Mercurial > hg > AnnotationManagerN4J

diff src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotations.java @ 16:794077e6288c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
CLOSED - # 252: Tags for Annotations https://it-dev.mpiwg-berlin.mpg.de/tracs/mpdl-project-software/ticket/252
author casties
date Tue, 04 Sep 2012 20:02:59 +0200
parents 58357a4b86de
children 715aa11d138b
line wrap: on
line diff
--- a/src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotations.java	Tue Aug 28 20:23:12 2012 +0200
+++ b/src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotations.java	Tue Sep 04 20:02:59 2012 +0200
@@ -54,9 +54,10 @@
         Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
         logger.debug("request authenticated=" + authUser);
 
-        Annotation annot = getAnnotationStore().getAnnotationById(id);
+        AnnotationStore store = getAnnotationStore();
+        Annotation annot = store.getAnnotationById(id);
         if (annot != null) {
-            if (! annot.isActionAllowed("read", authUser, null)) {
+            if (! annot.isActionAllowed("read", authUser, store)) {
                 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!");
                 return null;
             }
@@ -159,7 +160,7 @@
                 setStatus(Status.CLIENT_ERROR_NOT_FOUND);
                 return null;
             }
-            if (! storedAnnot.isActionAllowed("update", authUser, null)) {
+            if (! storedAnnot.isActionAllowed("update", authUser, store)) {
                 setStatus(Status.CLIENT_ERROR_FORBIDDEN);
                 return null;
             }
@@ -206,16 +207,17 @@
         // do authentication
         Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
         logger.debug("request authenticated=" + authUser);
-        Annotation annot = getAnnotationStore().getAnnotationById(id);
+        AnnotationStore store = getAnnotationStore();
+        Annotation annot = store.getAnnotationById(id);
         if (annot != null) {
-            if (! annot.isActionAllowed("delete", authUser, null)) {
+            if (! annot.isActionAllowed("delete", authUser, store)) {
                 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!");
                 return null;
             }
         }
         
         // delete annotation
-        getAnnotationStore().deleteById(id);
+        store.deleteById(id);
         setStatus(Status.SUCCESS_NO_CONTENT);
         return null;
     }