Mercurial > hg > AnnotationManagerN4J
comparison src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotations.java @ 41:5d4260344db5
Merge with 21c5394ea0cbb6738016a3c7d03b5ce7943d6216
author | casties |
---|---|
date | Wed, 26 Sep 2012 14:59:00 +0200 |
parents | 03e0f7574224 34b9d044d0bf |
children | b8ef15c8c4a5 |
comparison
equal
deleted
inserted
replaced
40:03e0f7574224 | 41:5d4260344db5 |
---|---|
52 // id from URI /annotations/{id} | 52 // id from URI /annotations/{id} |
53 String jsonId = (String) getRequest().getAttributes().get("id"); | 53 String jsonId = (String) getRequest().getAttributes().get("id"); |
54 String id = decodeJsonId(jsonId); | 54 String id = decodeJsonId(jsonId); |
55 logger.debug("annotation-id=" + id); | 55 logger.debug("annotation-id=" + id); |
56 | 56 |
57 | |
58 // do authentication | |
59 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); | |
60 logger.debug("request authenticated=" + authUser); | |
61 | |
57 if (id == null) { | 62 if (id == null) { |
58 | 63 |
59 return getAllAnnotations(); | 64 return getAllAnnotations(authUser); |
60 } | 65 } |
61 | 66 |
62 // do authentication | 67 |
63 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); | |
64 logger.debug("request authenticated=" + authUser); | |
65 | |
66 AnnotationStore store = getAnnotationStore(); | 68 AnnotationStore store = getAnnotationStore(); |
67 Annotation annot = store.getAnnotationById(id); | 69 Annotation annot = store.getAnnotationById(id); |
68 if (annot != null) { | 70 if (annot != null) { |
69 if (! annot.isActionAllowed("read", authUser, store)) { | 71 if (! annot.isActionAllowed("read", authUser, store)) { |
70 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!"); | 72 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!"); |
79 setStatus(Status.CLIENT_ERROR_NOT_FOUND); | 81 setStatus(Status.CLIENT_ERROR_NOT_FOUND); |
80 return null; | 82 return null; |
81 } | 83 } |
82 } | 84 } |
83 | 85 |
84 private Representation getAllAnnotations() { | 86 private Representation getAllAnnotations(Person authUser) { |
85 | 87 |
86 Form form = getRequest().getResourceRef().getQueryAsForm(); | 88 Form form = getRequest().getResourceRef().getQueryAsForm(); |
87 String sortBy=null; | 89 String sortBy=null; |
88 for (Parameter parameter : form) { | 90 for (Parameter parameter : form) { |
89 if (parameter.getName().equals("sortBy")){ | 91 if (parameter.getName().equals("sortBy")){ |
94 AnnotationStore store = getAnnotationStore(); | 96 AnnotationStore store = getAnnotationStore(); |
95 ArrayList<JSONObject> results = new ArrayList<JSONObject>(); | 97 ArrayList<JSONObject> results = new ArrayList<JSONObject>(); |
96 | 98 |
97 List<Annotation> annotations = store.getAnnotations(null, null); | 99 List<Annotation> annotations = store.getAnnotations(null, null); |
98 for (Annotation annotation : annotations) { | 100 for (Annotation annotation : annotations) { |
99 | 101 //check permission |
102 if (!annotation.isActionAllowed("read", authUser, store)) continue; | |
103 | |
100 JSONObject jo = createAnnotatorJson(annotation,false); | 104 JSONObject jo = createAnnotatorJson(annotation,false); |
101 results.add(jo); | 105 results.add(jo); |
102 | 106 |
103 } | 107 } |
104 | 108 |