diff --git a/src/main/java/run/halo/app/config/HaloConfiguration.java b/src/main/java/run/halo/app/config/HaloConfiguration.java index 6b310ae92..3f33f5be7 100644 --- a/src/main/java/run/halo/app/config/HaloConfiguration.java +++ b/src/main/java/run/halo/app/config/HaloConfiguration.java @@ -151,8 +151,6 @@ public class HaloConfiguration { "/api/admin/installations", "/api/admin/recoveries/migrations/*" ); - adminAuthenticationFilter.addTryAuthUrlMethodPattern("/api/admin/comments", HttpMethod.POST.name()); - adminAuthenticationFilter.addTryAuthUrlMethodPattern("/api/content/comments", HttpMethod.POST.name()); adminAuthenticationFilter.setFailureHandler( failureHandler); diff --git a/src/main/java/run/halo/app/model/dto/CategoryDTO.java b/src/main/java/run/halo/app/model/dto/CategoryDTO.java index 0c0afeba7..d8b631bbf 100644 --- a/src/main/java/run/halo/app/model/dto/CategoryDTO.java +++ b/src/main/java/run/halo/app/model/dto/CategoryDTO.java @@ -1,5 +1,7 @@ package run.halo.app.model.dto; +import lombok.EqualsAndHashCode; +import lombok.ToString; import run.halo.app.model.dto.base.OutputConverter; import run.halo.app.model.entity.Category; import lombok.Data; @@ -11,6 +13,8 @@ import lombok.Data; * @date 3/19/19 */ @Data +@ToString +@EqualsAndHashCode public class CategoryDTO implements OutputConverter { private Integer id; diff --git a/src/main/java/run/halo/app/model/dto/TagWithPostCountDTO.java b/src/main/java/run/halo/app/model/dto/TagWithPostCountDTO.java index 9673a8c68..44956d8cb 100644 --- a/src/main/java/run/halo/app/model/dto/TagWithPostCountDTO.java +++ b/src/main/java/run/halo/app/model/dto/TagWithPostCountDTO.java @@ -1,6 +1,8 @@ package run.halo.app.model.dto; import lombok.Data; +import lombok.EqualsAndHashCode; +import lombok.ToString; /** * Tag with post count output dto. @@ -9,6 +11,8 @@ import lombok.Data; * @date 3/20/19 */ @Data +@ToString(callSuper = true) +@EqualsAndHashCode(callSuper = true) public class TagWithPostCountDTO extends TagDTO { private Long postCount; diff --git a/src/main/java/run/halo/app/model/entity/PostCategory.java b/src/main/java/run/halo/app/model/entity/PostCategory.java index 4d64c1dcd..764f11aec 100644 --- a/src/main/java/run/halo/app/model/entity/PostCategory.java +++ b/src/main/java/run/halo/app/model/entity/PostCategory.java @@ -1,6 +1,7 @@ package run.halo.app.model.entity; import lombok.Data; +import lombok.EqualsAndHashCode; import lombok.ToString; import javax.persistence.*; diff --git a/src/main/java/run/halo/app/model/entity/PostTag.java b/src/main/java/run/halo/app/model/entity/PostTag.java index 010553df3..18cffdf48 100644 --- a/src/main/java/run/halo/app/model/entity/PostTag.java +++ b/src/main/java/run/halo/app/model/entity/PostTag.java @@ -1,6 +1,7 @@ package run.halo.app.model.entity; import lombok.Data; +import lombok.EqualsAndHashCode; import lombok.ToString; import javax.persistence.*; diff --git a/src/main/java/run/halo/app/model/support/CommentPage.java b/src/main/java/run/halo/app/model/support/CommentPage.java index afae0b956..3427ac83e 100644 --- a/src/main/java/run/halo/app/model/support/CommentPage.java +++ b/src/main/java/run/halo/app/model/support/CommentPage.java @@ -1,6 +1,8 @@ package run.halo.app.model.support; import lombok.Data; +import lombok.EqualsAndHashCode; +import lombok.ToString; import org.springframework.data.domain.PageImpl; import org.springframework.data.domain.Pageable; @@ -13,6 +15,8 @@ import java.util.List; * @date 3/25/19 */ @Data +@ToString(callSuper = true) +@EqualsAndHashCode(callSuper = true) public class CommentPage extends PageImpl { /** diff --git a/src/main/java/run/halo/app/model/vo/CategoryVO.java b/src/main/java/run/halo/app/model/vo/CategoryVO.java index 8a4f8b9f8..78292f321 100644 --- a/src/main/java/run/halo/app/model/vo/CategoryVO.java +++ b/src/main/java/run/halo/app/model/vo/CategoryVO.java @@ -1,5 +1,7 @@ package run.halo.app.model.vo; +import lombok.EqualsAndHashCode; +import lombok.ToString; import run.halo.app.model.dto.CategoryDTO; import lombok.Data; @@ -12,6 +14,8 @@ import java.util.List; * @date 3/21/19 */ @Data +@ToString(callSuper = true) +@EqualsAndHashCode(callSuper = true) public class CategoryVO extends CategoryDTO { private List children; diff --git a/src/main/java/run/halo/app/security/filter/AbstractAuthenticationFilter.java b/src/main/java/run/halo/app/security/filter/AbstractAuthenticationFilter.java index a39d34693..b2a2141ff 100644 --- a/src/main/java/run/halo/app/security/filter/AbstractAuthenticationFilter.java +++ b/src/main/java/run/halo/app/security/filter/AbstractAuthenticationFilter.java @@ -18,7 +18,10 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; -import java.util.*; +import java.util.Collection; +import java.util.Collections; +import java.util.HashSet; +import java.util.Set; /** * Abstract authentication filter. @@ -35,11 +38,6 @@ public abstract class AbstractAuthenticationFilter extends OncePerRequestFilter */ private Set excludeUrlPatterns = new HashSet<>(2); - /** - * Try authenticating url, method patterns. - */ - private Map tryAuthUrlMethodPatterns = new HashMap<>(2); - protected final AntPathMatcher antPathMatcher; protected final HaloProperties haloProperties; @@ -72,26 +70,6 @@ public abstract class AbstractAuthenticationFilter extends OncePerRequestFilter return excludeUrlPatterns.stream().anyMatch(p -> antPathMatcher.match(p, request.getServletPath())); } - /** - * Should skip authentication failure. - * - * @param request http servlet request must not be null. - * @return true if the request should skip authentication failure; false otherwise - */ - @Deprecated - protected boolean shouldSkipAuthenticateFailure(@NonNull HttpServletRequest request) { - Assert.notNull(request, "Http servlet request must not be null"); - - for (String url : tryAuthUrlMethodPatterns.keySet()) { - if (antPathMatcher.match(url, request.getServletPath()) - && tryAuthUrlMethodPatterns.get(url).equalsIgnoreCase(request.getMethod())) { - return true; - } - } - - return false; - } - /** * Sets exclude url patterns. * @@ -124,20 +102,6 @@ public abstract class AbstractAuthenticationFilter extends OncePerRequestFilter return excludeUrlPatterns; } - /** - * Adds try authenticating url method pattern. - * - * @param url url must not be blank - * @param method method must not be blank - */ - @Deprecated - public void addTryAuthUrlMethodPattern(@NonNull String url, @NonNull String method) { - Assert.hasText(url, "Try authenticating url must not be blank"); - Assert.hasText(method, "Try authenticating method must not be blank"); - - tryAuthUrlMethodPatterns.put(url, method); - } - /** * Gets authentication failure handler. (Default: @DefaultAuthenticationFailureHandler) @@ -145,7 +109,7 @@ public abstract class AbstractAuthenticationFilter extends OncePerRequestFilter * @return authentication failure handler */ @NonNull - public AuthenticationFailureHandler getFailureHandler() { + protected AuthenticationFailureHandler getFailureHandler() { if (failureHandler == null) { synchronized (this) { if (failureHandler == null) { diff --git a/src/main/java/run/halo/app/service/UserService.java b/src/main/java/run/halo/app/service/UserService.java index a5deb72e1..e992670a8 100755 --- a/src/main/java/run/halo/app/service/UserService.java +++ b/src/main/java/run/halo/app/service/UserService.java @@ -78,17 +78,6 @@ public interface UserService extends CrudService { @NonNull User getByEmailOfNonNull(@NonNull String email); - /** - * Logins by username and password. - * - * @param key username or email must not be blank - * @param password password must not be blank - * @return user info - */ - @NonNull - @Deprecated - User login(@NonNull String key, @NonNull String password); - /** * Updates user password. * diff --git a/src/main/java/run/halo/app/service/impl/UserServiceImpl.java b/src/main/java/run/halo/app/service/impl/UserServiceImpl.java index 2a08e801d..8912fbb8f 100644 --- a/src/main/java/run/halo/app/service/impl/UserServiceImpl.java +++ b/src/main/java/run/halo/app/service/impl/UserServiceImpl.java @@ -1,6 +1,5 @@ package run.halo.app.service.impl; -import cn.hutool.core.lang.Validator; import cn.hutool.crypto.digest.BCrypt; import org.apache.commons.lang3.StringUtils; import org.springframework.context.ApplicationEventPublisher; @@ -19,14 +18,10 @@ import run.halo.app.model.entity.User; import run.halo.app.model.enums.LogType; import run.halo.app.model.params.UserParam; import run.halo.app.repository.UserRepository; -import run.halo.app.security.context.SecurityContextHolder; -import run.halo.app.security.filter.AdminAuthenticationFilter; -import run.halo.app.security.support.UserDetail; import run.halo.app.service.UserService; import run.halo.app.service.base.AbstractCrudService; import run.halo.app.utils.DateUtils; import run.halo.app.utils.HaloUtils; -import run.halo.app.utils.ServletUtils; import java.util.Date; import java.util.List; @@ -104,68 +99,6 @@ public class UserServiceImpl extends AbstractCrudService implemen return getByEmail(email).orElseThrow(() -> new NotFoundException("The email dose not exist").setErrorData(email)); } - @Override - public User login(String key, String password) { - Assert.hasText(key, "Username or email must not be blank"); - Assert.hasText(password, "Password must not be blank"); - - // Check login status - if (SecurityContextHolder.getContext().isAuthenticated()) { - throw new BadRequestException("You have logged in already, no need to log in again"); - } - - // Ger user by username - User user = Validator.isEmail(key) ? getByEmailOfNonNull(key) : getByUsernameOfNonNull(key); - - Date now = DateUtils.now(); - - // Check expiration - if (user.getExpireTime() != null && user.getExpireTime().after(now)) { - long seconds = TimeUnit.MILLISECONDS.toSeconds(user.getExpireTime().getTime() - now.getTime()); - // If expired - throw new BadRequestException("You have been temporarily disabled,please try again " + HaloUtils.timeFormat(seconds) + " later").setErrorData(seconds); - } - - if (!BCrypt.checkpw(password, user.getPassword())) { - // If the password is mismatch - // Add login failure count - Integer loginFailureCount = stringCacheStore.getAny(LOGIN_FAILURE_COUNT_KEY, Integer.class).orElse(0); - - if (loginFailureCount >= MAX_LOGIN_TRY - 1) { - // Set expiration - user.setExpireTime(org.apache.commons.lang3.time.DateUtils.addMinutes(now, LOCK_MINUTES)); - // Update user - update(user); - } - - loginFailureCount++; - - stringCacheStore.putAny(LOGIN_FAILURE_COUNT_KEY, loginFailureCount, LOCK_MINUTES, TimeUnit.MINUTES); - - int remainder = MAX_LOGIN_TRY - loginFailureCount; - - String errorMessage = String.format("Username or password incorrect, you%shave %s", remainder <= 0 ? "" : " still ", HaloUtils.pluralize(remainder, "chance", "chances")); - - // Lot it - eventPublisher.publishEvent(new LogEvent(this, key, LogType.LOGIN_FAILED, password)); - - throw new BadRequestException(errorMessage); - } - - // Clear the login failure count cache - stringCacheStore.delete(LOGIN_FAILURE_COUNT_KEY); - - // Set session - ServletUtils.getCurrentRequest().ifPresent(request -> { - request.getSession().setAttribute(AdminAuthenticationFilter.ADMIN_SESSION_KEY, new UserDetail(user)); - }); - - // Log it - eventPublisher.publishEvent(new LogEvent(this, user.getId().toString(), LogType.LOGGED_IN, user.getUsername())); - - return user; - } - @Override public User updatePassword(String oldPassword, String newPassword, Integer userId) { Assert.hasText(oldPassword, "Old password must not be blank"); diff --git a/src/main/java/run/halo/app/service/support/HaloMediaType.java b/src/main/java/run/halo/app/service/support/HaloMediaType.java index 8c30d3722..f49a5e95b 100644 --- a/src/main/java/run/halo/app/service/support/HaloMediaType.java +++ b/src/main/java/run/halo/app/service/support/HaloMediaType.java @@ -64,33 +64,4 @@ public class HaloMediaType extends MediaType { super(type, subtype, parameters); } - /** - * Checks whether the media type is zip type or not . - * - * @param mediaType media type - * @return true if the given media type is zip type; false otherwise - */ - @Deprecated - public static boolean isZipType(MediaType mediaType) { - if (mediaType == null) { - return false; - } - - return mediaType.includes(APPLICATION_ZIP); - } - - /** - * Checks whether the media type is zip type or not . - * - * @param contentType content type - * @return true if the given content type is zip type; false otherwise - */ - @Deprecated - public static boolean isZipType(String contentType) { - if (StringUtils.isBlank(contentType)) { - return false; - } - - return isZipType(valueOf(contentType)); - } } diff --git a/src/test/java/run/halo/app/model/MediaTypeTest.java b/src/test/java/run/halo/app/model/MediaTypeTest.java index 8f359cfc0..7d78ba00b 100644 --- a/src/test/java/run/halo/app/model/MediaTypeTest.java +++ b/src/test/java/run/halo/app/model/MediaTypeTest.java @@ -46,11 +46,4 @@ public class MediaTypeTest { assertFalse(isInclude); } - @Test - public void zipTest() { - MediaType mediaType = MediaType.valueOf("application/x-zip-compressed"); - log.debug("Zip type: [{}]", mediaType); - - assertFalse(HaloMediaType.isZipType(mediaType)); - } } diff --git a/src/test/java/run/halo/app/model/dto/base/InputConverterTest.java b/src/test/java/run/halo/app/model/dto/base/InputConverterTest.java index 9644c101a..1bfb7e4df 100644 --- a/src/test/java/run/halo/app/model/dto/base/InputConverterTest.java +++ b/src/test/java/run/halo/app/model/dto/base/InputConverterTest.java @@ -1,8 +1,6 @@ package run.halo.app.model.dto.base; -import lombok.AllArgsConstructor; -import lombok.Data; -import lombok.NoArgsConstructor; +import lombok.*; import org.junit.Test; import java.io.Serializable; @@ -47,6 +45,8 @@ public class InputConverterTest { } @Data + @ToString + @EqualsAndHashCode @NoArgsConstructor @AllArgsConstructor public static class TestDomain { @@ -57,6 +57,8 @@ public class InputConverterTest { } @Data + @ToString + @EqualsAndHashCode @NoArgsConstructor @AllArgsConstructor public static class TestInputDTO implements InputConverter, Serializable { @@ -65,6 +67,8 @@ public class InputConverterTest { } @Data + @ToString(callSuper = true) + @EqualsAndHashCode(callSuper = true) @NoArgsConstructor @AllArgsConstructor public static class SubTestInputDTO extends TestInputDTO { diff --git a/src/test/java/run/halo/app/model/dto/base/OutputConverterTest.java b/src/test/java/run/halo/app/model/dto/base/OutputConverterTest.java index fb01c4ba3..57a5e3eb2 100644 --- a/src/test/java/run/halo/app/model/dto/base/OutputConverterTest.java +++ b/src/test/java/run/halo/app/model/dto/base/OutputConverterTest.java @@ -1,8 +1,6 @@ package run.halo.app.model.dto.base; -import lombok.AllArgsConstructor; -import lombok.Data; -import lombok.NoArgsConstructor; +import lombok.*; import org.junit.Test; import static org.hamcrest.Matchers.equalTo; @@ -35,6 +33,8 @@ public class OutputConverterTest { } @Data + @ToString + @EqualsAndHashCode @NoArgsConstructor @AllArgsConstructor public static class TestDomain { @@ -45,6 +45,8 @@ public class OutputConverterTest { } @Data + @ToString + @EqualsAndHashCode @NoArgsConstructor @AllArgsConstructor public static class TestOutputDTO implements OutputConverter { @@ -53,6 +55,8 @@ public class OutputConverterTest { } @Data + @ToString(callSuper = true) + @EqualsAndHashCode(callSuper = true) @NoArgsConstructor @AllArgsConstructor public static class SubTestOutputDTO extends TestOutputDTO { diff --git a/src/test/java/run/halo/app/service/RecoveryServiceTest.java b/src/test/java/run/halo/app/service/RecoveryServiceTest.java index 93fbf5ccb..3c8b27c97 100644 --- a/src/test/java/run/halo/app/service/RecoveryServiceTest.java +++ b/src/test/java/run/halo/app/service/RecoveryServiceTest.java @@ -40,6 +40,7 @@ public class RecoveryServiceTest { log.debug(migrationObject.getClass().toString()); if (migrationObject instanceof Map) { + @SuppressWarnings("unchecked") Map migrationMap = (Map) migrationObject; migrationMap.forEach((key, value) -> log.debug("Key: [{}], value type: [{}], value: [{}]", key, value.getClass().getTypeName(), value));