Let comment properties: API_ENABLED work

pull/146/head
johnniang 2019-05-07 09:06:18 +08:00
parent fd79c8db4d
commit ff1836e978
4 changed files with 21 additions and 5 deletions

View File

@ -114,7 +114,7 @@ public class HaloConfiguration {
ApiAuthenticationFilter apiFilter = new ApiAuthenticationFilter(haloProperties, optionService);
apiFilter.addExcludeUrlPatterns(
"/api/content/*/comments",
"/api/content/*/comments/*"
"/api/content/**/comments/*"
);
DefaultAuthenticationFailureHandler failureHandler = new DefaultAuthenticationFailureHandler();

View File

@ -18,7 +18,7 @@ public enum CommentProperties implements PropertyEnum {
REPLY_NOTICE("comment_reply_notice", Boolean.class, "false"),
API_ENABLED("comment_api_enabled", Boolean.class, "false"),
API_ENABLED("comment_api_enabled", Boolean.class, "true"),
PAGE_SIZE("comment_page_size", Integer.class, "10"),

View File

@ -40,11 +40,11 @@ public abstract class AbstractAuthenticationFilter extends OncePerRequestFilter
*/
private Map<String, String> tryAuthUrlMethodPatterns = new HashMap<>(2);
private final AntPathMatcher antPathMatcher;
protected final AntPathMatcher antPathMatcher;
private final HaloProperties haloProperties;
protected final HaloProperties haloProperties;
private final OptionService optionService;
protected final OptionService optionService;
protected AbstractAuthenticationFilter(HaloProperties haloProperties,
OptionService optionService) {

View File

@ -8,6 +8,7 @@ import org.springframework.util.Assert;
import run.halo.app.config.properties.HaloProperties;
import run.halo.app.exception.AuthenticationException;
import run.halo.app.exception.ForbiddenException;
import run.halo.app.model.properties.CommentProperties;
import run.halo.app.model.properties.OtherProperties;
import run.halo.app.service.OptionService;
@ -77,6 +78,21 @@ public class ApiAuthenticationFilter extends AbstractAuthenticationFilter {
filterChain.doFilter(request, response);
}
@Override
protected boolean shouldNotFilter(HttpServletRequest request) {
boolean result = super.shouldNotFilter(request);
if (antPathMatcher.match("/api/content/*/comments", request.getServletPath())) {
Boolean commentApiEnabled = optionService.getByPropertyOrDefault(CommentProperties.API_ENABLED, Boolean.class, true);
if (!commentApiEnabled) {
// If the comment api is disabled
result = false;
}
}
return result;
}
@Override
protected String getTokenFromRequest(@NonNull HttpServletRequest request) {
Assert.notNull(request, "Http servlet request must not be null");