juick-api/src/main/java/com/juick/api/controllers/Subscriptions.java


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

package com.juick.api.controllers;

import com.juick.Message;
import com.juick.User;
import com.juick.api.util.HttpBadRequestException;
import com.juick.api.util.HttpForbiddenException;
import com.juick.service.MessagesService;
import com.juick.service.SubscriptionService;
import com.juick.service.UserService;
import org.apache.commons.lang3.math.NumberUtils;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.List;

/**
 * Created by vitalyster on 24.10.2016.
 */
@Controller
@ResponseBody
public class Subscriptions {
    @Inject
    UserService userService;
    @Inject
    SubscriptionService subscriptionService;
    @Inject
    MessagesService messagesService;

    @RequestMapping(value = "/subscriptions", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
    public List<User> doGet(HttpServletRequest request) throws IOException {
        // TODO: use spring-security
        String auth = request.getHeader("Authorization");
        int vuid = userService.getUIDByHttpAuth(auth);
        if (vuid == -1) {
            throw new HttpForbiddenException();
        }
        if (vuid == 0) {
            String hash = request.getParameter("hash");
            if (hash != null && hash.length() == 16) {
                vuid  = userService.getUIDbyHash(hash);
            }
        }
        if (vuid == 0) {
            throw new HttpForbiddenException();
        }
        User visitor = userService.getUserByUID(vuid).orElse(new User());
        if ((visitor.getUid() == 0) && !(visitor.getName().equals("juick"))) {
            throw new HttpForbiddenException();
        }
        int uid = NumberUtils.toInt(request.getParameter("uid"), 0);
        int mid = NumberUtils.toInt(request.getParameter("mid"), 0);
        if (uid > 0) {
            return subscriptionService.getSubscribedUsers(uid, mid);
        } else {
            // thread
            Message msg = messagesService.getMessage(mid);
            if (msg != null) {
                return subscriptionService.getUsersSubscribedToComments(mid, msg.getUser().getUid());
            }
        }
        throw new HttpBadRequestException();
    }
}