Mercurial > hg > AnnotationManagerN4J
comparison src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotations.java @ 16:794077e6288c
CLOSED - # 252: Tags for Annotations
https://it-dev.mpiwg-berlin.mpg.de/tracs/mpdl-project-software/ticket/252
author | casties |
---|---|
date | Tue, 04 Sep 2012 20:02:59 +0200 |
parents | 58357a4b86de |
children | 715aa11d138b |
comparison
equal
deleted
inserted
replaced
15:58357a4b86de | 16:794077e6288c |
---|---|
52 | 52 |
53 // do authentication | 53 // do authentication |
54 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); | 54 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); |
55 logger.debug("request authenticated=" + authUser); | 55 logger.debug("request authenticated=" + authUser); |
56 | 56 |
57 Annotation annot = getAnnotationStore().getAnnotationById(id); | 57 AnnotationStore store = getAnnotationStore(); |
58 Annotation annot = store.getAnnotationById(id); | |
58 if (annot != null) { | 59 if (annot != null) { |
59 if (! annot.isActionAllowed("read", authUser, null)) { | 60 if (! annot.isActionAllowed("read", authUser, store)) { |
60 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!"); | 61 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!"); |
61 return null; | 62 return null; |
62 } | 63 } |
63 JSONObject result = createAnnotatorJson(annot, (authUser == null)); | 64 JSONObject result = createAnnotatorJson(annot, (authUser == null)); |
64 logger.debug("sending:"); | 65 logger.debug("sending:"); |
157 Annotation storedAnnot = store.getAnnotationById(id); | 158 Annotation storedAnnot = store.getAnnotationById(id); |
158 if (storedAnnot == null) { | 159 if (storedAnnot == null) { |
159 setStatus(Status.CLIENT_ERROR_NOT_FOUND); | 160 setStatus(Status.CLIENT_ERROR_NOT_FOUND); |
160 return null; | 161 return null; |
161 } | 162 } |
162 if (! storedAnnot.isActionAllowed("update", authUser, null)) { | 163 if (! storedAnnot.isActionAllowed("update", authUser, store)) { |
163 setStatus(Status.CLIENT_ERROR_FORBIDDEN); | 164 setStatus(Status.CLIENT_ERROR_FORBIDDEN); |
164 return null; | 165 return null; |
165 } | 166 } |
166 // update from posted JSON | 167 // update from posted JSON |
167 annot = updateAnnotation(storedAnnot, jo, entity); | 168 annot = updateAnnotation(storedAnnot, jo, entity); |
204 logger.debug("annotation-id=" + id); | 205 logger.debug("annotation-id=" + id); |
205 | 206 |
206 // do authentication | 207 // do authentication |
207 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); | 208 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); |
208 logger.debug("request authenticated=" + authUser); | 209 logger.debug("request authenticated=" + authUser); |
209 Annotation annot = getAnnotationStore().getAnnotationById(id); | 210 AnnotationStore store = getAnnotationStore(); |
211 Annotation annot = store.getAnnotationById(id); | |
210 if (annot != null) { | 212 if (annot != null) { |
211 if (! annot.isActionAllowed("delete", authUser, null)) { | 213 if (! annot.isActionAllowed("delete", authUser, store)) { |
212 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!"); | 214 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!"); |
213 return null; | 215 return null; |
214 } | 216 } |
215 } | 217 } |
216 | 218 |
217 // delete annotation | 219 // delete annotation |
218 getAnnotationStore().deleteById(id); | 220 store.deleteById(id); |
219 setStatus(Status.SUCCESS_NO_CONTENT); | 221 setStatus(Status.SUCCESS_NO_CONTENT); |
220 return null; | 222 return null; |
221 } | 223 } |
222 | 224 |
223 } | 225 } |