github
/
halo
mirror of https://github.com/halo-dev/halo
1
0
Fork 0
Code Issues Releases Wiki Activity

refactor: category authentication and post authentication (#1826)

pull/1827/head
guqing 2022-04-07 22:02:36 +08:00 committed by GitHub
parent 90cd9fdd91
commit e93092da24
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 52 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
src/main/java/run/halo/app/controller/content/auth/CategoryAuthentication.java
View File

@ -1,6 +1,8 @@
package run.halo.app.controller.content.auth; package run.halo.app.controller.content.auth;
import java.util.Set;
import java.util.concurrent.TimeUnit; import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import org.springframework.lang.NonNull; import org.springframework.lang.NonNull;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
@ -37,11 +39,8 @@ public class CategoryAuthentication implements ContentAuthentication {
@Override @Override
public boolean isAuthenticated(Integer categoryId) { public boolean isAuthenticated(Integer categoryId) {
Category category = categoryService.getById(categoryId); Category category = categoryService.getById(categoryId);
if (StringUtils.isBlank(category.getPassword())) { if (!isPrivate(category)) {
// All parent category is not encrypted return true;
if (categoryService.lookupFirstEncryptedBy(category.getId()).isEmpty()) {
return true;
}
} }
String sessionId = getSessionId(); String sessionId = getSessionId();
@ -55,6 +54,13 @@ public class CategoryAuthentication implements ContentAuthentication {
return cacheStore.get(cacheKey).isPresent(); return cacheStore.get(cacheKey).isPresent();
} }
private boolean isPrivate(Category category) {
if (StringUtils.isNotBlank(category.getPassword())) {
return true;
}
return categoryService.lookupFirstEncryptedBy(category.getId()).isPresent();
}
@Override @Override
public void setAuthenticated(Integer resourceId, boolean isAuthenticated) { public void setAuthenticated(Integer resourceId, boolean isAuthenticated) {
String sessionId = getSessionId(); String sessionId = getSessionId();
@ -74,12 +80,21 @@ public class CategoryAuthentication implements ContentAuthentication {
@Override @Override
public void clearByResourceId(Integer resourceId) { public void clearByResourceId(Integer resourceId) {
String resourceCachePrefix = String sessionId = getSessionId();
StringUtils.joinWith(":", CACHE_PREFIX, getPrincipal(), resourceId); if (StringUtils.isBlank(sessionId)) {
cacheStore.toMap().forEach((key, value) -> { return;
if (StringUtils.startsWith(key, resourceCachePrefix)) { }
cacheStore.delete(key); String categoryCacheKey =
} buildCacheKey(sessionId, getPrincipal().toString(), String.valueOf(resourceId));
}); // clean category cache
cacheStore.delete(categoryCacheKey);
Set<Integer> postIds = categoryService.listPostIdsByCategoryIdRecursively(resourceId);
Set<String> postCacheKeys = postIds.stream()
.map(postId ->
buildCacheKey(sessionId, EncryptTypeEnum.POST.getName(), String.valueOf(postId)))
.collect(Collectors.toSet());
// clean category post cache
postCacheKeys.forEach(cacheStore::delete);
} }
} }

43
src/main/java/run/halo/app/controller/content/auth/PostAuthentication.java
View File

@ -47,18 +47,15 @@ public class PostAuthentication implements ContentAuthentication {
@Override @Override
public boolean isAuthenticated(Integer postId) { public boolean isAuthenticated(Integer postId) {
Post post = postService.getById(postId); Post post = postService.getById(postId);
if (StringUtils.isBlank(post.getPassword())) { if (!isPrivate(post)) {
List<PostCategory> postCategories = postCategoryService.listByPostId(postId); return true;
boolean categoryEncrypted = postCategories.stream() }
.anyMatch(postCategory -> categoryService.isPrivate(postCategory.getCategoryId())); List<PostCategory> postCategories = postCategoryService.listByPostId(postId);
if (!categoryEncrypted) { for (PostCategory postCategory : postCategories) {
return true; if (!categoryService.isPrivate(postCategory.getCategoryId())) {
continue;
} }
if (categoryAuthentication.isAuthenticated(postCategory.getCategoryId())) {
boolean anyCategoryAuthenticated = postCategories.stream()
.anyMatch(postCategory ->
categoryAuthentication.isAuthenticated(postCategory.getCategoryId()));
if (anyCategoryAuthenticated) {
return true; return true;
} }
} }
@ -74,6 +71,15 @@ public class PostAuthentication implements ContentAuthentication {
return cacheStore.get(cacheKey).isPresent(); return cacheStore.get(cacheKey).isPresent();
} }
private boolean isPrivate(Post post) {
if (StringUtils.isNotBlank(post.getPassword())) {
return true;
}
List<PostCategory> postCategories = postCategoryService.listByPostId(post.getId());
return postCategories.stream()
.anyMatch(postCategory -> categoryService.isPrivate(postCategory.getCategoryId()));
}
@Override @Override
public void setAuthenticated(Integer resourceId, boolean isAuthenticated) { public void setAuthenticated(Integer resourceId, boolean isAuthenticated) {
String sessionId = getSessionId(); String sessionId = getSessionId();
@ -93,12 +99,13 @@ public class PostAuthentication implements ContentAuthentication {
@Override @Override
public void clearByResourceId(Integer resourceId) { public void clearByResourceId(Integer resourceId) {
String resourceCachePrefix = String sessionId = getSessionId();
StringUtils.joinWith(":", CACHE_PREFIX, getPrincipal(), resourceId); if (StringUtils.isBlank(sessionId)) {
cacheStore.toMap().forEach((key, value) -> { return;
if (StringUtils.startsWith(key, resourceCachePrefix)) { }
cacheStore.delete(key); String cacheKey =
} buildCacheKey(sessionId, getPrincipal().toString(), String.valueOf(resourceId));
}); // clean category cache
cacheStore.delete(cacheKey);
} }
} }