aboutsummaryrefslogtreecommitdiff
path: root/juick-api/src/main/java/com/juick/api/controllers/Users.java
diff options
context:
space:
mode:
Diffstat (limited to 'juick-api/src/main/java/com/juick/api/controllers/Users.java')
-rw-r--r--juick-api/src/main/java/com/juick/api/controllers/Users.java159
1 files changed, 159 insertions, 0 deletions
diff --git a/juick-api/src/main/java/com/juick/api/controllers/Users.java b/juick-api/src/main/java/com/juick/api/controllers/Users.java
new file mode 100644
index 00000000..8b1bc6cd
--- /dev/null
+++ b/juick-api/src/main/java/com/juick/api/controllers/Users.java
@@ -0,0 +1,159 @@
+package com.juick.api.controllers;
+
+import com.juick.User;
+import com.juick.api.util.HttpForbiddenException;
+import com.juick.api.util.HttpNotFoundException;
+import com.juick.service.UserService;
+import com.juick.util.UserUtils;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+import javax.inject.Inject;
+import javax.servlet.http.HttpServletRequest;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Iterator;
+import java.util.List;
+
+/**
+ *
+ * @author ugnich
+ */
+@Controller
+@ResponseBody
+public class Users {
+
+ @Inject
+ UserService userService;
+
+ @RequestMapping(value = "/users", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public List<User> doGetUsers(HttpServletRequest request) {
+ // TODO: use spring-security
+ String auth = request.getHeader("Authorization");
+ int vuid = userService.getUIDByHttpAuth(auth);
+ if (vuid == -1) {
+ throw new HttpForbiddenException();
+ }
+ if (vuid == 0) {
+ String hash = request.getParameter("hash");
+ if (hash != null && hash.length() == 16) {
+ vuid = userService.getUIDbyHash(hash);
+ }
+ }
+ List<com.juick.User> users = new ArrayList<>();
+
+ String punames[] = request.getParameterValues("uname");
+ if (punames != null) {
+ ArrayList<String> unames = new ArrayList<>(Arrays.asList(punames));
+ Iterator<String> i = unames.iterator();
+ while (i.hasNext()) {
+ if (!i.next().matches("^[a-zA-Z0-9\\-]{2,16}$")) {
+ i.remove();
+ }
+ }
+ if (!unames.isEmpty() && unames.size() < 20) {
+ users.addAll(userService.getUsersByName(unames));
+ }
+ }
+
+ String pjids[] = request.getParameterValues("jid");
+ if (pjids != null) {
+ List<String> jids = new ArrayList<>(Arrays.asList(pjids));
+ Iterator<String> ii = jids.iterator();
+ while (ii.hasNext()) {
+ if (!ii.next().matches("^[a-zA-Z0-9\\-\\_\\@\\.]{6,64}$")) {
+ ii.remove();
+ }
+ }
+ if (!jids.isEmpty() && jids.size() < 20) {
+ users.addAll(userService.getUsersByJID(jids));
+ }
+ }
+
+ if (!users.isEmpty()) {
+ return users;
+ }
+ throw new HttpNotFoundException();
+ }
+
+ @RequestMapping(value = "/users/read", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public List<User> doGetUserRead(HttpServletRequest request) {
+ // TODO: use spring-security
+ String auth = request.getHeader("Authorization");
+ int vuid = userService.getUIDByHttpAuth(auth);
+ if (vuid == -1) {
+ throw new HttpForbiddenException();
+ }
+ if (vuid == 0) {
+ String hash = request.getParameter("hash");
+ if (hash != null && hash.length() == 16) {
+ vuid = userService.getUIDbyHash(hash);
+ }
+ }
+ if (vuid == 0) {
+ throw new HttpForbiddenException();
+ }
+ int uid = 0;
+ String uname = request.getParameter("uname");
+ if (uname == null) {
+ uid = vuid;
+ } else {
+ if (UserUtils.checkUserNameValid(uname)) {
+ com.juick.User u = userService.getUserByName(uname);
+ if (u != null && u.getUid() > 0) {
+ uid = u.getUid();
+ }
+ }
+ }
+
+ if (uid > 0) {
+ List<Integer> uids = userService.getUserRead(uid);
+ if (uids.size() > 0) {
+ List<com.juick.User> users = userService.getUsersByID(uids);
+ if (users.size() > 0) {
+ return users;
+ }
+ }
+ }
+ throw new HttpNotFoundException();
+ }
+
+ @RequestMapping(value = "/users/readers", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public List<User> doGetUserReaders(HttpServletRequest request) {
+ // TODO: use spring-security
+ String auth = request.getHeader("Authorization");
+ int vuid = userService.getUIDByHttpAuth(auth);
+ if (vuid == -1) {
+ throw new HttpForbiddenException();
+ }
+ if (vuid == 0) {
+ String hash = request.getParameter("hash");
+ if (hash != null && hash.length() == 16) {
+ vuid = userService.getUIDbyHash(hash);
+ }
+ }
+ if (vuid == 0) {
+ throw new HttpForbiddenException();
+ }
+ int uid = 0;
+ String uname = request.getParameter("uname");
+ if (uname == null) {
+ uid = vuid;
+ } else {
+ if (UserUtils.checkUserNameValid(uname)) {
+ com.juick.User u = userService.getUserByName(uname);
+ if (u != null && u.getUid() > 0) {
+ uid = u.getUid();
+ }
+ }
+ }
+
+ if (uid > 0) {
+ return userService.getUserReaders(uid);
+ }
+ throw new HttpNotFoundException();
+ }
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-01 14:39:41 +0000