package com.juick.api.controllers; import com.juick.Tag; import com.juick.api.ApiServer; import com.juick.api.util.HttpBadRequestException; import com.juick.api.util.HttpForbiddenException; import com.juick.api.util.HttpNotFoundException; import com.juick.api.util.HttpUtils; import com.juick.service.MessagesService; import com.juick.service.SubscriptionService; import com.juick.service.TagService; import com.juick.service.UserService; import net.coobird.thumbnailator.Thumbnails; import org.apache.commons.lang3.math.NumberUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.http.MediaType; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.ResponseBody; import rocks.xmpp.addr.Jid; import rocks.xmpp.core.session.XmppSession; import rocks.xmpp.core.stanza.model.Message; import rocks.xmpp.extensions.nick.model.Nickname; import rocks.xmpp.extensions.oob.model.x.OobX; import javax.inject.Inject; import javax.servlet.http.HttpServletRequest; import java.io.IOException; import java.net.URI; import java.net.URISyntaxException; import java.net.URL; import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; import java.util.ArrayList; import java.util.List; /** * Created by vt on 24/11/2016. */ @Controller @ResponseBody public class Post { private static Logger logger = LoggerFactory.getLogger(ApiServer.class); @Inject UserService userService; @Inject ApiServer apiServer; @Inject TagService tagService; @Inject MessagesService messagesService; @Inject SubscriptionService subscriptionService; @RequestMapping(value = "/post", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE) protected com.juick.Message doPost(HttpServletRequest request) throws IOException { String uri = request.getRequestURI(); // TODO: use spring-security String auth = request.getHeader("Authorization"); int vuid = userService.getUIDByHttpAuth(auth); if (vuid == -1) { throw new HttpForbiddenException(); } if (vuid == 0) { String hash = request.getParameter("hash"); if (hash != null && hash.length() == 16) { vuid = userService.getUIDbyHash(hash); } } if (vuid == 0) { throw new HttpForbiddenException(); } switch (uri) { case "/post": int mid = NumberUtils.toInt(request.getParameter("mid"), 0); if (mid == 0) { return doPostMessage(request, apiServer.getXmpp(), vuid); } else { return doPostComment(request, apiServer.getXmpp(), vuid); } default: throw new HttpBadRequestException(); } } public com.juick.Message doPostMessage(HttpServletRequest request, XmppSession xmpp, int vuid) throws IOException { String body = request.getParameter("body"); if (body == null || body.length() < 1 || body.length() > 4096) { throw new HttpBadRequestException(); } body = body.replace("\r", ""); String tagsStr = request.getParameter("tags"); List tags = new ArrayList<>(); String tagsArr[] = new String[1]; if (tagsStr != null && !tagsStr.isEmpty()) { tagsArr = tagsStr.split("[ \\,]"); for (int i = 0; i < tagsArr.length; i++) { if (tagsArr[i].startsWith("*")) { tagsArr[i] = tagsArr[i].substring(1); } if (tagsArr[i].length() > 64) { tagsArr[i] = tagsArr[i].substring(0, 64); } } tags = tagService.getTags(tagsArr, true); while (tags.size() > 5) { tags.remove(5); } } String attachmentFName = null; try { attachmentFName = HttpUtils.receiveMultiPartFile(request, "attach"); } catch (Exception e) { logger.error("MULTIPART ERROR", e); throw new HttpBadRequestException(); } String paramImg = request.getParameter("img"); if (attachmentFName == null && paramImg != null && paramImg.length() > 10) { try { URL imgUrl = new URL(paramImg); attachmentFName = HttpUtils.downloadImage(imgUrl); } catch (Exception e) { logger.error("DOWNLOAD ERROR", e); throw new HttpBadRequestException(); } } String attachmentType = attachmentFName != null ? attachmentFName.substring(attachmentFName.length() - 3) : null; int mid = messagesService.createMessage(vuid, body, attachmentType, tags); subscriptionService.subscribeMessage(mid, vuid); com.juick.Message jmsg = messagesService.getMessage(mid); if (xmpp != null) { Message xmsg = new Message(); xmsg.setFrom(Jid.of("juick@juick.com")); xmsg.setType(Message.Type.CHAT); xmsg.setThread("juick-" + mid); xmsg.addExtension(jmsg); xmsg.addExtension(new Nickname("@" + jmsg.getUser().getName())); if (attachmentFName != null) { String fname = mid + "." + attachmentType; String attachmentURL = "http://i.juick.com/photos-1024/" + fname; Path origName = Paths.get(apiServer.imgDir, "p", fname); Files.move(Paths.get(apiServer.tmpDir, attachmentFName), origName); Thumbnails.of(origName.toFile()).size(1024, 1024).outputQuality(0.9) .toFile(Paths.get(apiServer.imgDir, "photos-1024", fname).toFile()); Thumbnails.of(origName.toFile()).size(512, 512).outputQuality(0.9) .toFile(Paths.get(apiServer.imgDir, "photos-512", fname).toFile()); Thumbnails.of(origName.toFile()).size(160, 120).outputQuality(0.9) .toFile(Paths.get(apiServer.imgDir, "ps", fname).toFile()); body = attachmentURL + "\n" + body; try { OobX xoob = new OobX(new URI(attachmentURL)); xmsg.addExtension(xoob); } catch (URISyntaxException e) { logger.error("invalid uri: " + attachmentURL, e); } } String tagsStr2 = ""; for (String tag : tagsArr) { tagsStr2 += " *" + tag; } xmsg.setBody("@" + jmsg.getUser().getName() + ":" + tagsStr2 + "\n" + body + "\n\n#" + mid + " http://juick.com/" + mid); xmsg.setTo(Jid.of("juick@s2s.juick.com")); xmpp.send(xmsg); xmsg.setTo(Jid.of("juick@ws.juick.com")); xmpp.send(xmsg); xmsg.setTo(Jid.of("juick@push.juick.com")); xmpp.send(xmsg); xmsg.setTo(Jid.of("twitter@crosspost.juick.com")); xmpp.send(xmsg); xmsg.setTo(Jid.of("fb@crosspost.juick.com")); xmpp.send(xmsg); xmsg.setTo(Jid.of("jubo@nologin.ru")); xmpp.send(xmsg); } else { logger.error("XMPP unavailable"); } return jmsg; } public com.juick.Message doPostComment(HttpServletRequest request, XmppSession xmpp, int vuid) throws IOException { int mid = NumberUtils.toInt(request.getParameter("mid"), 0); if (mid == 0) { throw new HttpBadRequestException(); } com.juick.Message msg = messagesService.getMessage(mid); if (msg == null) { throw new HttpNotFoundException(); } int rid = NumberUtils.toInt(request.getParameter("rid"), 0); com.juick.Message reply = null; if (rid > 0) { reply = messagesService.getReply(mid, rid); if (reply == null) { throw new HttpNotFoundException(); } } String body = request.getParameter("body"); if (body == null || body.length() < 1 || body.length() > 4096) { throw new HttpBadRequestException(); } body = body.replace("\r", ""); if ((msg.ReadOnly && msg.getUser().getUid() != vuid) || userService.isInBLAny(msg.getUser().getUid(), vuid) || (reply != null && userService.isInBLAny(reply.getUser().getUid(), vuid))) { throw new HttpForbiddenException(); } String attachmentFName = null; try { attachmentFName = HttpUtils.receiveMultiPartFile(request, "attach"); } catch (Exception e) { logger.error("MULTIPART ERROR", e); throw new HttpBadRequestException(); } String paramImg = request.getParameter("img"); if (attachmentFName == null && paramImg != null && paramImg.length() > 10) { try { attachmentFName = HttpUtils.downloadImage(new URL(paramImg)); } catch (Exception e) { logger.error("DOWNLOAD ERROR", e); throw new HttpBadRequestException(); } } String attachmentType = attachmentFName != null ? attachmentFName.substring(attachmentFName.length() - 3) : null; int ridnew = messagesService.createReply(mid, rid, vuid, body, attachmentType); subscriptionService.subscribeMessage(mid, vuid); com.juick.Message jmsg = messagesService.getReply(mid, ridnew); if (xmpp != null) { Message xmsg = new Message(); xmsg.setFrom(Jid.of("juick@juick.com")); xmsg.setType(Message.Type.CHAT); xmsg.setThread("juick-" + mid); xmsg.addExtension(jmsg); String quote = reply != null ? reply.getText() : msg.getText(); if (quote.length() >= 50) { quote = quote.substring(0, 47) + "..."; } xmsg.addExtension(new Nickname("@" + jmsg.getUser().getName())); if (attachmentFName != null) { String fname = mid + "-" + ridnew + "." + attachmentType; String attachmentURL = "http://i.juick.com/photos-1024/" + fname; Path origName = Paths.get(apiServer.imgDir, "p", fname); Files.move(Paths.get(apiServer.tmpDir, attachmentFName), origName); Thumbnails.of(origName.toFile()).size(1024, 1024).outputQuality(0.9) .toFile(Paths.get(apiServer.imgDir, "photos-1024", fname).toFile()); Thumbnails.of(origName.toFile()).size(512, 512).outputQuality(0.9) .toFile(Paths.get(apiServer.imgDir, "photos-512", fname).toFile()); Thumbnails.of(origName.toFile()).size(160, 120).outputQuality(0.9) .toFile(Paths.get(apiServer.imgDir, "ps", fname).toFile()); body = attachmentURL + "\n" + body; try { xmsg.addExtension(new OobX(new URI(attachmentURL))); } catch (URISyntaxException e) { logger.error("invalid uri: " + attachmentURL, e); } } xmsg.setBody("Reply by @" + jmsg.getUser().getName() + ":\n>" + quote + "\n" + body + "\n\n#" + mid + "/" + ridnew + " http://juick.com/" + mid + "#" + ridnew); xmsg.setTo(Jid.of("juick@s2s.juick.com")); xmpp.send(xmsg); xmsg.setTo(Jid.of("juick@ws.juick.com")); xmpp.send(xmsg); xmsg.setTo(Jid.of("juick@push.juick.com")); xmpp.send(xmsg); } else { logger.error("XMPP unavailable"); } return jmsg; } }