aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/server/api
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com/juick/server/api')
-rw-r--r--src/main/java/com/juick/server/api/Messages.java27
-rw-r--r--src/main/java/com/juick/server/api/Notifications.java27
-rw-r--r--src/main/java/com/juick/server/api/PM.java15
-rw-r--r--src/main/java/com/juick/server/api/Post.java34
-rw-r--r--src/main/java/com/juick/server/api/Service.java12
-rw-r--r--src/main/java/com/juick/server/api/Tags.java4
-rw-r--r--src/main/java/com/juick/server/api/Users.java30
-rw-r--r--src/main/java/com/juick/server/api/activity/Profile.java27
-rw-r--r--src/main/java/com/juick/server/api/rss/Feeds.java12
9 files changed, 100 insertions, 88 deletions
diff --git a/src/main/java/com/juick/server/api/Messages.java b/src/main/java/com/juick/server/api/Messages.java
index 402d2162..3ac272f2 100644
--- a/src/main/java/com/juick/server/api/Messages.java
+++ b/src/main/java/com/juick/server/api/Messages.java
@@ -25,11 +25,10 @@ import com.juick.server.www.WebApp;
import com.juick.service.component.MessageReadEvent;
import com.juick.model.CommandResult;
import com.juick.server.util.HttpBadRequestException;
-import com.juick.server.util.HttpNotFoundException;
-import com.juick.server.util.UserUtils;
import com.juick.service.MessagesService;
import com.juick.service.TagService;
import com.juick.service.UserService;
+import com.juick.service.security.annotation.Visitor;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.tuple.Pair;
import org.springframework.beans.factory.annotation.Value;
@@ -78,8 +77,8 @@ public class Messages {
@GetMapping("/api/home")
public ResponseEntity<List<com.juick.Message>> getHome(
+ @Visitor User visitor,
@RequestParam(defaultValue = "0") int before_mid) {
- User visitor = UserUtils.getCurrentUser();
if (!visitor.isAnonymous()) {
int vuid = visitor.getUid();
List<Integer> mids = messagesService.getMyFeed(vuid, before_mid, true);
@@ -92,6 +91,7 @@ public class Messages {
@GetMapping("/api/messages")
public ResponseEntity<List<com.juick.Message>> getMessages(
+ @Visitor User visitor,
@RequestParam(required = false) String uname,
@RequestParam(name = "before_mid", defaultValue = "0") Integer before,
@RequestParam(required = false, defaultValue = "0") Integer daysback,
@@ -101,8 +101,6 @@ public class Messages {
@RequestParam(required = false, defaultValue = "0") Integer page,
@RequestParam(required = false) String media,
@RequestParam(required = false) String tag) {
-
- User visitor = UserUtils.getCurrentUser();
List<Integer> mids;
if (!StringUtils.isEmpty(uname)) {
User user = userService.getUserByName(uname);
@@ -151,8 +149,9 @@ public class Messages {
return ResponseEntity.ok(msgs);
}
@DeleteMapping("/api/messages")
- public CommandResult deleteMessage(@RequestParam int mid, @RequestParam(required = false, defaultValue = "0") int rid) {
- User visitor = UserUtils.getCurrentUser();
+ public CommandResult deleteMessage(
+ @Visitor User visitor,
+ @RequestParam int mid, @RequestParam(required = false, defaultValue = "0") int rid) {
if (rid > 0) {
if (messagesService.deleteReply(visitor.getUid(), mid, rid)) {
return CommandResult.fromString("Reply deleted");
@@ -163,17 +162,20 @@ public class Messages {
}
throw new HttpBadRequestException();
}
+
@GetMapping("/api/messages/discussions")
public List<Message> getDiscussions(
- @RequestParam(required = false, defaultValue = "0") Long to) {
- List<Message> msgs = messagesService.getMessages(UserUtils.getCurrentUser(), messagesService.getDiscussions(UserUtils.getCurrentUser().getUid(), to));
+ @Visitor User visitor,
+ @RequestParam(required = false, defaultValue = "0") Long to) {
+ List<Message> msgs = messagesService.getMessages(visitor,
+ messagesService.getDiscussions(visitor.getUid(), to));
msgs.forEach(m -> m.getUser().setAvatar(webApp.getAvatarUrl(m.getUser())));
return msgs;
}
@GetMapping("/api/thread")
public ResponseEntity<List<com.juick.Message>> getThread(
+ @Visitor User visitor,
@RequestParam(defaultValue = "0") int mid) {
- User visitor = UserUtils.getCurrentUser();
Optional<Message> message = messagesService.getMessage(mid);
if (message.isPresent()) {
Message msg = message.get();
@@ -199,8 +201,9 @@ public class Messages {
return NOT_FOUND;
}
@GetMapping(value = "/api/thread/mark_read/{mid}-{rid}.gif", produces = MediaType.IMAGE_GIF_VALUE)
- public byte[] markThreadRead(@PathVariable int mid, @PathVariable int rid) throws IOException {
- User visitor = UserUtils.getCurrentUser();
+ public byte[] markThreadRead(
+ @Visitor User visitor,
+ @PathVariable int mid, @PathVariable int rid) throws IOException {
if (!visitor.isAnonymous()) {
messagesService.setLastReadComment(visitor, mid, rid);
Message msg = messagesService.getMessage(mid).orElseThrow(IllegalStateException::new);
diff --git a/src/main/java/com/juick/server/api/Notifications.java b/src/main/java/com/juick/server/api/Notifications.java
index 6829653c..f2c2d712 100644
--- a/src/main/java/com/juick/server/api/Notifications.java
+++ b/src/main/java/com/juick/server/api/Notifications.java
@@ -17,18 +17,19 @@
package com.juick.server.api;
+import com.juick.ExternalToken;
import com.juick.Message;
import com.juick.Status;
-import com.juick.ExternalToken;
import com.juick.User;
import com.juick.model.AnonymousUser;
import com.juick.server.util.HttpBadRequestException;
-import com.juick.server.util.UserUtils;
import com.juick.service.MessagesService;
import com.juick.service.PushQueriesService;
import com.juick.service.SubscriptionService;
import com.juick.service.TelegramService;
import com.juick.service.UserService;
+import com.juick.service.security.annotation.Visitor;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
@@ -41,7 +42,6 @@ import springfox.documentation.annotations.ApiIgnore;
import javax.inject.Inject;
import java.io.IOException;
-import java.security.Principal;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
@@ -62,6 +62,8 @@ public class Notifications {
private UserService userService;
@Inject
private TelegramService telegramService;
+ @Value("${api_user:juick}")
+ private String serviceUser;
private User collectTokens(Integer uid) {
@@ -84,11 +86,11 @@ public class Notifications {
@ApiIgnore
@RequestMapping(value = "/api/notifications", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public ResponseEntity<List<User>> doGet(
+ @Visitor User visitor,
@RequestParam(required = false, defaultValue = "0") int uid,
@RequestParam(required = false, defaultValue = "0") int mid,
@RequestParam(required = false, defaultValue = "0") int rid) {
- User visitor = UserUtils.getCurrentUser();
- if (!(visitor.getName().equals("juick"))) {
+ if (!(visitor.getName().equals(serviceUser))) {
return ResponseEntity.status(HttpStatus.FORBIDDEN).body(null);
}
if (uid > 0 && mid == 0) {
@@ -119,9 +121,9 @@ public class Notifications {
@ApiIgnore
@RequestMapping(value = "/api/notifications", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public ResponseEntity<Status> doDelete(
+ @Visitor User visitor,
@RequestBody List<ExternalToken> list) {
- User visitor = UserUtils.getCurrentUser();
- if (!visitor.getName().equals("juick")) {
+ if (!visitor.getName().equals(serviceUser)) {
return ResponseEntity.status(HttpStatus.FORBIDDEN).body(null);
}
list.forEach(t -> {
@@ -145,9 +147,9 @@ public class Notifications {
@ApiIgnore
@RequestMapping(value = "/api/notifications/delete", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public ResponseEntity<Status> doDeleteTokens(
+ @Visitor User visitor,
@RequestBody List<ExternalToken> list) {
- User visitor = UserUtils.getCurrentUser();
- if (!visitor.getName().equals("juick")) {
+ if (!visitor.getName().equals(serviceUser)) {
return ResponseEntity.status(HttpStatus.FORBIDDEN).body(null);
}
list.forEach(t -> {
@@ -172,8 +174,8 @@ public class Notifications {
@ApiIgnore
@RequestMapping(value = "/api/notifications", method = RequestMethod.PUT, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public Status doPut(
+ @Visitor User visitor,
@RequestBody List<ExternalToken> list) throws IOException {
- User visitor = UserUtils.getCurrentUser();
list.forEach(t -> {
switch (t.getType()) {
case "gcm":
@@ -195,8 +197,8 @@ public class Notifications {
@Deprecated
@RequestMapping(value = "/api/android/register", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public Status doAndroidRegister(
+ @Visitor User visitor,
@RequestParam(name = "regid") String regId) {
- User visitor = UserUtils.getCurrentUser();
pushQueriesService.addGCMToken(visitor.getUid(), regId);
return Status.OK;
}
@@ -204,9 +206,8 @@ public class Notifications {
@Deprecated
@RequestMapping(value = "/api/winphone/register", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public Status doWinphoneRegister(
- Principal principal,
+ @Visitor User visitor,
@RequestParam(name = "url") String regId) {
- User visitor = UserUtils.getCurrentUser();
pushQueriesService.addMPNSToken(visitor.getUid(), regId);
return Status.OK;
}
diff --git a/src/main/java/com/juick/server/api/PM.java b/src/main/java/com/juick/server/api/PM.java
index 06dc9733..b65841c0 100644
--- a/src/main/java/com/juick/server/api/PM.java
+++ b/src/main/java/com/juick/server/api/PM.java
@@ -20,13 +20,16 @@ package com.juick.server.api;
import com.juick.Chat;
import com.juick.Message;
import com.juick.User;
-import com.juick.server.www.WebApp;
-import com.juick.service.component.MessageEvent;
import com.juick.model.AnonymousUser;
import com.juick.model.PrivateChats;
-import com.juick.server.util.*;
+import com.juick.server.util.HttpBadRequestException;
+import com.juick.server.util.HttpForbiddenException;
+import com.juick.server.util.WebUtils;
+import com.juick.server.www.WebApp;
import com.juick.service.PMQueriesService;
import com.juick.service.UserService;
+import com.juick.service.component.MessageEvent;
+import com.juick.service.security.annotation.Visitor;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.http.MediaType;
import org.springframework.web.bind.annotation.RequestMapping;
@@ -54,8 +57,8 @@ public class PM {
@RequestMapping(value = "/api/pm", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public List<com.juick.Message> doGetPM(
+ @Visitor User visitor,
@RequestParam(required = false) String uname) {
- User visitor = UserUtils.getCurrentUser();
int uid = 0;
if (uname != null && uname.matches("^[a-zA-Z0-9\\-]{2,16}$")) {
uid = userService.getUIDbyName(uname);
@@ -72,9 +75,9 @@ public class PM {
@RequestMapping(value = "/api/pm", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public com.juick.Message doPostPM(
+ @Visitor User visitor,
@RequestParam String uname,
@RequestParam String body) {
- User visitor = UserUtils.getCurrentUser();
User userTo = AnonymousUser.INSTANCE;
if (WebUtils.isUserName(uname)) {
userTo = userService.getUserByName(uname);
@@ -102,8 +105,8 @@ public class PM {
}
@RequestMapping(value = "/api/groups_pms", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public PrivateChats doGetGroupsPMs(
+ @Visitor User visitor,
@RequestParam(defaultValue = "5") int cnt) {
- User visitor = UserUtils.getCurrentUser();
// TODO: ignore cnt param for now but make sure paging param will not be cnt
List<Chat> lastconv = pmQueriesService.getLastChats(visitor);
diff --git a/src/main/java/com/juick/server/api/Post.java b/src/main/java/com/juick/server/api/Post.java
index b575cef8..10e19faf 100644
--- a/src/main/java/com/juick/server/api/Post.java
+++ b/src/main/java/com/juick/server/api/Post.java
@@ -21,12 +21,16 @@ import com.juick.Message;
import com.juick.Reaction;
import com.juick.Status;
import com.juick.User;
-import com.juick.server.CommandsManager;
import com.juick.model.CommandResult;
-import com.juick.server.util.*;
+import com.juick.server.CommandsManager;
+import com.juick.server.util.HttpBadRequestException;
+import com.juick.server.util.HttpForbiddenException;
+import com.juick.server.util.HttpNotFoundException;
+import com.juick.server.util.HttpUtils;
import com.juick.service.MessagesService;
import com.juick.service.SubscriptionService;
import com.juick.service.UserService;
+import com.juick.service.security.annotation.Visitor;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -66,10 +70,10 @@ public class Post {
@RequestMapping(value = "/api/post", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
@ResponseStatus(value = HttpStatus.OK)
public CommandResult doPostMessage(
+ @Visitor User visitor,
@RequestParam(required = false, defaultValue = StringUtils.EMPTY) String body,
@RequestParam(required = false) String img,
@RequestParam(required = false) MultipartFile attach) throws Exception {
- User visitor = UserUtils.getCurrentUser();
body = body.replace("\r", StringUtils.EMPTY);
URI attachmentFName = HttpUtils.receiveMultiPartFile(attach, tmpDir);
@@ -97,13 +101,13 @@ public class Post {
@RequestMapping(value = "/api/comment", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public CommandResult doPostComment(
+ @Visitor User visitor,
@RequestParam(defaultValue = "0") int mid,
@RequestParam(defaultValue = "0") int rid,
@RequestParam(required = false, defaultValue = StringUtils.EMPTY) final String body,
@RequestParam(required = false) String img,
@RequestParam(required = false) MultipartFile attach)
throws Exception {
- User visitor = UserUtils.getCurrentUser();
if (mid == 0) {
throw new HttpBadRequestException();
}
@@ -149,8 +153,7 @@ public class Post {
@PostMapping("/api/like")
@ResponseStatus(value = HttpStatus.OK)
- public Status doPostRecomm(@RequestParam Integer mid) throws Exception {
- com.juick.User visitor = UserUtils.getCurrentUser();
+ public Status doPostRecomm(@Visitor User visitor, @RequestParam Integer mid) throws Exception {
Optional<com.juick.Message> message = messagesService.getMessage(mid);
if (!message.isPresent()) {
throw new HttpNotFoundException();
@@ -166,8 +169,8 @@ public class Post {
@PostMapping("/api/subscribe")
@ResponseStatus(value = HttpStatus.OK)
- public Status doPostSubscribe(@RequestParam Integer mid) throws Exception {
- com.juick.User visitor = UserUtils.getCurrentUser();
+ public Status doPostSubscribe(@Visitor User visitor,
+ @RequestParam Integer mid) throws Exception {
Optional<com.juick.Message> message = messagesService.getMessage(mid);
if (!message.isPresent()) {
throw new HttpNotFoundException();
@@ -189,11 +192,12 @@ public class Post {
@PostMapping("/api/react")
@ResponseStatus(value = HttpStatus.OK)
- public Status doPostReact(@RequestParam Integer mid,@RequestParam @NotNull int reactionId,
- @RequestParam (required = false, defaultValue = "1") int count) {
+ public Status doPostReact(
+ @Visitor User visitor,
+ @RequestParam Integer mid, @RequestParam @NotNull int reactionId,
+ @RequestParam(required = false, defaultValue = "1") int count) {
logger.info("got reaction with type: {}", reactionId);
- com.juick.User visitor = UserUtils.getCurrentUser();
Optional<com.juick.Message> message = messagesService.getMessage(mid);
if (!message.isPresent()) {
throw new HttpNotFoundException();
@@ -211,10 +215,10 @@ public class Post {
}
@PostMapping("/api/update")
- public CommandResult updateMessage(@RequestParam Integer mid,
- @RequestParam(required = false, defaultValue = "0") Integer rid,
- @RequestParam String body) {
- User visitor = UserUtils.getCurrentUser();
+ public CommandResult updateMessage(@Visitor User visitor,
+ @RequestParam Integer mid,
+ @RequestParam(required = false, defaultValue = "0") Integer rid,
+ @RequestParam String body) {
User author = rid == 0 ? messagesService.getMessageAuthor(mid) : messagesService.getReply(mid, rid).getUser();
if (visitor.equals(author)) {
if (messagesService.updateMessage(mid, rid, body)) {
diff --git a/src/main/java/com/juick/server/api/Service.java b/src/main/java/com/juick/server/api/Service.java
index 27316d91..791e09ce 100644
--- a/src/main/java/com/juick/server/api/Service.java
+++ b/src/main/java/com/juick/server/api/Service.java
@@ -1,14 +1,13 @@
package com.juick.server.api;
-import com.juick.Message;
import com.juick.User;
import com.juick.server.CommandsManager;
import com.juick.server.EmailManager;
import com.juick.server.ServerManager;
import com.juick.server.util.HttpForbiddenException;
-import com.juick.server.util.UserUtils;
import com.juick.service.EmailService;
import com.juick.service.UserService;
+import com.juick.service.security.annotation.Visitor;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.RandomStringUtils;
@@ -64,8 +63,8 @@ public class Service {
@ApiIgnore
@PostMapping("/api/mail")
@ResponseStatus(value = HttpStatus.OK)
- public void processMail(InputStream data) throws Exception {
- if (UserUtils.getCurrentUser().getName().equals(serviceUser)) {
+ public void processMail(@Visitor User current, InputStream data) throws Exception {
+ if (current.getName().equals(serviceUser)) {
MimeMessage msg = new MimeMessage(session, data);
String[] returnPaths = msg.getHeader("Return-Path");
if (returnPaths != null) {
@@ -90,7 +89,7 @@ public class Service {
body[0] = IOUtils.toString(a.getInputStream(), StandardCharsets.UTF_8);
logger.info("got text: {}", body[0]);
} catch (IOException e) {
- logger.info("attachment error: {}", e);
+ logger.info("attachment error", e);
}
});
}
@@ -145,8 +144,7 @@ public class Service {
.forEach(session -> serverManager.getSessions().remove(session));
}
@GetMapping("/api/events")
- public SseEmitter handle() throws IOException {
- User visitor = UserUtils.getCurrentUser();
+ public SseEmitter handle(@Visitor User visitor) throws IOException {
logger.info("{} connected", visitor.getName());
if (!visitor.isAnonymous()) {
userService.updateLastSeen(visitor);
diff --git a/src/main/java/com/juick/server/api/Tags.java b/src/main/java/com/juick/server/api/Tags.java
index 7a8e572a..35f2bc66 100644
--- a/src/main/java/com/juick/server/api/Tags.java
+++ b/src/main/java/com/juick/server/api/Tags.java
@@ -19,8 +19,8 @@ package com.juick.server.api;
import com.juick.User;
import com.juick.model.TagStats;
-import com.juick.server.util.UserUtils;
import com.juick.service.TagService;
+import com.juick.service.security.annotation.Visitor;
import org.springframework.http.MediaType;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@@ -40,9 +40,9 @@ public class Tags {
@RequestMapping(value = "/api/tags", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public List<TagStats> tags(
+ @Visitor User visitor,
@RequestParam(required = false, defaultValue = "0") int user_id
) {
- User visitor = UserUtils.getCurrentUser();
if (user_id == 0) {
user_id = visitor.getUid();
}
diff --git a/src/main/java/com/juick/server/api/Users.java b/src/main/java/com/juick/server/api/Users.java
index 33b3704b..1a046ad8 100644
--- a/src/main/java/com/juick/server/api/Users.java
+++ b/src/main/java/com/juick/server/api/Users.java
@@ -22,10 +22,11 @@ import com.juick.model.AnonymousUser;
import com.juick.model.ApplicationStatus;
import com.juick.server.util.HttpNotFoundException;
import com.juick.server.util.HttpUtils;
-import com.juick.server.util.UserUtils;
import com.juick.server.util.WebUtils;
import com.juick.server.www.WebApp;
import com.juick.service.*;
+import com.juick.service.security.annotation.Visitor;
+import com.juick.service.security.entities.JuickUser;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Value;
@@ -61,12 +62,13 @@ public class Users {
private String tmpDir;
@RequestMapping(value = "/api/auth", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
- public String getAuthToken() {
- return userService.getHashByUID(UserUtils.getCurrentUser().getUid());
+ public String getAuthToken(@Visitor User visitor) {
+ return userService.getHashByUID(visitor.getUid());
}
@RequestMapping(value = "/api/users", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public List<User> doGetUsers(
+ @Visitor User visitor,
@RequestParam(value = "uname", required = false) List<String> unames) {
List<com.juick.User> users = new ArrayList<>();
@@ -79,8 +81,7 @@ public class Users {
users.forEach(u -> u.setAvatar(webApp.getAvatarUrl(u)));
if (!users.isEmpty())
return users;
- if (!UserUtils.getCurrentUser().isAnonymous()) {
- User visitor = UserUtils.getCurrentUser();
+ if (!visitor.isAnonymous()) {
visitor.setAvatar(webApp.getAvatarUrl(visitor));
return Collections.singletonList(visitor);
}
@@ -89,12 +90,11 @@ public class Users {
}
@GetMapping("/api/me")
- public SecureUser getMe() {
- User visitor = UserUtils.getCurrentUser();
+ public SecureUser getMe(@Visitor User visitor) {
SecureUser me = new SecureUser();
me.setUid(visitor.getUid());
me.setName(visitor.getName());
- me.setAuthHash(getAuthToken());
+ me.setAuthHash(getAuthToken(visitor));
List<Integer> unread = messagesService.getUnread(visitor);
me.setUnread(unread);
me.setUnreadCount(unread.size());
@@ -104,8 +104,8 @@ public class Users {
return (SecureUser)userService.getUserInfo(me);
}
@PostMapping("/api/me/upload")
- public void updateInfo(@RequestParam MultipartFile avatar) throws IOException {
- User visitor = UserUtils.getCurrentUser();
+ public void updateInfo(@Visitor User visitor,
+ @RequestParam MultipartFile avatar) throws IOException {
String avatarTmpPath = HttpUtils.receiveMultiPartFile(avatar, tmpDir).getHost();
if (StringUtils.isNotEmpty(avatarTmpPath)) {
imagesService.saveAvatar(avatarTmpPath, visitor.getUid());
@@ -114,8 +114,8 @@ public class Users {
@RequestMapping(value = "/api/users/read", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public List<User> doGetUserRead(
+ @Visitor User visitor,
@RequestParam String uname) {
- User visitor = UserUtils.getCurrentUser();
int uid = 0;
if (uname == null) {
uid = visitor.getUid();
@@ -138,8 +138,8 @@ public class Users {
@RequestMapping(value = "/api/users/readers", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public List<User> doGetUserReaders(
+ @Visitor User visitor,
@RequestParam String uname) {
- User visitor = UserUtils.getCurrentUser();
int uid = 0;
if (uname == null) {
uid = visitor.getUid();
@@ -161,11 +161,11 @@ public class Users {
}
@GetMapping("/api/info/{uname}")
- public User getUserInfo(@PathVariable String uname) {
+ public User getUserInfo(@Visitor User visitor, @PathVariable String uname) {
User user = userService.getUserByName(uname);
if (!user.isBanned()) {
- user.setRead(doGetUserRead(uname));
- user.setReaders(doGetUserReaders(uname));
+ user.setRead(doGetUserRead(visitor, uname));
+ user.setReaders(doGetUserReaders(visitor, uname));
user.setAvatar(webApp.getAvatarUrl(user));
return userService.getUserInfo(user);
}
diff --git a/src/main/java/com/juick/server/api/activity/Profile.java b/src/main/java/com/juick/server/api/activity/Profile.java
index 701b1949..a7ba65a5 100644
--- a/src/main/java/com/juick/server/api/activity/Profile.java
+++ b/src/main/java/com/juick/server/api/activity/Profile.java
@@ -25,11 +25,14 @@ import com.juick.server.api.activity.model.objects.OrderedCollectionPage;
import com.juick.server.api.activity.model.objects.Person;
import com.juick.server.util.HttpBadRequestException;
import com.juick.server.util.HttpNotFoundException;
-import com.juick.server.util.UserUtils;
import com.juick.server.www.WebApp;
import com.juick.service.MessagesService;
import com.juick.service.UserService;
-import com.juick.service.activities.*;
+import com.juick.service.activities.AnnounceEvent;
+import com.juick.service.activities.FollowEvent;
+import com.juick.service.activities.UndoAnnounceEvent;
+import com.juick.service.activities.UndoFollowEvent;
+import com.juick.service.security.annotation.Visitor;
import com.overzealous.remark.Remark;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
@@ -43,20 +46,15 @@ import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
-import org.springframework.web.client.RestTemplate;
import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
-import org.springframework.web.util.UriComponents;
import org.springframework.web.util.UriComponentsBuilder;
import javax.inject.Inject;
import java.io.InputStream;
import java.net.URI;
import java.nio.charset.StandardCharsets;
-import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
@@ -132,15 +130,15 @@ public class Profile {
}
@GetMapping(value = "/u/{userName}/blog", produces = {Context.LD_JSON_MEDIA_TYPE, Context.ACTIVITYSTREAMS_PROFILE_MEDIA_TYPE})
- public OrderedCollectionPage getOutboxPage(@PathVariable String userName,
+ public OrderedCollectionPage getOutboxPage(@Visitor User visitor, @PathVariable String userName,
@RequestParam(required = false, defaultValue = "0") int before) {
- User visitor = UserUtils.getCurrentUser();
User user = userService.getUserByName(userName);
if (!user.isAnonymous() && !user.isBanned()) {
UriComponentsBuilder uri = UriComponentsBuilder.fromUriString(baseUri);
String personUri = uri.path(String.format("/u/%s", userName)).toUriString();
List<Integer> mids = messagesService.getUserBlog(user.getUid(), 0, before);
- List<Note> notes = messagesService.getMessages(visitor, mids).stream().map(activityPubManager::makeNote).collect(Collectors.toList());
+ List<Note> notes = messagesService.getMessages(visitor, mids)
+ .stream().map(activityPubManager::makeNote).collect(Collectors.toList());
OrderedCollectionPage page = new OrderedCollectionPage();
page.setPartOf(uri.replacePath(String.format("/u/%s/blog/toc", userName)).toUriString());
page.setFirst(uri.replacePath(String.format("/u/%s/blog", userName)).toUriString());
@@ -260,12 +258,15 @@ public class Profile {
}
@PostMapping(value = "/api/inbox", consumes = {Context.LD_JSON_MEDIA_TYPE, Context.ACTIVITYSTREAMS_PROFILE_MEDIA_TYPE})
- public ResponseEntity<CommandResult> processInbox(InputStream inboxData) throws Exception {
+ public ResponseEntity<CommandResult> processInbox(
+ @Visitor User visitor,
+ InputStream inboxData) throws Exception {
String inbox = IOUtils.toString(inboxData, StandardCharsets.UTF_8);
logger.info("Inbox: {}", inbox);
Activity activity = jsonMapper.readValue(inbox, Activity.class);
- User visitor = UserUtils.getCurrentUser();
- if ((StringUtils.isNotEmpty(visitor.getUri().toString()) && visitor.getUri().equals(URI.create(activity.getActor()))) || !visitor.isAnonymous()) {
+ if ((StringUtils.isNotEmpty(visitor.getUri().toString())
+ && visitor.getUri().equals(URI.create(activity.getActor())))
+ || !visitor.isAnonymous()) {
if (activity instanceof Follow) {
Follow followRequest = (Follow) activity;
applicationEventPublisher.publishEvent(
diff --git a/src/main/java/com/juick/server/api/rss/Feeds.java b/src/main/java/com/juick/server/api/rss/Feeds.java
index d6e0587c..5a5d42eb 100644
--- a/src/main/java/com/juick/server/api/rss/Feeds.java
+++ b/src/main/java/com/juick/server/api/rss/Feeds.java
@@ -19,9 +19,9 @@ package com.juick.server.api.rss;
import com.juick.User;
import com.juick.server.util.HttpNotFoundException;
-import com.juick.server.util.UserUtils;
import com.juick.service.MessagesService;
import com.juick.service.UserService;
+import com.juick.service.security.annotation.Visitor;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
@@ -43,25 +43,27 @@ public class Feeds {
private UserService userService;
@GetMapping("/rss/{userName}/blog")
- public ModelAndView getBlog(@PathVariable String userName) {
+ public ModelAndView getBlog(@Visitor User visitor, @PathVariable String userName) {
User user = userService.getUserByName(userName);
if (!user.isAnonymous() && !user.isBanned()) {
List<Integer> mids = messagesService.getUserBlog(user.getUid(), 0, 0);
ModelAndView modelAndView = new ModelAndView();
modelAndView.setViewName("messagesView");
modelAndView.addObject("user", user);
- modelAndView.addObject("messages", messagesService.getMessages(UserUtils.getCurrentUser(), mids));
+ modelAndView.addObject("messages", messagesService.getMessages(visitor, mids));
return modelAndView;
}
throw new HttpNotFoundException();
}
@GetMapping("/rss/")
- public ModelAndView getLast(@RequestParam(value = "hours", required = false, defaultValue = "0") Integer hours) {
+ public ModelAndView getLast(
+ @Visitor User visitor,
+ @RequestParam(value = "hours", required = false, defaultValue = "0") Integer hours) {
List<Integer> mids = messagesService.getLastMessages(hours);
ModelAndView modelAndView = new ModelAndView();
modelAndView.setViewName("messagesView");
- modelAndView.addObject("messages", messagesService.getMessages(UserUtils.getCurrentUser(),mids));
+ modelAndView.addObject("messages", messagesService.getMessages(visitor, mids));
return modelAndView;
}
@GetMapping("/rss/comments")
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-24 09:18:05 +0000