From 926bdf95c75ac8f4abbc403b0a2c24327e405903 Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Mon, 27 Aug 2018 10:20:47 +0300 Subject: merge tests from www-2.x --- .../main/java/com/juick/server/api/Messages.java | 6 ++++++ .../com/juick/service/MessagesServiceImpl.java | 22 ++++++++++++++++++++++ 2 files changed, 28 insertions(+) (limited to 'juick-server/src/main') diff --git a/juick-server/src/main/java/com/juick/server/api/Messages.java b/juick-server/src/main/java/com/juick/server/api/Messages.java index d7c07391..db6463dd 100644 --- a/juick-server/src/main/java/com/juick/server/api/Messages.java +++ b/juick-server/src/main/java/com/juick/server/api/Messages.java @@ -24,10 +24,12 @@ import com.juick.server.Utils; import com.juick.server.component.MessageReadEvent; import com.juick.server.helpers.CommandResult; import com.juick.server.util.HttpBadRequestException; +import com.juick.server.util.HttpNotFoundException; import com.juick.server.util.UserUtils; import com.juick.service.MessagesService; import com.juick.service.TagService; import com.juick.service.UserService; +import com.juick.service.security.entities.JuickUser; import org.apache.commons.io.IOUtils; import org.springframework.context.ApplicationEventPublisher; import org.springframework.http.HttpStatus; @@ -167,6 +169,10 @@ public class Messages { if (!messagesService.canViewThread(mid, visitor.getUid())) { return FORBIDDEN; } else { + JuickUser juickUser = new JuickUser(userService.getUserByName(msg.getUser().getName())); + if (!juickUser.isEnabled()) { + throw new HttpNotFoundException(); + } msg.setRecommendations(new HashSet<>(messagesService.getMessageRecommendations(msg.getMid()))); List replies = messagesService.getReplies(visitor, mid); if (!visitor.isAnonymous()) { diff --git a/juick-server/src/main/java/com/juick/service/MessagesServiceImpl.java b/juick-server/src/main/java/com/juick/service/MessagesServiceImpl.java index 807f4a9d..125e4f63 100644 --- a/juick-server/src/main/java/com/juick/service/MessagesServiceImpl.java +++ b/juick-server/src/main/java/com/juick/service/MessagesServiceImpl.java @@ -20,6 +20,8 @@ package com.juick.service; import com.juick.*; import com.juick.server.helpers.PrivacyOpts; import com.juick.server.helpers.ResponseReply; +import com.juick.server.util.HttpNotFoundException; +import com.juick.service.security.entities.JuickUser; import com.juick.util.MessageUtils; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.lang3.StringUtils; @@ -649,6 +651,11 @@ public class MessagesServiceImpl extends BaseJdbcService implements MessagesServ .addValue("privacy", privacy) .addValue("before", before); + JuickUser juickUser = new JuickUser(userService.getUserByUID(uid).orElseThrow(IllegalStateException::new)); + if (!juickUser.isEnabled()) { + throw new HttpNotFoundException(); + } + return getNamedParameterJdbcTemplate().queryForList( "SELECT message_id FROM messages WHERE user_id = :uid" + (before > 0 ? @@ -667,6 +674,11 @@ public class MessagesServiceImpl extends BaseJdbcService implements MessagesServ .addValue("privacy", privacy) .addValue("before", before); + JuickUser juickUser = new JuickUser(userService.getUserByUID(uid).orElseThrow(IllegalStateException::new)); + if (!juickUser.isEnabled()) { + throw new HttpNotFoundException(); + } + return getNamedParameterJdbcTemplate().queryForList( "SELECT messages.message_id FROM messages_tags INNER JOIN messages " + " USING (message_id) WHERE messages.user_id = :uid AND messages_tags.tag_id = :tid " + @@ -685,6 +697,11 @@ public class MessagesServiceImpl extends BaseJdbcService implements MessagesServ .addValue("privacy", privacy) .addValue("daysback", daysback); + JuickUser juickUser = new JuickUser(userService.getUserByUID(uid).orElseThrow(IllegalStateException::new)); + if (!juickUser.isEnabled()) { + throw new HttpNotFoundException(); + } + return getNamedParameterJdbcTemplate().queryForList( "SELECT message_id FROM messages WHERE user_id = :uid" + (daysback > 0 ? @@ -703,6 +720,11 @@ public class MessagesServiceImpl extends BaseJdbcService implements MessagesServ .addValue("privacy", privacy) .addValue("before", before); + JuickUser juickUser = new JuickUser(userService.getUserByUID(uid).orElseThrow(IllegalStateException::new)); + if (!juickUser.isEnabled()) { + throw new HttpNotFoundException(); + } + return getNamedParameterJdbcTemplate().queryForList( "SELECT message_id FROM " + "(SELECT message_id FROM favorites " + -- cgit v1.2.3