Private posts

10 files changed, 68 insertions, 11 deletions

diff --git a/src/main/assets/scripts.js b/src/main/assets/scripts.js
index 20d32fd9..6c5e987b 100644
--- a/src/main/assets/scripts.js
+++ b/src/main/assets/scripts.js
@@ -478,12 +478,18 @@ function subscribeMessage(e, mid) {
 function setPrivacy(e, mid) {
     fetch('/api/messages/set_privacy?mid=' + mid
         + '&hash=' + document.getElementById('body').getAttribute('data-hash'), {
-        credentials: 'same-origin'
+        credentials: 'same-origin',
+        method: 'POST'
     })
         .then(handleErrors)
-        .then(function() {
-            e.closest('article').append(resultMessage('OK!'));
-        });
+        .then(function(response) {
+            if (response.ok) {
+                window.location.reload();
+            } else {
+                alert('Something went wrong :(');
+            }
+        })
+        .catch(console.err);
     return false;
 }
 
@@ -702,10 +708,9 @@ ready(() => {
 
     Array.from(document.querySelectorAll('.l .a-privacy')).forEach(function(e) {
         e.addEventListener('click', function(e) {
-            const article = /** @type {HTMLElement} */((e.target).closest('article'));
             setPrivacy(
                 e.target,
-                article.getAttribute('data-mid'));
+                document.getElementById('content').getAttribute('data-mid'));
             e.preventDefault();
         });
     });
diff --git a/src/main/java/com/juick/CommandsManager.java b/src/main/java/com/juick/CommandsManager.java
index a643225f..a7a880c5 100644
--- a/src/main/java/com/juick/CommandsManager.java
+++ b/src/main/java/com/juick/CommandsManager.java
@@ -554,6 +554,9 @@ public class CommandsManager {
                 return CommandResult.fromString("Tags are NOT updated (5 tags maximum?)");
             }
         } else {
+            if (!messagesService.canViewThread(mid, user.getUid())) {
+                return CommandResult.fromString("Message unavailable");
+            }
             if (txt.length() > 4096) {
                 return CommandResult.fromString("Sorry, 4096 characters maximum.");
             }
diff --git a/src/main/java/com/juick/service/MessagesService.java b/src/main/java/com/juick/service/MessagesService.java
index a6b6e2e2..91788a3c 100644
--- a/src/main/java/com/juick/service/MessagesService.java
+++ b/src/main/java/com/juick/service/MessagesService.java
@@ -162,4 +162,7 @@ public interface MessagesService {
 
     void setMessageProperty(Integer mid, Integer rid, String key, String value);
     Optional<Pair<Integer, Integer>> findMessageByProperty(String key, String value);
+
+    @CacheEvict(value = { "discover", "discussions", "messages", "replies" }, allEntries = true)
+    void setFriendsOnly(Integer mid, Boolean friendsOnly);
 }
diff --git a/src/main/java/com/juick/service/MessagesServiceImpl.java b/src/main/java/com/juick/service/MessagesServiceImpl.java
index 53f2407c..85dadd77 100644
--- a/src/main/java/com/juick/service/MessagesServiceImpl.java
+++ b/src/main/java/com/juick/service/MessagesServiceImpl.java
@@ -1175,4 +1175,10 @@ public class MessagesServiceImpl extends BaseJdbcService implements MessagesServ
         }
         return Optional.empty();
     }
+    @Transactional
+    @Override
+    public void setFriendsOnly(Integer mid, Boolean friendsOnly) {
+        int privacy = friendsOnly ? -1 : 1;
+        jdbcTemplate.update("UPDATE messages SET privacy=? WHERE message_id=?", privacy, mid);
+    }
 }
diff --git a/src/main/java/com/juick/service/UserService.java b/src/main/java/com/juick/service/UserService.java
index ec5beb13..53acdfab 100644
--- a/src/main/java/com/juick/service/UserService.java
+++ b/src/main/java/com/juick/service/UserService.java
@@ -201,5 +201,6 @@ public interface UserService {
 
     boolean deleteToken(String serviceType, String token);
 
+    @CacheEvict(value = "users_by_name", allEntries = true)
     void setPremium(Integer uid, boolean isPremium);
 }
diff --git a/src/main/java/com/juick/www/api/Messages.java b/src/main/java/com/juick/www/api/Messages.java
index e3426454..f059aa88 100644
--- a/src/main/java/com/juick/www/api/Messages.java
+++ b/src/main/java/com/juick/www/api/Messages.java
@@ -203,4 +203,13 @@ public class Messages {
         }
         throw new HttpBadRequestException();
     }
+    @PostMapping("/api/messages/set_privacy")
+    public void togglePrivacy(@Parameter(hidden = true) User visitor, @RequestParam Integer mid) {
+        if (visitor.isPremium() || userService.isAdminUser(visitor)) {
+            var msg = messagesService.getMessage(mid).orElseThrow(HttpNotFoundException::new);
+            messagesService.setFriendsOnly(mid, !msg.FriendsOnly);
+        } else {
+            throw new HttpBadRequestException();
+        }
+    }
 }
diff --git a/src/main/resources/messages.properties b/src/main/resources/messages.properties
index e6612732..1c136f77 100644
--- a/src/main/resources/messages.properties
+++ b/src/main/resources/messages.properties
@@ -66,6 +66,8 @@ message.subscribed=Subscribed
 message.delete=Delete
 message.loginForSending=<a href="{0}" class="a-login">Login</a> to post messages and comments
 message.sendLoginToXmpp=Send <b>LOGIN</b> to <a href="xmpp:juick@juick.com?message;body=LOGIN">juick@juick.com</a>
+message.lock=Make private
+message.unlock=Make public
 
 messages.next=Next
 
diff --git a/src/main/resources/messages_ru.properties b/src/main/resources/messages_ru.properties
index f07c8136..cce622d5 100644
--- a/src/main/resources/messages_ru.properties
+++ b/src/main/resources/messages_ru.properties
@@ -65,6 +65,8 @@ message.subscribed=Подписан
 message.delete=Удалить
 message.loginForSending=Чтобы добавлять сообщения и комментарии, <a href="{0}" class="a-login">представьтесь</a>
 message.sendLoginToXmpp=Отправьте <b>LOGIN</b> на <a href="xmpp:juick@juick.com?message;body=LOGIN">juick@juick.com</a>
+message.lock=Скрыть
+message.unlock=Открыть доступ
 
 messages.next=Читать дальше
 
diff --git a/src/main/resources/templates/views/thread.html b/src/main/resources/templates/views/thread.html
index 84c52282..819a627e 100644
--- a/src/main/resources/templates/views/thread.html
+++ b/src/main/resources/templates/views/thread.html
@@ -40,13 +40,15 @@
             </div>
             {% endif %}
             <nav class="l">
-                {% if visitor.uid == msg.user.uid %}
-                <a href="/{{ msg.mid }}" class="a-like msg-button">
+                {% if visitor.uid == msg.user.uid and (msg.user.premium or beans.userServiceImpl.isAdminUser(msg.user)) %}
+                <a href="/{{ msg.mid }}" class="a-privacy msg-button">
                     <span class="msg-button-icon">
-                        <i data-icon="ei-heart" data-size="s"></i>
-                        {% if msg.recommendations.size() > 0 %}&nbsp;{{ msg.recommendations.size() }}
+                        {% if msg.FriendsOnly %}
+                        <i data-icon="ei-unlock" data-size="s"></i>
+                        <span>&nbsp;{{ i18n("messages","message.unlock") }}</span>
                         {% else %}
-                        <span>&nbsp;{{ i18n("messages","message.recommend") }}</span>
+                        <i data-icon="ei-lock" data-size="s"></i>
+                        <span>&nbsp;{{ i18n("messages","message.lock") }}</span>
                         {% endif %}
                     </span>
                 </a>
diff --git a/src/test/java/com/juick/server/tests/ServerTests.java b/src/test/java/com/juick/server/tests/ServerTests.java
index e97f4a20..e8a90e92 100644
--- a/src/test/java/com/juick/server/tests/ServerTests.java
+++ b/src/test/java/com/juick/server/tests/ServerTests.java
@@ -71,6 +71,7 @@ import org.apache.commons.io.IOUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.lang3.tuple.Pair;
 import org.apache.commons.text.StringEscapeUtils;
+import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
 import org.junit.jupiter.api.*;
 import org.mockito.ArgumentCaptor;
 import org.mockito.Captor;
@@ -2660,4 +2661,27 @@ public class ServerTests {
         assertThat(output, is("К вопросу об опросах типа \"За кого бы вы проголосовали\" и \"Согласны ли вы с результатами\"...<br/>\n" +
                 "Напоминает один старый опрос: опрос на сайте <a href=\"http://www.$somesite$.ru\" rel=\"nofollow\">www.$somesite$.ru</a> показал, что 100% Россиян использует интернет."));
     }
+    @Test
+    public void messagePrivacyFlow() throws Exception {
+        userService.setPremium(ugnich.getUid(), true);
+        int mid = messagesService.createMessage(ugnich.getUid(), "hidden", "", Collections.emptySet());
+        var msg = messagesService.getMessage(ugnich.getUid(), mid).orElseThrow();
+        assertThat(msg.FriendsOnly, is(false));
+        mockMvc.perform(post("/api/messages/set_privacy?mid=" + mid)
+        .with(httpBasic(ugnichName, ugnichPassword)))
+        .andExpect(status().isOk());
+        msg = messagesService.getMessage(ugnich.getUid(), mid).orElseThrow();
+        assertThat(msg.FriendsOnly, is(true));
+        var res = commandsManager.processCommand(freefd, String.format("#%d reply", mid), emptyUri);
+        assertThat(res.getNewMessage(), is(Optional.empty()));
+        mockMvc.perform(post("/api/messages/set_privacy?mid=" + mid)
+        .with(httpBasic(ugnichName, ugnichPassword)))
+        .andExpect(status().isOk());
+        msg = messagesService.getMessage(ugnich.getUid(), mid).orElseThrow();
+        assertThat(msg.FriendsOnly, is(false));
+        userService.setPremium(ugnich.getUid(), false);
+        mockMvc.perform(post("/api/messages/set_privacy?mid=" + mid)
+        .with(httpBasic(ugnichName, ugnichPassword)))
+        .andExpect(status().isBadRequest());
+    }
 }