/*
* Copyright (C) 2008-2017, Juick
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see .
*/
package com.juick.server.www.controllers;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.juick.Message;
import com.juick.User;
import com.juick.model.AnonymousUser;
import com.juick.model.CommandResult;
import com.juick.server.util.*;
import com.juick.server.www.WebApp;
import com.juick.service.*;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.text.StringEscapeUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.multipart.MultipartFile;
import org.springframework.web.util.UriComponentsBuilder;
import javax.inject.Inject;
import java.io.IOException;
import java.net.URI;
import java.net.URL;
import java.util.stream.Collectors;
/**
* @author Ugnich Anton
*/
@Controller
public class NewMessage {
@Inject
private TagService tagService;
@Inject
private MessagesService messagesService;
@Inject
private UserService userService;
@Inject
private SubscriptionService subscriptionService;
@Inject
private CrosspostService crosspostService;
@Inject
private PMQueriesService pmQueriesService;
@Inject
private WebApp webApp;
@Inject
private ObjectMapper jsonMapper;
@Inject
private ImagesService imagesService;
@Value("${img_path:#{systemEnvironment['TEMP'] ?: '/tmp'}}")
private String imgDir;
@Value("${upload_tmp_dir:#{systemEnvironment['TEMP'] ?: '/tmp'}}")
private String tmpDir;
@Value("${api_url:http://localhost:8080}")
private String apiUrl;
private RestTemplate rest = new RestTemplate();
private static final Logger logger = LoggerFactory.getLogger(NewMessage.class);
@GetMapping("/post")
protected String postAction(@RequestParam(required = false) String body, ModelMap model) {
com.juick.User visitor = UserUtils.getCurrentUser();
model.addAttribute("title", "Написать");
model.addAttribute("headers", "");
model.addAttribute("visitor", visitor);
if (body == null) {
body = StringUtils.EMPTY;
} else {
if (body.length() > 4096) {
body = body.substring(0, 4096);
}
body = StringEscapeUtils.escapeHtml4(body);
}
model.addAttribute("body", body);
model.addAttribute("visitor", visitor);
model.addAttribute("tags", tagService.getUserTagStats(visitor.getUid()).stream()
.sorted((e1, e2) -> Integer.compare(e2.getUsageCount(), e1.getUsageCount())).map(t -> t.getTag().getName()).collect(Collectors.toList()));
return "views/post";
}
@PostMapping("/comment")
public String doPostComment(
@RequestParam Integer mid,
@RequestParam(required = false, defaultValue = "0") Integer rid,
@RequestParam(required = false, defaultValue = StringUtils.EMPTY) String body,
@RequestParam(required = false, defaultValue = StringUtils.EMPTY) String img,
@RequestParam(required = false) MultipartFile attach) throws IOException {
com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.isAnonymous() || visitor.isBanned()) {
throw new HttpForbiddenException();
}
com.juick.Message msg = messagesService.getMessage(mid);
if (msg == null) {
throw new HttpNotFoundException();
}
com.juick.Message reply = null;
if (rid > 0) {
reply = messagesService.getReply(mid, rid);
if (reply == null) {
throw new HttpNotFoundException();
}
}
if ((StringUtils.isEmpty(body) || body.length() > 4096) && StringUtils.isEmpty(img) && attach == null) {
throw new HttpBadRequestException();
}
body = body.replace("\r", StringUtils.EMPTY);
if ((msg.ReadOnly && msg.getUser().getUid() != visitor.getUid())
|| userService.isInBLAny(msg.getUser().getUid(), visitor.getUid())
|| (reply != null && userService.isInBLAny(reply.getUser().getUid(), visitor.getUid()))) {
throw new HttpForbiddenException();
}
URI attachmentFName = HttpUtils.receiveMultiPartFile(attach, tmpDir);
if (StringUtils.isBlank(attachmentFName.toString()) && img != null && img.length() > 10) {
try {
URL imgUrl = new URL(img);
attachmentFName = HttpUtils.downloadImage(imgUrl, tmpDir);
} catch (Exception e) {
logger.error("DOWNLOAD ERROR", e);
throw new HttpBadRequestException();
}
}
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
MultiValueMap params = new LinkedMultiValueMap<>();
HttpEntity> request = new HttpEntity<>(params, headers);
params.add("body", rid == 0 ? String.format("#%d %s", mid, body) : String.format("#%d/%d %s", mid, rid, body));
params.add("hash", userService.getHashByUID(visitor.getUid()));
if (StringUtils.isNotEmpty(attachmentFName.toString())) {
params.add("img", attachmentFName.toASCIIString());
}
URI postUri = UriComponentsBuilder.fromUriString(apiUrl).path("/api/post").build().toUri();
ResponseEntity result = rest.postForEntity(
postUri,
request, CommandResult.class);
logger.info("/comment: {}", jsonMapper.writeValueAsString(result.getBody()));
boolean wasReply = result.getBody().getNewMessage().isPresent();
return wasReply ? "redirect:/" + msg.getUser().getName() + "/" + mid + "#" + result.getBody().getNewMessage().get().getRid() : "redirect:/" + msg.getUser().getName() + "/" + mid;
}
@PostMapping("/pm/send")
public String doPostPM(@RequestParam(name = "uname", required = false) String unameParam,
@RequestParam String body) throws IOException {
com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.isAnonymous() || visitor.isBanned()) {
throw new HttpForbiddenException();
}
String uname = unameParam;
if (uname.startsWith("@")) {
uname = uname.substring(1);
}
User userTo = AnonymousUser.INSTANCE;
if (WebUtils.isUserName(uname)) {
userTo = userService.getUserByName(uname);
}
if (userTo.isAnonymous() || body.length() > 10240) {
throw new HttpBadRequestException();
}
if (userService.isInBLAny(userTo.getUid(), visitor.getUid())) {
throw new HttpForbiddenException();
}
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
MultiValueMap params = new LinkedMultiValueMap<>();
HttpEntity> request = new HttpEntity<>(params, headers);
params.add("body", String.format("@%s %s", userTo.getName(), body));
params.add("hash", userService.getHashByUID(visitor.getUid()));
URI postUri = UriComponentsBuilder.fromUriString(apiUrl).path("/api/post").build().toUri();
ResponseEntity result = rest.postForEntity(
postUri,
request, CommandResult.class);
logger.info("/pm: {}", jsonMapper.writeValueAsString(result.getBody()));
return "redirect:/pm/sent";
}
@PostMapping("/post2")
public String doPostMessage(@RequestParam(name = "body", required = false) String bodyParam,
@RequestParam(required = false) String img,
@RequestParam(required = false) MultipartFile attach) throws IOException {
com.juick.User visitor = UserUtils.getCurrentUser();
if (visitor.isAnonymous() || visitor.isBanned()) {
throw new HttpForbiddenException();
}
String body = StringUtils.isNotEmpty(bodyParam) ? bodyParam.replace("\r", StringUtils.EMPTY) : StringUtils.EMPTY;
URI attachmentFName = HttpUtils.receiveMultiPartFile(attach, tmpDir);
if (StringUtils.isBlank(attachmentFName.toString()) && StringUtils.isNotBlank(img)) {
try {
URL imgUrl = new URL(img);
attachmentFName = HttpUtils.downloadImage(imgUrl, tmpDir);
} catch (Exception e) {
logger.error("DOWNLOAD ERROR", e);
throw new HttpBadRequestException();
}
}
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
MultiValueMap params = new LinkedMultiValueMap<>();
HttpEntity> request = new HttpEntity<>(params, headers);
params.add("body", body);
params.add("hash", userService.getHashByUID(visitor.getUid()));
if (StringUtils.isNotEmpty(attachmentFName.toString())) {
params.add("img", attachmentFName.toASCIIString());
}
URI postUri = UriComponentsBuilder.fromUriString(apiUrl).path("/api/post").build().toUri();
try {
ResponseEntity result = rest.postForEntity(postUri,
request, CommandResult.class);
Message newMessage = result.getBody().getNewMessage().orElse(new Message());
if (newMessage.getMid() > 0) {
logger.info("/post: {}", jsonMapper.writeValueAsString(result.getBody()));
return String.format("redirect:/%d", newMessage.getMid());
} else {
logger.info("{} : {}", body, result.getBody().getText());
}
} catch (HttpClientErrorException e) {
logger.error("post error", e);
}
return "redirect:/?show=my";
}
}