/* * Copyright (C) 2008-2017, Juick * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as * published by the Free Software Foundation, either version 3 of the * License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . */ package com.juick.server.api; import com.juick.User; import com.juick.server.util.HttpForbiddenException; import com.juick.server.util.HttpNotFoundException; import com.juick.service.MessagesService; import com.juick.service.UserService; import com.juick.server.util.UserUtils; import com.juick.server.util.WebUtils; import io.swagger.annotations.ApiOperation; import org.springframework.http.MediaType; import org.springframework.web.bind.annotation.*; import javax.inject.Inject; import java.util.ArrayList; import java.util.Collections; import java.util.List; /** * @author ugnich */ @RestController public class Users { @Inject private UserService userService; @Inject private MessagesService messagesService; @ApiOperation(value = "This returns user token", notes = "Pass login and password using HTTP Basic") @RequestMapping(value = "/auth", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE) public String getAuthToken() { return userService.getHashForUser(UserUtils.getCurrentUser()); } @RequestMapping(value = "/users", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE) public List doGetUsers( @RequestParam(value = "uname", required = false) List unames) { List users = new ArrayList<>(); if (unames != null) { unames.removeIf(WebUtils::isNotUserName); if (!unames.isEmpty() && unames.size() < 20) users.addAll(userService.getUsersByName(unames)); } if (!users.isEmpty()) return users; if (!UserUtils.getCurrentUser().isAnonymous()) { return Collections.singletonList(UserUtils.getCurrentUser()); } throw new HttpNotFoundException(); } @GetMapping("/me") public SecureUser getMe() { User visitor = UserUtils.getCurrentUser(); SecureUser me = new SecureUser(); me.setUid(visitor.getUid()); me.setName(visitor.getName()); me.setAuthHash(getAuthToken()); List unread = messagesService.getUnread(visitor); me.setUnread(unread); me.setUnreadCount(unread.size()); me.setRead(userService.getUserFriends(visitor.getUid())); me.setReaders(userService.getUserReaders(visitor.getUid())); return me; } @RequestMapping(value = "/users/read", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE) public List doGetUserRead( @RequestParam String uname) { User visitor = UserUtils.getCurrentUser(); if (visitor.isAnonymous()) { throw new HttpForbiddenException(); } int uid = 0; if (uname == null) { uid = visitor.getUid(); } else { if (WebUtils.isUserName(uname)) { com.juick.User u = userService.getUserByName(uname); if (u != null && u.getUid() > 0) { uid = u.getUid(); } } } if (uid > 0) { return userService.getUserFriends(uid); } throw new HttpNotFoundException(); } @RequestMapping(value = "/users/readers", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE) public List doGetUserReaders( @RequestParam String uname) { User visitor = UserUtils.getCurrentUser(); if (visitor.isAnonymous()) { throw new HttpForbiddenException(); } int uid = 0; if (uname == null) { uid = visitor.getUid(); } else { if (WebUtils.isUserName(uname)) { com.juick.User u = userService.getUserByName(uname); if (u != null && u.getUid() > 0) { uid = u.getUid(); } } } if (uid > 0) { return userService.getUserReaders(uid); } throw new HttpNotFoundException(); } class SecureUser extends User { public String getHash() { return getAuthHash(); } } }