aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/server/api/Notifications.java
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2019-04-26 16:40:58 +0300
committerGravatar Vitaly Takmazov2019-04-26 16:40:58 +0300
commita34350b62784d4332243ba40ffe928afd91f67d3 (patch)
tree55923327b759122d784ca1443337e94e337e095a /src/main/java/com/juick/server/api/Notifications.java
parentb3a514931460eb495538cdc49902bc083c5c147d (diff)
Authorization checks are in spring-security for a while
Diffstat (limited to 'src/main/java/com/juick/server/api/Notifications.java')
-rw-r--r--src/main/java/com/juick/server/api/Notifications.java28
1 files changed, 11 insertions, 17 deletions
diff --git a/src/main/java/com/juick/server/api/Notifications.java b/src/main/java/com/juick/server/api/Notifications.java
index ea1d5c54..6829653c 100644
--- a/src/main/java/com/juick/server/api/Notifications.java
+++ b/src/main/java/com/juick/server/api/Notifications.java
@@ -23,13 +23,13 @@ import com.juick.ExternalToken;
import com.juick.User;
import com.juick.model.AnonymousUser;
import com.juick.server.util.HttpBadRequestException;
-import com.juick.server.util.HttpForbiddenException;
import com.juick.server.util.UserUtils;
import com.juick.service.MessagesService;
import com.juick.service.PushQueriesService;
import com.juick.service.SubscriptionService;
import com.juick.service.TelegramService;
import com.juick.service.UserService;
+import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.RequestBody;
@@ -88,8 +88,8 @@ public class Notifications {
@RequestParam(required = false, defaultValue = "0") int mid,
@RequestParam(required = false, defaultValue = "0") int rid) {
User visitor = UserUtils.getCurrentUser();
- if (visitor.isAnonymous() || !(visitor.getName().equals("juick"))) {
- throw new HttpForbiddenException();
+ if (!(visitor.getName().equals("juick"))) {
+ return ResponseEntity.status(HttpStatus.FORBIDDEN).body(null);
}
if (uid > 0 && mid == 0) {
// PM
@@ -118,11 +118,11 @@ public class Notifications {
@ApiIgnore
@RequestMapping(value = "/api/notifications", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
- public Status doDelete(
+ public ResponseEntity<Status> doDelete(
@RequestBody List<ExternalToken> list) {
User visitor = UserUtils.getCurrentUser();
- if ((visitor.isAnonymous()) || !(visitor.getName().equals("juick"))) {
- throw new HttpForbiddenException();
+ if (!visitor.getName().equals("juick")) {
+ return ResponseEntity.status(HttpStatus.FORBIDDEN).body(null);
}
list.forEach(t -> {
switch (t.getType()) {
@@ -140,15 +140,15 @@ public class Notifications {
}
});
- return Status.OK;
+ return ResponseEntity.ok(Status.OK);
}
@ApiIgnore
@RequestMapping(value = "/api/notifications/delete", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
- public Status doDeleteTokens(
+ public ResponseEntity<Status> doDeleteTokens(
@RequestBody List<ExternalToken> list) {
User visitor = UserUtils.getCurrentUser();
- if ((visitor.isAnonymous()) || !(visitor.getName().equals("juick"))) {
- throw new HttpForbiddenException();
+ if (!visitor.getName().equals("juick")) {
+ return ResponseEntity.status(HttpStatus.FORBIDDEN).body(null);
}
list.forEach(t -> {
switch (t.getType()) {
@@ -166,7 +166,7 @@ public class Notifications {
}
});
- return Status.OK;
+ return ResponseEntity.ok(Status.OK);
}
@ApiIgnore
@@ -174,9 +174,6 @@ public class Notifications {
public Status doPut(
@RequestBody List<ExternalToken> list) throws IOException {
User visitor = UserUtils.getCurrentUser();
- if (visitor.isAnonymous()) {
- throw new HttpForbiddenException();
- }
list.forEach(t -> {
switch (t.getType()) {
case "gcm":
@@ -200,9 +197,6 @@ public class Notifications {
public Status doAndroidRegister(
@RequestParam(name = "regid") String regId) {
User visitor = UserUtils.getCurrentUser();
- if (visitor.isAnonymous()) {
- throw new HttpForbiddenException();
- }
pushQueriesService.addGCMToken(visitor.getUid(), regId);
return Status.OK;
}