Mercurial > hg > AnnotationManagerN4J

comparison src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotations.java @ 41:5d4260344db5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Merge with 21c5394ea0cbb6738016a3c7d03b5ce7943d6216
author casties
date Wed, 26 Sep 2012 14:59:00 +0200
parents 03e0f7574224 34b9d044d0bf
children b8ef15c8c4a5
comparison
equal deleted inserted replaced
40:03e0f7574224 41:5d4260344db5
52 // id from URI /annotations/{id} 52 // id from URI /annotations/{id}
53 String jsonId = (String) getRequest().getAttributes().get("id"); 53 String jsonId = (String) getRequest().getAttributes().get("id");
54 String id = decodeJsonId(jsonId); 54 String id = decodeJsonId(jsonId);
55 logger.debug("annotation-id=" + id); 55 logger.debug("annotation-id=" + id);
56 56
57
58 // do authentication
59 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
60 logger.debug("request authenticated=" + authUser);
61
57 if (id == null) { 62 if (id == null) {
58 63
59 return getAllAnnotations(); 64 return getAllAnnotations(authUser);
60 } 65 }
61 66
62 // do authentication 67
63 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
64 logger.debug("request authenticated=" + authUser);
65
66 AnnotationStore store = getAnnotationStore(); 68 AnnotationStore store = getAnnotationStore();
67 Annotation annot = store.getAnnotationById(id); 69 Annotation annot = store.getAnnotationById(id);
68 if (annot != null) { 70 if (annot != null) {
69 if (! annot.isActionAllowed("read", authUser, store)) { 71 if (! annot.isActionAllowed("read", authUser, store)) {
70 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!"); 72 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!");
79 setStatus(Status.CLIENT_ERROR_NOT_FOUND); 81 setStatus(Status.CLIENT_ERROR_NOT_FOUND);
80 return null; 82 return null;
81 } 83 }
82 } 84 }
83 85
84 private Representation getAllAnnotations() { 86 private Representation getAllAnnotations(Person authUser) {
85 87
86 Form form = getRequest().getResourceRef().getQueryAsForm(); 88 Form form = getRequest().getResourceRef().getQueryAsForm();
87 String sortBy=null; 89 String sortBy=null;
88 for (Parameter parameter : form) { 90 for (Parameter parameter : form) {
89 if (parameter.getName().equals("sortBy")){ 91 if (parameter.getName().equals("sortBy")){
94 AnnotationStore store = getAnnotationStore(); 96 AnnotationStore store = getAnnotationStore();
95 ArrayList<JSONObject> results = new ArrayList<JSONObject>(); 97 ArrayList<JSONObject> results = new ArrayList<JSONObject>();
96 98
97 List<Annotation> annotations = store.getAnnotations(null, null); 99 List<Annotation> annotations = store.getAnnotations(null, null);
98 for (Annotation annotation : annotations) { 100 for (Annotation annotation : annotations) {
99 101 //check permission
102 if (!annotation.isActionAllowed("read", authUser, store)) continue;
103
100 JSONObject jo = createAnnotatorJson(annotation,false); 104 JSONObject jo = createAnnotatorJson(annotation,false);
101 results.add(jo); 105 results.add(jo);
102 106
103 } 107 }
104 108