Mercurial > hg > AnnotationManagerN4J
annotate src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorSearch.java @ 14:629e15b345aa
permissions mostly work. need more server-side checking.
author | casties |
---|---|
date | Fri, 13 Jul 2012 20:41:02 +0200 |
parents | 3599b29c393f |
children | 58357a4b86de |
rev | line source |
---|---|
4 | 1 /** |
2 * Implements the "search" uri of the Annotator API. | |
3 */ | |
4 package de.mpiwg.itgroup.annotations.restlet; | |
5 | |
6 import java.util.List; | |
7 | |
8 import org.json.JSONArray; | |
9 import org.json.JSONException; | |
10 import org.json.JSONObject; | |
11 import org.restlet.data.Form; | |
12 import org.restlet.data.Status; | |
13 import org.restlet.ext.json.JsonRepresentation; | |
14 import org.restlet.representation.Representation; | |
15 import org.restlet.resource.Get; | |
16 | |
17 import de.mpiwg.itgroup.annotations.Annotation; | |
18 | |
19 /** | |
20 * Implements the "search" uri of the Annotator API. see | |
21 * <https://github.com/okfn/annotator/wiki/Storage> | |
22 * | |
23 * @author casties | |
24 * | |
25 */ | |
26 public class AnnotatorSearch extends AnnotatorResourceImpl { | |
27 | |
28 protected String getAllowedMethodsForHeader() { | |
29 return "OPTIONS,GET"; | |
30 } | |
31 | |
32 /** | |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
33 * result for JSON content-type. optional search parameters: uri, user, limit, |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
34 * offset. |
4 | 35 * |
36 * @param entity | |
37 * @return | |
38 */ | |
39 @Get("json") | |
40 public Representation doGetJSON(Representation entity) { | |
41 logger.debug("AnnotatorSearch doGetJSON!"); | |
42 setCorsHeaders(); | |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
43 // do authentication |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
44 String authUser = this.checkAuthToken(entity); |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
45 logger.debug("request authenticated=" + authUser); |
4 | 46 |
47 Form form = getRequest().getResourceRef().getQueryAsForm(); | |
48 String uri = form.getFirstValue("uri"); | |
49 String user = form.getFirstValue("user"); | |
50 String limit = form.getFirstValue("limit"); | |
51 String offset = form.getFirstValue("offset"); | |
52 | |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
53 JSONArray results = new JSONArray(); |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
54 // do search |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
55 logger.debug(String.format("searching for uri=%s user=%s", uri, user)); |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
56 List<Annotation> annots = getAnnotationStore().searchByUriUser(uri, user, limit, offset); |
4 | 57 for (Annotation annot : annots) { |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
58 // check permission |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
59 if (!annot.isActionAllowed("read", authUser)) continue; |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
60 JSONObject jo = createAnnotatorJson(annot, (authUser == null)); |
4 | 61 if (jo != null) { |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
62 results.put(jo); |
4 | 63 } else { |
64 setStatus(Status.SERVER_ERROR_INTERNAL, "JSON Error"); | |
65 return null; | |
66 } | |
67 } | |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
68 // assemble result object |
4 | 69 JSONObject result = new JSONObject(); |
70 try { | |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
71 result.put("rows", results); |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
72 result.put("total", results.length()); |
4 | 73 } catch (JSONException e) { |
74 setStatus(Status.SERVER_ERROR_INTERNAL, "JSON Error"); | |
75 return null; | |
76 } | |
77 | |
78 logger.debug("sending:"); | |
79 logger.debug(result); | |
80 return new JsonRepresentation(result); | |
81 } | |
82 | |
83 } |