Mercurial > hg > AnnotationManagerN4J
annotate src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotations.java @ 63:9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
author | casties |
---|---|
date | Fri, 23 Nov 2012 17:55:04 +0100 |
parents | b8ef15c8c4a5 |
children | c0dd5314bada |
rev | line source |
---|---|
3 | 1 /** |
2 * Implements the "annotations" uri of the Annotator API. see | |
3 * <https://github.com/okfn/annotator/wiki/Storage> | |
4 */ | |
5 package de.mpiwg.itgroup.annotations.restlet; | |
6 | |
7 import java.io.IOException; | |
31 | 8 import java.util.ArrayList; |
9 import java.util.List; | |
3 | 10 |
31 | 11 import org.json.JSONArray; |
3 | 12 import org.json.JSONException; |
13 import org.json.JSONObject; | |
31 | 14 import org.restlet.data.Form; |
3 | 15 import org.restlet.data.Status; |
16 import org.restlet.ext.json.JsonRepresentation; | |
17 import org.restlet.representation.Representation; | |
18 import org.restlet.resource.Delete; | |
19 import org.restlet.resource.Get; | |
20 import org.restlet.resource.Post; | |
21 import org.restlet.resource.Put; | |
22 | |
4 | 23 import de.mpiwg.itgroup.annotations.Annotation; |
15 | 24 import de.mpiwg.itgroup.annotations.Person; |
4 | 25 import de.mpiwg.itgroup.annotations.neo4j.AnnotationStore; |
31 | 26 import de.mpiwg.itgroup.annotations.restlet.utils.JSONObjectComparator; |
3 | 27 |
28 /** | |
4 | 29 * Implements the "annotations" uri of the Annotator API. see |
30 * <https://github.com/okfn/annotator/wiki/Storage> | |
3 | 31 * |
32 * @author dwinter, casties | |
33 * | |
34 */ | |
35 public class AnnotatorAnnotations extends AnnotatorResourceImpl { | |
36 | |
37 protected String getAllowedMethodsForHeader() { | |
38 return "OPTIONS,GET,POST,PUT,DELETE"; | |
39 } | |
40 | |
41 /** | |
42 * GET with JSON content-type. | |
43 * | |
44 * @param entity | |
45 * @return | |
46 */ | |
47 @Get("json") | |
48 public Representation doGetJSON(Representation entity) { | |
49 logger.debug("AnnotatorAnnotations doGetJSON!"); | |
50 setCorsHeaders(); | |
51 // id from URI /annotations/{id} | |
52 String jsonId = (String) getRequest().getAttributes().get("id"); | |
53 String id = decodeJsonId(jsonId); | |
54 logger.debug("annotation-id=" + id); | |
55 | |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
56 // do authentication |
15 | 57 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
58 logger.debug("request authenticated=" + authUser); |
3 | 59 |
37 | 60 if (id == null) { |
63
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
61 // no id -- send all annotations |
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
62 Form form = getRequest().getResourceRef().getQueryAsForm(); |
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
63 int limit = getInt(form.getFirstValue("limit")); |
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
64 int offset = getInt(form.getFirstValue("offset")); |
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
65 String sortBy = form.getFirstValue("sortBy"); |
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
66 return getAllAnnotations(authUser, limit, offset, sortBy); |
37 | 67 } |
68 | |
63
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
69 // send annotation with id |
16 | 70 AnnotationStore store = getAnnotationStore(); |
71 Annotation annot = store.getAnnotationById(id); | |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
72 if (annot != null) { |
61 | 73 if (!annot.isActionAllowed("read", authUser, store)) { |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
74 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!"); |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
75 return null; |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
76 } |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
77 JSONObject result = createAnnotatorJson(annot, (authUser == null)); |
4 | 78 return new JsonRepresentation(result); |
79 } else { | |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
80 // not found |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
81 setStatus(Status.CLIENT_ERROR_NOT_FOUND); |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
82 return null; |
3 | 83 } |
84 } | |
85 | |
63
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
86 private Representation getAllAnnotations(Person authUser, int limit, int offset, String sortBy) { |
31 | 87 AnnotationStore store = getAnnotationStore(); |
88 ArrayList<JSONObject> results = new ArrayList<JSONObject>(); | |
63
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
89 |
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
90 // read all annotations |
61 | 91 List<Annotation> annotations = store.getAnnotations(null, null); |
31 | 92 for (Annotation annotation : annotations) { |
61 | 93 // check permission |
94 if (!annotation.isActionAllowed("read", authUser, store)) continue; | |
63
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
95 // add annotation to list |
61 | 96 JSONObject jo = createAnnotatorJson(annotation, false); |
97 results.add(jo); | |
98 } | |
99 | |
63
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
100 // sort if necessary |
61 | 101 if (sortBy != null) { |
102 JSONObjectComparator.sortAnnotations(results, sortBy); | |
103 } | |
63
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
104 |
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
105 // put in JSON list |
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
106 JSONArray rows = new JSONArray(); |
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
107 int cnt = 0; |
61 | 108 for (JSONObject result : results) { |
63
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
109 cnt += 1; |
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
110 if (offset > 0 && cnt < offset) continue; |
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
111 rows.put(result); |
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
112 if (limit > 0 && cnt >= limit) break; |
61 | 113 } |
114 | |
31 | 115 // assemble result object |
116 JSONObject result = new JSONObject(); | |
117 try { | |
63
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
118 result.put("rows", rows); |
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
119 result.put("total", rows.length()); |
31 | 120 } catch (JSONException e) { |
121 setStatus(Status.SERVER_ERROR_INTERNAL, "JSON Error"); | |
122 return null; | |
123 } | |
124 return new JsonRepresentation(result); | |
125 } | |
126 | |
61 | 127 /** |
20
715aa11d138b
fixes in permission handling: admin and delete default to creator.
casties
parents:
16
diff
changeset
|
128 * POST with JSON content-type. Creates a new Annotation. |
3 | 129 * |
130 * @return | |
131 */ | |
132 @Post("json") | |
133 public Representation doPostJson(Representation entity) { | |
134 logger.debug("AnnotatorAnnotations doPostJSON!"); | |
135 // set headers | |
136 setCorsHeaders(); | |
61 | 137 |
138 // do authentication TODO: who's allowed to create? | |
15 | 139 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
140 logger.debug("request authenticated=" + authUser); |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
141 if (authUser == null) { |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
142 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!"); |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
143 return null; |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
144 } |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
145 |
3 | 146 Annotation annot = null; |
147 try { | |
148 JsonRepresentation jrep = new JsonRepresentation(entity); | |
149 JSONObject jo = jrep.getJsonObject(); | |
150 if (jo == null) { | |
151 setStatus(Status.SERVER_ERROR_INTERNAL); | |
152 return null; | |
153 } | |
154 // make sure id is not set for POST | |
155 jo.remove("id"); | |
156 // get Annotation object from posted JSON | |
157 annot = createAnnotation(jo, entity); | |
158 } catch (IOException e1) { | |
159 setStatus(Status.SERVER_ERROR_INTERNAL); | |
160 return null; | |
161 } catch (JSONException e) { | |
162 setStatus(Status.CLIENT_ERROR_BAD_REQUEST); | |
163 return null; | |
164 } | |
4 | 165 if (annot == null) { |
3 | 166 setStatus(Status.CLIENT_ERROR_BAD_REQUEST); |
167 return null; | |
168 } | |
169 Annotation storedAnnot; | |
4 | 170 // store Annotation |
171 storedAnnot = getAnnotationStore().storeAnnotation(annot); | |
172 /* | |
173 * according to https://github.com/okfn/annotator/wiki/Storage we should | |
174 * return 303: see other. For now we return the annotation. | |
3 | 175 */ |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
176 JSONObject jo = createAnnotatorJson(storedAnnot, (authUser == null)); |
3 | 177 JsonRepresentation retRep = new JsonRepresentation(jo); |
178 return retRep; | |
179 } | |
180 | |
181 /** | |
20
715aa11d138b
fixes in permission handling: admin and delete default to creator.
casties
parents:
16
diff
changeset
|
182 * PUT with JSON content-type. Modifies an Annotation. |
3 | 183 * |
184 * @param entity | |
185 * @return | |
186 */ | |
187 @Put("json") | |
188 public Representation doPutJSON(Representation entity) { | |
189 logger.debug("AnnotatorAnnotations doPutJSON!"); | |
190 setCorsHeaders(); | |
191 // id from URI /annotations/{id} | |
192 String jsonId = (String) getRequest().getAttributes().get("id"); | |
193 String id = decodeJsonId(jsonId); | |
194 logger.debug("annotation-id=" + id); | |
195 | |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
196 // do authentication |
15 | 197 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
198 logger.debug("request authenticated=" + authUser); |
3 | 199 |
200 Annotation annot = null; | |
4 | 201 AnnotationStore store = getAnnotationStore(); |
3 | 202 try { |
203 JsonRepresentation jrep = new JsonRepresentation(entity); | |
204 JSONObject jo = jrep.getJsonObject(); | |
205 if (jo == null) { | |
206 setStatus(Status.CLIENT_ERROR_BAD_REQUEST); | |
207 return null; | |
208 } | |
209 // get stored Annotation | |
4 | 210 Annotation storedAnnot = store.getAnnotationById(id); |
211 if (storedAnnot == null) { | |
3 | 212 setStatus(Status.CLIENT_ERROR_NOT_FOUND); |
213 return null; | |
214 } | |
61 | 215 if (!storedAnnot.isActionAllowed("update", authUser, store)) { |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
216 setStatus(Status.CLIENT_ERROR_FORBIDDEN); |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
217 return null; |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
218 } |
3 | 219 // update from posted JSON |
220 annot = updateAnnotation(storedAnnot, jo, entity); | |
221 // store Annotation | |
4 | 222 storedAnnot = store.storeAnnotation(annot); |
223 /* | |
224 * according to https://github.com/okfn/annotator/wiki/Storage we | |
225 * should return 303: see other. but the client doesn't like it | |
226 * setStatus(Status.REDIRECTION_SEE_OTHER); // go to same URL as | |
227 * this one Reference thisUrl = this.getReference(); | |
228 * this.getResponse().setLocationRef(thisUrl); | |
229 */ | |
3 | 230 // return new annotation |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
231 jo = createAnnotatorJson(storedAnnot, (authUser == null)); |
3 | 232 JsonRepresentation retRep = new JsonRepresentation(jo); |
233 return retRep; | |
234 } catch (JSONException e) { | |
63
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
235 logger.error("Error in doPutJSON", e); |
3 | 236 setStatus(Status.CLIENT_ERROR_BAD_REQUEST); |
237 } catch (IOException e) { | |
63
9f8c9611848a
fixed bug with new rectangle shapes. added limit, offset and sortBy parameters to annotator/ and annotator/search.
casties
parents:
61
diff
changeset
|
238 logger.error("Error in doPutJSON", e); |
3 | 239 setStatus(Status.SERVER_ERROR_INTERNAL, "Other Error"); |
240 } | |
241 return null; | |
242 } | |
243 | |
244 /** | |
20
715aa11d138b
fixes in permission handling: admin and delete default to creator.
casties
parents:
16
diff
changeset
|
245 * DELETE with JSON content-type. Deletes an Annotation. |
3 | 246 * |
247 * @param entity | |
248 * @return | |
249 */ | |
250 @Delete("json") | |
251 public Representation doDeleteJSON(Representation entity) { | |
252 logger.debug("AnnotatorAnnotations doDeleteJSON!"); | |
253 setCorsHeaders(); | |
254 // id from URI /annotations/{id} | |
255 String jsonId = (String) getRequest().getAttributes().get("id"); | |
256 String id = decodeJsonId(jsonId); | |
257 logger.debug("annotation-id=" + id); | |
258 | |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
259 // do authentication |
15 | 260 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
261 logger.debug("request authenticated=" + authUser); |
16 | 262 AnnotationStore store = getAnnotationStore(); |
263 Annotation annot = store.getAnnotationById(id); | |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
264 if (annot != null) { |
61 | 265 if (!annot.isActionAllowed("delete", authUser, store)) { |
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
266 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!"); |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
267 return null; |
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
268 } |
3 | 269 } |
4 | 270 // delete annotation |
32
0731c4549065
UI for editing groups and persons works now. (still no authorisation!)
casties
parents:
22
diff
changeset
|
271 store.deleteAnnotationById(id); |
4 | 272 setStatus(Status.SUCCESS_NO_CONTENT); |
3 | 273 return null; |
274 } | |
275 | |
276 } |