aboutsummaryrefslogtreecommitdiff
path: root/juick-server/src/main
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2018-08-31 11:12:30 +0300
committerGravatar Vitaly Takmazov2018-08-31 11:21:33 +0300
commit4f94886884b47e19f16da5b987ef1a740b29456e (patch)
treeb9fdacd1b9376437384d143efe7dacd715b954e6 /juick-server/src/main
parent19e259aebc19f29228982fd4f071a50509cb7d76 (diff)
banned user messages are not visible to others
Diffstat (limited to 'juick-server/src/main')
-rw-r--r--juick-server/src/main/java/com/juick/service/MessagesServiceImpl.java5
1 files changed, 3 insertions, 2 deletions
diff --git a/juick-server/src/main/java/com/juick/service/MessagesServiceImpl.java b/juick-server/src/main/java/com/juick/service/MessagesServiceImpl.java
index e2958112..c86e3736 100644
--- a/juick-server/src/main/java/com/juick/service/MessagesServiceImpl.java
+++ b/juick-server/src/main/java/com/juick/service/MessagesServiceImpl.java
@@ -450,7 +450,7 @@ public class MessagesServiceImpl extends BaseJdbcService implements MessagesServ
")") +
" AND NOT EXISTS (SELECT 1 FROM bl_tags bt WHERE bt.tag_id IN " +
"(SELECT tag_id FROM messages_tags WHERE message_id = m.message_id) and :visitorUid = bt.user_id)" +
- " AND NOT EXISTS (SELECT 1 from users u WHERE u.banned = 1 and u.id = m.user_id) ORDER BY m.message_id DESC LIMIT 20",
+ " AND NOT EXISTS (SELECT 1 from users u WHERE u.banned = 1 and u.id = m.user_id and u.id <> :visitorUid) ORDER BY m.message_id DESC LIMIT 20",
sqlParameterSource,
Integer.class);
}
@@ -633,7 +633,7 @@ public class MessagesServiceImpl extends BaseJdbcService implements MessagesServ
" AND m.attach IS NOT NULL " +
" AND NOT EXISTS (SELECT 1 FROM bl_tags bt WHERE bt.tag_id IN " +
"(SELECT tag_id FROM messages_tags WHERE message_id = m.message_id) and :vid = bt.user_id)" +
- " AND NOT EXISTS (SELECT 1 from users u WHERE u.banned = 1 and u.id = m.user_id) " +
+ " AND NOT EXISTS (SELECT 1 from users u WHERE u.banned = 1 and u.id = m.user_id and u.id <> :vid) " +
" AND NOT EXISTS (SELECT 1 FROM bl_users b WHERE b.user_id = :vid and b.bl_user_id = m.user_id) " +
" ORDER BY m.message_id DESC LIMIT 20",
sqlParameterSource,
@@ -887,6 +887,7 @@ public class MessagesServiceImpl extends BaseJdbcService implements MessagesServ
"LEFT JOIN users qu ON qw.user_id=qu.id " +
"LEFT JOIN users mu ON m.user_id=mu.id " +
"WHERE replies.message_id = :mid " +
+ "AND NOT EXISTS (SELECT 1 from users u WHERE u.banned = 1 and u.id = replies.user_id and u.id <> :uid)" +
"AND NOT EXISTS (SELECT 1 FROM banned WHERE banned.reply_id = replies.reply_id) " +
"AND NOT EXISTS (SELECT 1 FROM bl_users b WHERE b.user_id = :uid AND b.bl_user_id = m.user_id) " +
"ORDER BY replies.reply_id ASC",