From d233943fc29508dc37714852b11b96b0b46b55d9 Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Thu, 24 Nov 2016 21:38:52 +0300
Subject: juick-api: now on spring-webmvc

---
 .../main/java/com/juick/api/controllers/PM.java    | 130 +++++++++++++++++++++
 1 file changed, 130 insertions(+)
 create mode 100644 juick-api/src/main/java/com/juick/api/controllers/PM.java

(limited to 'juick-api/src/main/java/com/juick/api/controllers/PM.java')

diff --git a/juick-api/src/main/java/com/juick/api/controllers/PM.java b/juick-api/src/main/java/com/juick/api/controllers/PM.java
new file mode 100644
index 00000000..3d9893b1
--- /dev/null
+++ b/juick-api/src/main/java/com/juick/api/controllers/PM.java
@@ -0,0 +1,130 @@
+package com.juick.api.controllers;
+
+import com.juick.api.ApiServer;
+import com.juick.api.util.HttpBadRequestException;
+import com.juick.api.util.HttpForbiddenException;
+import com.juick.service.PMQueriesService;
+import com.juick.service.UserService;
+import com.juick.util.UserUtils;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.ResponseBody;
+import rocks.xmpp.addr.Jid;
+import rocks.xmpp.core.stanza.model.Message;
+
+import javax.inject.Inject;
+import javax.servlet.http.HttpServletRequest;
+import java.util.List;
+
+/**
+ *
+ * @author ugnich
+ */
+@Controller
+@ResponseBody
+public class PM {
+
+    @Inject
+    UserService userService;
+    @Inject
+    PMQueriesService pmQueriesService;
+    @Inject
+    ApiServer apiServer;
+
+    @RequestMapping(value = "/pm", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+    public List<com.juick.Message> doGetPM(HttpServletRequest request) {
+        // TODO: use spring-security
+        String auth = request.getHeader("Authorization");
+        int vuid = userService.getUIDByHttpAuth(auth);
+        if (vuid == -1) {
+            throw new HttpForbiddenException();
+        }
+        if (vuid == 0) {
+            String hash = request.getParameter("hash");
+            if (hash != null && hash.length() == 16) {
+                vuid  = userService.getUIDbyHash(hash);
+            }
+        }
+        if (vuid == 0) {
+            throw new HttpForbiddenException();
+        }
+        String uname = request.getParameter("uname");
+        int uid = 0;
+        if (uname != null && uname.matches("^[a-zA-Z0-9\\-]{2,16}$")) {
+            uid = userService.getUIDbyName(uname);
+        }
+
+        if (uid == 0) {
+            throw new HttpBadRequestException();
+        }
+
+        return pmQueriesService.getPMMessages(vuid, uid);
+    }
+
+    @RequestMapping(value = "/pm", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+    public com.juick.Message doPostPM(HttpServletRequest request) {
+        // TODO: use spring-security
+        String auth = request.getHeader("Authorization");
+        int vuid = userService.getUIDByHttpAuth(auth);
+        if (vuid == -1) {
+            throw new HttpForbiddenException();
+        }
+        if (vuid == 0) {
+            String hash = request.getParameter("hash");
+            if (hash != null && hash.length() == 16) {
+                vuid  = userService.getUIDbyHash(hash);
+            }
+        }
+        if (vuid == 0) {
+            throw new HttpForbiddenException();
+        }
+        String uname = request.getParameter("uname");
+        int uid = 0;
+        if (UserUtils.checkUserNameValid(uname)) {
+            uid = userService.getUIDbyName(uname);
+        }
+
+        String body = request.getParameter("body");
+        if (uid == 0 || body == null || body.length() < 1 || body.length() > 10240) {
+            throw new HttpBadRequestException();
+        }
+
+        if (userService.isInBLAny(uid, vuid)) {
+            throw new HttpForbiddenException();
+        }
+
+        if (pmQueriesService.createPM(vuid, uid, body)) {
+            Message msg = new Message();
+            msg.setFrom(Jid.of("juick@juick.com"));
+            msg.setTo(Jid.of(String.format("%d@push.juick.com", uid)));
+            com.juick.Message jmsg = new com.juick.Message();
+            jmsg.setUser(userService.getUserByUID(vuid).get());
+            jmsg.setText(body);
+            msg.addExtension(jmsg);
+            apiServer.getXmpp().send(msg);
+
+            msg.setTo(Jid.of(String.format("%d@ws.juick.com", uid)));
+            apiServer.getXmpp().send(msg);
+
+            List<String> jids = userService.getJIDsbyUID(uid);
+            for (String jid: jids) {
+                Message mm = new Message();
+                mm.setTo(Jid.of(jid));
+                mm.setType(Message.Type.CHAT);
+                if (pmQueriesService.havePMinRoster(vuid, jid)) {
+                    mm.setFrom(Jid.of(jmsg.getUser().getName(), "juick.com", "Juick"));
+                    mm.setBody(body);
+                } else {
+                    mm.setFrom(Jid.of("juick", "juick.com", "Juick"));
+                    mm.setBody("Private message from @" + jmsg.getUser().getName() + ":\n" + body);
+                }
+                apiServer.getXmpp().send(mm);
+            }
+            return jmsg;
+
+        }
+        throw new HttpBadRequestException();
+    }
+}
-- 
cgit v1.2.3