aboutsummaryrefslogtreecommitdiff
path: root/juick-server/src/main/java/com
diff options
context:
space:
mode:
Diffstat (limited to 'juick-server/src/main/java/com')
-rw-r--r--juick-server/src/main/java/com/juick/api/ApiServer.java251
-rw-r--r--juick-server/src/main/java/com/juick/api/CrosspostManager.java165
-rw-r--r--juick-server/src/main/java/com/juick/api/EmailManager.java110
-rw-r--r--juick-server/src/main/java/com/juick/api/FacebookPageManager.java32
-rw-r--r--juick-server/src/main/java/com/juick/api/MessengerManager.java143
-rw-r--r--juick-server/src/main/java/com/juick/api/TelegramBotManager.java298
-rw-r--r--juick-server/src/main/java/com/juick/api/TopManager.java57
-rw-r--r--juick-server/src/main/java/com/juick/api/WebsocketManager.java163
-rw-r--r--juick-server/src/main/java/com/juick/api/configuration/ApiAppConfiguration.java135
-rw-r--r--juick-server/src/main/java/com/juick/api/configuration/ApiInitializer.java65
-rw-r--r--juick-server/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java128
-rw-r--r--juick-server/src/main/java/com/juick/api/configuration/ApiSecurityInitializer.java37
-rw-r--r--juick-server/src/main/java/com/juick/api/controllers/ApiController.java54
-rw-r--r--juick-server/src/main/java/com/juick/api/controllers/Messages.java181
-rw-r--r--juick-server/src/main/java/com/juick/api/controllers/MessengerWebhook.java62
-rw-r--r--juick-server/src/main/java/com/juick/api/controllers/Notifications.java190
-rw-r--r--juick-server/src/main/java/com/juick/api/controllers/Others.java66
-rw-r--r--juick-server/src/main/java/com/juick/api/controllers/PM.java127
-rw-r--r--juick-server/src/main/java/com/juick/api/controllers/Post.java281
-rw-r--r--juick-server/src/main/java/com/juick/api/controllers/Service.java74
-rw-r--r--juick-server/src/main/java/com/juick/api/controllers/SkypeEndpoint.java47
-rw-r--r--juick-server/src/main/java/com/juick/api/controllers/Tags.java54
-rw-r--r--juick-server/src/main/java/com/juick/api/controllers/TelegramWebhook.java48
-rw-r--r--juick-server/src/main/java/com/juick/api/controllers/Users.java125
-rw-r--r--juick-server/src/main/java/com/juick/api/controllers/util/JsonpAdvice.java31
25 files changed, 2924 insertions, 0 deletions
diff --git a/juick-server/src/main/java/com/juick/api/ApiServer.java b/juick-server/src/main/java/com/juick/api/ApiServer.java
new file mode 100644
index 00000000..51097440
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/ApiServer.java
@@ -0,0 +1,251 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+package com.juick.api;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.juick.User;
+import com.juick.service.MessagesService;
+import com.juick.service.SubscriptionService;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.math.NumberUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.web.socket.TextMessage;
+import rocks.xmpp.addr.Jid;
+import rocks.xmpp.core.XmppException;
+import rocks.xmpp.core.session.Extension;
+import rocks.xmpp.core.session.XmppSessionConfiguration;
+import rocks.xmpp.core.session.debug.LogbackDebugger;
+import rocks.xmpp.core.stanza.model.Message;
+import rocks.xmpp.extensions.component.accept.ExternalComponent;
+import rocks.xmpp.extensions.oob.model.x.OobX;
+import rocks.xmpp.util.XmppUtils;
+
+import javax.annotation.PostConstruct;
+import javax.inject.Inject;
+import javax.xml.bind.JAXBException;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+import java.io.IOException;
+import java.io.StringWriter;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.List;
+import java.util.stream.Collectors;
+
+/**
+ * @author Ugnich Anton
+ */
+public class ApiServer implements AutoCloseable {
+ private static Logger logger = LoggerFactory.getLogger(ApiServer.class);
+
+ private ExternalComponent xmpp;
+
+ @Value("${xmpp_host:localhost}")
+ private String xmppHost;
+ @Value("${xmpp_password:secret}")
+ private String xmppPassword;
+ @Value("${ws_jid:ws.localhost}")
+ private String xmppJid;
+ @Value("${xmpp_port:5347}")
+ private int xmppPort;
+ @Value("${xmpp_disabled:false}")
+ private boolean isXmppDisabled;
+ @Inject
+ private ObjectMapper jsonMapper;
+ @Inject
+ private MessagesService messagesService;
+ @Inject
+ private SubscriptionService subscriptionService;
+ @Inject
+ private WebsocketManager wsHandler;
+ @Value("${service_user:juick}")
+ private String serviceUser;
+
+ @PostConstruct
+ public void init() {
+ if (!isXmppDisabled) {
+ setupXmppComponent(xmppHost, xmppPort, xmppJid, xmppPassword);
+ } else {
+ logger.warn("XMPP is not enabled");
+ }
+ }
+
+ @Override
+ public void close() {
+ try {
+ if (xmpp != null)
+ xmpp.close();
+
+ logger.info("ExternalComponent on juick-api destroyed");
+ } catch (Exception e) {
+ logger.warn("Exception occurs on juick-api destroy", e);
+ }
+ }
+
+ public void setupXmppComponent(final String host, final int port, final String jid, final String password) {
+ XmppSessionConfiguration configuration = XmppSessionConfiguration.builder()
+ .extensions(Extension.of(com.juick.Message.class))
+ .build();
+ xmpp = ExternalComponent.create(jid, password, configuration, host, port);
+ xmpp.addInboundMessageListener(e -> {
+ try {
+ Message msg = e.getMessage();
+ com.juick.Message jmsg = msg.getExtension(com.juick.Message.class);
+ if (jmsg != null) {
+ if (logger.isInfoEnabled()) { // prevent writeValueAsString execution if log is disabled
+ try {
+ StringWriter stanzaWriter = new StringWriter();
+ XMLStreamWriter xmppStreamWriter = XmppUtils.createXmppStreamWriter(
+ xmpp.getConfiguration().getXmlOutputFactory().createXMLStreamWriter(stanzaWriter));
+ xmpp.createMarshaller().marshal(msg, xmppStreamWriter);
+ xmppStreamWriter.flush();
+ xmppStreamWriter.close();
+ logger.info("got msg: {}", stanzaWriter.toString());
+ } catch (XMLStreamException e1) {
+ logger.info("jaxb exception", e1);
+ }
+
+ }
+ if (jmsg.getMid() == 0) {
+ int uid_to = NumberUtils.toInt(msg.getTo().getLocal(), 0);
+ if (uid_to > 0) {
+ onJuickPM(uid_to, jmsg);
+ }
+ } else if (jmsg.getRid() == 0) {
+ // to get full message with attachment, etc.
+ onJuickMessagePost(messagesService.getMessage(jmsg.getMid()));
+ } else {
+ // to get quote and attachment
+ com.juick.Message reply = messagesService.getReply(jmsg.getMid(), jmsg.getRid());
+ onJuickMessageReply(reply);
+ }
+ }
+ } catch (JsonProcessingException ex) {
+ logger.error("mapper exception", ex);
+ } catch (JAXBException exc) {
+ logger.error("jaxb exception", exc);
+ }
+ });
+ try {
+ xmpp.connect();
+ } catch (XmppException e) {
+ logger.warn("xmpp extension", e);
+ }
+ }
+
+ public void sendMessage(Message message) {
+ if (!isXmppDisabled) {
+ xmpp.sendMessage(message);
+ }
+ }
+
+ public void processMessage(User visitor, String body, String attachmentName) {
+ Message xmsg = new Message();
+ xmsg.setFrom(Jid.of(String.valueOf(visitor.getUid()), "uid.juick.com", "perl"));
+ xmsg.setTo(Jid.of("juick@juick.com/Juick"));
+ xmsg.setBody(body);
+ try {
+ if (StringUtils.isNotEmpty(attachmentName)) {
+ String attachmentUrl = String.format("juick://%s", attachmentName);
+ xmsg.addExtension(new OobX(new URI(attachmentUrl), "!!!!Juick!!"));
+ }
+ sendMessage(xmsg);
+ } catch (URISyntaxException e1) {
+ logger.warn("attachment error", e1);
+ }
+ }
+
+ private void onJuickPM(final int uid_to, final com.juick.Message jmsg) throws JsonProcessingException {
+ String json = jsonMapper.writeValueAsString(jmsg);
+ synchronized (wsHandler.getClients()) {
+ wsHandler.getClients().stream().filter(c ->
+ (!c.legacy && c.visitor.getUid() == uid_to) || c.visitor.getName().equals(serviceUser))
+ .forEach(c -> {
+ try {
+ logger.info("sending pm to {}", c.visitor.getUid());
+ c.session.sendMessage(new TextMessage(json));
+ } catch (IOException e) {
+ logger.warn("ws error", e);
+ }
+ });
+ }
+ }
+
+ private void onJuickMessagePost(final com.juick.Message jmsg) throws JsonProcessingException {
+ String json = jsonMapper.writeValueAsString(jmsg);
+ List<Integer> uids = subscriptionService.getSubscribedUsers(jmsg.getUser().getUid(), jmsg.getMid())
+ .stream().map(User::getUid).collect(Collectors.toList());
+ synchronized (wsHandler.getClients()) {
+ wsHandler.getClients().stream().filter(c ->
+ (!c.legacy && c.visitor.getUid() == 0) // anonymous users
+ || c.visitor.getName().equals(serviceUser) // services
+ || (!c.legacy && uids.contains(c.visitor.getUid()))) // subscriptions
+ .forEach(c -> {
+ try {
+ logger.info("sending message to {}", c.visitor.getUid());
+ c.session.sendMessage(new TextMessage(json));
+ } catch (IOException e) {
+ logger.warn("ws error", e);
+ }
+ });
+ wsHandler.getClients().stream().filter(c ->
+ c.legacy && c.allMessages) // legacy all posts
+ .forEach(c -> {
+ try {
+ logger.info("sending message to legacy client {}", c.visitor.getUid());
+ c.session.sendMessage(new TextMessage(json));
+ } catch (IOException e) {
+ logger.warn("ws error", e);
+ }
+ });
+ }
+ }
+
+ private void onJuickMessageReply(final com.juick.Message jmsg) throws JsonProcessingException {
+ String json = jsonMapper.writeValueAsString(jmsg);
+ List<Integer> threadUsers =
+ subscriptionService.getUsersSubscribedToComments(jmsg.getMid(), jmsg.getUser().getUid())
+ .stream().map(User::getUid).collect(Collectors.toList());
+ synchronized (wsHandler.getClients()) {
+ wsHandler.getClients().stream().filter(c ->
+ (!c.legacy && c.visitor.getUid() == 0) // anonymous users
+ || c.visitor.getName().equals(serviceUser) // services
+ || (!c.legacy && threadUsers.contains(c.visitor.getUid()))) // subscriptions
+ .forEach(c -> {
+ try {
+ logger.info("sending reply to {}", c.visitor.getUid());
+ c.session.sendMessage(new TextMessage(json));
+ } catch (IOException e) {
+ logger.warn("ws error", e);
+ }
+ });
+ wsHandler.getClients().stream().filter(c ->
+ (c.legacy && c.allReplies) || (c.legacy && c.MID == jmsg.getMid())) // legacy replies
+ .forEach(c -> {
+ try {
+ logger.info("sending reply to legacy client {}", c.visitor.getUid());
+ c.session.sendMessage(new TextMessage(json));
+ } catch (IOException e) {
+ logger.warn("ws error", e);
+ }
+ });
+ }
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/CrosspostManager.java b/juick-server/src/main/java/com/juick/api/CrosspostManager.java
new file mode 100644
index 00000000..a601d7b7
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/CrosspostManager.java
@@ -0,0 +1,165 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+package com.juick.api;
+
+import com.juick.Message;
+import com.juick.server.component.MessageEvent;
+import com.juick.service.CrosspostService;
+import com.juick.util.MessageUtils;
+import org.apache.commons.codec.CharEncoding;
+import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.tuple.Pair;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.ApplicationListener;
+import org.springframework.social.twitter.api.Twitter;
+import org.springframework.social.twitter.api.impl.TwitterTemplate;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.Nonnull;
+import javax.inject.Inject;
+import javax.net.ssl.HttpsURLConnection;
+import java.io.OutputStreamWriter;
+import java.net.URL;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
+
+/**
+ * @author Ugnich Anton
+ */
+@Component
+public class CrosspostManager implements ApplicationListener<MessageEvent> {
+ private final static String FBURL = "https://graph.facebook.com/me/feed";
+ private final static String VKURL = "https://api.vk.com/method/wall.post";
+
+ private static Logger logger = LoggerFactory.getLogger(CrosspostManager.class);
+
+ @Inject
+ private CrosspostService crosspostService;
+
+ @Value("${twitter_consumer_key:}")
+ private String twitter_consumer_key;
+ @Value("${twitter_consumer_secret:}")
+ private String twitter_consumer_secret;
+
+ @Override
+ public void onApplicationEvent(@Nonnull MessageEvent event) {
+ Message msg = event.getMessage();
+ if (msg.getMid() > 0 && msg.getRid() == 0) {
+ if (StringUtils.isNotEmpty(crosspostService.getTwitterName(msg.getUser().getUid()))) {
+ if (msg.getTags().stream().noneMatch(t -> t.getName().equals("notwitter"))) {
+ twitterPost(msg);
+ }
+ }
+ // TODO: approve application for facebook crosspost
+ }
+ }
+
+ private boolean facebookPost(final com.juick.Message jmsg) {
+ String token = crosspostService.getFacebookTokens(jmsg.getUser().getUid())
+ .orElse(Pair.of(StringUtils.EMPTY, StringUtils.EMPTY)).getRight();
+ if (token.isEmpty()) {
+ return false;
+ }
+
+ logger.info("FB: #{}", jmsg.getMid());
+
+ String status = MessageUtils.getMessageHashTags(jmsg) + "\n" + jmsg.getText();
+
+ boolean ret = false;
+ try {
+ String body = "access_token="
+ + URLEncoder.encode(token, CharEncoding.UTF_8)
+ + "&message="
+ + URLEncoder.encode(status, CharEncoding.UTF_8)
+ + "&link=http%3A%2F%2Fjuick.com%2F"
+ + jmsg.getMid();
+
+ HttpsURLConnection conn = (HttpsURLConnection) new URL(FBURL).openConnection();
+ conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
+ conn.setRequestProperty("User-Agent", "Juick");
+ conn.setRequestProperty("Content-Length", Integer.toString(body.length()));
+ conn.setUseCaches(false);
+ conn.setDoInput(true);
+ conn.setDoOutput(true);
+ conn.setRequestMethod("POST");
+ conn.connect();
+
+ OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream());
+ wr.write(body);
+ wr.close();
+
+ ret = StringUtils.isNotEmpty(IOUtils.toString(conn.getInputStream(), StandardCharsets.UTF_8));
+
+ conn.disconnect();
+ } catch (Exception e) {
+ logger.error("fbPost exception", e);
+ }
+ return ret;
+ }
+
+ private boolean vkontaktePost(final com.juick.Message jmsg) {
+ Pair<String, String> tokens = crosspostService.getVkTokens(jmsg.getUser().getUid()).orElse(Pair.of(StringUtils.EMPTY, StringUtils.EMPTY));
+ if (tokens.getLeft().isEmpty() || tokens.getRight().isEmpty()) {
+ return false;
+ }
+
+ logger.info("VK: #", jmsg.getMid());
+
+ String status = MessageUtils.getMessageHashTags(jmsg) + "\n" + jmsg.getText() + "\nhttp://juick.com/" + jmsg.getMid();
+
+ boolean ret = false;
+ try {
+ String body = "owner_id=" + tokens.getLeft() + "&access_token=" + URLEncoder.encode(tokens.getRight(), CharEncoding.UTF_8) + "&from_group=1&message=" + URLEncoder.encode(status, CharEncoding.UTF_8);
+
+ HttpsURLConnection conn = (HttpsURLConnection) new URL(VKURL).openConnection();
+ conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
+ conn.setRequestProperty("User-Agent", "Juick");
+ conn.setRequestProperty("Content-Length", Integer.toString(body.length()));
+ conn.setUseCaches(false);
+ conn.setDoInput(true);
+ conn.setDoOutput(true);
+ conn.setRequestMethod("POST");
+ conn.connect();
+
+ OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream());
+ wr.write(body);
+ wr.close();
+
+ ret = StringUtils.isNotEmpty(IOUtils.toString(conn.getInputStream(), StandardCharsets.UTF_8));
+
+ conn.disconnect();
+ } catch (Exception e) {
+ logger.error("vkPost exception", e);
+ }
+ return ret;
+ }
+
+ private void twitterPost(final com.juick.Message jmsg) {
+ crosspostService.getTwitterToken(jmsg.getUser().getUid()).ifPresent(t -> {
+ String status = MessageUtils.getMessageHashTags(jmsg) + StringUtils.defaultString(jmsg.getText());
+ if (status.length() > 255) {
+ status = status.substring(0, 254) + "…";
+ }
+ status += " http://juick.com/" + jmsg.getMid();
+ Twitter twitter = new TwitterTemplate(twitter_consumer_key, twitter_consumer_secret, t.getToken(), t.getSecret());
+ twitter.timelineOperations().updateStatus(status);
+ });
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/EmailManager.java b/juick-server/src/main/java/com/juick/api/EmailManager.java
new file mode 100644
index 00000000..fa86b406
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/EmailManager.java
@@ -0,0 +1,110 @@
+package com.juick.api;
+
+import com.juick.Message;
+import com.juick.server.component.MessageEvent;
+import com.juick.service.EmailService;
+import com.juick.service.MessagesService;
+import com.juick.service.SubscriptionService;
+import com.juick.service.UserService;
+import com.juick.util.MessageUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.ApplicationListener;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.Nonnull;
+import javax.inject.Inject;
+import javax.mail.MessagingException;
+import javax.mail.Multipart;
+import javax.mail.Session;
+import javax.mail.Transport;
+import javax.mail.internet.InternetAddress;
+import javax.mail.internet.MimeBodyPart;
+import javax.mail.internet.MimeMessage;
+import javax.mail.internet.MimeMultipart;
+import java.util.Properties;
+
+import static com.juick.formatters.PlainTextFormatter.formatPost;
+import static com.juick.formatters.PlainTextFormatter.formatUrl;
+
+@Component
+public class EmailManager implements ApplicationListener<MessageEvent> {
+
+ public static final String MSGID_PATTERN = "\\.|@|<";
+
+ private static final Logger logger = LoggerFactory.getLogger(EmailManager.class);
+ @Inject
+ private EmailService emailService;
+ @Inject
+ private SubscriptionService subscriptionService;
+ @Inject
+ private MessagesService messagesService;
+ @Inject
+ private UserService userService;
+ @Override
+ public void onApplicationEvent(@Nonnull MessageEvent event) {
+ Message msg = event.getMessage();
+ if (msg.getMid() > 0 && msg.getRid() == 0) {
+ String subject = String.format("New message from %s", msg.getUser().getName());
+ subscriptionService.getSubscribedUsers(msg.getUser().getUid(), msg.getMid())
+ .forEach(user -> emailService.getEmails(user.getUid(), true)
+ .forEach(email -> emailNotify(email, subject, msg)));
+ } else if (msg.getRid() > 0) {
+ Message originalMessage = messagesService.getMessage(msg.getMid());
+ String subject = String.format("New reply to %s", originalMessage.getUser().getName());
+ subscriptionService.getUsersSubscribedToComments(msg.getMid(), msg.getUser().getUid())
+ .forEach(user -> emailService.getEmails(user.getUid(), true)
+ .forEach(email -> emailNotify(email, subject, msg)));
+ }
+ }
+
+ private void emailNotify(String email, String subject, Message msg) {
+ Properties prop = System.getProperties();
+ prop.put("mail.smtp.starttls.enable", "true");
+ Session session = Session.getDefaultInstance(prop);
+ try {
+ Transport transport = session.getTransport("smtp");
+ MimeMessage message = new MimeMessage(session) {
+ protected void updateMessageID() throws MessagingException {
+ setHeader("Message-ID", String.format("<%d.%d@juick.com>", msg.getMid(), msg.getRid()));
+ if (msg.getRid() > 0) {
+ if (msg.getReplyto() > 0) {
+ Message replyto = messagesService.getReply(msg.getMid(), msg.getReplyto());
+ setHeader("In-Reply-To", String.format("<%d.%d@juick.com>", replyto.getMid(), replyto.getRid()));
+ } else {
+ Message original = messagesService.getMessage(msg.getMid());
+ setHeader("In-Reply-To", String.format("<%d.%d@juick.com>", original.getMid(), original.getRid()));
+ }
+ }
+ }
+ };
+ message.setFrom(new InternetAddress("juick@juick.com"));
+ message.addRecipient(javax.mail.Message.RecipientType.TO, new InternetAddress(email));
+ message.setSubject(subject);
+ String plainText = String.format("%s\n\n--\nYou are receiving this because you are subscribed to this user " +
+ ", discussion or tag. Reply to this email directly or view it on Juick: %s.",
+ formatPost(msg), formatUrl(msg));
+ MimeBodyPart textBodyPart = new MimeBodyPart();
+ textBodyPart.setContent(plainText, "text/plain; charset=UTF-8");
+ String htmlText = String.format("%s<br /><br />--<br />You are receiving this because you are subscribed to this user" +
+ ", discussion or tag. Reply to this email directly or <a href=\"%s\">view it</a> on Juick." +
+ "<br /><a href=\"https://juick.com/settings?hash=%s\">Configure or disable notifications</a>",
+ MessageUtils.formatHtml(msg), formatUrl(msg),
+ userService.getHashByUID(userService.getUserByEmail(email).getUid()));
+ MimeBodyPart htmlBodyPart = new MimeBodyPart();
+ htmlBodyPart.setContent(htmlText, "text/html; charset=UTF-8");
+ Multipart multipart = new MimeMultipart("alternative");
+ multipart.addBodyPart(textBodyPart);
+ multipart.addBodyPart(htmlBodyPart);
+ message.setContent(multipart);
+ message.setHeader("List-Unsubscribe", String.format("https://juick.com/settings?hash=%s",
+ userService.getHashByUID(userService.getUserByEmail(email).getUid())));
+ message.saveChanges();
+ transport.connect();
+ transport.sendMessage(message, message.getAllRecipients());
+ } catch (MessagingException ex) {
+ logger.error("mail exception", ex);
+ }
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/FacebookPageManager.java b/juick-server/src/main/java/com/juick/api/FacebookPageManager.java
new file mode 100644
index 00000000..e9ed0e59
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/FacebookPageManager.java
@@ -0,0 +1,32 @@
+package com.juick.api;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Component;
+import org.springframework.web.client.RestTemplate;
+import org.springframework.web.util.UriComponents;
+import org.springframework.web.util.UriComponentsBuilder;
+
+@Component
+public class FacebookPageManager {
+ private static Logger logger = LoggerFactory.getLogger(FacebookPageManager.class);
+ @Value("${facebook_page_id:12345678}")
+ private String pageId;
+ @Value("${fb_page_access_token:12345678}")
+ private String accessToken;
+
+ public void post(String status, String link) {
+ UriComponents uriComponents = UriComponentsBuilder.fromUriString("https://graph.facebook.com/{page_id}/feed")
+ .queryParam("message", status)
+ .queryParam("link", link)
+ .queryParam("access_token", accessToken)
+ .buildAndExpand(pageId);
+ RestTemplate api = new RestTemplate();
+ ResponseEntity<String> response = api.exchange(uriComponents.toUri(),
+ HttpMethod.POST, null, String.class);
+ logger.info("Facebook response: {}", response.getBody());
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/MessengerManager.java b/juick-server/src/main/java/com/juick/api/MessengerManager.java
new file mode 100644
index 00000000..7341b946
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/MessengerManager.java
@@ -0,0 +1,143 @@
+package com.juick.api;
+
+import com.github.messenger4j.Messenger;
+import com.github.messenger4j.exception.MessengerApiException;
+import com.github.messenger4j.exception.MessengerIOException;
+import com.github.messenger4j.exception.MessengerVerificationException;
+import com.github.messenger4j.send.MessagePayload;
+import com.github.messenger4j.send.message.TemplateMessage;
+import com.github.messenger4j.send.message.TextMessage;
+import com.github.messenger4j.send.message.template.ButtonTemplate;
+import com.github.messenger4j.send.message.template.button.UrlButton;
+import com.github.messenger4j.userprofile.UserProfile;
+import com.github.messenger4j.webhook.event.TextMessageEvent;
+import com.juick.Message;
+import com.juick.User;
+import com.juick.server.component.MessageEvent;
+import com.juick.service.MessagesService;
+import com.juick.service.MessengerService;
+import com.juick.service.SubscriptionService;
+import com.juick.service.UserService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.ApplicationListener;
+import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
+
+import javax.annotation.Nonnull;
+import javax.annotation.PostConstruct;
+import javax.inject.Inject;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.time.Instant;
+import java.util.Collections;
+import java.util.Optional;
+
+import static com.juick.formatters.PlainTextFormatter.formatPost;
+import static com.juick.formatters.PlainTextFormatter.formatUrl;
+
+@Component
+public class MessengerManager implements ApplicationListener<MessageEvent> {
+ private static final Logger logger = LoggerFactory.getLogger(MessengerManager.class);
+ @Inject
+ private MessagesService messagesService;
+ @Inject
+ private SubscriptionService subscriptionService;
+ @Inject
+ private UserService userService;
+ @Inject
+ private MessengerService messengerService;
+ @Inject
+ private ApiServer apiServer;
+
+ @Value("${fb_page_access_token:12345678}")
+ private String facebookPageAccessToken;
+ @Value("${fb_verify_token:12345678}")
+ private String facebookVerifyToken;
+ @Value("${fb_secret:12345678}")
+ private String facebookSecret;
+
+ private Messenger messenger;
+
+ @PostConstruct
+ public void init() {
+ messenger = Messenger.create(facebookPageAccessToken, facebookSecret, facebookVerifyToken);
+ }
+
+ public String getFacebookVerifyToken() {
+ return facebookVerifyToken;
+ }
+
+ public void processUpdate(String signature , String data) throws MessengerVerificationException {
+ messenger.onReceiveEvents(data, Optional.of(signature), event -> {
+ final String senderId = event.senderId();
+ final Instant timestamp = event.timestamp();
+
+ User user_from = userService.getUserByUID(messengerService.getUserId(senderId)).orElse(new User());
+ logger.info("Found juick user {}", user_from.getUid());
+ if (user_from.getUid() == 0) {
+ try {
+ UserProfile profile = messenger.queryUserProfile(senderId);
+ signupNotify(senderId, messengerService.getSignUpHash(senderId, profile.firstName()));
+ } catch (MessengerApiException | MessengerIOException | MalformedURLException e) {
+ logger.warn("messenger profile error", e);
+ try {
+ signupNotify(senderId, messengerService.getSignUpHash(senderId, "anonymous"));
+ } catch (MalformedURLException | MessengerApiException | MessengerIOException e1) {
+ logger.warn("signup error", e1);
+ }
+ }
+ } else {
+ if (event.isTextMessageEvent()) {
+ final TextMessageEvent textMessageEvent = event.asTextMessageEvent();
+ final String messageId = textMessageEvent.messageId();
+ final String text = textMessageEvent.text();
+ logger.info("Received text message from '{}' at '{}' with content: {} (mid: {})",
+ senderId, timestamp, text, messageId);
+ apiServer.processMessage(user_from, text, null);
+ messengerNotify(senderId, "Message sent", null);
+ }
+ }
+ });
+ }
+
+ @Override
+ public void onApplicationEvent(@Nonnull MessageEvent event) {
+ Message msg = event.getMessage();
+ if (msg.getMid() > 0 && msg.getRid() == 0) {
+ String subject = formatPost(msg);
+ subscriptionService.getSubscribedUsers(msg.getUser().getUid(), msg.getMid())
+ .forEach(user -> messengerService.getSenderId(user)
+ .ifPresent(t -> messengerNotify(t, subject, formatUrl(msg))));
+ } else if (msg.getRid() > 0) {
+ // get quote
+ com.juick.Message jmsg = messagesService.getReply(msg.getMid(), msg.getRid());
+ String subject = formatPost(jmsg);
+ subscriptionService.getUsersSubscribedToComments(msg.getMid(), msg.getUser().getUid())
+ .forEach(user -> messengerService.getSenderId(user)
+ .ifPresent(t -> messengerNotify(t, subject, formatUrl(jmsg))));
+ }
+ }
+
+ private void messengerNotify(String messengerUser, String text, String url) {
+ try {
+ if (!StringUtils.isEmpty(url)) {
+ final UrlButton showMessage = UrlButton.create("VIEW MESSAGE", new URL(url));
+ ButtonTemplate template = ButtonTemplate.create(text, Collections.singletonList(showMessage));
+ messenger.send(MessagePayload.create(messengerUser, TemplateMessage.create(template)));
+ } else {
+ messenger.send(MessagePayload.create(messengerUser, TextMessage.create(text)));
+ }
+ } catch (MessengerApiException | MessengerIOException | MalformedURLException e) {
+ logger.warn("messenger error", e);
+ }
+ }
+ private void signupNotify(String messengerUser, String hash) throws MalformedURLException, MessengerApiException, MessengerIOException {
+ final UrlButton urlButton = UrlButton.create("LOGIN",
+ new URL("https://juick.com/signup?type=messenger&hash=" + hash));
+ ButtonTemplate template = ButtonTemplate.create("Login to receive notifications",
+ Collections.singletonList(urlButton));
+ messenger.send(MessagePayload.create(messengerUser, TemplateMessage.create(template)));
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/TelegramBotManager.java b/juick-server/src/main/java/com/juick/api/TelegramBotManager.java
new file mode 100644
index 00000000..6f2e50d1
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/TelegramBotManager.java
@@ -0,0 +1,298 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api;
+
+import com.juick.User;
+import com.juick.server.component.MessageEvent;
+import com.juick.server.util.HttpUtils;
+import com.juick.service.MessagesService;
+import com.juick.service.SubscriptionService;
+import com.juick.service.TelegramService;
+import com.juick.service.UserService;
+import com.pengrad.telegrambot.BotUtils;
+import com.pengrad.telegrambot.Callback;
+import com.pengrad.telegrambot.TelegramBot;
+import com.pengrad.telegrambot.model.Message;
+import com.pengrad.telegrambot.model.MessageEntity;
+import com.pengrad.telegrambot.model.PhotoSize;
+import com.pengrad.telegrambot.model.Update;
+import com.pengrad.telegrambot.model.request.ParseMode;
+import com.pengrad.telegrambot.request.GetFile;
+import com.pengrad.telegrambot.request.SendMessage;
+import com.pengrad.telegrambot.request.SetWebhook;
+import com.pengrad.telegrambot.response.GetFileResponse;
+import com.pengrad.telegrambot.response.SendResponse;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.ApplicationListener;
+import org.springframework.stereotype.Component;
+import org.springframework.web.util.UriComponents;
+import org.springframework.web.util.UriComponentsBuilder;
+
+import javax.annotation.Nonnull;
+import javax.annotation.PostConstruct;
+import javax.inject.Inject;
+import java.io.IOException;
+import java.net.URL;
+import java.util.Arrays;
+import java.util.Comparator;
+import java.util.List;
+import java.util.Optional;
+
+import static com.juick.formatters.PlainTextFormatter.formatPost;
+import static com.juick.formatters.PlainTextFormatter.formatUrl;
+
+/**
+ * Created by vt on 12/05/16.
+ */
+@Component
+public class TelegramBotManager implements ApplicationListener<MessageEvent> {
+ private static final Logger logger = LoggerFactory.getLogger(TelegramBotManager.class);
+
+ private TelegramBot bot;
+
+ @Value("${telegram_token}")
+ private String telegramToken;
+ @Inject
+ private TelegramService telegramService;
+ @Inject
+ private MessagesService messagesService;
+ @Inject
+ private SubscriptionService subscriptionService;
+ @Inject
+ private UserService userService;
+ @Inject
+ private ApiServer apiServer;
+ @Value("${upload_tmp_dir:/var/www/juick.com/i/tmp/}")
+ private String tmpDir;
+
+ private static final String MSG_LINK = "🔗";
+
+ @PostConstruct
+ public void init() {
+ if (StringUtils.isBlank(telegramToken)) {
+ logger.info("telegram token is not set, exiting");
+ return;
+ }
+ bot = new TelegramBot(telegramToken);
+ try {
+ SetWebhook webhook = new SetWebhook().url("https://api.juick.com/tlgmbtwbhk");
+ if (!bot.execute(webhook).isOk()) {
+ logger.error("error setting webhook");
+ }
+ } catch (Exception e) {
+ logger.warn("couldn't initialize telegram bot", e);
+ }
+ }
+
+ public void processUpdate(String data) throws Exception {
+ Update update = BotUtils.parseUpdate(data);
+ Message message = update.message();
+ if (update.message() == null) {
+ message = update.editedMessage();
+ if (message == null) {
+ logger.error("error parsing telegram update: {}", update);
+ return;
+ }
+ }
+ User user_from = userService.getUserByUID(telegramService.getUser(message.chat().id())).orElse(new User());
+ logger.info("Found juick user {}", user_from.getUid());
+
+ List<Long> chats = telegramService.getChats();
+ String username = message.from().username();
+ if (username == null) {
+ username = message.from().firstName();
+ }
+ if (!chats.contains(message.chat().id())) {
+ telegramService.addChat(message.chat().id());
+ logger.info("added chat with {}", username);
+ telegramService.createTelegramUser(message.from().id(), username);
+ telegramSignupNotify(message.from().id().longValue(), userService.getSignUpHashByTelegramID(message.from().id().longValue(), username));
+ } else {
+ if (user_from.getUid() == 0) {
+ telegramSignupNotify(message.from().id().longValue(), userService.getSignUpHashByTelegramID(message.from().id().longValue(), username));
+ } else {
+ String attachment = StringUtils.EMPTY;
+ if (message.photo() != null) {
+ String fileId = Arrays.stream(message.photo()).max(Comparator.comparingInt(PhotoSize::fileSize))
+ .orElse(new PhotoSize()).fileId();
+ if (StringUtils.isNotEmpty(fileId)) {
+ GetFile request = new GetFile(fileId);
+ GetFileResponse response = bot.execute(request);
+ logger.info("got file {}", response.file());
+ URL fileURL = new URL(bot.getFullFilePath(response.file()));
+ attachment = HttpUtils.downloadImage(fileURL, tmpDir);
+ logger.info("received {}", attachment);
+ }
+ }
+ String text = message.text();
+ if (StringUtils.isBlank(text)) {
+ text = message.caption();
+ }
+ if (StringUtils.isBlank(text)) {
+ text = StringUtils.EMPTY;
+ }
+ if (StringUtils.isNotEmpty(text) || StringUtils.isNotEmpty(attachment)) {
+ if (text.equalsIgnoreCase("LOGIN")
+ || text.equalsIgnoreCase("PING")
+ || text.equalsIgnoreCase("HELP")
+ || text.equalsIgnoreCase("/login")
+ || text.equalsIgnoreCase("/start")
+ || text.equalsIgnoreCase("/help")) {
+ String msgUrl = "http://juick.com/login?hash=" + userService.getHashByUID(user_from.getUid());
+ String msg = String.format("Hi, %s!\nYou can post messages and images to Juick there.\n" +
+ "Tap to [log into website](%s) to get more info", user_from.getName(), msgUrl);
+ telegramNotify(message.from().id().longValue(), msg);
+ } else {
+ Message replyMessage = message.replyToMessage();
+ if (replyMessage != null) {
+ if (replyMessage.entities() != null) {
+ Optional<MessageEntity> juickLink = Arrays.stream(replyMessage.entities())
+ .filter(this::isJuickLink)
+ .findFirst();
+ if (juickLink.isPresent()) {
+ if (StringUtils.isNotEmpty(juickLink.get().url())) {
+ UriComponents uriComponents = UriComponentsBuilder.fromUriString(
+ juickLink.get().url()).build();
+ String path = uriComponents.getPath();
+ if (StringUtils.isNotEmpty(path) && path.length() > 1) {
+ int mid = Integer.valueOf(path.substring(1));
+ String prefix = String.format("#%d ", mid);
+ if (StringUtils.isNotEmpty(uriComponents.getFragment())) {
+ int rid = Integer.valueOf(uriComponents.getFragment());
+ prefix = String.format("#%d/%d ", mid, rid);
+ }
+ apiServer.processMessage(user_from, prefix + text, attachment);
+ telegramNotify(message.from().id().longValue(), "Reply sent");
+ } else {
+ logger.warn("invalid path: {}", path);
+ }
+ } else {
+ logger.warn("invalid entity: {}", juickLink);
+ }
+ } else {
+ telegramNotify(message.from().id().longValue(),
+ "Can not reply to this message", replyMessage.messageId());
+ }
+ } else {
+ telegramNotify(message.from().id().longValue(),
+ "Can not reply to this message", replyMessage.messageId());
+ }
+ } else {
+ apiServer.processMessage(user_from, text, attachment);
+ telegramNotify(message.from().id().longValue(), "Message sent");
+ }
+ }
+ }
+ }
+ }
+ }
+
+ private boolean isJuickLink(MessageEntity e) {
+ return e.offset() == 0 && e.type().equals(MessageEntity.Type.text_link) && e.length() == 2;
+ }
+
+ @Override
+ public void onApplicationEvent(@Nonnull MessageEvent event) {
+ com.juick.Message jmsg = event.getMessage();
+ String msgUrl = formatUrl(jmsg);
+ if (jmsg.getMid() > 0 && jmsg.getRid() == 0) {
+ String msg = String.format("[%s](%s) %s", MSG_LINK, msgUrl, formatPost(jmsg, true));
+
+ List<Long> users = telegramService.getTelegramIdentifiers(subscriptionService.getSubscribedUsers(jmsg.getUser().getUid(), jmsg.getMid()));
+ List<Long> chats = telegramService.getChats();
+ // registered subscribed users
+
+ users.forEach(c -> telegramNotify(c, msg));
+ // anonymous
+ chats.stream().filter(u -> telegramService.getUser(u) == 0).forEach(c -> telegramNotify(c, msg));
+ } else if (jmsg.getRid() > 0) {
+ // get quote
+ com.juick.Message msg = messagesService.getReply(jmsg.getMid(), jmsg.getRid());
+ String fmsg = String.format("[%s](%s) %s", MSG_LINK, msgUrl, formatPost(msg, true));
+ telegramService.getTelegramIdentifiers(
+ subscriptionService.getUsersSubscribedToComments(jmsg.getMid(), jmsg.getUser().getUid())
+ ).forEach(c -> telegramNotify(c, fmsg));
+ }
+ }
+
+ public void telegramNotify(Long chatId, String msg) {
+ telegramNotify(chatId, msg, 0);
+ }
+
+ public void telegramNotify(Long chatId, String msg, Integer replyTo) {
+ SendMessage telegramMessage = new SendMessage(chatId, msg);
+ if (replyTo > 0) {
+ telegramMessage.replyToMessageId(replyTo);
+ }
+ telegramMessage.parseMode(ParseMode.Markdown).disableWebPagePreview(true);
+ bot.execute(telegramMessage, new Callback<SendMessage, SendResponse>() {
+ @Override
+ public void onResponse(SendMessage request, SendResponse response) {
+ if (!response.isOk()) {
+ if (response.errorCode() == 403) {
+ // remove from anonymous chat
+ telegramService.getChats().stream().filter(c -> c.equals(chatId)).findFirst().ifPresent(
+ d -> {
+ telegramService.deleteChat(d);
+ logger.info("deleted {} chat", d);
+ }
+ );
+ int userId = telegramService.getUser(chatId);
+ if (userId > 0) {
+ User userToDelete = userService.getUserByUID(userId)
+ .orElse(new User());
+ boolean status = telegramService.deleteTelegramUser(userToDelete.getUid());
+ logger.info("deleting telegram id of @{} : {}", userToDelete.getName(), status);
+ boolean chatStatus = telegramService.deleteChat(chatId);
+ logger.info("deleting telegram chat {} : {}", chatId, chatStatus);
+ }
+ } else {
+ logger.warn("error response, isOk: {}, errorCode: {}, description: {}",
+ response.isOk(), response.errorCode(), response.description());
+ }
+ }
+ }
+
+ @Override
+ public void onFailure(SendMessage request, IOException e) {
+ logger.warn("telegram failure", e);
+ }
+ });
+ }
+
+ public void telegramSignupNotify(Long telegramId, String hash) {
+ bot.execute(new SendMessage(telegramId,
+ String.format("You are subscribed to all Juick messages. " +
+ "[Create or link](http://juick.com/signup?type=durov&hash=%s) " +
+ "an existing Juick account to get your subscriptions and ability to post messages", hash))
+ .parseMode(ParseMode.Markdown), new Callback<SendMessage, SendResponse>() {
+ @Override
+ public void onResponse(SendMessage request, SendResponse response) {
+ logger.info("got response: {}", response.message());
+ }
+
+ @Override
+ public void onFailure(SendMessage request, IOException e) {
+ logger.warn("telegram failure", e);
+ }
+ });
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/TopManager.java b/juick-server/src/main/java/com/juick/api/TopManager.java
new file mode 100644
index 00000000..b8123639
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/TopManager.java
@@ -0,0 +1,57 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api;
+
+import com.juick.Message;
+import com.juick.service.MessagesService;
+import com.juick.util.MessageUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.http.HttpStatus;
+import org.springframework.scheduling.annotation.Scheduled;
+import org.springframework.stereotype.Component;
+import org.springframework.web.client.HttpClientErrorException;
+
+import javax.inject.Inject;
+
+@Component
+public class TopManager {
+ private static Logger logger = LoggerFactory.getLogger(TopManager.class);
+ @Inject
+ private MessagesService messagesService;
+ @Inject
+ private FacebookPageManager facebookPageManager;
+
+ @Scheduled(fixedRate = 3600000)
+ public void updateTop() {
+ messagesService.getPopularCandidates().forEach(m -> {
+ logger.info("added {} to popular", m);
+ messagesService.setMessagePopular(m, 1);
+ Message jmsg = messagesService.getMessage(m);
+ String status = MessageUtils.getMessageHashTags(jmsg) + StringUtils.defaultString(jmsg.getText());
+ try {
+ facebookPageManager.post(status, "https://juick.com/" + jmsg.getMid());
+ } catch (HttpClientErrorException ex) {
+ HttpStatus statusCode = ex.getStatusCode();
+ String responseString = ex.getResponseBodyAsString();
+ logger.warn("facebook error {}: {}", statusCode.value(), responseString);
+ }
+ });
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/WebsocketManager.java b/juick-server/src/main/java/com/juick/api/WebsocketManager.java
new file mode 100644
index 00000000..40747e5a
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/WebsocketManager.java
@@ -0,0 +1,163 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api;
+
+import com.juick.User;
+import com.juick.server.helpers.AnonymousUser;
+import com.juick.server.util.HttpBadRequestException;
+import com.juick.server.util.HttpForbiddenException;
+import com.juick.server.util.HttpNotFoundException;
+import com.juick.service.MessagesService;
+import com.juick.service.SubscriptionService;
+import com.juick.service.UserService;
+import org.apache.commons.lang3.math.NumberUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.http.HttpHeaders;
+import org.springframework.scheduling.annotation.Scheduled;
+import org.springframework.web.socket.CloseStatus;
+import org.springframework.web.socket.PingMessage;
+import org.springframework.web.socket.WebSocketSession;
+import org.springframework.web.socket.handler.TextWebSocketHandler;
+import org.springframework.web.util.UriComponents;
+import org.springframework.web.util.UriComponentsBuilder;
+
+import javax.inject.Inject;
+import java.io.IOException;
+import java.net.URI;
+import java.util.Collections;
+import java.util.LinkedList;
+import java.util.List;
+
+/**
+ * Created by vitalyster on 28.06.2016.
+ */
+public class WebsocketManager extends TextWebSocketHandler {
+ private static final Logger logger = LoggerFactory.getLogger(WebsocketManager.class);
+
+ private final List<SocketSubscribed> clients = Collections.synchronizedList(new LinkedList<>());
+
+ @Inject
+ private UserService userService;
+ @Inject
+ private MessagesService messagesService;
+ @Inject
+ private SubscriptionService subscriptionService;
+
+
+ @Override
+ public void afterConnectionEstablished(WebSocketSession session) throws Exception {
+ URI hLocation;
+ String hXRealIP;
+
+ hLocation = session.getUri();
+ HttpHeaders headers = session.getHandshakeHeaders();
+ hXRealIP = headers.getOrDefault("X-Real-IP",
+ Collections.singletonList(session.getRemoteAddress().toString())).get(0);
+
+ // Auth
+ User visitor = AnonymousUser.INSTANCE;
+ UriComponents uriComponents = UriComponentsBuilder.fromUri(hLocation).build();
+ List<String> hash = uriComponents.getQueryParams().get("hash");
+ if (hash != null && hash.get(0).length() == 16) {
+ visitor = userService.getUserByHash(hash.get(0));
+ } else {
+ logger.info("wrong hash for {} from {}", visitor.getUid(), hXRealIP);
+ }
+
+ int MID = 0;
+ SocketSubscribed sockSubscr = null;
+ if (hLocation.getPath().equals("/ws/")) {
+ logger.info("user {} connected", visitor.getUid());
+ sockSubscr = new SocketSubscribed(session, hXRealIP, visitor, false);
+ } else if (hLocation.getPath().equals("/ws/_all")) {
+ logger.info("user {} connected to legacy _all ({})", visitor.getUid(), hLocation.getPath());
+ sockSubscr = new SocketSubscribed(session, hXRealIP, visitor, true);
+ sockSubscr.allMessages = true;
+ } else if (hLocation.getPath().equals("/ws/_replies")) {
+ logger.info("user {} connected to legacy _replies ({})", visitor.getUid(), hLocation.getPath());
+ sockSubscr = new SocketSubscribed(session, hXRealIP, visitor, true);
+ sockSubscr.allReplies = true;
+ } else if (hLocation.getPath().matches("^/ws/(\\d)+$")) {
+ MID = NumberUtils.toInt(hLocation.getPath().substring(4), 0);
+ if (MID > 0) {
+ if (messagesService.canViewThread(MID, visitor.getUid())) {
+ logger.info("user {} connected to legacy thread ({}) from {}", visitor.getUid(), MID, hXRealIP);
+ sockSubscr = new SocketSubscribed(session, hXRealIP, visitor, true);
+ sockSubscr.MID = MID;
+ } else {
+ throw new HttpForbiddenException();
+ }
+ }
+ } else {
+ throw new HttpNotFoundException();
+ }
+ if (sockSubscr != null) {
+ synchronized (clients) {
+ clients.add(sockSubscr);
+ logger.info("{} clients connected", clients.size());
+ }
+ } else {
+ throw new HttpBadRequestException();
+ }
+ }
+
+ @Override
+ public void afterConnectionClosed(WebSocketSession session, CloseStatus status) throws Exception {
+ synchronized (clients) {
+ logger.info("session closed with status {}: {}", status.getCode(), status.getReason());
+ clients.removeIf(c -> c.session.getId().equals(session.getId()));
+ logger.info("{} clients connected", clients.size());
+ }
+
+ }
+
+ @Scheduled(fixedRate = 30000)
+ public void ping() {
+ clients.forEach(c -> {
+ try {
+ c.session.sendMessage(new PingMessage());
+ } catch (IOException e) {
+ logger.error("WebSocket PING exception", e);
+ }
+ });
+ }
+ public List<SocketSubscribed> getClients() {
+ return clients;
+ }
+
+ class SocketSubscribed {
+ WebSocketSession session;
+ String clientName;
+ User visitor;
+ int MID;
+ boolean allMessages;
+ boolean allReplies;
+ long tsConnected;
+ long tsLastData;
+ boolean legacy;
+
+ public SocketSubscribed(WebSocketSession session, String clientName, User visitor, boolean legacy) {
+ this.session = session;
+ this.clientName = clientName;
+ this.visitor = visitor;
+ tsConnected = tsLastData = System.currentTimeMillis();
+ this.legacy = legacy;
+ }
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/configuration/ApiAppConfiguration.java b/juick-server/src/main/java/com/juick/api/configuration/ApiAppConfiguration.java
new file mode 100644
index 00000000..ea59ac52
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/configuration/ApiAppConfiguration.java
@@ -0,0 +1,135 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.configuration;
+
+import com.juick.api.ApiServer;
+import com.juick.api.WebsocketManager;
+import com.juick.server.component.JuickServerComponent;
+import com.juick.server.component.JuickServerReconnectManager;
+import com.juick.server.configuration.BaseWebConfiguration;
+import com.juick.service.UserService;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.*;
+import org.springframework.core.Ordered;
+import org.springframework.scheduling.annotation.EnableAsync;
+import org.springframework.scheduling.annotation.EnableScheduling;
+import org.springframework.web.servlet.config.annotation.DefaultServletHandlerConfigurer;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
+import org.springframework.web.socket.client.WebSocketConnectionManager;
+import org.springframework.web.socket.client.standard.StandardWebSocketClient;
+import org.springframework.web.socket.config.annotation.EnableWebSocket;
+import org.springframework.web.socket.config.annotation.ServletWebSocketHandlerRegistry;
+import org.springframework.web.socket.config.annotation.WebSocketConfigurer;
+import org.springframework.web.socket.config.annotation.WebSocketHandlerRegistry;
+import org.springframework.web.socket.server.standard.ServletServerContainerFactoryBean;
+import org.springframework.web.util.UriComponentsBuilder;
+import springfox.documentation.builders.PathSelectors;
+import springfox.documentation.builders.RequestHandlerSelectors;
+import springfox.documentation.service.ApiInfo;
+import springfox.documentation.spi.DocumentationType;
+import springfox.documentation.spring.web.plugins.Docket;
+import springfox.documentation.swagger2.annotations.EnableSwagger2;
+
+import javax.annotation.Nonnull;
+import javax.inject.Inject;
+import java.util.Collections;
+
+/**
+ * Created by aalexeev on 11/12/16.
+ */
+@Configuration
+@EnableAsync
+@EnableWebMvc
+@EnableSwagger2
+@EnableScheduling
+@EnableWebSocket
+@PropertySource("classpath:juick.conf")
+@ComponentScan(basePackages = "com.juick")
+public class ApiAppConfiguration extends BaseWebConfiguration implements WebSocketConfigurer {
+ @Inject
+ UserService userService;
+ @Value("${api_user:juick}")
+ private String serviceUser;
+ @Value("${websocket_url:ws://localhost:8080/ws/}")
+ private String baseUri;
+ @Lazy
+ @Bean
+ public JuickServerComponent juickServerComponent() {
+ return new JuickServerComponent();
+ }
+ @Lazy
+ @Bean
+ public JuickServerReconnectManager juickServerReconnectManager() {
+ return new JuickServerReconnectManager();
+ }
+ @Bean
+ public WebSocketConnectionManager connectionManager() {
+ String websocketURI = UriComponentsBuilder.fromUriString(baseUri)
+ .queryParam("hash", userService.getHashByUID(userService.getUIDbyName(serviceUser))).build().toUriString();
+ return new WebSocketConnectionManager(client(), juickServerComponent(), websocketURI);
+ }
+ @Bean
+ public StandardWebSocketClient client() {
+ return new StandardWebSocketClient();
+ }
+ @Bean
+ public ApiServer apiServer() {
+ return new ApiServer();
+ }
+ @Bean
+ public Docket api() {
+ return new Docket(DocumentationType.SWAGGER_2)
+ .select()
+ .apis(RequestHandlerSelectors.any())
+ .paths(PathSelectors.any()).build().apiInfo(new ApiInfo("Juick API", "Juick REST API Documentation",
+ "2.0", "https://juick.com/help/tos", null,
+ "AGPLv3", "https://www.gnu.org/licenses/agpl-3.0.html", Collections.emptyList()));
+ }
+ @Override
+ public void addResourceHandlers(ResourceHandlerRegistry registry) {
+ registry.addResourceHandler("/swagger-ui.html")
+ .addResourceLocations("classpath:/META-INF/resources/");
+
+ registry.addResourceHandler("/webjars/**")
+ .addResourceLocations("classpath:/META-INF/resources/webjars/");
+ }
+ @Bean
+ public WebsocketManager wsHandler() {
+ return new WebsocketManager();
+ }
+
+ @Override
+ public void registerWebSocketHandlers(@Nonnull WebSocketHandlerRegistry registry) {
+ //((ServletWebSocketHandlerRegistry) registry).setOrder(Ordered.LOWEST_PRECEDENCE);
+ registry.addHandler(wsHandler(), "/ws/**").setAllowedOrigins("*");
+ }
+
+ @Bean
+ public ServletServerContainerFactoryBean createWebSocketContainer() {
+ ServletServerContainerFactoryBean container = new ServletServerContainerFactoryBean();
+ container.setMaxTextMessageBufferSize(8192);
+ container.setMaxBinaryMessageBufferSize(8192);
+ return container;
+ }
+ @Override
+ public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
+ configurer.enable();
+ }
+
+}
diff --git a/juick-server/src/main/java/com/juick/api/configuration/ApiInitializer.java b/juick-server/src/main/java/com/juick/api/configuration/ApiInitializer.java
new file mode 100644
index 00000000..8f35e3f7
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/configuration/ApiInitializer.java
@@ -0,0 +1,65 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.configuration;
+
+import com.juick.configuration.DataConfiguration;
+import com.juick.server.configuration.JuickServerWebsocketConfiguration;
+import com.juick.server.configuration.StorageConfiguration;
+import org.apache.commons.codec.CharEncoding;
+import org.springframework.web.filter.CharacterEncodingFilter;
+import org.springframework.web.servlet.support.AbstractAnnotationConfigDispatcherServletInitializer;
+
+import javax.annotation.Nonnull;
+import javax.servlet.Filter;
+
+/**
+ * Created by vt on 09/02/16.
+ */
+public class ApiInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
+
+ @Override
+ protected Class<?>[] getRootConfigClasses() {
+ return new Class<?>[]{
+ ApiSecurityConfig.class,
+ DataConfiguration.class,
+ StorageConfiguration.class
+ };
+ }
+
+ @Override
+ protected Class<?>[] getServletConfigClasses() {
+ return null;
+ }
+
+ @Override
+ @Nonnull
+ protected String[] getServletMappings() {
+ return new String[]{"/"};
+ }
+
+ @Override
+ protected Filter[] getServletFilters() {
+ return new Filter[]{new CharacterEncodingFilter(CharEncoding.UTF_8)};
+ }
+
+ @Override
+ @Nonnull
+ protected String getServletName() {
+ return "API dispatcher servlet";
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java b/juick-server/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java
new file mode 100644
index 00000000..2ae1d9e5
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/configuration/ApiSecurityConfig.java
@@ -0,0 +1,128 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.configuration;
+
+import com.juick.service.UserService;
+import com.juick.service.security.JuickUserDetailsService;
+import com.juick.service.security.NotAuthorizedAuthenticationEntryPoint;
+import com.juick.service.security.deprecated.RequestParamHashRememberMeServices;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.authentication.RememberMeServices;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+
+import javax.inject.Inject;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.concurrent.TimeUnit;
+
+/**
+ * Created by aalexeev on 11/21/16.
+ */
+@Configuration
+@EnableWebSecurity
+@PropertySource("classpath:juick.conf")
+@Import(ApiAppConfiguration.class)
+public class ApiSecurityConfig extends WebSecurityConfigurerAdapter {
+ @Value("${auth_remember_me_key}")
+ private String rememberMeKey;
+ @Inject
+ private UserService userService;
+
+ ApiSecurityConfig() {
+ super(true);
+ }
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http.authorizeRequests()
+ .antMatchers(HttpMethod.OPTIONS).permitAll()
+ .antMatchers("/messages", "/users", "/thread", "/tags", "/tlgmbtwbhk", "/fbwbhk",
+ "/skypebotendpoint").permitAll()
+ .anyRequest().hasRole("USER")
+ .and().httpBasic().authenticationEntryPoint(getJuickAuthenticationEntryPoint())
+ .and().anonymous()
+ .and().cors().configurationSource(corsConfigurationSource())
+ .and().servletApi()
+ .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+ .and().exceptionHandling().authenticationEntryPoint(getJuickAuthenticationEntryPoint())
+ .and()
+ .rememberMe()
+ .alwaysRemember(true)
+ .tokenValiditySeconds((int) TimeUnit.DAYS.toSeconds(6 * 30))
+ .rememberMeServices(rememberMeServices())
+ .key(rememberMeKey)
+ .and().authenticationProvider(authenticationProvider())
+ .headers().defaultsDisabled().cacheControl();
+ }
+
+ @Bean
+ public DaoAuthenticationProvider authenticationProvider() {
+ DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
+
+ authenticationProvider.setUserDetailsService(userDetailsService());
+
+ return authenticationProvider;
+ }
+
+ @Bean
+ public JuickUserDetailsService userDetailsService() {
+ return new JuickUserDetailsService(userService);
+ }
+
+ @Bean
+ public RememberMeServices rememberMeServices() throws Exception {
+ return new RequestParamHashRememberMeServices(rememberMeKey, userService);
+ }
+
+ @Bean
+ public NotAuthorizedAuthenticationEntryPoint getJuickAuthenticationEntryPoint() {
+ return new NotAuthorizedAuthenticationEntryPoint();
+ }
+
+ @Bean
+ public CorsConfigurationSource corsConfigurationSource() {
+ CorsConfiguration configuration = new CorsConfiguration();
+
+ configuration.setAllowedOrigins(Collections.singletonList("*"));
+ configuration.setAllowedMethods(Arrays.asList("POST", "GET", "PUT", "OPTIONS", "DELETE"));
+ configuration.setAllowedHeaders(Collections.singletonList("*"));
+
+ UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+ source.registerCorsConfiguration("/**", configuration);
+
+ return source;
+ }
+ @Override
+ public void configure(WebSecurity web) throws Exception {
+ web.ignoring().antMatchers("/v2/api-docs", "/configuration/ui", "/swagger-resources/**",
+ "/configuration/**", "/swagger-ui.html", "/webjars/**", "/ws/**");
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/configuration/ApiSecurityInitializer.java b/juick-server/src/main/java/com/juick/api/configuration/ApiSecurityInitializer.java
new file mode 100644
index 00000000..259315fb
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/configuration/ApiSecurityInitializer.java
@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.configuration;
+
+/**
+ * Created by vitalyster on 25.11.2016.
+ */
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.security.web.context.AbstractSecurityWebApplicationInitializer;
+
+import javax.servlet.ServletContext;
+
+public class ApiSecurityInitializer extends AbstractSecurityWebApplicationInitializer {
+ private final Logger logger = LoggerFactory.getLogger(getClass());
+
+ @Override
+ protected void afterSpringSecurityFilterChain(ServletContext servletContext) {
+ logger.info("SpringSecurityFilterChain initialized");
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/controllers/ApiController.java b/juick-server/src/main/java/com/juick/api/controllers/ApiController.java
new file mode 100644
index 00000000..0929d1ea
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/controllers/ApiController.java
@@ -0,0 +1,54 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.controllers;
+
+import com.juick.Status;
+import com.juick.api.WebsocketManager;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
+import springfox.documentation.annotations.ApiIgnore;
+
+import javax.inject.Inject;
+import java.net.URI;
+
+/**
+ * Created by vitalyster on 25.07.2016.
+ */
+@ApiIgnore
+@RestController
+public class ApiController {
+ @Inject
+ private WebsocketManager wsHandler;
+
+ @RequestMapping(value = "/", method = RequestMethod.GET, headers = "Connection!=Upgrade")
+ public ResponseEntity<Void> description() {
+ URI redirectUri = ServletUriComponentsBuilder.fromCurrentRequestUri().path("/swagger-ui.html").build().toUri();
+ return ResponseEntity.status(HttpStatus.MOVED_PERMANENTLY).location(redirectUri).build();
+ }
+
+ @RequestMapping(value = "/api/status", method = RequestMethod.GET,
+ produces = MediaType.APPLICATION_JSON_UTF8_VALUE, headers = "Connection!=Upgrade")
+ public Status status() {
+ return Status.getStatus(String.valueOf(wsHandler.getClients().size()));
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/controllers/Messages.java b/juick-server/src/main/java/com/juick/api/controllers/Messages.java
new file mode 100644
index 00000000..e16e46d5
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/controllers/Messages.java
@@ -0,0 +1,181 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.controllers;
+
+import com.juick.Status;
+import com.juick.Tag;
+import com.juick.User;
+import com.juick.server.util.HttpBadRequestException;
+import com.juick.server.util.HttpForbiddenException;
+import com.juick.server.util.UserUtils;
+import com.juick.service.MessagesService;
+import com.juick.service.TagService;
+import com.juick.service.UserService;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.util.StringUtils;
+import org.springframework.web.bind.annotation.*;
+import springfox.documentation.annotations.ApiIgnore;
+
+import javax.inject.Inject;
+import java.time.Instant;
+import java.time.LocalDateTime;
+import java.time.ZoneId;
+import java.util.Collections;
+import java.util.List;
+
+/**
+ * @author ugnich
+ */
+@RestController
+@RequestMapping(method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+public class Messages {
+
+ private static final ResponseEntity<List<com.juick.Message>> NOT_FOUND = ResponseEntity
+ .status(HttpStatus.NOT_FOUND)
+ .body(Collections.emptyList());
+
+ private static final ResponseEntity<List<com.juick.Message>> FORBIDDEN = ResponseEntity
+ .status(HttpStatus.FORBIDDEN)
+ .body(Collections.emptyList());
+
+ @Inject
+ private MessagesService messagesService;
+ @Inject
+ private UserService userService;
+ @Inject
+ private TagService tagService;
+
+ // TODO: serialize image urls
+
+ @RequestMapping("/home")
+ public ResponseEntity<List<com.juick.Message>> getHome(
+ @RequestParam(defaultValue = "0") int before_mid) {
+ User visitor = UserUtils.getCurrentUser();
+ if (!visitor.isAnonymous()) {
+ int vuid = visitor.getUid();
+ List<Integer> mids = messagesService.getMyFeed(vuid, before_mid, true);
+
+ if (!mids.isEmpty())
+ return ResponseEntity.ok(messagesService.getMessages(mids));
+
+ return NOT_FOUND;
+ }
+ return FORBIDDEN;
+ }
+
+ @RequestMapping("/messages")
+ public ResponseEntity<List<com.juick.Message>> getMessages(
+ @RequestParam(required = false) String uname,
+ @RequestParam(name = "before_mid", defaultValue = "0") Integer before,
+ @RequestParam(required = false, defaultValue = "0") Integer daysback,
+ @RequestParam(required = false) String withrecommended,
+ @RequestParam(required = false) String popular,
+ @RequestParam(required = false) String media,
+ @RequestParam(required = false) String tag) {
+ User visitor = UserUtils.getCurrentUser();
+ int vuid = visitor.getUid();
+
+ List<Integer> mids;
+ if (!StringUtils.isEmpty(uname)) {
+ User user = userService.getUserByName(uname);
+ if (user != null) {
+ if (!StringUtils.isEmpty(media)) {
+ mids = messagesService.getUserPhotos(user.getUid(), 0, before);
+ } else if (!StringUtils.isEmpty(tag)) {
+ Tag tagObject = tagService.getTag(tag, false);
+ if (tagObject != null) {
+ mids = messagesService.getUserTag(user.getUid(), tagObject.TID, 0, before);
+ } else {
+ return NOT_FOUND;
+ }
+ } else if (!StringUtils.isEmpty(withrecommended)) {
+ mids = messagesService.getUserBlogWithRecommendations(user.getUid(), 0, before);
+ } else if (daysback > 0) {
+ mids = messagesService.getUserBlogAtDay(user.getUid(), 0, daysback);
+ } else {
+ mids = messagesService.getUserBlog(user.getUid(), 0, before);
+ }
+ } else {
+ return NOT_FOUND;
+ }
+ } else {
+ if (!StringUtils.isEmpty(popular)) {
+ mids = messagesService.getPopular(vuid, before);
+ } else if (!StringUtils.isEmpty(media)) {
+ mids = messagesService.getPhotos(vuid, before);
+ } else if (!StringUtils.isEmpty(tag)) {
+ Tag tagObject = tagService.getTag(tag, false);
+ if (tagObject != null) {
+ mids = messagesService.getTag(tagObject.TID, vuid, before, 20);
+ } else {
+ return NOT_FOUND;
+ }
+ } else {
+ mids = messagesService.getAll(vuid, before);
+ }
+ }
+ return ResponseEntity.ok(messagesService.getMessages(mids));
+ }
+
+ @GetMapping("/messages/notifications")
+ public ResponseEntity<List<com.juick.Message>> getNotifications(
+ @RequestParam(required = false) Long before
+ ) {
+ User visitor = UserUtils.getCurrentUser();
+ LocalDateTime beforeTime = before != null ?
+ LocalDateTime.ofInstant(Instant.ofEpochMilli(before), ZoneId.systemDefault())
+ : null;
+ return ResponseEntity.ok(messagesService.getNotifications(visitor, beforeTime));
+ }
+ @RequestMapping("/thread")
+ public ResponseEntity<List<com.juick.Message>> getThread(
+ @RequestParam(defaultValue = "0") int mid) {
+ User visitor = UserUtils.getCurrentUser();
+ int vuid = visitor.getUid();
+ com.juick.Message msg = messagesService.getMessage(mid);
+ if (msg != null) {
+ if (!messagesService.canViewThread(mid, vuid)) {
+ return FORBIDDEN;
+ } else {
+ List<com.juick.Message> replies = messagesService.getReplies(mid);
+ replies.add(0, msg);
+ return ResponseEntity.ok(replies);
+ }
+ }
+ return NOT_FOUND;
+ }
+
+ @ApiIgnore
+ @RequestMapping("/messages/set_privacy")
+ @ResponseBody
+ public ResponseEntity<Status> doSetPrivacy(
+ @RequestParam(defaultValue = "0") int mid) {
+ User visitor = UserUtils.getCurrentUser();
+ int vuid = visitor.getUid();
+ if (vuid == 0) {
+ throw new HttpForbiddenException();
+ }
+ com.juick.User user = messagesService.getMessageAuthor(mid);
+ if (user != null && user.getUid() == vuid && messagesService.setMessagePrivacy(mid)) {
+ return ResponseEntity.ok(Status.OK);
+ }
+ throw new HttpForbiddenException();
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/controllers/MessengerWebhook.java b/juick-server/src/main/java/com/juick/api/controllers/MessengerWebhook.java
new file mode 100644
index 00000000..835165ba
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/controllers/MessengerWebhook.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.controllers;
+
+import com.github.messenger4j.exception.MessengerVerificationException;
+import com.juick.api.MessengerManager;
+import com.juick.server.util.HttpForbiddenException;
+import org.apache.commons.io.IOUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+import springfox.documentation.annotations.ApiIgnore;
+
+import javax.inject.Inject;
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.charset.StandardCharsets;
+
+/**
+ * Created by vitalyster on 27.03.2017.
+ */
+@ApiIgnore
+@RestController
+public class MessengerWebhook {
+ private static Logger logger = LoggerFactory.getLogger(MessengerWebhook.class);
+
+ @Inject
+ private MessengerManager messengerManager;
+
+ @RequestMapping(value = "/fbwbhk", method = RequestMethod.GET)
+ public ResponseEntity<Integer> verifyHook(@RequestParam(name = "hub.mode") String hubMode,
+ @RequestParam(name = "hub.challenge") Integer hubChallenge,
+ @RequestParam(name = "hub.verify_token") String verifyToken) {
+ if (hubMode.equals("subscribe") && verifyToken.equals(messengerManager.getFacebookVerifyToken())) {
+ return new ResponseEntity<>(hubChallenge, HttpStatus.OK);
+ }
+ throw new HttpForbiddenException();
+ }
+ @RequestMapping(value = "/fbwbhk", method = RequestMethod.POST)
+ @ResponseStatus(value = HttpStatus.OK)
+ public void processUpdate(@RequestHeader(name = "X-Hub-Signature", required = false) String signature, InputStream body) throws IOException, MessengerVerificationException {
+ String data = IOUtils.toString(body, StandardCharsets.UTF_8);
+ messengerManager.processUpdate(signature, data);
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/controllers/Notifications.java b/juick-server/src/main/java/com/juick/api/controllers/Notifications.java
new file mode 100644
index 00000000..e4474e6e
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/controllers/Notifications.java
@@ -0,0 +1,190 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.controllers;
+
+import com.juick.Message;
+import com.juick.Status;
+import com.juick.ExternalToken;
+import com.juick.User;
+import com.juick.server.helpers.AnonymousUser;
+import com.juick.server.util.HttpBadRequestException;
+import com.juick.server.util.HttpForbiddenException;
+import com.juick.service.MessagesService;
+import com.juick.service.PushQueriesService;
+import com.juick.service.SubscriptionService;
+import com.juick.server.util.UserUtils;
+import com.juick.service.UserService;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+import springfox.documentation.annotations.ApiIgnore;
+
+import javax.inject.Inject;
+import java.io.IOException;
+import java.security.Principal;
+import java.util.Collections;
+import java.util.List;
+import java.util.stream.Collectors;
+
+/**
+ * Created by vitalyster on 24.10.2016.
+ */
+@RestController
+public class Notifications {
+
+ @Inject
+ private PushQueriesService pushQueriesService;
+ @Inject
+ private MessagesService messagesService;
+ @Inject
+ private SubscriptionService subscriptionService;
+ @Inject
+ private UserService userService;
+
+
+ private User collectTokens(Integer uid) {
+ User user = userService.getUserByUID(uid).orElse(AnonymousUser.INSTANCE);
+ pushQueriesService.getGCMRegID(uid).forEach(t -> user.getTokens().add(new ExternalToken(null, "gcm", t, null)));
+ pushQueriesService.getAPNSToken(uid).forEach(t -> user.getTokens().add(new ExternalToken(null, "apns", t, null)));
+ pushQueriesService.getMPNSURL(uid).forEach(t -> user.getTokens().add(new ExternalToken(null, "mpns", t, null)));
+ return user;
+ }
+
+ @ApiIgnore
+ @RequestMapping(value = "/notifications", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public ResponseEntity<List<User>> doGet(
+ @RequestParam(required = false, defaultValue = "0") int uid,
+ @RequestParam(required = false, defaultValue = "0") int mid,
+ @RequestParam(required = false, defaultValue = "0") int rid) {
+ User visitor = UserUtils.getCurrentUser();
+ if ((visitor.getUid() == 0) || !(visitor.getName().equals("juick"))) {
+ throw new HttpForbiddenException();
+ }
+ if (uid > 0 && mid == 0) {
+ // PM
+ return ResponseEntity.ok(Collections.singletonList(collectTokens(uid)));
+ } else {
+ if (mid > 0) {
+ Message msg = messagesService.getMessage(mid);
+ if (msg != null) {
+ List<User> users;
+ if (rid > 0) {
+ Message reply = messagesService.getReply(mid, rid);
+ users = subscriptionService.getUsersSubscribedToComments(mid, reply.getUser().getUid());
+ } else {
+ users = subscriptionService.getSubscribedUsers(msg.getUser().getUid(), mid);
+ }
+
+ return ResponseEntity.ok(users.stream().map(User::getUid)
+ .map(this::collectTokens).collect(Collectors.toList()));
+ }
+ }
+ }
+ throw new HttpBadRequestException();
+ }
+
+ @ApiIgnore
+ @RequestMapping(value = "/notifications", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public Status doDelete(
+ @RequestBody List<ExternalToken> list) throws IOException {
+ User visitor = UserUtils.getCurrentUser();
+ // FIXME: it is possible to delete other user's tokens
+ if ((visitor.getUid() == 0) || !(visitor.getName().equals("juick"))) {
+ throw new HttpForbiddenException();
+ }
+ list.forEach(t -> {
+ switch (t.getType()) {
+ case "gcm":
+ pushQueriesService.deleteGCMToken(t.getToken());
+ break;
+ case "apns":
+ pushQueriesService.deleteAPNSToken(t.getToken());
+ break;
+ case "mpns":
+ pushQueriesService.deleteMPNSToken(t.getToken());
+ break;
+ default:
+ throw new HttpBadRequestException();
+ }
+ });
+
+ return Status.OK;
+ }
+
+ @ApiIgnore
+ @RequestMapping(value = "/notifications", method = RequestMethod.PUT, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public Status doPut(
+ @RequestBody List<ExternalToken> list) throws IOException {
+ User visitor = UserUtils.getCurrentUser();
+ if (visitor.getUid() == 0) {
+ throw new HttpForbiddenException();
+ }
+ list.forEach(t -> {
+ switch (t.getType()) {
+ case "gcm":
+ pushQueriesService.addGCMToken(visitor.getUid(), t.getToken());
+ break;
+ case "apns":
+ pushQueriesService.addAPNSToken(visitor.getUid(), t.getToken());
+ break;
+ case "mpns":
+ pushQueriesService.addMPNSToken(visitor.getUid(), t.getToken());
+ break;
+ default:
+ throw new HttpBadRequestException();
+ }
+ });
+ return Status.OK;
+ }
+
+ @Deprecated
+ @RequestMapping(value = "/android/register", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public Status doAndroidRegister(
+ @RequestParam(name = "regid") String regId) {
+ User visitor = UserUtils.getCurrentUser();
+ if (visitor.getUid() == 0) {
+ throw new HttpForbiddenException();
+ }
+ pushQueriesService.addGCMToken(visitor.getUid(), regId);
+ return Status.OK;
+ }
+
+ @Deprecated
+ @RequestMapping(value = "/android/unregister", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public Status doAndroidUnRegister(@RequestParam(name = "regid") String regId) {
+ pushQueriesService.deleteGCMToken(regId);
+ return Status.OK;
+ }
+
+ @Deprecated
+ @RequestMapping(value = "/winphone/register", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public Status doWinphoneRegister(
+ Principal principal,
+ @RequestParam(name = "url") String regId) {
+ User visitor = UserUtils.getCurrentUser();
+ pushQueriesService.addMPNSToken(visitor.getUid(), regId);
+ return Status.OK;
+ }
+
+ @Deprecated
+ @RequestMapping(value = "/winphone/unregister", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public Status doWinphoneUnRegister(@RequestParam(name = "url") String regId) {
+ pushQueriesService.deleteMPNSToken(regId);
+ return Status.OK;
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/controllers/Others.java b/juick-server/src/main/java/com/juick/api/controllers/Others.java
new file mode 100644
index 00000000..4245de81
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/controllers/Others.java
@@ -0,0 +1,66 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.controllers;
+
+import com.juick.User;
+import com.juick.server.helpers.PrivateChats;
+import com.juick.server.util.HttpForbiddenException;
+import com.juick.server.util.HttpNotFoundException;
+import com.juick.server.util.UserUtils;
+import com.juick.service.PMQueriesService;
+import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.inject.Inject;
+import java.util.List;
+
+/**
+ * @author ugnich
+ */
+@RestController
+public class Others {
+ @Inject
+ private PMQueriesService pmQueriesService;
+
+ @RequestMapping(value = "groups_pms", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public PrivateChats doGetGroupsPMs(
+ @RequestParam(defaultValue = "5") int cnt) {
+ User visitor = UserUtils.getCurrentUser();
+ int vuid = visitor.getUid();
+ if (vuid == 0) {
+ throw new HttpForbiddenException();
+ }
+ if (cnt < 3) {
+ cnt = 3;
+ }
+ if (cnt > 10) {
+ cnt = 10;
+ }
+
+ List<User> lastconv = pmQueriesService.getPMLastConversationsUsers(vuid, cnt);
+ if (lastconv != null && !lastconv.isEmpty()) {
+ PrivateChats pms = new PrivateChats();
+ pms.setUsers(lastconv);
+ return pms;
+ }
+ throw new HttpNotFoundException();
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/controllers/PM.java b/juick-server/src/main/java/com/juick/api/controllers/PM.java
new file mode 100644
index 00000000..87858e8c
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/controllers/PM.java
@@ -0,0 +1,127 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.controllers;
+
+import com.juick.User;
+import com.juick.api.ApiServer;
+import com.juick.server.helpers.AnonymousUser;
+import com.juick.server.util.HttpBadRequestException;
+import com.juick.server.util.HttpForbiddenException;
+import com.juick.service.PMQueriesService;
+import com.juick.service.UserService;
+import com.juick.server.util.UserUtils;
+import com.juick.server.util.WebUtils;
+import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+import rocks.xmpp.addr.Jid;
+import rocks.xmpp.core.stanza.model.Message;
+
+import javax.inject.Inject;
+import java.util.List;
+
+/**
+ * @author ugnich
+ */
+@RestController
+public class PM {
+ @Inject
+ private UserService userService;
+ @Inject
+ private PMQueriesService pmQueriesService;
+ @Inject
+ private ApiServer apiServer;
+
+ @RequestMapping(value = "/pm", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public List<com.juick.Message> doGetPM(
+ @RequestParam(required = false) String uname) {
+ User visitor = UserUtils.getCurrentUser();
+ int vuid = visitor.getUid();
+ if (vuid == 0) {
+ throw new HttpForbiddenException();
+ }
+ int uid = 0;
+ if (uname != null && uname.matches("^[a-zA-Z0-9\\-]{2,16}$")) {
+ uid = userService.getUIDbyName(uname);
+ }
+
+ if (uid == 0) {
+ throw new HttpBadRequestException();
+ }
+
+ return pmQueriesService.getPMMessages(vuid, uid);
+ }
+
+ @RequestMapping(value = "/pm", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public com.juick.Message doPostPM(
+ @RequestParam String uname,
+ @RequestParam String body) {
+ User visitor = UserUtils.getCurrentUser();
+ int vuid = visitor.getUid();
+ if (vuid == 0) {
+ throw new HttpForbiddenException();
+ }
+ User userTo = AnonymousUser.INSTANCE;
+ if (WebUtils.isUserName(uname)) {
+ userTo = userService.getUserByName(uname);
+ }
+
+ if (userTo.getUid() == 0 || body == null || body.length() < 1 || body.length() > 10240) {
+ throw new HttpBadRequestException();
+ }
+
+ if (userService.isInBLAny(userTo.getUid(), vuid)) {
+ throw new HttpForbiddenException();
+ }
+
+ if (pmQueriesService.createPM(vuid, userTo.getUid(), body)) {
+ Message msg = new Message();
+ msg.setFrom(Jid.of("juick@juick.com"));
+ msg.setTo(Jid.of(String.format("%d@push.juick.com", userTo.getUid())));
+ com.juick.Message jmsg = new com.juick.Message();
+ jmsg.setUser(visitor);
+ jmsg.setText(body);
+ jmsg.setTo(userTo);
+ msg.addExtension(jmsg);
+ apiServer.sendMessage(msg);
+
+ msg.setTo(Jid.of(String.format("%d@ws.juick.com", userTo.getUid())));
+ apiServer.sendMessage(msg);
+
+ List<String> jids = userService.getJIDsbyUID(userTo.getUid());
+ for (String jid : jids) {
+ Message mm = new Message();
+ mm.setTo(Jid.of(jid));
+ mm.setType(Message.Type.CHAT);
+ if (pmQueriesService.havePMinRoster(vuid, jid)) {
+ mm.setFrom(Jid.of(jmsg.getUser().getName(), "juick.com", "Juick"));
+ mm.setBody(body);
+ } else {
+ mm.setFrom(Jid.of("juick", "juick.com", "Juick"));
+ mm.setBody("Private message from @" + jmsg.getUser().getName() + ":\n" + body);
+ }
+ apiServer.sendMessage(mm);
+ }
+ return jmsg;
+
+ }
+ throw new HttpBadRequestException();
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/controllers/Post.java b/juick-server/src/main/java/com/juick/api/controllers/Post.java
new file mode 100644
index 00000000..a89786b1
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/controllers/Post.java
@@ -0,0 +1,281 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.controllers;
+
+import com.juick.User;
+import com.juick.api.ApiServer;
+import com.juick.api.EmailManager;
+import com.juick.server.util.*;
+import com.juick.service.MessagesService;
+import com.juick.service.SubscriptionService;
+import com.juick.service.UserService;
+import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.mail.util.MimeMessageParser;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.multipart.MultipartFile;
+import rocks.xmpp.addr.Jid;
+import rocks.xmpp.core.stanza.model.Message;
+import rocks.xmpp.extensions.nick.model.Nickname;
+import rocks.xmpp.extensions.oob.model.x.OobX;
+
+import javax.inject.Inject;
+import javax.mail.Session;
+import javax.mail.internet.InternetAddress;
+import javax.mail.internet.MimeMessage;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.net.URL;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Paths;
+import java.util.Properties;
+import java.util.Scanner;
+import java.util.UUID;
+
+/**
+ * Created by vt on 24/11/2016.
+ */
+@RestController
+public class Post {
+ private static Logger logger = LoggerFactory.getLogger(ApiServer.class);
+
+ @Inject
+ private UserService userService;
+ @Inject
+ private ApiServer apiServer;
+ @Inject
+ private MessagesService messagesService;
+ @Inject
+ private SubscriptionService subscriptionService;
+ @Value("${upload_tmp_dir:/var/www/juick.com/i/tmp/}")
+ private String tmpDir;
+ @Value("${img_path:/var/www/juick.com/i/}")
+ private String imgDir;
+
+ @RequestMapping(value = "/post", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ @ResponseStatus(value = HttpStatus.OK)
+ public void doPostMessage(
+ @RequestParam String body,
+ @RequestParam(required = false) String img,
+ @RequestParam(required = false) MultipartFile attach) throws IOException {
+ User visitor = UserUtils.getCurrentUser();
+
+ if (visitor.isAnonymous())
+ throw new HttpForbiddenException();
+
+ if (body == null || body.length() < 1 || body.length() > 4096) {
+ throw new HttpBadRequestException();
+ }
+ body = body.replace("\r", StringUtils.EMPTY);
+
+ String attachmentFName = HttpUtils.receiveMultiPartFile(attach, tmpDir);
+
+ if (StringUtils.isBlank(attachmentFName) && img != null && img.length() > 10) {
+ try {
+ URL imgUrl = new URL(img);
+ attachmentFName = HttpUtils.downloadImage(imgUrl, tmpDir);
+ } catch (Exception e) {
+ logger.error("DOWNLOAD ERROR", e);
+ throw new HttpBadRequestException();
+ }
+ }
+ apiServer.processMessage(visitor, body, attachmentFName);
+ }
+
+ @RequestMapping(value = "/comment", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public com.juick.Message doPostComment(
+ @RequestParam(defaultValue = "0") int mid,
+ @RequestParam(defaultValue = "0") int rid,
+ @RequestParam String body,
+ @RequestParam(required = false) String img,
+ @RequestParam(required = false) MultipartFile attach)
+ throws IOException {
+ User visitor = UserUtils.getCurrentUser();
+ int vuid = visitor.getUid();
+ if (vuid == 0) {
+ throw new HttpForbiddenException();
+ }
+ if (mid == 0) {
+ throw new HttpBadRequestException();
+ }
+ com.juick.Message msg = messagesService.getMessage(mid);
+ if (msg == null) {
+ throw new HttpNotFoundException();
+ }
+
+ com.juick.Message reply = null;
+ if (rid > 0) {
+ reply = messagesService.getReply(mid, rid);
+ if (reply == null) {
+ throw new HttpNotFoundException();
+ }
+ }
+
+ if (body == null || body.length() < 1 || body.length() > 4096) {
+ throw new HttpBadRequestException();
+ }
+ body = body.replace("\r", StringUtils.EMPTY);
+
+ if ((msg.ReadOnly && msg.getUser().getUid() != vuid) || userService.isInBLAny(msg.getUser().getUid(), vuid)
+ || (reply != null && userService.isInBLAny(reply.getUser().getUid(), vuid))) {
+ throw new HttpForbiddenException();
+ }
+
+ String attachmentFName = HttpUtils.receiveMultiPartFile(attach, tmpDir);
+
+ if (StringUtils.isBlank(attachmentFName) && img != null && img.length() > 10) {
+ try {
+ attachmentFName = HttpUtils.downloadImage(new URL(img), tmpDir);
+ } catch (Exception e) {
+ logger.error("DOWNLOAD ERROR", e);
+ throw new HttpBadRequestException();
+ }
+ }
+
+ String attachmentType = StringUtils.isNotEmpty(attachmentFName) ? attachmentFName.substring(attachmentFName.length() - 3) : null;
+ int ridnew = messagesService.createReply(mid, rid, vuid, body, attachmentType);
+ subscriptionService.subscribeMessage(mid, vuid);
+
+ com.juick.Message jmsg = messagesService.getReply(mid, ridnew);
+
+ Message xmsg = new Message();
+ xmsg.setFrom(Jid.of("juick@juick.com"));
+ xmsg.setType(Message.Type.CHAT);
+ xmsg.setThread("juick-" + mid);
+ xmsg.addExtension(jmsg);
+
+ String quote = reply != null ? StringUtils.defaultString(reply.getText()) : StringUtils.defaultString(msg.getText());
+ if (quote.length() >= 50) {
+ quote = quote.substring(0, 47) + "...";
+ }
+
+ xmsg.addExtension(new Nickname("@" + jmsg.getUser().getName()));
+
+ if (StringUtils.isNotEmpty(attachmentFName)) {
+ String fname = mid + "-" + ridnew + "." + attachmentType;
+ String attachmentURL = "http://i.juick.com/photos-1024/" + fname;
+
+ ImageUtils.saveImageWithPreviews(attachmentFName, fname, tmpDir, imgDir);
+
+ body = attachmentURL + "\n" + body;
+ try {
+ xmsg.addExtension(new OobX(new URI(attachmentURL)));
+ } catch (URISyntaxException e) {
+ logger.error("invalid uri: {}, exception {}", attachmentURL, e);
+ }
+ }
+
+ xmsg.setBody("Reply by @" + jmsg.getUser().getName() + ":\n>" + quote + "\n" + body + "\n\n#" +
+ mid + "/" + ridnew + " http://juick.com/" + mid + "#" + ridnew);
+
+ xmsg.setTo(Jid.of("juick@s2s.juick.com"));
+ apiServer.sendMessage(xmsg);
+
+ xmsg.setTo(Jid.of("juick@ws.juick.com"));
+ apiServer.sendMessage(xmsg);
+
+ xmsg.setTo(Jid.of("juick@push.juick.com"));
+ apiServer.sendMessage(xmsg);
+ return jmsg;
+ }
+
+ Session session = Session.getDefaultInstance(new Properties());
+
+ @PostMapping("/mail")
+ @ResponseStatus(value = HttpStatus.OK)
+ public void processMail(InputStream data) throws Exception {
+ MimeMessage msg = new MimeMessage(session, data);
+ String from = msg.getFrom().length > 1 ? ((InternetAddress) msg.getSender()).getAddress()
+ : ((InternetAddress) msg.getFrom()[0]).getAddress();
+ logger.info("got msg from {}", from);
+
+ User visitor = userService.getUserByEmail(from);
+ if (!visitor.isAnonymous()) {
+ MimeMessageParser parser = new MimeMessageParser(msg);
+ parser.parse();
+ final String[] body = {parser.getPlainContent()};
+ if (body[0] == null) {
+ parser.getAttachmentList().stream()
+ .filter(a -> a.getContentType().equals("text/plain")).findFirst()
+ .ifPresent(a -> {
+ try {
+ body[0] = IOUtils.toString(a.getInputStream(), StandardCharsets.UTF_8);
+ logger.info("got text: {}", body[0]);
+ } catch (IOException e) {
+ logger.info("attachment error: {}", e);
+ }
+ });
+ }
+ final String[] attachmentFName = new String[1];
+ parser.getAttachmentList().stream().filter(a ->
+ a.getContentType().equals("image/jpeg") || a.getContentType().equals("image/png"))
+ .findFirst().ifPresent(a -> {
+ logger.info("got attachment: {}", a.getContentType());
+ String attachmentType;
+ if (a.getContentType().equals("image/jpeg")) {
+ attachmentType = "jpg";
+ } else {
+ attachmentType = "png";
+ }
+ attachmentFName[0] = DigestUtils.md5Hex(UUID.randomUUID().toString()) + "." + attachmentType;
+ try {
+ logger.info("got inputstream: {}", a.getInputStream());
+ FileOutputStream fos = new FileOutputStream(Paths.get(tmpDir, attachmentFName[0]).toString());
+ IOUtils.copy(a.getInputStream(), fos);
+ fos.close();
+ } catch (IOException e) {
+ logger.info("attachment error: {}", e);
+ }
+ });
+ String[] inReplyToHeaders = msg.getHeader("In-Reply-To");
+ if (inReplyToHeaders != null && inReplyToHeaders.length > 0) {
+ Scanner inReplyToScanner = new Scanner(inReplyToHeaders[0].trim()).useDelimiter(EmailManager.MSGID_PATTERN);
+ int mid = Integer.parseInt(inReplyToScanner.next());
+ int rid = Integer.parseInt(inReplyToScanner.next());
+ logger.info("Message is reply to #{}/{}", mid, rid);
+ body[0] = rid > 0 ? String.format("#%d/%d %s", mid, rid, body[0])
+ : String.format("#%d %s", mid, body[0]);
+ }
+ rocks.xmpp.core.stanza.model.Message xmsg = new rocks.xmpp.core.stanza.model.Message();
+ xmsg.setType(rocks.xmpp.core.stanza.model.Message.Type.CHAT);
+ xmsg.setFrom(Jid.of(String.valueOf(visitor.getUid()), "uid.juick.com", "mail"));
+ xmsg.setTo(Jid.of("juick@juick.com/Juick"));
+ xmsg.setBody(body[0]);
+ try {
+ if (StringUtils.isNotEmpty(attachmentFName[0])) {
+ String attachmentUrl = String.format("juick://%s", attachmentFName[0]);
+ xmsg.addExtension(new OobX(new URI(attachmentUrl), "!!!!Juick!!"));
+ }
+ apiServer.sendMessage(xmsg);
+ } catch (URISyntaxException e1) {
+ logger.warn("attachment error", e1);
+ }
+ } else {
+ logger.info("not registered: {}", from);
+ }
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/controllers/Service.java b/juick-server/src/main/java/com/juick/api/controllers/Service.java
new file mode 100644
index 00000000..9e7f3333
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/controllers/Service.java
@@ -0,0 +1,74 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.controllers;
+
+import com.juick.Message;
+import com.juick.User;
+import com.juick.server.util.HttpBadRequestException;
+import com.juick.server.util.HttpForbiddenException;
+import com.juick.server.util.UserUtils;
+import com.juick.service.CrosspostService;
+import com.juick.service.MessagesService;
+import com.juick.service.SubscriptionService;
+import com.juick.service.UserService;
+import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+import springfox.documentation.annotations.ApiIgnore;
+
+import javax.inject.Inject;
+import java.io.IOException;
+import java.util.List;
+
+/**
+ * TODO: configure spring-security to allow only admin role
+ */
+@ApiIgnore
+@RestController
+public class Service {
+ @Inject
+ private SubscriptionService subscriptionService;
+ @Inject
+ private MessagesService messagesService;
+ @Inject
+ private CrosspostService crosspostService;
+ @Inject
+ private UserService userService;
+
+ @RequestMapping(value = "/subscriptions", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public List<User> doGet(
+ @RequestParam(defaultValue = "0") int mid,
+ @RequestParam(defaultValue = "0") int uid) throws IOException {
+ User visitor = UserUtils.getCurrentUser();
+ if ((visitor.getUid() == 0) && !(visitor.getName().equals("juick"))) {
+ throw new HttpForbiddenException();
+ }
+ if (uid > 0) {
+ return subscriptionService.getSubscribedUsers(uid, mid);
+ } else {
+ // thread
+ Message msg = messagesService.getMessage(mid);
+ if (msg != null) {
+ return subscriptionService.getUsersSubscribedToComments(mid, msg.getUser().getUid());
+ }
+ }
+ throw new HttpBadRequestException();
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/controllers/SkypeEndpoint.java b/juick-server/src/main/java/com/juick/api/controllers/SkypeEndpoint.java
new file mode 100644
index 00000000..91a617b4
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/controllers/SkypeEndpoint.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.controllers;
+
+import org.apache.commons.io.IOUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.ResponseStatus;
+import org.springframework.web.bind.annotation.RestController;
+import springfox.documentation.annotations.ApiIgnore;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.charset.StandardCharsets;
+
+/**
+ * Created by vitalyster on 18.07.2016.
+ */
+@ApiIgnore
+@RestController
+public class SkypeEndpoint {
+ private static final Logger logger = LoggerFactory.getLogger(SkypeEndpoint.class);
+ @RequestMapping(value = "/skypebotendpoint", method = RequestMethod.POST)
+ @ResponseStatus(value = HttpStatus.OK)
+ public void doPost(InputStream body) throws IOException {
+ String data = IOUtils.toString(body, StandardCharsets.UTF_8);
+ logger.info("got data: {}", data);
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/controllers/Tags.java b/juick-server/src/main/java/com/juick/api/controllers/Tags.java
new file mode 100644
index 00000000..85bb1ba4
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/controllers/Tags.java
@@ -0,0 +1,54 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.controllers;
+
+import com.juick.User;
+import com.juick.server.helpers.TagStats;
+import com.juick.server.util.UserUtils;
+import com.juick.service.TagService;
+import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.inject.Inject;
+import java.util.List;
+
+/**
+ * Created by vitalyster on 29.11.2016.
+ */
+@RestController
+public class Tags {
+ @Inject
+ private TagService tagService;
+
+ @RequestMapping(value = "/tags", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public List<TagStats> tags(
+ @RequestParam(required = false, defaultValue = "0") int user_id
+ ) {
+ User visitor = UserUtils.getCurrentUser();
+ if (user_id == 0) {
+ user_id = visitor.getUid();
+ }
+ if (user_id > 0) {
+ return tagService.getUserTagStats(user_id);
+ }
+ return tagService.getTagStats();
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/controllers/TelegramWebhook.java b/juick-server/src/main/java/com/juick/api/controllers/TelegramWebhook.java
new file mode 100644
index 00000000..31e7b4ea
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/controllers/TelegramWebhook.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.controllers;
+
+import com.juick.api.TelegramBotManager;
+import org.apache.commons.io.IOUtils;
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.ResponseStatus;
+import org.springframework.web.bind.annotation.RestController;
+import springfox.documentation.annotations.ApiIgnore;
+
+import javax.inject.Inject;
+import java.io.InputStream;
+import java.nio.charset.StandardCharsets;
+
+/**
+ * Created by vt on 24/11/2016.
+ */
+@ApiIgnore
+@RestController
+public class TelegramWebhook {
+ @Inject
+ private TelegramBotManager telegramBotManager;
+
+ @RequestMapping(value = "/tlgmbtwbhk", method = RequestMethod.POST)
+ @ResponseStatus(value = HttpStatus.OK)
+ public void processUpdate(InputStream body) throws Exception {
+ String data = IOUtils.toString(body, StandardCharsets.UTF_8);
+ telegramBotManager.processUpdate(data);
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/controllers/Users.java b/juick-server/src/main/java/com/juick/api/controllers/Users.java
new file mode 100644
index 00000000..b221d9fe
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/controllers/Users.java
@@ -0,0 +1,125 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.controllers;
+
+import com.juick.User;
+import com.juick.server.util.HttpForbiddenException;
+import com.juick.server.util.HttpNotFoundException;
+import com.juick.service.UserService;
+import com.juick.server.util.UserUtils;
+import com.juick.server.util.WebUtils;
+import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.*;
+
+import javax.inject.Inject;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+/**
+ * @author ugnich
+ */
+@RestController
+public class Users {
+ @Inject
+ private UserService userService;
+
+ @RequestMapping(value = "/auth", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public String getAuthToken() {
+ return userService.getHashByUID(UserUtils.getCurrentUser().getUid());
+ }
+
+ @RequestMapping(value = "/users", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public List<User> doGetUsers(
+ @RequestParam(value = "uname", required = false) List<String> unames) {
+ List<com.juick.User> users = new ArrayList<>();
+
+ if (unames != null) {
+ unames.removeIf(WebUtils::isNotUserName);
+
+ if (!unames.isEmpty() && unames.size() < 20)
+ users.addAll(userService.getUsersByName(unames));
+ }
+
+ if (!users.isEmpty())
+ return users;
+ if (!UserUtils.getCurrentUser().isAnonymous()) {
+ return Collections.singletonList(UserUtils.getCurrentUser());
+ }
+
+ throw new HttpNotFoundException();
+ }
+
+ @RequestMapping(value = "/users/read", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public List<User> doGetUserRead(
+ @RequestParam String uname) {
+ User visitor = UserUtils.getCurrentUser();
+ int vuid = visitor.getUid();
+ if (vuid == 0) {
+ throw new HttpForbiddenException();
+ }
+ int uid = 0;
+ if (uname == null) {
+ uid = vuid;
+ } else {
+ if (WebUtils.isUserName(uname)) {
+ com.juick.User u = userService.getUserByName(uname);
+ if (u != null && u.getUid() > 0) {
+ uid = u.getUid();
+ }
+ }
+ }
+
+ if (uid > 0) {
+ List<Integer> uids = userService.getUserRead(uid);
+ if (uids.size() > 0) {
+ List<com.juick.User> users = userService.getUsersByID(uids);
+ if (users.size() > 0) {
+ return users;
+ }
+ }
+ }
+ throw new HttpNotFoundException();
+ }
+
+ @RequestMapping(value = "/users/readers", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+ public List<User> doGetUserReaders(
+ @RequestParam String uname) {
+ User visitor = UserUtils.getCurrentUser();
+ int vuid = visitor.getUid();
+ if (vuid == 0) {
+ throw new HttpForbiddenException();
+ }
+ int uid = 0;
+ if (uname == null) {
+ uid = vuid;
+ } else {
+ if (WebUtils.isUserName(uname)) {
+ com.juick.User u = userService.getUserByName(uname);
+ if (u != null && u.getUid() > 0) {
+ uid = u.getUid();
+ }
+ }
+ }
+
+ if (uid > 0) {
+ return userService.getUserReaders(uid);
+ }
+ throw new HttpNotFoundException();
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/api/controllers/util/JsonpAdvice.java b/juick-server/src/main/java/com/juick/api/controllers/util/JsonpAdvice.java
new file mode 100644
index 00000000..90a01da0
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/api/controllers/util/JsonpAdvice.java
@@ -0,0 +1,31 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.api.controllers.util;
+
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.servlet.mvc.method.annotation.AbstractJsonpResponseBodyAdvice;
+
+/**
+ * Created by vitalyster on 25.11.2016.
+ */
+@ControllerAdvice
+public class JsonpAdvice extends AbstractJsonpResponseBodyAdvice {
+ public JsonpAdvice() {
+ super("callback");
+ }
+}