diff options
Diffstat (limited to 'juick-www')
-rw-r--r-- | juick-www/src/main/java/com/juick/www/controllers/PM.java | 39 | ||||
-rw-r--r-- | juick-www/src/main/java/com/juick/www/controllers/XMPPPost.java | 21 |
2 files changed, 26 insertions, 34 deletions
diff --git a/juick-www/src/main/java/com/juick/www/controllers/PM.java b/juick-www/src/main/java/com/juick/www/controllers/PM.java index ab772443..82edb901 100644 --- a/juick-www/src/main/java/com/juick/www/controllers/PM.java +++ b/juick-www/src/main/java/com/juick/www/controllers/PM.java @@ -17,6 +17,8 @@ */ package com.juick.www.controllers; +import com.juick.server.util.HttpBadRequestException; +import com.juick.server.util.HttpForbiddenException; import com.juick.service.MessagesService; import com.juick.service.PMQueriesService; import com.juick.service.TagService; @@ -24,7 +26,6 @@ import com.juick.service.UserService; import com.juick.util.MessageUtils; import com.juick.util.UserUtils; import com.juick.util.WebUtils; -import com.juick.www.Utils; import com.juick.www.WebApp; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; @@ -33,12 +34,11 @@ import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestParam; import rocks.xmpp.addr.Jid; import rocks.xmpp.core.stanza.model.Message; import javax.inject.Inject; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.List; @@ -62,10 +62,10 @@ public class PM { WebApp webApp; @GetMapping("/pm/inbox") - protected String doGetInbox(HttpServletRequest request, HttpServletResponse response, ModelMap model) { + protected String doGetInbox(ModelMap model) { com.juick.User visitor = UserUtils.getCurrentUser(); if (visitor.getUid() == 0) { - Utils.sendTemporaryRedirect(response, "/login"); + return "redirect:/login"; } String title = "PM: Inbox"; List<com.juick.Message> msgs = pmQueriesService.getLastPMInbox(visitor.getUid()); @@ -79,15 +79,15 @@ public class PM { } @GetMapping("/pm/sent") - protected String doGetSent(HttpServletRequest request, HttpServletResponse response, ModelMap model) { + protected String doGetSent(@RequestParam(required = false) String uname, + ModelMap model) { com.juick.User visitor = UserUtils.getCurrentUser(); if (visitor.getUid() == 0) { - Utils.sendTemporaryRedirect(response, "/login"); + return "redirect:/login"; } String title = "PM: Sent"; List<com.juick.Message> msgs = pmQueriesService.getLastPMSent(visitor.getUid()); - String uname = request.getParameter("uname"); if (WebUtils.isNotUserName(uname)) { uname = StringUtils.EMPTY; } @@ -102,13 +102,13 @@ public class PM { } @PostMapping("/pm/send") - public void doPostPM(HttpServletRequest request, HttpServletResponse response) throws IOException { + public String doPostPM(@RequestParam(name = "uname", required = false) String unameParam, + @RequestParam String body) throws IOException { com.juick.User visitor = UserUtils.getCurrentUser(); if (visitor.getUid() == 0 || visitor.isBanned()) { - response.sendError(HttpServletResponse.SC_FORBIDDEN); - return; + throw new HttpForbiddenException(); } - String uname = request.getParameter("uname"); + String uname = unameParam; if (uname.startsWith("@")) { uname = uname.substring(1); } @@ -117,15 +117,12 @@ public class PM { uid = userService.getUIDbyName(uname); } - String body = request.getParameter("body"); - if (uid == 0 || body == null || body.length() < 1 || body.length() > 10240) { - response.sendError(HttpServletResponse.SC_BAD_REQUEST); - return; + if (uid == 0 || body.length() > 10240) { + throw new HttpBadRequestException(); } if (userService.isInBLAny(uid, visitor.getUid())) { - response.sendError(HttpServletResponse.SC_FORBIDDEN); - return; + throw new HttpForbiddenException(); } if (pmQueriesService.createPM(visitor.getUid(), uid, body)) { @@ -159,11 +156,9 @@ public class PM { } else { logger.warn("XMPP unavailable"); } - - Utils.sendTemporaryRedirect(response, "/pm/sent"); - + return "redirect:/pm/sent"; } else { - response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + throw new HttpBadRequestException(); } } } diff --git a/juick-www/src/main/java/com/juick/www/controllers/XMPPPost.java b/juick-www/src/main/java/com/juick/www/controllers/XMPPPost.java index 888d25c4..330f277c 100644 --- a/juick-www/src/main/java/com/juick/www/controllers/XMPPPost.java +++ b/juick-www/src/main/java/com/juick/www/controllers/XMPPPost.java @@ -1,6 +1,7 @@ package com.juick.www.controllers; import com.juick.server.util.HttpBadRequestException; +import com.juick.server.util.HttpForbiddenException; import com.juick.server.util.HttpUtils; import com.juick.service.TagService; import com.juick.util.UserUtils; @@ -17,8 +18,6 @@ import rocks.xmpp.core.stanza.model.Message; import rocks.xmpp.extensions.oob.model.x.OobX; import javax.inject.Inject; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.net.URI; import java.net.URISyntaxException; @@ -37,16 +36,16 @@ public class XMPPPost { TagService tagService; @PostMapping("/post2") - public void doPostMessage(HttpServletRequest request, HttpServletResponse response, - @RequestParam(required = false) String img, - @RequestParam(required = false) MultipartFile attach) throws IOException { + public String doPostMessage(@RequestParam(name = "body") String bodyParam, + @RequestParam(required = false) String img, + @RequestParam(required = false) String referer, + @RequestParam(required = false) MultipartFile attach) throws IOException { com.juick.User visitor = UserUtils.getCurrentUser(); if (visitor.getUid() == 0 || visitor.isBanned()) { - response.sendError(HttpServletResponse.SC_FORBIDDEN); - return; + throw new HttpForbiddenException(); } - String body = request.getParameter("body").replace("\r", StringUtils.EMPTY); + String body = bodyParam.replace("\r", StringUtils.EMPTY); String attachmentFName = HttpUtils.receiveMultiPartFile(attach, webApp.getTmpDir()); @@ -73,12 +72,10 @@ public class XMPPPost { } catch (URISyntaxException e1) { logger.warn("attachment error", e1); } - String referer = request.getHeader("referer"); if (StringUtils.isBlank(referer) || referer.substring(0, 21).equals("http://juick.com/post") || referer.substring(0, 22).equals("https://juick.com/post")) { - response.sendRedirect("/?show=my"); - return; + return "redirect:/?show=my"; } - response.sendRedirect(referer); + return "redirect:" + referer; } } |