From fff2c3a33de290bc80fd16b9b07c211b441bb268 Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Tue, 30 Oct 2018 12:34:48 +0300 Subject: delete notifications using POST --- .../java/com/juick/server/api/Notifications.java | 27 +++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/juick-server/src/main/java/com/juick/server/api/Notifications.java b/juick-server/src/main/java/com/juick/server/api/Notifications.java index 67e52851..bc3d98bf 100644 --- a/juick-server/src/main/java/com/juick/server/api/Notifications.java +++ b/juick-server/src/main/java/com/juick/server/api/Notifications.java @@ -105,7 +105,32 @@ public class Notifications { public Status doDelete( @RequestBody List list) { User visitor = UserUtils.getCurrentUser(); - // FIXME: it is possible to delete other user's tokens + if ((visitor.isAnonymous()) || !(visitor.getName().equals("juick"))) { + throw new HttpForbiddenException(); + } + list.forEach(t -> { + switch (t.getType()) { + case "gcm": + pushQueriesService.deleteGCMToken(t.getToken()); + break; + case "apns": + pushQueriesService.deleteAPNSToken(t.getToken()); + break; + case "mpns": + pushQueriesService.deleteMPNSToken(t.getToken()); + break; + default: + throw new HttpBadRequestException(); + } + }); + + return Status.OK; + } + @ApiIgnore + @RequestMapping(value = "/api/notifications/delete", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE) + public Status doDeleteTokens( + @RequestBody List list) { + User visitor = UserUtils.getCurrentUser(); if ((visitor.isAnonymous()) || !(visitor.getName().equals("juick"))) { throw new HttpForbiddenException(); } -- cgit v1.2.3