aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/server/api/Notifications.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com/juick/server/api/Notifications.java')
-rw-r--r--src/main/java/com/juick/server/api/Notifications.java27
1 files changed, 14 insertions, 13 deletions
diff --git a/src/main/java/com/juick/server/api/Notifications.java b/src/main/java/com/juick/server/api/Notifications.java
index 6829653c..f2c2d712 100644
--- a/src/main/java/com/juick/server/api/Notifications.java
+++ b/src/main/java/com/juick/server/api/Notifications.java
@@ -17,18 +17,19 @@
package com.juick.server.api;
+import com.juick.ExternalToken;
import com.juick.Message;
import com.juick.Status;
-import com.juick.ExternalToken;
import com.juick.User;
import com.juick.model.AnonymousUser;
import com.juick.server.util.HttpBadRequestException;
-import com.juick.server.util.UserUtils;
import com.juick.service.MessagesService;
import com.juick.service.PushQueriesService;
import com.juick.service.SubscriptionService;
import com.juick.service.TelegramService;
import com.juick.service.UserService;
+import com.juick.service.security.annotation.Visitor;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
@@ -41,7 +42,6 @@ import springfox.documentation.annotations.ApiIgnore;
import javax.inject.Inject;
import java.io.IOException;
-import java.security.Principal;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
@@ -62,6 +62,8 @@ public class Notifications {
private UserService userService;
@Inject
private TelegramService telegramService;
+ @Value("${api_user:juick}")
+ private String serviceUser;
private User collectTokens(Integer uid) {
@@ -84,11 +86,11 @@ public class Notifications {
@ApiIgnore
@RequestMapping(value = "/api/notifications", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public ResponseEntity<List<User>> doGet(
+ @Visitor User visitor,
@RequestParam(required = false, defaultValue = "0") int uid,
@RequestParam(required = false, defaultValue = "0") int mid,
@RequestParam(required = false, defaultValue = "0") int rid) {
- User visitor = UserUtils.getCurrentUser();
- if (!(visitor.getName().equals("juick"))) {
+ if (!(visitor.getName().equals(serviceUser))) {
return ResponseEntity.status(HttpStatus.FORBIDDEN).body(null);
}
if (uid > 0 && mid == 0) {
@@ -119,9 +121,9 @@ public class Notifications {
@ApiIgnore
@RequestMapping(value = "/api/notifications", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public ResponseEntity<Status> doDelete(
+ @Visitor User visitor,
@RequestBody List<ExternalToken> list) {
- User visitor = UserUtils.getCurrentUser();
- if (!visitor.getName().equals("juick")) {
+ if (!visitor.getName().equals(serviceUser)) {
return ResponseEntity.status(HttpStatus.FORBIDDEN).body(null);
}
list.forEach(t -> {
@@ -145,9 +147,9 @@ public class Notifications {
@ApiIgnore
@RequestMapping(value = "/api/notifications/delete", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public ResponseEntity<Status> doDeleteTokens(
+ @Visitor User visitor,
@RequestBody List<ExternalToken> list) {
- User visitor = UserUtils.getCurrentUser();
- if (!visitor.getName().equals("juick")) {
+ if (!visitor.getName().equals(serviceUser)) {
return ResponseEntity.status(HttpStatus.FORBIDDEN).body(null);
}
list.forEach(t -> {
@@ -172,8 +174,8 @@ public class Notifications {
@ApiIgnore
@RequestMapping(value = "/api/notifications", method = RequestMethod.PUT, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public Status doPut(
+ @Visitor User visitor,
@RequestBody List<ExternalToken> list) throws IOException {
- User visitor = UserUtils.getCurrentUser();
list.forEach(t -> {
switch (t.getType()) {
case "gcm":
@@ -195,8 +197,8 @@ public class Notifications {
@Deprecated
@RequestMapping(value = "/api/android/register", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public Status doAndroidRegister(
+ @Visitor User visitor,
@RequestParam(name = "regid") String regId) {
- User visitor = UserUtils.getCurrentUser();
pushQueriesService.addGCMToken(visitor.getUid(), regId);
return Status.OK;
}
@@ -204,9 +206,8 @@ public class Notifications {
@Deprecated
@RequestMapping(value = "/api/winphone/register", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public Status doWinphoneRegister(
- Principal principal,
+ @Visitor User visitor,
@RequestParam(name = "url") String regId) {
- User visitor = UserUtils.getCurrentUser();
pushQueriesService.addMPNSToken(visitor.getUid(), regId);
return Status.OK;
}