mirror of
https://github.com/Athou/commafeed.git
synced 2026-03-21 21:37:29 +00:00
return Response objects for all methods, including security interceptor. Removes stacktraces for unauthorized calls
This commit is contained in:
Athou
@@ -10,7 +10,6 @@ import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.ws.rs.Consumes;
|
||||
import javax.ws.rs.Produces;
|
||||
import javax.ws.rs.WebApplicationException;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
@@ -186,15 +185,11 @@ public abstract class AbstractREST {
|
||||
}
|
||||
if (!allowed) {
|
||||
if (user == null) {
|
||||
throw new WebApplicationException(Response
|
||||
.status(Status.UNAUTHORIZED)
|
||||
.entity("You are not authorized to do this.")
|
||||
.header(HttpHeaders.WWW_AUTHENTICATE,
|
||||
"Basic realm=\"CommaFeed\"").build());
|
||||
return Response.status(Status.UNAUTHORIZED)
|
||||
.entity("You are not authorized to do this.").build();
|
||||
} else {
|
||||
throw new WebApplicationException(Response
|
||||
.status(Status.FORBIDDEN)
|
||||
.entity("You are not authorized to do this.").build());
|
||||
return Response.status(Status.FORBIDDEN)
|
||||
.entity("You are not authorized to do this.").build();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package com.commafeed.frontend.rest.resources;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
@@ -95,7 +96,7 @@ public class AdminREST extends AbstractResourceREST {
|
||||
@Path("/user/get/{id}")
|
||||
@GET
|
||||
@ApiOperation(value = "Get user information", notes = "Get user information", responseClass = "com.commafeed.frontend.model.UserModel")
|
||||
public UserModel getUser(
|
||||
public Response getUser(
|
||||
@ApiParam(value = "user id", required = true) @PathParam("id") Long id) {
|
||||
Preconditions.checkNotNull(id);
|
||||
User user = userDAO.findById(id);
|
||||
@@ -108,13 +109,13 @@ public class AdminREST extends AbstractResourceREST {
|
||||
userModel.setAdmin(true);
|
||||
}
|
||||
}
|
||||
return userModel;
|
||||
return Response.ok(userModel).build();
|
||||
}
|
||||
|
||||
@Path("/user/getAll")
|
||||
@GET
|
||||
@ApiOperation(value = "Get all users", notes = "Get all users", responseClass = "List[com.commafeed.frontend.model.UserModel]")
|
||||
public Collection<UserModel> getUsers() {
|
||||
public Response getUsers() {
|
||||
Map<Long, UserModel> users = Maps.newHashMap();
|
||||
for (UserRole role : userRoleDAO.findAll()) {
|
||||
User user = role.getUser();
|
||||
@@ -131,7 +132,7 @@ public class AdminREST extends AbstractResourceREST {
|
||||
userModel.setAdmin(true);
|
||||
}
|
||||
}
|
||||
return users.values();
|
||||
return Response.ok(users.values()).build();
|
||||
}
|
||||
|
||||
@Path("/user/delete")
|
||||
@@ -156,23 +157,26 @@ public class AdminREST extends AbstractResourceREST {
|
||||
@Path("/settings")
|
||||
@GET
|
||||
@ApiOperation(value = "Retrieve application settings", notes = "Retrieve application settings", responseClass = "com.commafeed.backend.model.ApplicationSettings")
|
||||
public ApplicationSettings getSettings() {
|
||||
return applicationSettingsService.get();
|
||||
public Response getSettings() {
|
||||
return Response.ok(applicationSettingsService.get()).build();
|
||||
}
|
||||
|
||||
@Path("/settings")
|
||||
@POST
|
||||
@ApiOperation(value = "Save application settings", notes = "Save application settings")
|
||||
public void saveSettings(
|
||||
public Response saveSettings(
|
||||
@ApiParam(required = true) ApplicationSettings settings) {
|
||||
Preconditions.checkNotNull(settings);
|
||||
applicationSettingsService.save(settings);
|
||||
return Response.ok().build();
|
||||
}
|
||||
|
||||
@Path("/metrics")
|
||||
@GET
|
||||
public int[] getMetrics() {
|
||||
return new int[] { metricsBean.getFeedsRefreshedLastMinute(),
|
||||
metricsBean.getFeedsRefreshedLastHour() };
|
||||
public Response getMetrics() {
|
||||
List<Integer> list = Arrays.asList(
|
||||
metricsBean.getFeedsRefreshedLastMinute(),
|
||||
metricsBean.getFeedsRefreshedLastHour());
|
||||
return Response.ok(list).build();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -62,7 +62,7 @@ public class CategoryREST extends AbstractResourceREST {
|
||||
@Path("/entries")
|
||||
@GET
|
||||
@ApiOperation(value = "Get category entries", notes = "Get a list of category entries", responseClass = "com.commafeed.frontend.model.Entries")
|
||||
public Entries getCategoryEntries(
|
||||
public Response getCategoryEntries(
|
||||
@ApiParam(value = "id of the category, 'all' or 'starred'", required = true) @QueryParam("id") String id,
|
||||
@ApiParam(value = "all entries or only unread ones", allowableValues = "all,unread", required = true) @QueryParam("readType") ReadType readType,
|
||||
@ApiParam(value = "offset for paging") @DefaultValue("0") @QueryParam("offset") int offset,
|
||||
@@ -107,7 +107,7 @@ public class CategoryREST extends AbstractResourceREST {
|
||||
|
||||
}
|
||||
entries.setTimestamp(Calendar.getInstance().getTimeInMillis());
|
||||
return entries;
|
||||
return Response.ok(entries).build();
|
||||
}
|
||||
|
||||
@Path("/entriesAsFeed")
|
||||
@@ -115,7 +115,7 @@ public class CategoryREST extends AbstractResourceREST {
|
||||
@ApiOperation(value = "Get category entries as feed", notes = "Get a feed of category entries")
|
||||
@Produces(MediaType.APPLICATION_XML)
|
||||
@SecurityCheck(value = Role.USER, apiKeyAllowed = true)
|
||||
public String getCategoryEntriesAsFeed(
|
||||
public Response getCategoryEntriesAsFeed(
|
||||
@ApiParam(value = "id of the category, 'all' or 'starred'", required = true) @QueryParam("id") String id) {
|
||||
|
||||
Preconditions.checkNotNull(id);
|
||||
@@ -125,7 +125,7 @@ public class CategoryREST extends AbstractResourceREST {
|
||||
int offset = 0;
|
||||
int limit = 20;
|
||||
|
||||
Entries entries = getCategoryEntries(id, readType, offset, limit, order);
|
||||
Entries entries = (Entries) getCategoryEntries(id, readType, offset, limit, order).getEntity();
|
||||
|
||||
SyndFeed feed = new SyndFeedImpl();
|
||||
feed.setFeedType("rss_2.0");
|
||||
@@ -148,7 +148,7 @@ public class CategoryREST extends AbstractResourceREST {
|
||||
writer.write("Could not get feed information");
|
||||
log.error(e.getMessage(), e);
|
||||
}
|
||||
return writer.toString();
|
||||
return Response.ok(writer.toString()).build();
|
||||
}
|
||||
|
||||
@Path("/mark")
|
||||
@@ -276,7 +276,7 @@ public class CategoryREST extends AbstractResourceREST {
|
||||
@GET
|
||||
@Path("/get")
|
||||
@ApiOperation(value = "Get feed categories", notes = "Get all categories and subscriptions of the user", responseClass = "com.commafeed.frontend.model.Category")
|
||||
public Category getSubscriptions() {
|
||||
public Response getSubscriptions() {
|
||||
|
||||
List<FeedCategory> categories = feedCategoryDAO.findAll(getUser());
|
||||
List<FeedSubscription> subscriptions = feedSubscriptionDAO
|
||||
@@ -289,20 +289,20 @@ public class CategoryREST extends AbstractResourceREST {
|
||||
root.setId("all");
|
||||
root.setName("All");
|
||||
|
||||
return root;
|
||||
return Response.ok(root).build();
|
||||
}
|
||||
|
||||
@GET
|
||||
@Path("/unreadCount")
|
||||
@ApiOperation(value = "Get unread count for feed subscriptions")
|
||||
public List<UnreadCount> getUnreadCount() {
|
||||
@ApiOperation(value = "Get unread count for feed subscriptions", responseClass="List[com.commafeed.frontend.model.UnreadCount]")
|
||||
public Response getUnreadCount() {
|
||||
List<UnreadCount> list = Lists.newArrayList();
|
||||
Map<Long, Long> unreadCount = feedEntryStatusDAO
|
||||
.getUnreadCount(getUser());
|
||||
for (Map.Entry<Long, Long> e : unreadCount.entrySet()) {
|
||||
list.add(new UnreadCount(e.getKey(), e.getValue()));
|
||||
}
|
||||
return list;
|
||||
return Response.ok(list).build();
|
||||
}
|
||||
|
||||
private Category buildCategory(Long id, List<FeedCategory> categories,
|
||||
|
||||
@@ -58,7 +58,7 @@ public class EntryREST extends AbstractResourceREST {
|
||||
@Path("/search")
|
||||
@GET
|
||||
@ApiOperation(value = "Search for entries", notes = "Look through title and content of entries by keywords", responseClass = "com.commafeed.frontend.model.Entries")
|
||||
public Entries searchEntries(
|
||||
public Response searchEntries(
|
||||
@ApiParam(value = "keywords separated by spaces, 3 characters minimum", required = true) @QueryParam("keywords") String keywords,
|
||||
@ApiParam(value = "offset for paging") @DefaultValue("0") @QueryParam("offset") int offset,
|
||||
@ApiParam(value = "limit for paging") @DefaultValue("-1") @QueryParam("limit") int limit) {
|
||||
@@ -76,7 +76,7 @@ public class EntryREST extends AbstractResourceREST {
|
||||
|
||||
entries.setName("Search for : " + keywords);
|
||||
entries.getEntries().addAll(list);
|
||||
return entries;
|
||||
return Response.ok(entries).build();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -64,7 +64,7 @@ public class FeedREST extends AbstractResourceREST {
|
||||
@Path("/entries")
|
||||
@GET
|
||||
@ApiOperation(value = "Get feed entries", notes = "Get a list of feed entries", responseClass = "com.commafeed.frontend.model.Entries")
|
||||
public Entries getFeedEntries(
|
||||
public Response getFeedEntries(
|
||||
@ApiParam(value = "id of the feed", required = true) @QueryParam("id") String id,
|
||||
@ApiParam(value = "all entries or only unread ones", allowableValues = "all,unread", required = true) @QueryParam("readType") ReadType readType,
|
||||
@ApiParam(value = "offset for paging") @DefaultValue("0") @QueryParam("offset") int offset,
|
||||
@@ -93,7 +93,7 @@ public class FeedREST extends AbstractResourceREST {
|
||||
}
|
||||
|
||||
entries.setTimestamp(Calendar.getInstance().getTimeInMillis());
|
||||
return entries;
|
||||
return Response.ok(entries).build();
|
||||
}
|
||||
|
||||
@Path("/entriesAsFeed")
|
||||
@@ -101,7 +101,7 @@ public class FeedREST extends AbstractResourceREST {
|
||||
@ApiOperation(value = "Get feed entries as a feed", notes = "Get a feed of feed entries")
|
||||
@Produces(MediaType.APPLICATION_XML)
|
||||
@SecurityCheck(value = Role.USER, apiKeyAllowed = true)
|
||||
public String getFeedEntriesAsFeed(
|
||||
public Response getFeedEntriesAsFeed(
|
||||
@ApiParam(value = "id of the feed", required = true) @QueryParam("id") String id) {
|
||||
|
||||
Preconditions.checkNotNull(id);
|
||||
@@ -111,7 +111,8 @@ public class FeedREST extends AbstractResourceREST {
|
||||
int offset = 0;
|
||||
int limit = 20;
|
||||
|
||||
Entries entries = getFeedEntries(id, readType, offset, limit, order);
|
||||
Entries entries = (Entries) getFeedEntries(id, readType, offset, limit,
|
||||
order).getEntity();
|
||||
|
||||
SyndFeed feed = new SyndFeedImpl();
|
||||
feed.setFeedType("rss_2.0");
|
||||
@@ -134,13 +135,13 @@ public class FeedREST extends AbstractResourceREST {
|
||||
writer.write("Could not get feed information");
|
||||
log.error(e.getMessage(), e);
|
||||
}
|
||||
return writer.toString();
|
||||
return Response.ok(writer.toString()).build();
|
||||
}
|
||||
|
||||
@GET
|
||||
@Path("/fetch")
|
||||
@ApiOperation(value = "Fetch a feed", notes = "Fetch a feed by its url", responseClass = "com.commafeed.frontend.model.FeedInfo")
|
||||
public FeedInfo fetchFeed(
|
||||
public Response fetchFeed(
|
||||
@ApiParam(value = "the feed's url", required = true) @QueryParam("url") String url) {
|
||||
Preconditions.checkNotNull(url);
|
||||
|
||||
@@ -158,7 +159,7 @@ public class FeedREST extends AbstractResourceREST {
|
||||
.status(Status.INTERNAL_SERVER_ERROR)
|
||||
.entity(e.getMessage()).build());
|
||||
}
|
||||
return info;
|
||||
return Response.ok(info).build();
|
||||
}
|
||||
|
||||
@Path("/refresh")
|
||||
@@ -199,12 +200,12 @@ public class FeedREST extends AbstractResourceREST {
|
||||
@GET
|
||||
@Path("/get/{id}")
|
||||
@ApiOperation(value = "", notes = "")
|
||||
public Subscription get(
|
||||
public Response get(
|
||||
@ApiParam(value = "user id", required = true) @PathParam("id") Long id) {
|
||||
|
||||
Preconditions.checkNotNull(id);
|
||||
FeedSubscription sub = feedSubscriptionDAO.findById(getUser(), id);
|
||||
return Subscription.build(sub, 0);
|
||||
return Response.ok(Subscription.build(sub, 0)).build();
|
||||
}
|
||||
|
||||
@POST
|
||||
@@ -217,11 +218,11 @@ public class FeedREST extends AbstractResourceREST {
|
||||
Preconditions.checkNotNull(req.getUrl());
|
||||
|
||||
String url = prependHttp(req.getUrl());
|
||||
url = fetchFeed(url).getUrl();
|
||||
url = ((FeedInfo) fetchFeed(url).getEntity()).getUrl();
|
||||
|
||||
FeedCategory category = CategoryREST.ALL.equals(req.getCategoryId()) ? null
|
||||
: feedCategoryDAO.findById(Long.valueOf(req.getCategoryId()));
|
||||
FeedInfo info = fetchFeed(url);
|
||||
FeedInfo info = (FeedInfo) fetchFeed(url).getEntity();
|
||||
feedSubscriptionService.subscribe(getUser(), info.getUrl(),
|
||||
req.getTitle(), category);
|
||||
|
||||
|
||||
@@ -2,6 +2,7 @@ package com.commafeed.frontend.rest.resources;
|
||||
|
||||
import javax.ws.rs.GET;
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
||||
import com.commafeed.frontend.model.ServerInfo;
|
||||
import com.wordnik.swagger.annotations.Api;
|
||||
@@ -13,13 +14,13 @@ public class ServerREST extends AbstractResourceREST {
|
||||
|
||||
@Path("/get")
|
||||
@GET
|
||||
@ApiOperation(value = "Get server infos", notes = "Get server infos")
|
||||
public ServerInfo get() {
|
||||
@ApiOperation(value = "Get server infos", notes = "Get server infos", responseClass = "com.commafeed.frontend.model.ServerInfo")
|
||||
public Response get() {
|
||||
ServerInfo infos = new ServerInfo();
|
||||
infos.setAnnouncement(applicationSettingsService.get()
|
||||
.getAnnouncement());
|
||||
infos.getSupportedLanguages().putAll(
|
||||
startupBean.getSupportedLanguages());
|
||||
return infos;
|
||||
return Response.ok(infos).build();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -34,7 +34,7 @@ public class UserREST extends AbstractResourceREST {
|
||||
@Path("/settings")
|
||||
@GET
|
||||
@ApiOperation(value = "Retrieve user settings", notes = "Retrieve user settings", responseClass = "com.commafeed.frontend.model.Settings")
|
||||
public Settings getSettings() {
|
||||
public Response getSettings() {
|
||||
Settings s = new Settings();
|
||||
UserSettings settings = userSettingsDAO.findByUser(getUser());
|
||||
if (settings != null) {
|
||||
@@ -55,7 +55,7 @@ public class UserREST extends AbstractResourceREST {
|
||||
s.setScrollMarks(true);
|
||||
s.setLanguage("en");
|
||||
}
|
||||
return s;
|
||||
return Response.ok(s).build();
|
||||
}
|
||||
|
||||
@Path("/settings")
|
||||
@@ -89,7 +89,7 @@ public class UserREST extends AbstractResourceREST {
|
||||
@Path("/profile")
|
||||
@GET
|
||||
@ApiOperation(value = "Retrieve user's profile", responseClass = "com.commafeed.frontend.model.UserModel")
|
||||
public UserModel get() {
|
||||
public Response get() {
|
||||
User user = getUser();
|
||||
UserModel userModel = new UserModel();
|
||||
userModel.setId(user.getId());
|
||||
@@ -102,7 +102,7 @@ public class UserREST extends AbstractResourceREST {
|
||||
userModel.setAdmin(true);
|
||||
}
|
||||
}
|
||||
return userModel;
|
||||
return Response.ok(userModel).build();
|
||||
}
|
||||
|
||||
@Path("/profile")
|
||||
|
||||
Reference in New Issue
Block a user