diff options
Diffstat (limited to 'juick-api')
-rw-r--r-- | juick-api/src/main/java/com/juick/api/controllers/Users.java | 40 | ||||
-rw-r--r-- | juick-api/src/test/java/com/juick/api/tests/MessagesTests.java | 27 |
2 files changed, 30 insertions, 37 deletions
diff --git a/juick-api/src/main/java/com/juick/api/controllers/Users.java b/juick-api/src/main/java/com/juick/api/controllers/Users.java index 75dea5f5..396a716c 100644 --- a/juick-api/src/main/java/com/juick/api/controllers/Users.java +++ b/juick-api/src/main/java/com/juick/api/controllers/Users.java @@ -5,6 +5,7 @@ import com.juick.api.util.HttpForbiddenException; import com.juick.api.util.HttpNotFoundException; import com.juick.service.UserService; import com.juick.util.UserUtils; +import com.juick.util.WebUtils; import org.springframework.http.MediaType; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; @@ -15,12 +16,9 @@ import org.springframework.web.bind.annotation.ResponseBody; import javax.inject.Inject; import java.security.Principal; import java.util.ArrayList; -import java.util.Arrays; -import java.util.Iterator; import java.util.List; /** - * * @author ugnich */ @Controller @@ -32,39 +30,27 @@ public class Users { @RequestMapping(value = "/users", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE) public List<User> doGetUsers( - @RequestParam(value = "uname", required = false) String[] punames, - @RequestParam(value = "jid", required = false) String[] pjids) { + @RequestParam(value = "uname", required = false) List<String> unames, + @RequestParam(value = "jid", required = false) List<String> jids) { List<com.juick.User> users = new ArrayList<>(); - if (punames != null) { - ArrayList<String> unames = new ArrayList<>(Arrays.asList(punames)); - Iterator<String> i = unames.iterator(); - while (i.hasNext()) { - if (!i.next().matches("^[a-zA-Z0-9\\-]{2,16}$")) { - i.remove(); - } - } - if (!unames.isEmpty() && unames.size() < 20) { + if (unames != null) { + unames.removeIf(WebUtils::isNotUserName); + + if (!unames.isEmpty() && unames.size() < 20) users.addAll(userService.getUsersByName(unames)); - } } - if (pjids != null) { - List<String> jids = new ArrayList<>(Arrays.asList(pjids)); - Iterator<String> ii = jids.iterator(); - while (ii.hasNext()) { - if (!ii.next().matches("^[a-zA-Z0-9\\-\\_\\@\\.]{6,64}$")) { - ii.remove(); - } - } - if (!jids.isEmpty() && jids.size() < 20) { + if (jids != null) { + jids.removeIf(WebUtils::isNotJid); + + if (!jids.isEmpty() && jids.size() < 20) users.addAll(userService.getUsersByJID(jids)); - } } - if (!users.isEmpty()) { + if (!users.isEmpty()) return users; - } + throw new HttpNotFoundException(); } diff --git a/juick-api/src/test/java/com/juick/api/tests/MessagesTests.java b/juick-api/src/test/java/com/juick/api/tests/MessagesTests.java index 66cd6048..9425a819 100644 --- a/juick-api/src/test/java/com/juick/api/tests/MessagesTests.java +++ b/juick-api/src/test/java/com/juick/api/tests/MessagesTests.java @@ -30,8 +30,7 @@ import org.springframework.web.context.WebApplicationContext; import javax.inject.Inject; import javax.servlet.http.Cookie; -import java.util.Collections; -import java.util.Optional; +import java.util.*; import static org.hamcrest.Matchers.hasSize; import static org.hamcrest.Matchers.is; @@ -105,15 +104,15 @@ public class MessagesTests { @Test public void testAllUnAuthorized() throws Exception { + when(userService.getUserByName(null)) + .thenReturn(new User()); + mockMvc.perform(get("/")) .andExpect(status().is4xxClientError()); mockMvc.perform(get("/home")) .andExpect(status().is4xxClientError()); - mockMvc.perform(get("/messages")) - .andExpect(status().is4xxClientError()); - mockMvc.perform(get("/thread")) .andExpect(status().is4xxClientError()); @@ -229,22 +228,30 @@ public class MessagesTests { .andExpect(header().string("Access-Control-Allow-Methods", "POST,GET,PUT,OPTIONS,DELETE")) .andExpect(header().string("Access-Control-Allow-Headers", "X-PINGOTHER, Content-Type")); } + @Test public void anonymousApis() throws Exception { String ugnichName = "ugnich"; String uginchPassword = "MyPassw0rd!"; String freefdName = "freefd"; String freefdPassword = "MyPassw0rd!"; + User ugnich = getUser(1, ugnichName, uginchPassword); User freefd = getUser(2, freefdName, freefdPassword); - when(userService.getFullyUserByName(ugnichName)) - .thenReturn(ugnich); - when(userService.getFullyUserByName(freefdName)) - .thenReturn(freefd); + + List<String> users = new ArrayList<>(2); + users.add(ugnichName); + users.add(freefdName); + + when(userService.getUsersByName(users)) + .thenReturn(Arrays.asList(ugnich, freefd)); + mockMvc.perform(get("/messages")) .andExpect(status().isOk()); + mockMvc.perform(get("/users") - .param("uname", "ugnich").param("uname", "freefd")) + .param("uname", "ugnich") + .param("uname", "freefd")) .andExpect(status().isOk()) .andExpect(content().contentType(MediaType.APPLICATION_JSON_UTF8)) .andExpect(jsonPath("$", hasSize(2))); |