Mercurial > hg > AnnotationManagerN4J

comparison src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotations.java @ 16:794077e6288c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
CLOSED - # 252: Tags for Annotations https://it-dev.mpiwg-berlin.mpg.de/tracs/mpdl-project-software/ticket/252
author casties
date Tue, 04 Sep 2012 20:02:59 +0200
parents 58357a4b86de
children 715aa11d138b
comparison
equal deleted inserted replaced
15:58357a4b86de 16:794077e6288c
52 52
53 // do authentication 53 // do authentication
54 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); 54 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
55 logger.debug("request authenticated=" + authUser); 55 logger.debug("request authenticated=" + authUser);
56 56
57 Annotation annot = getAnnotationStore().getAnnotationById(id); 57 AnnotationStore store = getAnnotationStore();
58 Annotation annot = store.getAnnotationById(id);
58 if (annot != null) { 59 if (annot != null) {
59 if (! annot.isActionAllowed("read", authUser, null)) { 60 if (! annot.isActionAllowed("read", authUser, store)) {
60 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!"); 61 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!");
61 return null; 62 return null;
62 } 63 }
63 JSONObject result = createAnnotatorJson(annot, (authUser == null)); 64 JSONObject result = createAnnotatorJson(annot, (authUser == null));
64 logger.debug("sending:"); 65 logger.debug("sending:");
157 Annotation storedAnnot = store.getAnnotationById(id); 158 Annotation storedAnnot = store.getAnnotationById(id);
158 if (storedAnnot == null) { 159 if (storedAnnot == null) {
159 setStatus(Status.CLIENT_ERROR_NOT_FOUND); 160 setStatus(Status.CLIENT_ERROR_NOT_FOUND);
160 return null; 161 return null;
161 } 162 }
162 if (! storedAnnot.isActionAllowed("update", authUser, null)) { 163 if (! storedAnnot.isActionAllowed("update", authUser, store)) {
163 setStatus(Status.CLIENT_ERROR_FORBIDDEN); 164 setStatus(Status.CLIENT_ERROR_FORBIDDEN);
164 return null; 165 return null;
165 } 166 }
166 // update from posted JSON 167 // update from posted JSON
167 annot = updateAnnotation(storedAnnot, jo, entity); 168 annot = updateAnnotation(storedAnnot, jo, entity);
204 logger.debug("annotation-id=" + id); 205 logger.debug("annotation-id=" + id);
205 206
206 // do authentication 207 // do authentication
207 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); 208 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
208 logger.debug("request authenticated=" + authUser); 209 logger.debug("request authenticated=" + authUser);
209 Annotation annot = getAnnotationStore().getAnnotationById(id); 210 AnnotationStore store = getAnnotationStore();
211 Annotation annot = store.getAnnotationById(id);
210 if (annot != null) { 212 if (annot != null) {
211 if (! annot.isActionAllowed("delete", authUser, null)) { 213 if (! annot.isActionAllowed("delete", authUser, store)) {
212 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!"); 214 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!");
213 return null; 215 return null;
214 } 216 }
215 } 217 }
216 218
217 // delete annotation 219 // delete annotation
218 getAnnotationStore().deleteById(id); 220 store.deleteById(id);
219 setStatus(Status.SUCCESS_NO_CONTENT); 221 setStatus(Status.SUCCESS_NO_CONTENT);
220 return null; 222 return null;
221 } 223 }
222 224
223 } 225 }