From a34350b62784d4332243ba40ffe928afd91f67d3 Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Fri, 26 Apr 2019 16:40:58 +0300
Subject: Authorization checks are in spring-security for a while

---
 src/main/java/com/juick/server/api/PM.java | 9 ---------
 1 file changed, 9 deletions(-)

(limited to 'src/main/java/com/juick/server/api/PM.java')

diff --git a/src/main/java/com/juick/server/api/PM.java b/src/main/java/com/juick/server/api/PM.java
index e61fef6e..06dc9733 100644
--- a/src/main/java/com/juick/server/api/PM.java
+++ b/src/main/java/com/juick/server/api/PM.java
@@ -56,9 +56,6 @@ public class PM {
     public List<com.juick.Message> doGetPM(
             @RequestParam(required = false) String uname) {
         User visitor = UserUtils.getCurrentUser();
-        if (visitor.isAnonymous()) {
-            throw new HttpForbiddenException();
-        }
         int uid = 0;
         if (uname != null && uname.matches("^[a-zA-Z0-9\\-]{2,16}$")) {
             uid = userService.getUIDbyName(uname);
@@ -78,9 +75,6 @@ public class PM {
             @RequestParam String uname,
             @RequestParam String body) {
         User visitor = UserUtils.getCurrentUser();
-        if (visitor.isAnonymous()) {
-            throw new HttpForbiddenException();
-        }
         User userTo = AnonymousUser.INSTANCE;
         if (WebUtils.isUserName(uname)) {
             userTo = userService.getUserByName(uname);
@@ -110,9 +104,6 @@ public class PM {
     public PrivateChats doGetGroupsPMs(
             @RequestParam(defaultValue = "5") int cnt) {
         User visitor = UserUtils.getCurrentUser();
-        if (visitor.isAnonymous()) {
-            throw new HttpForbiddenException();
-        }
         // TODO: ignore cnt param for now but make sure paging param will not be cnt
 
         List<Chat> lastconv = pmQueriesService.getLastChats(visitor);
-- 
cgit v1.2.3