AnnotationManagerN4J: src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorSearch.java comparison

check admin permission before changing permissions. Enum for typesafe actions.

comparison

equal deleted inserted replaced

-:e953327d66bb
+:7417f5915181
 import org.restlet.ext.json.JsonRepresentation;
 import org.restlet.representation.Representation;
 import org.restlet.resource.Get;
 import de.mpiwg.itgroup.annotations.Annotation;
+import de.mpiwg.itgroup.annotations.Annotation.Action;
 import de.mpiwg.itgroup.annotations.Person;
 import de.mpiwg.itgroup.annotations.neo4j.AnnotationStore;
 import de.mpiwg.itgroup.annotations.restlet.utils.JSONObjectComparator;
 /**
 logger.fine(String.format("searching for uri=%s user=%s", uri, user));
 AnnotationStore store = getAnnotationStore();
 List<Annotation> annots = store.searchAnnotationByUriUser(uri, user);
 for (Annotation annot : annots) {
 // check permission
-if (!annot.isActionAllowed("read", authUser, store)) continue;
+if (!annot.isActionAllowed(Action.read, authUser, store)) continue;
 JSONObject jo = createAnnotatorJson(annot, (authUser == null));
 if (jo != null) {
 results.add(jo);
 } else {
 setStatus(Status.SERVER_ERROR_INTERNAL, "JSON Error");

Mercurial > hg > AnnotationManagerN4J