1 files changed, 83 insertions, 0 deletions

diff --git a/juick-api/src/main/java/com/juick/api/controllers/Service.java b/juick-api/src/main/java/com/juick/api/controllers/Service.java
new file mode 100644
index 00000000..b3516391
--- /dev/null
+++ b/juick-api/src/main/java/com/juick/api/controllers/Service.java
@@ -0,0 +1,83 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.controllers;
+
+import com.juick.ExternalToken;
+import com.juick.Message;
+import com.juick.User;
+import com.juick.server.util.HttpBadRequestException;
+import com.juick.server.util.HttpForbiddenException;
+import com.juick.server.util.UserUtils;
+import com.juick.service.CrosspostService;
+import com.juick.service.MessagesService;
+import com.juick.service.SubscriptionService;
+import com.juick.service.UserService;
+import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.*;
+import springfox.documentation.annotations.ApiIgnore;
+
+import javax.inject.Inject;
+import java.io.IOException;
+import java.util.List;
+
+/**
+ * TODO: configure spring-security to allow only admin role
+ */
+@ApiIgnore
+@RestController
+public class Service {
+    @Inject
+    private SubscriptionService subscriptionService;
+    @Inject
+    private MessagesService messagesService;
+    @Inject
+    private CrosspostService crosspostService;
+    @Inject
+    private UserService userService;
+
+    @RequestMapping(value = "/subscriptions", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+    public List<User> doGet(
+            @RequestParam(defaultValue = "0") int mid,
+            @RequestParam(defaultValue = "0") int uid) throws IOException {
+        User visitor = UserUtils.getCurrentUser();
+        if ((visitor.getUid() == 0) && !(visitor.getName().equals("juick"))) {
+            throw new HttpForbiddenException();
+        }
+        if (uid > 0) {
+            return subscriptionService.getSubscribedUsers(uid, mid);
+        } else {
+            // thread
+            Message msg = messagesService.getMessage(mid);
+            if (msg != null) {
+                return subscriptionService.getUsersSubscribedToComments(mid, msg.getUser().getUid());
+            }
+        }
+        throw new HttpBadRequestException();
+    }
+    @GetMapping("/tokens")
+    public User getTokensForUser(@RequestParam(defaultValue = "0") int uid) {
+        User visitor = UserUtils.getCurrentUser();
+        if ((visitor.getUid() == 0) && !(visitor.getName().equals("juick"))) {
+            throw new HttpForbiddenException();
+        }
+        User user = userService.getUserByUID(uid).orElseThrow(IllegalStateException::new);
+        crosspostService.getTwitterToken(uid).ifPresent(
+                t -> user.getTokens().add(t));
+        return user;
+    }
+}