Subscriptions.java @@ -0,0 +1,69 @@ +package com.juick.api.controllers; + +import com.juick.Message; +import com.juick.User; +import com.juick.api.util.HttpBadRequestException; +import com.juick.api.util.HttpForbiddenException; +import com.juick.service.MessagesService; +import com.juick.service.SubscriptionService; +import com.juick.service.UserService; +import org.apache.commons.lang3.math.NumberUtils; +import org.springframework.http.MediaType; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.ResponseBody; + +import javax.inject.Inject; +import javax.servlet.http.HttpServletRequest; +import java.io.IOException; +import java.util.List; + +/** + * Created by vitalyster on 24.10.2016. + */ +@Controller +@ResponseBody +public class Subscriptions { + @Inject + UserService userService; + @Inject + SubscriptionService subscriptionService; + @Inject + MessagesService messagesService; + + @RequestMapping(value = "/subscriptions", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE) + public List<User> doGet(HttpServletRequest request) throws IOException { + // TODO: use spring-security + String auth = request.getHeader("Authorization"); + int vuid = userService.getUIDByHttpAuth(auth); + if (vuid == -1) { + throw new HttpForbiddenException(); + } + if (vuid == 0) { + String hash = request.getParameter("hash"); + if (hash != null && hash.length() == 16) { + vuid = userService.getUIDbyHash(hash); + } + } + if (vuid == 0) { + throw new HttpForbiddenException(); + } + User visitor = userService.getUserByUID(vuid).orElse(new User()); + if ((visitor.getUid() == 0) && !(visitor.getName().equals("juick"))) { + throw new HttpForbiddenException(); + } + int uid = NumberUtils.toInt(request.getParameter("uid"), 0); + int mid = NumberUtils.toInt(request.getParameter("mid"), 0); + if (uid > 0) { + return subscriptionService.getSubscribedUsers(uid, mid); + } else { + // thread + Message msg = messagesService.getMessage(mid); + if (msg != null) { + return subscriptionService.getUsersSubscribedToComments(mid, msg.getUser().getUid()); + } + } + throw new HttpBadRequestException(); + } +} |