aboutsummaryrefslogtreecommitdiff
path: root/juick-spring-www/src/main/java/com/juick/www
diff options
context:
space:
mode:
Diffstat (limited to 'juick-spring-www/src/main/java/com/juick/www')
-rw-r--r--juick-spring-www/src/main/java/com/juick/www/controllers/SettingsController.java213
1 files changed, 208 insertions, 5 deletions
diff --git a/juick-spring-www/src/main/java/com/juick/www/controllers/SettingsController.java b/juick-spring-www/src/main/java/com/juick/www/controllers/SettingsController.java
index ceccdbb7e..d150d71e2 100644
--- a/juick-spring-www/src/main/java/com/juick/www/controllers/SettingsController.java
+++ b/juick-spring-www/src/main/java/com/juick/www/controllers/SettingsController.java
@@ -1,18 +1,41 @@
package com.juick.www.controllers;
import com.juick.User;
+import com.juick.server.helpers.NotifyOpts;
+import com.juick.server.helpers.UserInfo;
+import com.juick.server.util.HttpBadRequestException;
+import com.juick.server.util.HttpForbiddenException;
+import com.juick.server.util.HttpUtils;
import com.juick.service.*;
import com.juick.util.UserUtils;
+import net.coobird.thumbnailator.Thumbnails;
+import org.apache.commons.io.FilenameUtils;
import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.core.env.Environment;
+import org.springframework.dao.EmptyResultDataAccessException;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.multipart.MultipartFile;
import javax.inject.Inject;
-import javax.servlet.ServletException;
+import javax.mail.Message;
+import javax.mail.MessagingException;
+import javax.mail.Session;
+import javax.mail.Transport;
+import javax.mail.internet.InternetAddress;
+import javax.mail.internet.MimeMessage;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
-import java.security.Principal;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.nio.file.StandardCopyOption;
import java.util.Arrays;
import java.util.List;
import java.util.stream.Collectors;
@@ -23,6 +46,7 @@ import java.util.stream.IntStream;
*/
@Controller
public class SettingsController {
+ private static final Logger logger = LoggerFactory.getLogger(SettingsController.class);
@Inject
UserService userService;
@Inject
@@ -33,13 +57,16 @@ public class SettingsController {
SubscriptionService subscriptionService;
@Inject
EmailService emailService;
+ @Inject
+ TelegramService telegramService;
+ @Inject
+ Environment env;
- @RequestMapping("settings")
+ @RequestMapping(value = "settings", method = RequestMethod.GET)
public String showSettings(
@RequestParam(required = false) String page,
@RequestParam(required = false) String code,
- ModelMap context
- ) throws ServletException, IOException {
+ ModelMap context) {
User visitor = UserUtils.getCurrentUser();
if (visitor.getUid() == 0) {
return "redirect:/login";
@@ -71,4 +98,180 @@ public class SettingsController {
}
return String.format("views/settings_%s", page);
}
+ @RequestMapping(value = "/settings", method = RequestMethod.POST)
+ protected String doPost(
+ HttpServletResponse response,
+ @RequestParam String page,
+ @RequestParam(required = false) String password,
+ @RequestParam(required = false) String jnotify,
+ @RequestParam(required = false) String subscr_notify,
+ @RequestParam(required = false) String recomm,
+ @RequestParam(required = false) String fullname,
+ @RequestParam(required = false) String country,
+ @RequestParam(required = false) String url,
+ @RequestParam(required = false) String descr,
+ @RequestParam(required = false) MultipartFile avatar,
+ @RequestParam(required = false) String account,
+ @RequestParam(required = false) String time,
+ ModelMap context) throws IOException {
+ User visitor = UserUtils.getCurrentUser();
+ if (visitor.getUid() == 0) {
+ throw new HttpForbiddenException();
+ }
+ List<String> pages = Arrays.asList("main", "password", "about", "email", "email-add", "email-del",
+ "email-subscr", "auth-email", "privacy", "jid-del", "twitter-del", "telegram-del", "facebook-disable",
+ "facebook-enable", "vk-del");
+ if (StringUtils.isEmpty(page) || !pages.contains(page)) {
+ throw new HttpBadRequestException();
+ }
+ String result = "";
+ switch (page) {
+ case "password":
+ if (userService.updatePassword(visitor, password)) {
+ result = "<p>Password has been changed.</p>";
+ String hash = userService.getHashByUID(visitor.getUid());
+ Cookie c = new Cookie("hash", hash);
+ c.setMaxAge(365 * 24 * 60 * 60);
+ // FIXME: use spring-security
+ response.addCookie(c);
+ }
+ break;
+ case "main":
+ NotifyOpts opts = new NotifyOpts();
+ opts.setRepliesEnabled(StringUtils.isNotEmpty(jnotify));
+ opts.setSubscriptionsEnabled(StringUtils.isNotEmpty(subscr_notify));
+ opts.setRecommendationsEnabled(StringUtils.isNotEmpty(recomm));
+ if (subscriptionService.setNotifyOptions(visitor, opts)) {
+ result = "<p>Notification options has been updated</p>";
+ }
+ break;
+ case "about":
+ UserInfo info = new UserInfo();
+ info.setFullName(fullname);
+ info.setCountry(country);
+ info.setUrl(url);
+ info.setDescription(descr);
+ String imgPath = env.getProperty("img_path", "/var/www/juick.com/i/");
+ String tmpDir = env.getProperty("upload_tmp_dir",
+ "/var/www/juick.com/i/tmp/");
+ String avatarTmpPath = HttpUtils.receiveMultiPartFile(avatar, tmpDir);
+ if (StringUtils.isNotEmpty(avatarTmpPath)) {
+ String originalExtension = FilenameUtils.getExtension(avatarTmpPath);
+ String originalName = String.format("%s.%s", visitor.getUid(), originalExtension);
+ String targetName = String.format("%s.png", visitor.getUid());
+ Path ao = Paths.get(imgPath, "ao", originalName);
+ Path a = Paths.get(imgPath, "a", targetName);
+ Path as = Paths.get(imgPath, "as", targetName);
+ Files.move(Paths.get(tmpDir, avatarTmpPath), ao, StandardCopyOption.REPLACE_EXISTING);
+ Thumbnails.of(ao.toFile()).size(96, 96).toFile(a.toFile());
+ Thumbnails.of(ao.toFile()).size(32, 32).toFile(as.toFile());
+ }
+ if (userService.updateUserInfo(visitor, info)) {
+ result = String.format("<p>Your info is updated.</p><p><a href='/%s/'>Back to blog</a>.</p>", visitor.getName());
+ }
+ break;
+ case "jid-del":
+ // FIXME: stop using ugnich-csv in parameters
+// String[] params = request.getParameter("delete").split(";", 2);
+// int res = -1;
+// if (params[0].equals("xmpp")) {
+// res = sql.update("DELETE FROM jids WHERE user_id=? AND jid=?", visitor.getUid(), params[1]);
+// } else if (params[0].equals("xmpp-unauth")) {
+// res = sql.update("DELETE FROM auth WHERE user_id=? AND protocol='xmpp' AND account=?", visitor.getUid(), params[1]);
+// }
+// if (res == 1) {
+// result = "<p>Deleted. <a href=\"/settings\">Back</a>.</p>";
+// } else {
+// result = "<p>Error</p>";
+// }
+ break;
+ case "email":
+ String newHash = userService.updateSecretEmail(visitor);
+ if (StringUtils.isNotEmpty(newHash)) {
+ result = String.format("<p>New secret email: <strong>%s@mail.juick.com</strong></p>" +
+ "<p><a href=\"/settings\">Back</a>.</p>", newHash);
+ } else {
+ throw new HttpBadRequestException();
+ }
+ break;
+ case "email-add":
+ try {
+ emailService.verifyAddressByCode(visitor.getUid(), account);
+ } catch (EmptyResultDataAccessException e) {
+ String authCode = UserUtils.generateHash(8);
+ if (emailService.addVerificationCode(visitor.getUid(), account, authCode)) {
+ Session session = Session.getDefaultInstance(System.getProperties());
+ try {
+ MimeMessage message = new MimeMessage(session);
+ message.setFrom(new InternetAddress("noreply@mail.juick.com"));
+ message.addRecipient(Message.RecipientType.TO, new InternetAddress(account));
+ message.setSubject("Juick authorization link");
+ message.setText(String.format("Follow link to attach this email to Juick account:\n" +
+ "http://juick.com/settings?page=auth-email&code=%s\n\n" +
+ "If you don't know, what this mean - just ignore this mail.\n", authCode));
+ Transport.send(message);
+ result = "<p>Authorization link has been sent to your email. Follow it to proceed.</p>" +
+ "<p><a href=\"/settings\">Back</a></p>";
+
+ } catch (MessagingException ex) {
+ logger.error("mail exception", ex);
+ throw new HttpBadRequestException();
+ }
+ }
+ }
+ break;
+ case "email-del":
+ if (emailService.deleteEmail(visitor.getUid(), account)) {
+ result = "<p>Deleted. <a href=\"/settings\">Back</a>.</p>";
+ } else {
+ result = "<p>An error occured while deleting.</p>";
+ }
+ break;
+ case "email-subscr":
+ if (emailService.setSubscriptionHour(visitor.getUid(), account, time)) {
+ result = String.format("<p>Saved! Will send to <strong>%s</strong> at <strong>%s:00 GMT</strong>." +
+ "</p><p><a href=\"/settings\">Back</a></p>", account, time);
+ } else {
+ result = "<p>Disabled.</p><p><a href=\"/settings\">Back</a></p>";
+ }
+ break;
+ case "twitter-del":
+ crosspostService.deleteTwitterToken(visitor.getUid());
+ // FIXME: use spring-security
+// for (Cookie cookie : request.getCookies()) {
+// if (cookie.getName().equals("request_token")) {
+// cookie.setMaxAge(0);
+// response.addCookie(cookie);
+// }
+// if (cookie.getName().equals("request_token_secret")) {
+// cookie.setMaxAge(0);
+// response.addCookie(cookie);
+// }
+// }
+ result = "<p><a href=\"/settings\">Back</a></p>";
+ break;
+ case "telegram-del":
+ telegramService.deleteTelegramUser(visitor.getUid());
+ result = "<p><a href=\"/settings\">Back</a></p>";
+ break;
+ case "facebook-disable":
+ crosspostService.disableFBCrosspost(visitor.getUid());
+ result = "<p><a href=\"/settings\">Back</a></p>";
+ break;
+ case "facebook-enable":
+ crosspostService.enableFBCrosspost(visitor.getUid());
+ result = "<p><a href=\"/settings\">Back</a></p>";
+ break;
+ case "vk-del":
+ crosspostService.deleteVKUser(visitor.getUid());
+ result = "<p><a href=\"/settings\">Back</a></p>";
+ break;
+ default:
+ throw new HttpBadRequestException();
+ }
+ context.put("title", "Настройки");
+ context.put("visitor", visitor);
+ context.put("result", result);
+ return "views/settings_result";
+ }
}