5 files changed, 10 insertions, 24 deletions

diff --git a/src/main/java/com/juick/server/XMPPConnection.java b/src/main/java/com/juick/server/XMPPConnection.java
index f77b2354..dfbe92d5 100644
--- a/src/main/java/com/juick/server/XMPPConnection.java
+++ b/src/main/java/com/juick/server/XMPPConnection.java
@@ -22,7 +22,6 @@ import com.juick.formatters.PlainTextFormatter;
 import com.juick.server.www.WebApp;
 import com.juick.service.component.*;
 import com.juick.model.CommandResult;
-import com.juick.model.UserInfo;
 import com.juick.server.xmpp.iq.MessageQuery;
 import com.juick.server.xmpp.s2s.BasicXmppSession;
 import com.juick.server.xmpp.s2s.StanzaListener;
@@ -35,7 +34,6 @@ import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.ApplicationEventPublisher;
 import rocks.xmpp.addr.Jid;
 import rocks.xmpp.core.XmppException;
 import rocks.xmpp.core.session.XmppSession;
@@ -164,7 +162,7 @@ public class XMPPConnection implements StanzaListener, NotificationListener {
                 }
                 User user = userService.getUserByName(iq.getTo().getLocal());
                 if (!user.isAnonymous()) {
-                    UserInfo info = userService.getUserInfo(user);
+                    User info = userService.getUserInfo(user);
                     VCard userVCard = new VCard();
                     userVCard.setFormattedName(info.getFullName());
                     userVCard.setNickname(user.getName());
diff --git a/src/main/java/com/juick/server/api/Users.java b/src/main/java/com/juick/server/api/Users.java
index 0e0fee85..5c6efe0c 100644
--- a/src/main/java/com/juick/server/api/Users.java
+++ b/src/main/java/com/juick/server/api/Users.java
@@ -19,7 +19,6 @@ package com.juick.server.api;
 
 import com.juick.User;
 import com.juick.model.ApplicationStatus;
-import com.juick.model.UserInfo;
 import com.juick.server.util.*;
 import com.juick.server.www.WebApp;
 import com.juick.service.*;
@@ -96,7 +95,7 @@ public class Users {
         me.setRead(userService.getUserFriends(visitor.getUid()));
         me.setReaders(userService.getUserReaders(visitor.getUid()));
         me.setAvatar(webApp.getAvatarUrl(visitor));
-        return me;
+        return (SecureUser)userService.getUserInfo(me);
     }
     @PostMapping("/api/me/upload")
     public void updateInfo(@RequestParam MultipartFile avatar) throws IOException {
@@ -111,9 +110,6 @@ public class Users {
     public List<User> doGetUserRead(
             @RequestParam String uname) {
         User visitor = UserUtils.getCurrentUser();
-        if (visitor.isAnonymous()) {
-            throw new HttpForbiddenException();
-        }
         int uid = 0;
         if (uname == null) {
             uid = visitor.getUid();
@@ -138,9 +134,6 @@ public class Users {
     public List<User> doGetUserReaders(
             @RequestParam String uname) {
         User visitor = UserUtils.getCurrentUser();
-        if (visitor.isAnonymous()) {
-            throw new HttpForbiddenException();
-        }
         int uid = 0;
         if (uname == null) {
             uid = visitor.getUid();
@@ -162,7 +155,7 @@ public class Users {
     }
 
     @GetMapping("/api/info/{uname}")
-    public UserInfo getUserInfo(@PathVariable String uname) {
+    public User getUserInfo(@PathVariable String uname) {
         User user = userService.getUserByName(uname);
         if (!user.isBanned()) {
             user.setRead(doGetUserRead(uname));
@@ -177,9 +170,6 @@ public class Users {
         public String getHash() {
             return getAuthHash();
         }
-        public UserInfo getUserInfo() {
-            return userService.getUserInfo(this);
-        }
         public List<String> getJIDs() {
             return userService.getAllJIDs(this);
         }
diff --git a/src/main/java/com/juick/server/configuration/SecurityConfig.java b/src/main/java/com/juick/server/configuration/SecurityConfig.java
index f53cc531..16b61172 100644
--- a/src/main/java/com/juick/server/configuration/SecurityConfig.java
+++ b/src/main/java/com/juick/server/configuration/SecurityConfig.java
@@ -98,7 +98,7 @@ public class SecurityConfig {
                     .authorizeRequests()
                     .antMatchers(HttpMethod.OPTIONS).permitAll()
                     .antMatchers("/api/", "/api/messages", "/api/messages/discussions", "/api/users", "/api/thread", "/api/tags", "/api/tlgmbtwbhk", "/api/fbwbhk",
-                            "/api/skypebotendpoint", "/api/_fblogin", "/api/_vklogin", "/api/_tglogin", "/api/_google", "/api/signup", "/api/inbox", "/api/u/**", "/.well-known/webfinger", "/.well-known/x-nodeinfo2", "/rss/**", "/api/events").permitAll()
+                            "/api/skypebotendpoint", "/api/_fblogin", "/api/_vklogin", "/api/_tglogin", "/api/_google", "/api/signup", "/api/inbox", "/api/u/**", "/.well-known/webfinger", "/.well-known/x-nodeinfo2", "/rss/**", "/api/events", "/api/info/**").permitAll()
                     .anyRequest().hasRole("USER")
                     .and()
                     .anonymous().principal(JuickUser.ANONYMOUS_USER).authorities(JuickUser.ANONYMOUS_AUTHORITY)
diff --git a/src/main/java/com/juick/server/www/controllers/AnythingFilter.java b/src/main/java/com/juick/server/www/controllers/AnythingFilter.java
index cdbeafc0..57b298eb 100644
--- a/src/main/java/com/juick/server/www/controllers/AnythingFilter.java
+++ b/src/main/java/com/juick/server/www/controllers/AnythingFilter.java
@@ -60,7 +60,7 @@ public class AnythingFilter extends OncePerRequestFilter {
         } else {
             com.juick.User user = userService.getUserByName(anything);
             if (!user.isAnonymous()) {
-                ((HttpServletResponse) servletResponse).sendRedirect("/" + user.getName() + "/?before=" + before);
+                servletResponse.sendRedirect("/" + user.getName() + "/?before=" + before);
             } else {
                 filterChain.doFilter(servletRequest, servletResponse);
             }
diff --git a/src/main/java/com/juick/server/www/controllers/Settings.java b/src/main/java/com/juick/server/www/controllers/Settings.java
index fc84b410..d5a21d09 100644
--- a/src/main/java/com/juick/server/www/controllers/Settings.java
+++ b/src/main/java/com/juick/server/www/controllers/Settings.java
@@ -18,7 +18,6 @@ package com.juick.server.www.controllers;
 
 import com.juick.User;
 import com.juick.model.NotifyOpts;
-import com.juick.model.UserInfo;
 import com.juick.server.util.HttpBadRequestException;
 import com.juick.server.util.HttpUtils;
 import com.juick.server.util.UserUtils;
@@ -156,16 +155,15 @@ public class Settings {
                 }
                 break;
             case "about":
-                UserInfo info = new UserInfo();
-                info.setFullName(request.getParameter("fullname"));
-                info.setCountry(request.getParameter("country"));
-                info.setUrl(request.getParameter("url"));
-                info.setDescription(request.getParameter("descr"));
+                visitor.setFullName(request.getParameter("fullname"));
+                visitor.setCountry(request.getParameter("country"));
+                visitor.setUrl(request.getParameter("url"));
+                visitor.setDescription(request.getParameter("descr"));
                 String avatarTmpPath = HttpUtils.receiveMultiPartFile(avatar, tmpDir).getHost();
                 if (StringUtils.isNotEmpty(avatarTmpPath)) {
                     imagesService.saveAvatar(avatarTmpPath, visitor.getUid());
                 }
-                if (userService.updateUserInfo(visitor, info)) {
+                if (userService.updateUserInfo(visitor)) {
                     result = String.format("<p>Your info is updated.</p><p><a href='/%s/'>Back to blog</a>.</p>", visitor.getName());
                 }
                 break;