aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/server/api/Post.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com/juick/server/api/Post.java')
-rw-r--r--src/main/java/com/juick/server/api/Post.java28
1 files changed, 6 insertions, 22 deletions
diff --git a/src/main/java/com/juick/server/api/Post.java b/src/main/java/com/juick/server/api/Post.java
index d49ec332..b575cef8 100644
--- a/src/main/java/com/juick/server/api/Post.java
+++ b/src/main/java/com/juick/server/api/Post.java
@@ -70,10 +70,6 @@ public class Post {
@RequestParam(required = false) String img,
@RequestParam(required = false) MultipartFile attach) throws Exception {
User visitor = UserUtils.getCurrentUser();
-
- if (visitor.isAnonymous()) {
- throw new HttpForbiddenException();
- }
body = body.replace("\r", StringUtils.EMPTY);
URI attachmentFName = HttpUtils.receiveMultiPartFile(attach, tmpDir);
@@ -103,20 +99,16 @@ public class Post {
public CommandResult doPostComment(
@RequestParam(defaultValue = "0") int mid,
@RequestParam(defaultValue = "0") int rid,
- @RequestParam(required = false, defaultValue = StringUtils.EMPTY) String body,
+ @RequestParam(required = false, defaultValue = StringUtils.EMPTY) final String body,
@RequestParam(required = false) String img,
@RequestParam(required = false) MultipartFile attach)
throws Exception {
User visitor = UserUtils.getCurrentUser();
- int vuid = visitor.getUid();
- if (vuid == 0) {
- throw new HttpForbiddenException();
- }
if (mid == 0) {
throw new HttpBadRequestException();
}
Optional<Message> message = messagesService.getMessage(mid);
- if (!message.isPresent()) {
+ if (message.isEmpty()) {
throw new HttpNotFoundException();
}
@@ -129,10 +121,11 @@ public class Post {
throw new HttpNotFoundException();
}
}
- body = body.replace("\r", StringUtils.EMPTY);
- if ((msg.ReadOnly && msg.getUser().getUid() != vuid) || userService.isInBLAny(msg.getUser().getUid(), vuid)
- || (reply != null && userService.isInBLAny(reply.getUser().getUid(), vuid))) {
+ if ((msg.ReadOnly && msg.getUser().getUid() != visitor.getUid())
+ || userService.isInBLAny(msg.getUser().getUid(), visitor.getUid())
+ || (reply != null && userService.isInBLAny(reply.getUser().getUid(), visitor.getUid()))) {
+ // TODO: validator
throw new HttpForbiddenException();
}
@@ -158,9 +151,6 @@ public class Post {
@ResponseStatus(value = HttpStatus.OK)
public Status doPostRecomm(@RequestParam Integer mid) throws Exception {
com.juick.User visitor = UserUtils.getCurrentUser();
- if (visitor.isAnonymous()) {
- throw new HttpForbiddenException();
- }
Optional<com.juick.Message> message = messagesService.getMessage(mid);
if (!message.isPresent()) {
throw new HttpNotFoundException();
@@ -178,9 +168,6 @@ public class Post {
@ResponseStatus(value = HttpStatus.OK)
public Status doPostSubscribe(@RequestParam Integer mid) throws Exception {
com.juick.User visitor = UserUtils.getCurrentUser();
- if (visitor.isAnonymous()) {
- throw new HttpForbiddenException();
- }
Optional<com.juick.Message> message = messagesService.getMessage(mid);
if (!message.isPresent()) {
throw new HttpNotFoundException();
@@ -207,9 +194,6 @@ public class Post {
logger.info("got reaction with type: {}", reactionId);
com.juick.User visitor = UserUtils.getCurrentUser();
- if (visitor.isAnonymous()) {
- throw new HttpForbiddenException();
- }
Optional<com.juick.Message> message = messagesService.getMessage(mid);
if (!message.isPresent()) {
throw new HttpNotFoundException();
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-03 06:49:11 +0000