package com.juick.api.controllers; import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.databind.ObjectMapper; import com.juick.Message; import com.juick.User; import com.juick.api.util.HttpBadRequestException; import com.juick.api.util.HttpForbiddenException; import com.juick.server.helpers.Status; import com.juick.server.helpers.TokensList; import com.juick.service.MessagesService; import com.juick.service.PushQueriesService; import com.juick.service.SubscriptionService; import com.juick.service.UserService; import org.apache.commons.lang3.math.NumberUtils; import org.springframework.http.MediaType; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.ResponseBody; import javax.inject.Inject; import javax.servlet.http.HttpServletRequest; import java.io.IOException; import java.util.List; import java.util.stream.Collectors; /** * Created by vitalyster on 24.10.2016. */ @Controller @ResponseBody public class Notifications { @Inject PushQueriesService pushQueriesService; @Inject UserService userService; @Inject MessagesService messagesService; @Inject SubscriptionService subscriptionService; @RequestMapping(value = "/notifications", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE) public List doGet(HttpServletRequest request) { String auth = request.getHeader("Authorization"); int vuid = userService.getUIDByHttpAuth(auth); if (vuid == -1) { throw new HttpForbiddenException(); } if (vuid == 0) { String hash = request.getParameter("hash"); if (hash != null && hash.length() == 16) { vuid = userService.getUIDbyHash(hash); } } if (vuid == 0) { throw new HttpForbiddenException(); } User visitor = userService.getUserByUID(vuid).orElse(new User()); if ((visitor.getUid() == 0) || !(visitor.getName().equals("juick"))) { throw new HttpForbiddenException(); } String type = request.getParameter("type"); int uid = NumberUtils.toInt(request.getParameter("uid"), 0); int mid = NumberUtils.toInt(request.getParameter("mid"), 0); if (uid > 0) { switch (type) { case "gcm": return pushQueriesService.getAndroidRegID(uid); case "apns": return pushQueriesService.getAPNSToken(uid); case "mpns": return pushQueriesService.getWinPhoneURL(uid); default: throw new HttpBadRequestException(); } } else { if (mid > 0) { Message msg = messagesService.getMessage(mid); if (msg != null) { List users; if (msg.getRid() > 0) { users = subscriptionService.getUsersSubscribedToComments(mid, msg.getUser().getUid()); } else { users = subscriptionService.getSubscribedUsers(msg.getUser().getUid(), mid); } List uids = users.stream().map(User::getUid).collect(Collectors.toList()); switch (type) { case "gcm": return pushQueriesService.getAndroidTokens(uids); case "apns": return pushQueriesService.getAPNSTokens(uids); case "mpns": return pushQueriesService.getWindowsTokens(uids); default: throw new HttpBadRequestException(); } } } } throw new HttpBadRequestException(); } @RequestMapping(value = "/notifications", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_UTF8_VALUE) public Status doDelete(HttpServletRequest request, @RequestBody String requestBody) throws IOException { // TODO: use spring-security String auth = request.getHeader("Authorization"); int vuid = userService.getUIDByHttpAuth(auth); if (vuid == -1) { throw new HttpForbiddenException(); } if (vuid == 0) { String hash = request.getParameter("hash"); if (hash != null && hash.length() == 16) { vuid = userService.getUIDbyHash(hash); } } if (vuid == 0) { throw new HttpForbiddenException(); } User visitor = userService.getUserByUID(vuid).orElse(new User()); if ((visitor.getUid() == 0) || !(visitor.getName().equals("juick"))) { throw new HttpForbiddenException(); } ObjectMapper mapper = new ObjectMapper(); mapper.setSerializationInclusion(JsonInclude.Include.NON_EMPTY); mapper.setSerializationInclusion(JsonInclude.Include.NON_NULL); mapper.setSerializationInclusion(JsonInclude.Include.NON_DEFAULT); TokensList list = mapper.readValue(requestBody, TokensList.class); list.getTokens().forEach(t -> pushQueriesService.deleteAPNSToken(t)); return new Status("ok"); } }