halo-dev · f2c-ci-robot · Apr 7, 2022 · Apr 7, 2022
diff --git a/src/main/java/run/halo/app/controller/content/auth/CategoryAuthentication.java b/src/main/java/run/halo/app/controller/content/auth/CategoryAuthentication.java
@@ -1,6 +1,8 @@
 package run.halo.app.controller.content.auth;
 
+import java.util.Set;
 import java.util.concurrent.TimeUnit;
+import java.util.stream.Collectors;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.lang.NonNull;
 import org.springframework.stereotype.Component;
@@ -37,11 +39,8 @@ public Object getPrincipal() {
     @Override
     public boolean isAuthenticated(Integer categoryId) {
         Category category = categoryService.getById(categoryId);
-        if (StringUtils.isBlank(category.getPassword())) {
-            // All parent category is not encrypted
-            if (categoryService.lookupFirstEncryptedBy(category.getId()).isEmpty()) {
-                return true;
-            }
+        if (!isPrivate(category)) {
+            return true;
         }
 
         String sessionId = getSessionId();
@@ -55,6 +54,13 @@ public boolean isAuthenticated(Integer categoryId) {
         return cacheStore.get(cacheKey).isPresent();
     }
 
+    private boolean isPrivate(Category category) {
+        if (StringUtils.isNotBlank(category.getPassword())) {
+            return true;
+        }
+        return categoryService.lookupFirstEncryptedBy(category.getId()).isPresent();
+    }
+
     @Override
     public void setAuthenticated(Integer resourceId, boolean isAuthenticated) {
         String sessionId = getSessionId();
@@ -74,12 +80,21 @@ public void setAuthenticated(Integer resourceId, boolean isAuthenticated) {
 
     @Override
     public void clearByResourceId(Integer resourceId) {
-        String resourceCachePrefix =
-            StringUtils.joinWith(":", CACHE_PREFIX, getPrincipal(), resourceId);
-        cacheStore.toMap().forEach((key, value) -> {
-            if (StringUtils.startsWith(key, resourceCachePrefix)) {
-                cacheStore.delete(key);
-            }
-        });
+        String sessionId = getSessionId();
+        if (StringUtils.isBlank(sessionId)) {
+            return;
+        }
+        String categoryCacheKey =
+            buildCacheKey(sessionId, getPrincipal().toString(), String.valueOf(resourceId));
+        // clean category cache
+        cacheStore.delete(categoryCacheKey);
+
+        Set<Integer> postIds = categoryService.listPostIdsByCategoryIdRecursively(resourceId);
+        Set<String> postCacheKeys = postIds.stream()
+            .map(postId ->
+                buildCacheKey(sessionId, EncryptTypeEnum.POST.getName(), String.valueOf(postId)))
+            .collect(Collectors.toSet());
+        // clean category post cache
+        postCacheKeys.forEach(cacheStore::delete);
     }
 }
diff --git a/src/main/java/run/halo/app/controller/content/auth/PostAuthentication.java b/src/main/java/run/halo/app/controller/content/auth/PostAuthentication.java
@@ -47,18 +47,15 @@ public Object getPrincipal() {
     @Override
     public boolean isAuthenticated(Integer postId) {
         Post post = postService.getById(postId);
-        if (StringUtils.isBlank(post.getPassword())) {
-            List<PostCategory> postCategories = postCategoryService.listByPostId(postId);
-            boolean categoryEncrypted = postCategories.stream()
-                .anyMatch(postCategory -> categoryService.isPrivate(postCategory.getCategoryId()));
-            if (!categoryEncrypted) {
-                return true;
+        if (!isPrivate(post)) {
+            return true;
+        }
+        List<PostCategory> postCategories = postCategoryService.listByPostId(postId);
+        for (PostCategory postCategory : postCategories) {
+            if (!categoryService.isPrivate(postCategory.getCategoryId())) {
+                continue;
             }
-
-            boolean anyCategoryAuthenticated = postCategories.stream()
-                .anyMatch(postCategory ->
-                    categoryAuthentication.isAuthenticated(postCategory.getCategoryId()));
-            if (anyCategoryAuthenticated) {
+            if (categoryAuthentication.isAuthenticated(postCategory.getCategoryId())) {
                 return true;
             }
         }
@@ -74,6 +71,15 @@ public boolean isAuthenticated(Integer postId) {
         return cacheStore.get(cacheKey).isPresent();
     }
 
+    private boolean isPrivate(Post post) {
+        if (StringUtils.isNotBlank(post.getPassword())) {
+            return true;
+        }
+        List<PostCategory> postCategories = postCategoryService.listByPostId(post.getId());
+        return postCategories.stream()
+            .anyMatch(postCategory -> categoryService.isPrivate(postCategory.getCategoryId()));
+    }
+
     @Override
     public void setAuthenticated(Integer resourceId, boolean isAuthenticated) {
         String sessionId = getSessionId();
@@ -93,12 +99,13 @@ public void setAuthenticated(Integer resourceId, boolean isAuthenticated) {
 
     @Override
     public void clearByResourceId(Integer resourceId) {
-        String resourceCachePrefix =
-            StringUtils.joinWith(":", CACHE_PREFIX, getPrincipal(), resourceId);
-        cacheStore.toMap().forEach((key, value) -> {
-            if (StringUtils.startsWith(key, resourceCachePrefix)) {
-                cacheStore.delete(key);
-            }
-        });
+        String sessionId = getSessionId();
+        if (StringUtils.isBlank(sessionId)) {
+            return;
+        }
+        String cacheKey =
+            buildCacheKey(sessionId, getPrincipal().toString(), String.valueOf(resourceId));
+        // clean category cache
+        cacheStore.delete(cacheKey);
     }
 }