🎨 #12527

d8f875ff · Liang Ding · abeb6053 · d8f875ff · d8f875ff · d8f875ff
Commit d8f875ff authored Sep 25, 2018 by Liang Ding
11 changed files
--- a/src/main/java/org/b3log/solo/filter/AuthFilter.java
+++ b/src/main/java/org/b3log/solo/filter/AuthFilter.java
@@ -74,15 +74,13 @@ public final class AuthFilter implements Filter {
            final JSONObject currentUser = userQueryService.getCurrentUser(httpServletRequest);
            if (null == currentUser) {
-                LOGGER.debug("The request has been forbidden");
+                httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
-                httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
                return;
            }
            final String userRole = currentUser.optString(User.USER_ROLE);
            if (Role.VISITOR_ROLE.equals(userRole)) {
-                LOGGER.warn("The request [Visitor] has been forbidden");
                httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
                return;

--- a/src/main/java/org/b3log/solo/processor/BlogProcessor.java
+++ b/src/main/java/org/b3log/solo/processor/BlogProcessor.java
@@ -203,14 +203,14 @@ public class BlogProcessor {
            throws Exception {
        final String pwd = request.getParameter("pwd");
        if (StringUtils.isBlank(pwd)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
        final JSONObject admin = userQueryService.getAdmin();
        if (!DigestUtils.md5Hex(pwd).equals(admin.getString(User.USER_PASSWORD))) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }

--- a/src/main/java/org/b3log/solo/processor/console/AdminConsole.java
+++ b/src/main/java/org/b3log/solo/processor/console/AdminConsole.java
@@ -298,7 +298,7 @@ public class AdminConsole {
    public void exportSQL(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -417,7 +417,7 @@ public class AdminConsole {
    public void exportJSON(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -467,7 +467,7 @@ public class AdminConsole {
    public void exportHexo(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }

--- a/src/main/java/org/b3log/solo/processor/console/ArticleConsole.java
+++ b/src/main/java/org/b3log/solo/processor/console/ArticleConsole.java
@@ -114,7 +114,7 @@ public class ArticleConsole {
    public void getArticleThumbs(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -171,7 +171,7 @@ public class ArticleConsole {
        }
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -224,7 +224,7 @@ public class ArticleConsole {
    public void getArticle(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -286,7 +286,7 @@ public class ArticleConsole {
    public void getArticles(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -359,7 +359,7 @@ public class ArticleConsole {
    public void removeArticle(final HTTPRequestContext context, final HttpServletRequest request, final HttpServletResponse response,
                              final String articleId) throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -411,7 +411,7 @@ public class ArticleConsole {
    public void cancelPublishArticle(final HTTPRequestContext context, final HttpServletRequest request, final HttpServletResponse response)
            throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -465,7 +465,7 @@ public class ArticleConsole {
    public void cancelTopArticle(final HTTPRequestContext context, final HttpServletRequest request, final HttpServletResponse response)
            throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -520,7 +520,7 @@ public class ArticleConsole {
    public void putTopArticle(final HTTPRequestContext context, final HttpServletRequest request, final HttpServletResponse response)
            throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -591,7 +591,7 @@ public class ArticleConsole {
    public void updateArticle(final HTTPRequestContext context, final HttpServletRequest request, final HttpServletResponse response,
                              final JSONObject requestJSONObject) throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -661,7 +661,7 @@ public class ArticleConsole {
    public void addArticle(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context,
                           final JSONObject requestJSONObject) throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }

--- a/src/main/java/org/b3log/solo/processor/console/CategoryConsole.java
+++ b/src/main/java/org/b3log/solo/processor/console/CategoryConsole.java
@@ -119,7 +119,7 @@ public class CategoryConsole {
    public void changeOrder(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context,
                            final JSONObject requestJSONObject) throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -173,7 +173,7 @@ public class CategoryConsole {
    public void getCategory(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -231,7 +231,7 @@ public class CategoryConsole {
    public void removeCategory(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -281,7 +281,7 @@ public class CategoryConsole {
    public void updateCategory(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context,
                               final JSONObject requestJSONObject) throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -421,7 +421,7 @@ public class CategoryConsole {
                            final JSONObject requestJSONObject)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -563,7 +563,7 @@ public class CategoryConsole {
    public void getCategories(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }

--- a/src/main/java/org/b3log/solo/processor/console/CommentConsole.java
+++ b/src/main/java/org/b3log/solo/processor/console/CommentConsole.java
@@ -99,7 +99,7 @@ public class CommentConsole {
    public void removePageComment(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -151,7 +151,7 @@ public class CommentConsole {
    public void removeArticleComment(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -223,7 +223,7 @@ public class CommentConsole {
    public void getComments(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -280,7 +280,7 @@ public class CommentConsole {
    public void getArticleComments(final HTTPRequestContext context, final HttpServletRequest request, final HttpServletResponse response)
            throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -338,7 +338,7 @@ public class CommentConsole {
    public void getPageComments(final HTTPRequestContext context, final HttpServletRequest request, final HttpServletResponse response)
            throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }

--- a/src/main/java/org/b3log/solo/processor/console/LinkConsole.java
+++ b/src/main/java/org/b3log/solo/processor/console/LinkConsole.java
@@ -101,7 +101,7 @@ public class LinkConsole {
    public void removeLink(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -156,7 +156,7 @@ public class LinkConsole {
                           final JSONObject requestJSONObject)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -207,7 +207,7 @@ public class LinkConsole {
    public void changeOrder(final HttpServletRequest request, final HttpServletResponse response,
                            final HTTPRequestContext context, final JSONObject requestJSONObject) throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -266,7 +266,7 @@ public class LinkConsole {
    public void addLink(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context,
                        final JSONObject requestJSONObject) throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -329,7 +329,7 @@ public class LinkConsole {
                         final HttpServletResponse response,
                         final HTTPRequestContext context) throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -387,7 +387,7 @@ public class LinkConsole {
    public void getLink(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }

--- a/src/main/java/org/b3log/solo/processor/console/PageConsole.java
+++ b/src/main/java/org/b3log/solo/processor/console/PageConsole.java
@@ -118,7 +118,7 @@ public class PageConsole {
                           final JSONObject requestJSONObject)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -165,7 +165,7 @@ public class PageConsole {
    public void removePage(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -226,7 +226,7 @@ public class PageConsole {
                        final JSONObject requestJSONObject)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -280,7 +280,7 @@ public class PageConsole {
                            final JSONObject requestJSONObject)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -338,7 +338,7 @@ public class PageConsole {
    public void getPage(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -403,7 +403,7 @@ public class PageConsole {
    public void getPages(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }

--- a/src/main/java/org/b3log/solo/processor/console/PreferenceConsole.java
+++ b/src/main/java/org/b3log/solo/processor/console/PreferenceConsole.java
@@ -121,7 +121,7 @@ public class PreferenceConsole {
                                             final HttpServletResponse response,
                                             final HTTPRequestContext context) throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -164,7 +164,7 @@ public class PreferenceConsole {
                                                final HTTPRequestContext context,
                                                final JSONObject requestJSONObject) throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -212,7 +212,7 @@ public class PreferenceConsole {
    public void getSigns(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -303,7 +303,7 @@ public class PreferenceConsole {
    public void getPreference(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -384,7 +384,7 @@ public class PreferenceConsole {
    public void updatePreference(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context,
                                 final JSONObject requestJSONObject) throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -441,7 +441,7 @@ public class PreferenceConsole {
    public void getQiniuPreference(final HttpServletRequest request, final HttpServletResponse response,
                                   final HTTPRequestContext context) throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -487,7 +487,7 @@ public class PreferenceConsole {
    public void updateQiniu(final HttpServletRequest request, final HttpServletResponse response,
                            final HTTPRequestContext context, final JSONObject requestJSONObject) throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }

--- a/src/main/java/org/b3log/solo/processor/console/TagConsole.java
+++ b/src/main/java/org/b3log/solo/processor/console/TagConsole.java
@@ -102,7 +102,7 @@ public class TagConsole {
    public void getTags(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -146,7 +146,7 @@ public class TagConsole {
    public void getUnusedTags(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isLoggedIn(request, response)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -200,7 +200,7 @@ public class TagConsole {
    public void removeUnusedTags(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }

--- a/src/main/java/org/b3log/solo/processor/console/UserConsole.java
+++ b/src/main/java/org/b3log/solo/processor/console/UserConsole.java
@@ -113,7 +113,7 @@ public class UserConsole {
                           final JSONObject requestJSONObject)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -220,7 +220,7 @@ public class UserConsole {
    public void removeUser(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -281,7 +281,7 @@ public class UserConsole {
        context.setRenderer(renderer);
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -336,7 +336,7 @@ public class UserConsole {
    public void getUser(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }
@@ -385,7 +385,7 @@ public class UserConsole {
    public void changeUserRole(final HttpServletRequest request, final HttpServletResponse response, final HTTPRequestContext context)
            throws Exception {
        if (!userQueryService.isAdminLoggedIn(request)) {
-            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        }