refactor: category authentication and post authentication (#1826)

2022-04-07 22:02:36 +08:00 · 2022-04-07 22:02:36 +08:00 · e93092da24
parent 90cd9fdd91
commit e93092da24
2 changed files with 52 additions and 30 deletions
--- a/src/main/java/run/halo/app/controller/content/auth/CategoryAuthentication.java
+++ b/src/main/java/run/halo/app/controller/content/auth/CategoryAuthentication.java
@ -1,6 +1,8 @@
 package run.halo.app.controller.content.auth;

+import java.util.Set;
 import java.util.concurrent.TimeUnit;
+import java.util.stream.Collectors;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.lang.NonNull;
 import org.springframework.stereotype.Component;
@ -37,12 +39,9 @@ public class CategoryAuthentication implements ContentAuthentication {
    @Override
    public boolean isAuthenticated(Integer categoryId) {
        Category category = categoryService.getById(categoryId);
-        if (StringUtils.isBlank(category.getPassword())) {
-            // All parent category is not encrypted
-            if (categoryService.lookupFirstEncryptedBy(category.getId()).isEmpty()) {
+        if (!isPrivate(category)) {
            return true;
        }
-        }

        String sessionId = getSessionId();
        // No session is represent a client request
@ -55,6 +54,13 @@ public class CategoryAuthentication implements ContentAuthentication {
        return cacheStore.get(cacheKey).isPresent();
    }

+    private boolean isPrivate(Category category) {
+        if (StringUtils.isNotBlank(category.getPassword())) {
+            return true;
+        }
+        return categoryService.lookupFirstEncryptedBy(category.getId()).isPresent();
+    }
+
    @Override
    public void setAuthenticated(Integer resourceId, boolean isAuthenticated) {
        String sessionId = getSessionId();
@ -74,12 +80,21 @@ public class CategoryAuthentication implements ContentAuthentication {

    @Override
    public void clearByResourceId(Integer resourceId) {
-        String resourceCachePrefix =
-            StringUtils.joinWith(":", CACHE_PREFIX, getPrincipal(), resourceId);
-        cacheStore.toMap().forEach((key, value) -> {
-            if (StringUtils.startsWith(key, resourceCachePrefix)) {
-                cacheStore.delete(key);
+        String sessionId = getSessionId();
+        if (StringUtils.isBlank(sessionId)) {
+            return;
        }
-        });
+        String categoryCacheKey =
+            buildCacheKey(sessionId, getPrincipal().toString(), String.valueOf(resourceId));
+        // clean category cache
+        cacheStore.delete(categoryCacheKey);
+
+        Set<Integer> postIds = categoryService.listPostIdsByCategoryIdRecursively(resourceId);
+        Set<String> postCacheKeys = postIds.stream()
+            .map(postId ->
+                buildCacheKey(sessionId, EncryptTypeEnum.POST.getName(), String.valueOf(postId)))
+            .collect(Collectors.toSet());
+        // clean category post cache
+        postCacheKeys.forEach(cacheStore::delete);
    }
 }
--- a/src/main/java/run/halo/app/controller/content/auth/PostAuthentication.java
+++ b/src/main/java/run/halo/app/controller/content/auth/PostAuthentication.java
@ -47,18 +47,15 @@ public class PostAuthentication implements ContentAuthentication {
    @Override
    public boolean isAuthenticated(Integer postId) {
        Post post = postService.getById(postId);
-        if (StringUtils.isBlank(post.getPassword())) {
-            List<PostCategory> postCategories = postCategoryService.listByPostId(postId);
-            boolean categoryEncrypted = postCategories.stream()
-                .anyMatch(postCategory -> categoryService.isPrivate(postCategory.getCategoryId()));
-            if (!categoryEncrypted) {
+        if (!isPrivate(post)) {
            return true;
        }
-
-            boolean anyCategoryAuthenticated = postCategories.stream()
-                .anyMatch(postCategory ->
-                    categoryAuthentication.isAuthenticated(postCategory.getCategoryId()));
-            if (anyCategoryAuthenticated) {
+        List<PostCategory> postCategories = postCategoryService.listByPostId(postId);
+        for (PostCategory postCategory : postCategories) {
+            if (!categoryService.isPrivate(postCategory.getCategoryId())) {
+                continue;
+            }
+            if (categoryAuthentication.isAuthenticated(postCategory.getCategoryId())) {
                return true;
            }
        }
@ -74,6 +71,15 @@ public class PostAuthentication implements ContentAuthentication {
        return cacheStore.get(cacheKey).isPresent();
    }

+    private boolean isPrivate(Post post) {
+        if (StringUtils.isNotBlank(post.getPassword())) {
+            return true;
+        }
+        List<PostCategory> postCategories = postCategoryService.listByPostId(post.getId());
+        return postCategories.stream()
+            .anyMatch(postCategory -> categoryService.isPrivate(postCategory.getCategoryId()));
+    }
+
    @Override
    public void setAuthenticated(Integer resourceId, boolean isAuthenticated) {
        String sessionId = getSessionId();
@ -93,12 +99,13 @@ public class PostAuthentication implements ContentAuthentication {

    @Override
    public void clearByResourceId(Integer resourceId) {
-        String resourceCachePrefix =
-            StringUtils.joinWith(":", CACHE_PREFIX, getPrincipal(), resourceId);
-        cacheStore.toMap().forEach((key, value) -> {
-            if (StringUtils.startsWith(key, resourceCachePrefix)) {
-                cacheStore.delete(key);
+        String sessionId = getSessionId();
+        if (StringUtils.isBlank(sessionId)) {
+            return;
        }
-        });
+        String cacheKey =
+            buildCacheKey(sessionId, getPrincipal().toString(), String.valueOf(resourceId));
+        // clean category cache
+        cacheStore.delete(cacheKey);
    }
 }