1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
package com.juick.api.controllers;
import com.juick.api.ApiServer;
import com.juick.api.util.HttpBadRequestException;
import com.juick.api.util.HttpForbiddenException;
import com.juick.service.PMQueriesService;
import com.juick.service.UserService;
import com.juick.util.UserUtils;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import rocks.xmpp.addr.Jid;
import rocks.xmpp.core.stanza.model.Message;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import java.util.List;
/**
*
* @author ugnich
*/
@Controller
@ResponseBody
public class PM {
@Inject
UserService userService;
@Inject
PMQueriesService pmQueriesService;
@Inject
ApiServer apiServer;
@RequestMapping(value = "/pm", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public List<com.juick.Message> doGetPM(HttpServletRequest request) {
// TODO: use spring-security
String auth = request.getHeader("Authorization");
int vuid = userService.getUIDByHttpAuth(auth);
if (vuid == -1) {
throw new HttpForbiddenException();
}
if (vuid == 0) {
String hash = request.getParameter("hash");
if (hash != null && hash.length() == 16) {
vuid = userService.getUIDbyHash(hash);
}
}
if (vuid == 0) {
throw new HttpForbiddenException();
}
String uname = request.getParameter("uname");
int uid = 0;
if (uname != null && uname.matches("^[a-zA-Z0-9\\-]{2,16}$")) {
uid = userService.getUIDbyName(uname);
}
if (uid == 0) {
throw new HttpBadRequestException();
}
return pmQueriesService.getPMMessages(vuid, uid);
}
@RequestMapping(value = "/pm", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public com.juick.Message doPostPM(HttpServletRequest request) {
// TODO: use spring-security
String auth = request.getHeader("Authorization");
int vuid = userService.getUIDByHttpAuth(auth);
if (vuid == -1) {
throw new HttpForbiddenException();
}
if (vuid == 0) {
String hash = request.getParameter("hash");
if (hash != null && hash.length() == 16) {
vuid = userService.getUIDbyHash(hash);
}
}
if (vuid == 0) {
throw new HttpForbiddenException();
}
String uname = request.getParameter("uname");
int uid = 0;
if (UserUtils.checkUserNameValid(uname)) {
uid = userService.getUIDbyName(uname);
}
String body = request.getParameter("body");
if (uid == 0 || body == null || body.length() < 1 || body.length() > 10240) {
throw new HttpBadRequestException();
}
if (userService.isInBLAny(uid, vuid)) {
throw new HttpForbiddenException();
}
if (pmQueriesService.createPM(vuid, uid, body)) {
Message msg = new Message();
msg.setFrom(Jid.of("juick@juick.com"));
msg.setTo(Jid.of(String.format("%d@push.juick.com", uid)));
com.juick.Message jmsg = new com.juick.Message();
jmsg.setUser(userService.getUserByUID(vuid).get());
jmsg.setText(body);
msg.addExtension(jmsg);
apiServer.getXmpp().send(msg);
msg.setTo(Jid.of(String.format("%d@ws.juick.com", uid)));
apiServer.getXmpp().send(msg);
List<String> jids = userService.getJIDsbyUID(uid);
for (String jid: jids) {
Message mm = new Message();
mm.setTo(Jid.of(jid));
mm.setType(Message.Type.CHAT);
if (pmQueriesService.havePMinRoster(vuid, jid)) {
mm.setFrom(Jid.of(jmsg.getUser().getName(), "juick.com", "Juick"));
mm.setBody(body);
} else {
mm.setFrom(Jid.of("juick", "juick.com", "Juick"));
mm.setBody("Private message from @" + jmsg.getUser().getName() + ":\n" + body);
}
apiServer.getXmpp().send(mm);
}
return jmsg;
}
throw new HttpBadRequestException();
}
}
|