Let comment properties: API_ENABLED work

2019-05-07 09:06:18 +08:00 · 2019-05-07 09:06:18 +08:00 · ff1836e978
parent fd79c8db4d
commit ff1836e978
4 changed files with 21 additions and 5 deletions
--- a/src/main/java/run/halo/app/config/HaloConfiguration.java
+++ b/src/main/java/run/halo/app/config/HaloConfiguration.java
@ -114,7 +114,7 @@ public class HaloConfiguration {
        ApiAuthenticationFilter apiFilter = new ApiAuthenticationFilter(haloProperties, optionService);
        apiFilter.addExcludeUrlPatterns(
                "/api/content/*/comments",
-                "/api/content/*/comments/*"
+                "/api/content/**/comments/*"
        );

        DefaultAuthenticationFailureHandler failureHandler = new DefaultAuthenticationFailureHandler();
--- a/src/main/java/run/halo/app/model/properties/CommentProperties.java
+++ b/src/main/java/run/halo/app/model/properties/CommentProperties.java
@ -18,7 +18,7 @@ public enum CommentProperties implements PropertyEnum {

    REPLY_NOTICE("comment_reply_notice", Boolean.class, "false"),

-    API_ENABLED("comment_api_enabled", Boolean.class, "false"),
+    API_ENABLED("comment_api_enabled", Boolean.class, "true"),

    PAGE_SIZE("comment_page_size", Integer.class, "10"),

--- a/src/main/java/run/halo/app/security/filter/AbstractAuthenticationFilter.java
+++ b/src/main/java/run/halo/app/security/filter/AbstractAuthenticationFilter.java
@ -40,11 +40,11 @@ public abstract class AbstractAuthenticationFilter extends OncePerRequestFilter
     */
    private Map<String, String> tryAuthUrlMethodPatterns = new HashMap<>(2);

-    private final AntPathMatcher antPathMatcher;
+    protected final AntPathMatcher antPathMatcher;

-    private final HaloProperties haloProperties;
+    protected final HaloProperties haloProperties;

-    private final OptionService optionService;
+    protected final OptionService optionService;

    protected AbstractAuthenticationFilter(HaloProperties haloProperties,
                                           OptionService optionService) {
--- a/src/main/java/run/halo/app/security/filter/ApiAuthenticationFilter.java
+++ b/src/main/java/run/halo/app/security/filter/ApiAuthenticationFilter.java
@ -8,6 +8,7 @@ import org.springframework.util.Assert;
 import run.halo.app.config.properties.HaloProperties;
 import run.halo.app.exception.AuthenticationException;
 import run.halo.app.exception.ForbiddenException;
+import run.halo.app.model.properties.CommentProperties;
 import run.halo.app.model.properties.OtherProperties;
 import run.halo.app.service.OptionService;

@ -77,6 +78,21 @@ public class ApiAuthenticationFilter extends AbstractAuthenticationFilter {
        filterChain.doFilter(request, response);
    }

+    @Override
+    protected boolean shouldNotFilter(HttpServletRequest request) {
+        boolean result = super.shouldNotFilter(request);
+
+        if (antPathMatcher.match("/api/content/*/comments", request.getServletPath())) {
+            Boolean commentApiEnabled = optionService.getByPropertyOrDefault(CommentProperties.API_ENABLED, Boolean.class, true);
+            if (!commentApiEnabled) {
+                // If the comment api is disabled
+                result = false;
+            }
+        }
+        return result;
+
+    }
+
    @Override
    protected String getTokenFromRequest(@NonNull HttpServletRequest request) {
        Assert.notNull(request, "Http servlet request must not be null");