diff options
Diffstat (limited to 'juick-server/src/main/java/com/juick/server/api')
-rw-r--r-- | juick-server/src/main/java/com/juick/server/api/Messages.java | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/juick-server/src/main/java/com/juick/server/api/Messages.java b/juick-server/src/main/java/com/juick/server/api/Messages.java index d7c07391..db6463dd 100644 --- a/juick-server/src/main/java/com/juick/server/api/Messages.java +++ b/juick-server/src/main/java/com/juick/server/api/Messages.java @@ -24,10 +24,12 @@ import com.juick.server.Utils; import com.juick.server.component.MessageReadEvent; import com.juick.server.helpers.CommandResult; import com.juick.server.util.HttpBadRequestException; +import com.juick.server.util.HttpNotFoundException; import com.juick.server.util.UserUtils; import com.juick.service.MessagesService; import com.juick.service.TagService; import com.juick.service.UserService; +import com.juick.service.security.entities.JuickUser; import org.apache.commons.io.IOUtils; import org.springframework.context.ApplicationEventPublisher; import org.springframework.http.HttpStatus; @@ -167,6 +169,10 @@ public class Messages { if (!messagesService.canViewThread(mid, visitor.getUid())) { return FORBIDDEN; } else { + JuickUser juickUser = new JuickUser(userService.getUserByName(msg.getUser().getName())); + if (!juickUser.isEnabled()) { + throw new HttpNotFoundException(); + } msg.setRecommendations(new HashSet<>(messagesService.getMessageRecommendations(msg.getMid()))); List<com.juick.Message> replies = messagesService.getReplies(visitor, mid); if (!visitor.isAnonymous()) { |