Mercurial > hg > AnnotationManagerN4J
annotate src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotations.java @ 61:b8ef15c8c4a5
implemented new shape format for image annotations.
minor cleanups.
| author | casties |
|---|---|
| date | Thu, 22 Nov 2012 17:38:53 +0100 |
| parents | 5d4260344db5 |
| children | 9f8c9611848a |
| rev | line source |
|---|---|
| 3 | 1 /** |
| 2 * Implements the "annotations" uri of the Annotator API. see | |
| 3 * <https://github.com/okfn/annotator/wiki/Storage> | |
| 4 */ | |
| 5 package de.mpiwg.itgroup.annotations.restlet; | |
| 6 | |
| 7 import java.io.IOException; | |
| 31 | 8 import java.util.ArrayList; |
| 9 import java.util.List; | |
| 3 | 10 |
| 31 | 11 import org.json.JSONArray; |
| 3 | 12 import org.json.JSONException; |
| 13 import org.json.JSONObject; | |
| 31 | 14 import org.restlet.data.Form; |
| 15 import org.restlet.data.Parameter; | |
| 3 | 16 import org.restlet.data.Status; |
| 17 import org.restlet.ext.json.JsonRepresentation; | |
| 18 import org.restlet.representation.Representation; | |
| 19 import org.restlet.resource.Delete; | |
| 20 import org.restlet.resource.Get; | |
| 21 import org.restlet.resource.Post; | |
| 22 import org.restlet.resource.Put; | |
| 23 | |
| 4 | 24 import de.mpiwg.itgroup.annotations.Annotation; |
| 15 | 25 import de.mpiwg.itgroup.annotations.Person; |
| 4 | 26 import de.mpiwg.itgroup.annotations.neo4j.AnnotationStore; |
| 31 | 27 import de.mpiwg.itgroup.annotations.restlet.utils.JSONObjectComparator; |
| 3 | 28 |
| 29 /** | |
| 4 | 30 * Implements the "annotations" uri of the Annotator API. see |
| 31 * <https://github.com/okfn/annotator/wiki/Storage> | |
| 3 | 32 * |
| 33 * @author dwinter, casties | |
| 34 * | |
| 35 */ | |
| 36 public class AnnotatorAnnotations extends AnnotatorResourceImpl { | |
| 37 | |
| 38 protected String getAllowedMethodsForHeader() { | |
| 39 return "OPTIONS,GET,POST,PUT,DELETE"; | |
| 40 } | |
| 41 | |
| 42 /** | |
| 43 * GET with JSON content-type. | |
| 44 * | |
| 45 * @param entity | |
| 46 * @return | |
| 47 */ | |
| 48 @Get("json") | |
| 49 public Representation doGetJSON(Representation entity) { | |
| 50 logger.debug("AnnotatorAnnotations doGetJSON!"); | |
| 51 setCorsHeaders(); | |
| 52 // id from URI /annotations/{id} | |
| 53 String jsonId = (String) getRequest().getAttributes().get("id"); | |
| 54 String id = decodeJsonId(jsonId); | |
| 55 logger.debug("annotation-id=" + id); | |
| 56 | |
|
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
57 // do authentication |
| 15 | 58 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); |
|
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
59 logger.debug("request authenticated=" + authUser); |
| 3 | 60 |
| 37 | 61 if (id == null) { |
| 62 return getAllAnnotations(authUser); | |
| 63 } | |
| 64 | |
| 16 | 65 AnnotationStore store = getAnnotationStore(); |
| 66 Annotation annot = store.getAnnotationById(id); | |
|
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
67 if (annot != null) { |
| 61 | 68 if (!annot.isActionAllowed("read", authUser, store)) { |
|
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
69 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!"); |
|
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
70 return null; |
|
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
71 } |
|
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
72 JSONObject result = createAnnotatorJson(annot, (authUser == null)); |
| 4 | 73 logger.debug("sending:"); |
| 74 logger.debug(result); | |
| 75 return new JsonRepresentation(result); | |
| 76 } else { | |
|
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
77 // not found |
|
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
78 setStatus(Status.CLIENT_ERROR_NOT_FOUND); |
|
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
79 return null; |
| 3 | 80 } |
| 81 } | |
| 82 | |
| 37 | 83 private Representation getAllAnnotations(Person authUser) { |
| 61 | 84 |
| 85 Form form = getRequest().getResourceRef().getQueryAsForm(); | |
| 86 String sortBy = null; | |
| 87 for (Parameter parameter : form) { | |
| 88 if (parameter.getName().equals("sortBy")) { | |
| 89 sortBy = parameter.getValue(); | |
| 90 } | |
| 91 } | |
| 92 | |
| 31 | 93 AnnotationStore store = getAnnotationStore(); |
| 94 ArrayList<JSONObject> results = new ArrayList<JSONObject>(); | |
| 61 | 95 |
| 96 List<Annotation> annotations = store.getAnnotations(null, null); | |
| 31 | 97 for (Annotation annotation : annotations) { |
| 61 | 98 // check permission |
| 99 if (!annotation.isActionAllowed("read", authUser, store)) continue; | |
| 100 | |
| 101 JSONObject jo = createAnnotatorJson(annotation, false); | |
| 102 results.add(jo); | |
| 103 } | |
| 104 | |
| 105 if (sortBy != null) { | |
| 106 JSONObjectComparator.sortAnnotations(results, sortBy); | |
| 107 } | |
| 108 | |
| 109 JSONArray resultsJa = new JSONArray(); | |
| 110 for (JSONObject result : results) { | |
| 111 resultsJa.put(result); | |
| 112 } | |
| 113 | |
| 31 | 114 // assemble result object |
| 115 JSONObject result = new JSONObject(); | |
| 116 try { | |
| 117 result.put("rows", resultsJa); | |
| 118 result.put("total", resultsJa.length()); | |
| 119 } catch (JSONException e) { | |
| 120 setStatus(Status.SERVER_ERROR_INTERNAL, "JSON Error"); | |
| 121 return null; | |
| 122 } | |
| 123 logger.debug("sending:"); | |
| 124 logger.debug(result); | |
| 125 return new JsonRepresentation(result); | |
| 126 } | |
| 127 | |
| 61 | 128 /** |
|
20
715aa11d138b
fixes in permission handling: admin and delete default to creator.
casties
parents:
16
diff
changeset
|
129 * POST with JSON content-type. Creates a new Annotation. |
| 3 | 130 * |
| 131 * @return | |
| 132 */ | |
| 133 @Post("json") | |
| 134 public Representation doPostJson(Representation entity) { | |
| 135 logger.debug("AnnotatorAnnotations doPostJSON!"); | |
| 136 // set headers | |
| 137 setCorsHeaders(); | |
| 61 | 138 |
| 139 // do authentication TODO: who's allowed to create? | |
| 15 | 140 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); |
|
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
141 logger.debug("request authenticated=" + authUser); |
|
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
142 if (authUser == null) { |
|
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
143 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!"); |
|
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
144 return null; |
|
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
145 } |
|
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
146 |
| 3 | 147 Annotation annot = null; |
| 148 try { | |
| 149 JsonRepresentation jrep = new JsonRepresentation(entity); | |
| 150 JSONObject jo = jrep.getJsonObject(); | |
| 151 if (jo == null) { | |
| 152 setStatus(Status.SERVER_ERROR_INTERNAL); | |
| 153 return null; | |
| 154 } | |
| 155 // make sure id is not set for POST | |
| 156 jo.remove("id"); | |
| 157 // get Annotation object from posted JSON | |
| 158 annot = createAnnotation(jo, entity); | |
| 159 } catch (IOException e1) { | |
| 160 setStatus(Status.SERVER_ERROR_INTERNAL); | |
| 161 return null; | |
| 162 } catch (JSONException e) { | |
| 163 setStatus(Status.CLIENT_ERROR_BAD_REQUEST); | |
| 164 return null; | |
| 165 } | |
| 4 | 166 if (annot == null) { |
| 3 | 167 setStatus(Status.CLIENT_ERROR_BAD_REQUEST); |
| 168 return null; | |
| 169 } | |
| 170 Annotation storedAnnot; | |
| 4 | 171 // store Annotation |
| 172 storedAnnot = getAnnotationStore().storeAnnotation(annot); | |
| 173 /* | |
| 174 * according to https://github.com/okfn/annotator/wiki/Storage we should | |
| 175 * return 303: see other. For now we return the annotation. | |
| 3 | 176 */ |
|
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
177 JSONObject jo = createAnnotatorJson(storedAnnot, (authUser == null)); |
| 3 | 178 JsonRepresentation retRep = new JsonRepresentation(jo); |
| 179 return retRep; | |
| 180 } | |
| 181 | |
| 182 /** | |
|
20
715aa11d138b
fixes in permission handling: admin and delete default to creator.
casties
parents:
16
diff
changeset
|
183 * PUT with JSON content-type. Modifies an Annotation. |
| 3 | 184 * |
| 185 * @param entity | |
| 186 * @return | |
| 187 */ | |
| 188 @Put("json") | |
| 189 public Representation doPutJSON(Representation entity) { | |
| 190 logger.debug("AnnotatorAnnotations doPutJSON!"); | |
| 191 setCorsHeaders(); | |
| 192 // id from URI /annotations/{id} | |
| 193 String jsonId = (String) getRequest().getAttributes().get("id"); | |
| 194 String id = decodeJsonId(jsonId); | |
| 195 logger.debug("annotation-id=" + id); | |
| 196 | |
|
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
197 // do authentication |
| 15 | 198 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); |
|
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
199 logger.debug("request authenticated=" + authUser); |
| 3 | 200 |
| 201 Annotation annot = null; | |
| 4 | 202 AnnotationStore store = getAnnotationStore(); |
| 3 | 203 try { |
| 204 JsonRepresentation jrep = new JsonRepresentation(entity); | |
| 205 JSONObject jo = jrep.getJsonObject(); | |
| 206 if (jo == null) { | |
| 207 setStatus(Status.CLIENT_ERROR_BAD_REQUEST); | |
| 208 return null; | |
| 209 } | |
| 210 // get stored Annotation | |
| 4 | 211 Annotation storedAnnot = store.getAnnotationById(id); |
| 212 if (storedAnnot == null) { | |
| 3 | 213 setStatus(Status.CLIENT_ERROR_NOT_FOUND); |
| 214 return null; | |
| 215 } | |
| 61 | 216 if (!storedAnnot.isActionAllowed("update", authUser, store)) { |
|
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
217 setStatus(Status.CLIENT_ERROR_FORBIDDEN); |
|
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
218 return null; |
|
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
219 } |
| 3 | 220 // update from posted JSON |
| 221 annot = updateAnnotation(storedAnnot, jo, entity); | |
| 222 // store Annotation | |
| 4 | 223 storedAnnot = store.storeAnnotation(annot); |
| 224 /* | |
| 225 * according to https://github.com/okfn/annotator/wiki/Storage we | |
| 226 * should return 303: see other. but the client doesn't like it | |
| 227 * setStatus(Status.REDIRECTION_SEE_OTHER); // go to same URL as | |
| 228 * this one Reference thisUrl = this.getReference(); | |
| 229 * this.getResponse().setLocationRef(thisUrl); | |
| 230 */ | |
| 3 | 231 // return new annotation |
|
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
232 jo = createAnnotatorJson(storedAnnot, (authUser == null)); |
| 3 | 233 JsonRepresentation retRep = new JsonRepresentation(jo); |
| 234 return retRep; | |
| 235 } catch (JSONException e) { | |
| 236 e.printStackTrace(); | |
| 237 setStatus(Status.CLIENT_ERROR_BAD_REQUEST); | |
| 238 } catch (IOException e) { | |
| 239 e.printStackTrace(); | |
| 240 setStatus(Status.SERVER_ERROR_INTERNAL, "Other Error"); | |
| 241 } | |
| 242 return null; | |
| 243 } | |
| 244 | |
| 245 /** | |
|
20
715aa11d138b
fixes in permission handling: admin and delete default to creator.
casties
parents:
16
diff
changeset
|
246 * DELETE with JSON content-type. Deletes an Annotation. |
| 3 | 247 * |
| 248 * @param entity | |
| 249 * @return | |
| 250 */ | |
| 251 @Delete("json") | |
| 252 public Representation doDeleteJSON(Representation entity) { | |
| 253 logger.debug("AnnotatorAnnotations doDeleteJSON!"); | |
| 254 setCorsHeaders(); | |
| 255 // id from URI /annotations/{id} | |
| 256 String jsonId = (String) getRequest().getAttributes().get("id"); | |
| 257 String id = decodeJsonId(jsonId); | |
| 258 logger.debug("annotation-id=" + id); | |
| 259 | |
|
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
260 // do authentication |
| 15 | 261 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); |
|
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
262 logger.debug("request authenticated=" + authUser); |
| 16 | 263 AnnotationStore store = getAnnotationStore(); |
| 264 Annotation annot = store.getAnnotationById(id); | |
|
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
265 if (annot != null) { |
| 61 | 266 if (!annot.isActionAllowed("delete", authUser, store)) { |
|
14
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
267 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!"); |
|
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
268 return null; |
|
629e15b345aa
permissions mostly work. need more server-side checking.
casties
parents:
4
diff
changeset
|
269 } |
| 3 | 270 } |
| 61 | 271 |
| 4 | 272 // delete annotation |
|
32
0731c4549065
UI for editing groups and persons works now. (still no authorisation!)
casties
parents:
22
diff
changeset
|
273 store.deleteAnnotationById(id); |
| 4 | 274 setStatus(Status.SUCCESS_NO_CONTENT); |
| 3 | 275 return null; |
| 276 } | |
| 277 | |
| 278 } |