Mercurial > hg > AnnotationManagerN4J

diff src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java @ 57:4efb21cf0ce0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
new non-authorized mode without tokens. enabled by default. configured with annotationmanager.authorization=false property.
author casties
date Tue, 20 Nov 2012 17:56:35 +0100
parents a52c597075dc
children f5c0e6df7e88
line wrap: on
line diff
--- a/src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java	Tue Nov 20 16:54:03 2012 +0100
+++ b/src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java	Tue Nov 20 17:56:35 2012 +0100
@@ -132,8 +132,8 @@
     }
 
     /**
-     * checks Annotator Auth plugin authentication information from headers.
-     * returns userId if successful.
+     * Checks Annotator Auth plugin authentication information from headers.
+     * Returns userId if successful. Returns "anonymous" in non-authorization mode.
      * 
      * @param entity
      * @return
@@ -141,7 +141,12 @@
     public String checkAuthToken(Representation entity) {
         Form requestHeaders = (Form) getRequest().getAttributes().get("org.restlet.http.headers");
         String authToken = requestHeaders.getFirstValue("x-annotator-auth-token", true);
-        if (authToken == null) return null;
+        if (authToken == null) {
+            if (!((BaseRestlet) getApplication()).isAuthorizationMode()) {
+                return "anonymous";
+            }
+            return null;
+        }
         // decode token first to get consumer key
         JsonToken token = new JsonTokenParser(null, null).deserialize(authToken);
         String userId = token.getParamAsPrimitive("userId").getAsString();