aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--juick-api/src/main/java/com/juick/api/controllers/Messages.java27
-rw-r--r--juick-api/src/main/java/com/juick/api/controllers/Notifications.java28
-rw-r--r--juick-api/src/main/java/com/juick/api/controllers/Others.java8
-rw-r--r--juick-api/src/main/java/com/juick/api/controllers/PM.java13
-rw-r--r--juick-api/src/main/java/com/juick/api/controllers/Post.java14
-rw-r--r--juick-api/src/main/java/com/juick/api/controllers/Subscriptions.java5
-rw-r--r--juick-api/src/main/java/com/juick/api/controllers/Tags.java5
-rw-r--r--juick-api/src/main/java/com/juick/api/controllers/Users.java10
-rw-r--r--juick-api/src/test/java/com/juick/api/tests/MessagesTests.java7
-rw-r--r--juick-core/src/main/java/com/juick/User.java6
-rw-r--r--juick-server/src/main/java/com/juick/entity/AnonymUser.java79
-rw-r--r--juick-server/src/main/java/com/juick/util/UserUtils.java27
12 files changed, 146 insertions, 83 deletions
diff --git a/juick-api/src/main/java/com/juick/api/controllers/Messages.java b/juick-api/src/main/java/com/juick/api/controllers/Messages.java
index 723d2f15..47053706 100644
--- a/juick-api/src/main/java/com/juick/api/controllers/Messages.java
+++ b/juick-api/src/main/java/com/juick/api/controllers/Messages.java
@@ -3,9 +3,9 @@ package com.juick.api.controllers;
import com.juick.Tag;
import com.juick.User;
import com.juick.api.ApiServer;
+import com.juick.server.helpers.Status;
import com.juick.server.util.HttpBadRequestException;
import com.juick.server.util.HttpForbiddenException;
-import com.juick.server.helpers.Status;
import com.juick.service.MessagesService;
import com.juick.service.TagService;
import com.juick.service.UserService;
@@ -25,7 +25,6 @@ import rocks.xmpp.addr.Jid;
import rocks.xmpp.core.stanza.model.Message;
import javax.inject.Inject;
-import java.security.Principal;
import java.util.Collections;
import java.util.List;
@@ -58,11 +57,9 @@ public class Messages {
@RequestMapping("/home")
public ResponseEntity<List<com.juick.Message>> getHome(
- @RequestParam(defaultValue = "0") int before_mid,
- Principal principal) {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
- if (visitor != null) {
+ @RequestParam(defaultValue = "0") int before_mid) {
+ User visitor = UserUtils.getCurrentUser();
+ if (!visitor.isAnonym()) {
int vuid = visitor.getUid();
List<Integer> mids = messagesService.getMyFeed(vuid, before_mid);
@@ -76,14 +73,12 @@ public class Messages {
@RequestMapping("/messages")
public ResponseEntity<List<com.juick.Message>> getMessages(
- Principal principal,
@RequestParam(required = false) String uname,
@RequestParam(defaultValue = "0") int before_mid,
@RequestParam(required = false) String popular,
@RequestParam(required = false) String media,
@RequestParam(required = false) String tag) {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
+ User visitor = UserUtils.getCurrentUser();
int vuid = visitor.getUid();
List<Integer> mids;
@@ -126,10 +121,8 @@ public class Messages {
@RequestMapping("/thread")
public ResponseEntity<List<com.juick.Message>> getThread(
- Principal principal,
@RequestParam(defaultValue = "0") int mid) {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
+ User visitor = UserUtils.getCurrentUser();
int vuid = visitor.getUid();
com.juick.Message msg = messagesService.getMessage(mid);
if (msg != null) {
@@ -146,10 +139,8 @@ public class Messages {
@RequestMapping("/messages/recommended")
public ResponseEntity<List<com.juick.Message>> doGetRecommended(
- Principal principal,
@RequestParam(defaultValue = "0") int before_mid) {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
+ User visitor = UserUtils.getCurrentUser();
int vuid = visitor.getUid();
if (vuid == 0) {
return FORBIDDEN;
@@ -169,10 +160,8 @@ public class Messages {
@RequestMapping("/messages/set_privacy")
@ResponseBody
public ResponseEntity<Status> doSetPrivacy(
- Principal principal,
@RequestParam(defaultValue = "0") int mid) {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
+ User visitor = UserUtils.getCurrentUser();
int vuid = visitor.getUid();
if (vuid == 0) {
throw new HttpForbiddenException();
diff --git a/juick-api/src/main/java/com/juick/api/controllers/Notifications.java b/juick-api/src/main/java/com/juick/api/controllers/Notifications.java
index cd31ad39..9f2f675b 100644
--- a/juick-api/src/main/java/com/juick/api/controllers/Notifications.java
+++ b/juick-api/src/main/java/com/juick/api/controllers/Notifications.java
@@ -4,10 +4,10 @@ import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.juick.Message;
import com.juick.User;
-import com.juick.server.util.HttpBadRequestException;
-import com.juick.server.util.HttpForbiddenException;
import com.juick.server.helpers.Status;
import com.juick.server.helpers.TokensList;
+import com.juick.server.util.HttpBadRequestException;
+import com.juick.server.util.HttpForbiddenException;
import com.juick.service.MessagesService;
import com.juick.service.PushQueriesService;
import com.juick.service.SubscriptionService;
@@ -42,12 +42,10 @@ public class Notifications {
@RequestMapping(value = "/notifications", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public ResponseEntity<List<String>> doGet(
- Principal principal,
@RequestParam String type,
@RequestParam(required = false, defaultValue = "0") int uid,
@RequestParam(required = false, defaultValue = "0") int mid) {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
+ User visitor = UserUtils.getCurrentUser();
if ((visitor.getUid() == 0) || !(visitor.getName().equals("juick"))) {
throw new HttpForbiddenException();
}
@@ -95,10 +93,8 @@ public class Notifications {
@RequestMapping(value = "/notifications", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public Status doDelete(
- Principal principal,
@RequestBody String requestBody) throws IOException {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
+ User visitor = UserUtils.getCurrentUser();
// FIXME: it is possible to delete other user's tokens
if ((visitor.getUid() == 0) || !(visitor.getName().equals("juick"))) {
throw new HttpForbiddenException();
@@ -124,12 +120,11 @@ public class Notifications {
return Status.OK;
}
+
@RequestMapping(value = "/notifications", method = RequestMethod.PUT, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public Status doPut(
- Principal principal,
@RequestBody String requestBody) throws IOException {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
+ User visitor = UserUtils.getCurrentUser();
if (visitor.getUid() == 0) {
throw new HttpForbiddenException();
}
@@ -153,35 +148,36 @@ public class Notifications {
}
return Status.OK;
}
+
@Deprecated
@RequestMapping(value = "/android/register", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public Status doAndroidRegister(
- Principal principal,
@RequestParam(name = "regid") String regId) {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
+ User visitor = UserUtils.getCurrentUser();
if (visitor.getUid() == 0) {
throw new HttpForbiddenException();
}
pushQueriesService.addGCMToken(visitor.getUid(), regId);
return Status.OK;
}
+
@Deprecated
@RequestMapping(value = "/android/unregister", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public Status doAndroidUnRegister(@RequestParam(name = "regid") String regId) {
pushQueriesService.deleteGCMToken(regId);
return Status.OK;
}
+
@Deprecated
@RequestMapping(value = "/winphone/register", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public Status doWinphoneRegister(
Principal principal,
@RequestParam(name = "url") String regId) {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
+ User visitor = UserUtils.getCurrentUser();
pushQueriesService.addMPNSToken(visitor.getUid(), regId);
return Status.OK;
}
+
@Deprecated
@RequestMapping(value = "/winphone/unregister", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public Status doWinphoneUnRegister(@RequestParam(name = "url") String regId) {
diff --git a/juick-api/src/main/java/com/juick/api/controllers/Others.java b/juick-api/src/main/java/com/juick/api/controllers/Others.java
index 852c03d6..b23be483 100644
--- a/juick-api/src/main/java/com/juick/api/controllers/Others.java
+++ b/juick-api/src/main/java/com/juick/api/controllers/Others.java
@@ -1,9 +1,9 @@
package com.juick.api.controllers;
import com.juick.User;
+import com.juick.server.helpers.PrivateChats;
import com.juick.server.util.HttpForbiddenException;
import com.juick.server.util.HttpNotFoundException;
-import com.juick.server.helpers.PrivateChats;
import com.juick.service.PMQueriesService;
import com.juick.service.UserService;
import com.juick.util.UserUtils;
@@ -19,13 +19,11 @@ import java.security.Principal;
import java.util.List;
/**
- *
* @author ugnich
*/
@Controller
@ResponseBody
public class Others {
-
@Inject
PMQueriesService pmQueriesService;
@Inject
@@ -33,10 +31,8 @@ public class Others {
@RequestMapping(value = "groups_pms", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public PrivateChats doGetGroupsPMs(
- Principal principal,
@RequestParam(defaultValue = "5") int cnt) {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
+ User visitor = UserUtils.getCurrentUser();
int vuid = visitor.getUid();
if (vuid == 0) {
throw new HttpForbiddenException();
diff --git a/juick-api/src/main/java/com/juick/api/controllers/PM.java b/juick-api/src/main/java/com/juick/api/controllers/PM.java
index 478ca75e..1bf1646b 100644
--- a/juick-api/src/main/java/com/juick/api/controllers/PM.java
+++ b/juick-api/src/main/java/com/juick/api/controllers/PM.java
@@ -18,17 +18,14 @@ import rocks.xmpp.addr.Jid;
import rocks.xmpp.core.stanza.model.Message;
import javax.inject.Inject;
-import java.security.Principal;
import java.util.List;
/**
- *
* @author ugnich
*/
@Controller
@ResponseBody
public class PM {
-
@Inject
UserService userService;
@Inject
@@ -38,10 +35,8 @@ public class PM {
@RequestMapping(value = "/pm", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public List<com.juick.Message> doGetPM(
- Principal principal,
@RequestParam(required = false) String uname) {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
+ User visitor = UserUtils.getCurrentUser();
int vuid = visitor.getUid();
if (vuid == 0) {
throw new HttpForbiddenException();
@@ -60,11 +55,9 @@ public class PM {
@RequestMapping(value = "/pm", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public com.juick.Message doPostPM(
- Principal principal,
@RequestParam String uname,
@RequestParam String body) {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
+ User visitor = UserUtils.getCurrentUser();
int vuid = visitor.getUid();
if (vuid == 0) {
throw new HttpForbiddenException();
@@ -96,7 +89,7 @@ public class PM {
apiServer.getXmpp().send(msg);
List<String> jids = userService.getJIDsbyUID(uid);
- for (String jid: jids) {
+ for (String jid : jids) {
Message mm = new Message();
mm.setTo(Jid.of(jid));
mm.setType(Message.Type.CHAT);
diff --git a/juick-api/src/main/java/com/juick/api/controllers/Post.java b/juick-api/src/main/java/com/juick/api/controllers/Post.java
index 53cfc3e5..72327ad0 100644
--- a/juick-api/src/main/java/com/juick/api/controllers/Post.java
+++ b/juick-api/src/main/java/com/juick/api/controllers/Post.java
@@ -57,16 +57,14 @@ public class Post {
@RequestMapping(value = "/post", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
@ResponseStatus(value = HttpStatus.OK)
public void doPostMessage(
- Principal principal,
@RequestParam String body,
@RequestParam(required = false) String img,
@RequestParam(required = false) MultipartFile attach) throws IOException {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
- int vuid = visitor.getUid();
- if (vuid == 0) {
+ User visitor = UserUtils.getCurrentUser();
+
+ if (visitor.isAnonym())
throw new HttpForbiddenException();
- }
+
if (body == null || body.length() < 1 || body.length() > 4096) {
throw new HttpBadRequestException();
}
@@ -104,15 +102,13 @@ public class Post {
@RequestMapping(value = "/comment", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public com.juick.Message doPostComment(
- Principal principal,
@RequestParam(defaultValue = "0") int mid,
@RequestParam(defaultValue = "0") int rid,
@RequestParam String body,
@RequestParam(required = false) String img,
@RequestParam(required = false) MultipartFile attach)
throws IOException {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
+ User visitor = UserUtils.getCurrentUser();
int vuid = visitor.getUid();
if (vuid == 0) {
throw new HttpForbiddenException();
diff --git a/juick-api/src/main/java/com/juick/api/controllers/Subscriptions.java b/juick-api/src/main/java/com/juick/api/controllers/Subscriptions.java
index b93ec1f3..5e8b89b1 100644
--- a/juick-api/src/main/java/com/juick/api/controllers/Subscriptions.java
+++ b/juick-api/src/main/java/com/juick/api/controllers/Subscriptions.java
@@ -17,7 +17,6 @@ import org.springframework.web.bind.annotation.ResponseBody;
import javax.inject.Inject;
import java.io.IOException;
-import java.security.Principal;
import java.util.List;
/**
@@ -35,11 +34,9 @@ public class Subscriptions {
@RequestMapping(value = "/subscriptions", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public List<User> doGet(
- Principal principal,
@RequestParam(defaultValue = "0") int mid,
@RequestParam(defaultValue = "0") int uid) throws IOException {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
+ User visitor = UserUtils.getCurrentUser();
if ((visitor.getUid() == 0) && !(visitor.getName().equals("juick"))) {
throw new HttpForbiddenException();
}
diff --git a/juick-api/src/main/java/com/juick/api/controllers/Tags.java b/juick-api/src/main/java/com/juick/api/controllers/Tags.java
index 5548da17..bc412456 100644
--- a/juick-api/src/main/java/com/juick/api/controllers/Tags.java
+++ b/juick-api/src/main/java/com/juick/api/controllers/Tags.java
@@ -13,7 +13,6 @@ import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.inject.Inject;
-import java.security.Principal;
import java.util.List;
/**
@@ -29,11 +28,9 @@ public class Tags {
@RequestMapping(value = "/tags", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public List<TagStats> tags(
- Principal principal,
@RequestParam(required = false, defaultValue = "0") int user_id
) {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
+ User visitor = UserUtils.getCurrentUser();
if (user_id == 0) {
user_id = visitor.getUid();
}
diff --git a/juick-api/src/main/java/com/juick/api/controllers/Users.java b/juick-api/src/main/java/com/juick/api/controllers/Users.java
index 78f6175f..079ff4f3 100644
--- a/juick-api/src/main/java/com/juick/api/controllers/Users.java
+++ b/juick-api/src/main/java/com/juick/api/controllers/Users.java
@@ -14,7 +14,6 @@ import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.inject.Inject;
-import java.security.Principal;
import java.util.ArrayList;
import java.util.List;
@@ -24,7 +23,6 @@ import java.util.List;
@Controller
@ResponseBody
public class Users {
-
@Inject
UserService userService;
@@ -56,10 +54,8 @@ public class Users {
@RequestMapping(value = "/users/read", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public List<User> doGetUserRead(
- Principal principal,
@RequestParam String uname) {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
+ User visitor = UserUtils.getCurrentUser();
int vuid = visitor.getUid();
if (vuid == 0) {
throw new HttpForbiddenException();
@@ -90,10 +86,8 @@ public class Users {
@RequestMapping(value = "/users/readers", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public List<User> doGetUserReaders(
- Principal principal,
@RequestParam String uname) {
- String name = UserUtils.getUsername(principal, null);
- User visitor = userService.getUserByName(name);
+ User visitor = UserUtils.getCurrentUser();
int vuid = visitor.getUid();
if (vuid == 0) {
throw new HttpForbiddenException();
diff --git a/juick-api/src/test/java/com/juick/api/tests/MessagesTests.java b/juick-api/src/test/java/com/juick/api/tests/MessagesTests.java
index 9f74c00d..2a5dba18 100644
--- a/juick-api/src/test/java/com/juick/api/tests/MessagesTests.java
+++ b/juick-api/src/test/java/com/juick/api/tests/MessagesTests.java
@@ -36,9 +36,7 @@ import static org.hamcrest.Matchers.hasSize;
import static org.hamcrest.Matchers.is;
import static org.mockito.Mockito.when;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.options;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
/**
@@ -156,7 +154,6 @@ public class MessagesTests {
Message msg = getMessage(ugnich, msgText);
-
when(messagesService.getMyFeed(1, 0))
.thenReturn(Collections.singletonList(1));
when(messagesService.getMessages(Collections.singletonList(1)))
@@ -263,6 +260,7 @@ public class MessagesTests {
.andExpect(content().contentType(MediaType.APPLICATION_JSON_UTF8))
.andExpect(jsonPath("$", hasSize(2)));
}
+
@Test
public void tags() throws Exception {
Tag weather = new Tag("weather");
@@ -284,6 +282,7 @@ public class MessagesTests {
.andExpect(jsonPath("$", hasSize(1)))
.andExpect(jsonPath("$[0].messages", is(5)));
}
+
@Test
public void postWithReferer() throws Exception {
mockMvc.perform(post("/post")
diff --git a/juick-core/src/main/java/com/juick/User.java b/juick-core/src/main/java/com/juick/User.java
index e0bc490c..84f2b396 100644
--- a/juick-core/src/main/java/com/juick/User.java
+++ b/juick-core/src/main/java/com/juick/User.java
@@ -184,4 +184,10 @@ public class User {
public void setMessagesCount(int messagesCount) {
this.messagesCount = messagesCount;
}
+
+ @XmlTransient
+ @JsonIgnore
+ public boolean isAnonym() {
+ return false;
+ }
}
diff --git a/juick-server/src/main/java/com/juick/entity/AnonymUser.java b/juick-server/src/main/java/com/juick/entity/AnonymUser.java
new file mode 100644
index 00000000..071f5434
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/entity/AnonymUser.java
@@ -0,0 +1,79 @@
+package com.juick.entity;
+
+import com.juick.User;
+
+/**
+ * Created by aalexeev on 12/11/16.
+ */
+public class AnonymUser extends User {
+ public static final AnonymUser INSTANCE = new AnonymUser();
+
+
+ private AnonymUser() {
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ return obj == this || obj instanceof AnonymUser;
+ }
+
+ @Override
+ public int getUid() {
+ return 0;
+ }
+
+ @Override
+ public String getName() {
+ return "Anonymous";
+ }
+
+ @Override
+ public String getFullName() {
+ return getName();
+ }
+
+ @Override
+ public String getJid() {
+ return "anonym@localhost";
+ }
+
+ @Override
+ public String getAuthHash() {
+ return null;
+ }
+
+ @Override
+ public Integer getUnreadCount() {
+ return 0;
+ }
+
+ @Override
+ public boolean isBanned() {
+ return false;
+ }
+
+ @Override
+ public Object getAvatar() {
+ return null;
+ }
+
+ @Override
+ public String getCredentials() {
+ return null;
+ }
+
+ @Override
+ public String getLang() {
+ return "__";
+ }
+
+ @Override
+ public int getMessagesCount() {
+ return 0;
+ }
+
+ @Override
+ public boolean isAnonym() {
+ return true;
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/util/UserUtils.java b/juick-server/src/main/java/com/juick/util/UserUtils.java
index ba1bd1ab..ddeedbbd 100644
--- a/juick-server/src/main/java/com/juick/util/UserUtils.java
+++ b/juick-server/src/main/java/com/juick/util/UserUtils.java
@@ -1,6 +1,11 @@
package com.juick.util;
-import java.security.Principal;
+import com.juick.User;
+import com.juick.entity.AnonymUser;
+import com.juick.server.security.entities.JuickUser;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+
import java.util.Random;
/**
@@ -22,7 +27,23 @@ public class UserUtils {
return sb.toString();
}
- public static String getUsername(final Principal principal, final String defaultUsername) {
- return principal == null ? defaultUsername : principal.getName();
+ public static Authentication getAuthentication() {
+ return SecurityContextHolder.getContext().getAuthentication();
+ }
+
+ public static Object getPrincipal(final Authentication authentication) {
+ return authentication == null ? null : authentication.getPrincipal();
+ }
+
+ public static User getCurrentUser() {
+ Object principal = getPrincipal(getAuthentication());
+
+ if (principal instanceof JuickUser)
+ return ((JuickUser) principal).getUser();
+
+ if (principal instanceof User)
+ return (User) principal;
+
+ return AnonymUser.INSTANCE;
}
}