Mercurial > hg > AnnotationManagerN4J
diff src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java @ 10:90911b2da322
more work on permissions...
| author | casties |
|---|---|
| date | Thu, 12 Jul 2012 17:01:32 +0200 |
| parents | b2bfc3bc9ba8 |
| children | 629e15b345aa |
line wrap: on
line diff
--- a/src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java Thu Jul 12 12:54:46 2012 +0200 +++ b/src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java Thu Jul 12 17:01:32 2012 +0200 @@ -36,6 +36,8 @@ import de.mpiwg.itgroup.annotations.Actor; import de.mpiwg.itgroup.annotations.Annotation; import de.mpiwg.itgroup.annotations.Annotation.FragmentTypes; +import de.mpiwg.itgroup.annotations.Group; +import de.mpiwg.itgroup.annotations.Person; import de.mpiwg.itgroup.annotations.neo4j.AnnotationStore; import de.mpiwg.itgroup.annotations.old.NS; @@ -188,18 +190,15 @@ if (makeUserObject) { // create user object JSONObject userObject = new JSONObject(); + Actor creator = annot.getCreator(); // save creator as uri - userObject.put("uri", annot.getCreatorUri()); + userObject.put("uri", creator.getUri()); // make short user id - String userId = annot.getCreatorUri(); - // remove namespace from user uri to get id - if (userId != null && userId.startsWith(NS.MPIWG_PERSONS_URL)) { - userId = userId.replace(NS.MPIWG_PERSONS_URL, ""); - } + String userId = creator.getIdString(); // set as id userObject.put("id", userId); // get full name - String userName = annot.getCreatorName(); + String userName = creator.getName(); if (userName == null) { RestServer restServer = (RestServer) getApplication(); userName = restServer.getFullNameFromLdap(userId); @@ -223,6 +222,39 @@ jo.put("areas", transformToAreas(fragments)); } } + + // permissions + JSONObject perms = new JSONObject(); + jo.put("permissions", perms); + // admin + JSONArray adminPerms = new JSONArray(); + perms.put("admin", adminPerms); + Actor adminPerm = annot.getAdminPermission(); + if (adminPerm != null) { + adminPerms.put(adminPerm.getIdString()); + } + // delete + JSONArray deletePerms = new JSONArray(); + perms.put("delete", deletePerms); + Actor deletePerm = annot.getDeletePermission(); + if (deletePerm != null) { + deletePerms.put(deletePerm.getIdString()); + } + // update + JSONArray updatePerms = new JSONArray(); + perms.put("update", updatePerms); + Actor updatePerm = annot.getUpdatePermission(); + if (updatePerm != null) { + updatePerms.put(updatePerm.getIdString()); + } + // read + JSONArray readPerms = new JSONArray(); + perms.put("read", readPerms); + Actor readPerm = annot.getReadPermission(); + if (readPerm != null) { + readPerms.put(readPerm.getIdString()); + } + // encode Annotation URL (=id) in base64 String annotUrl = annot.getUri(); String annotId = encodeJsonId(annotUrl); @@ -245,7 +277,7 @@ try { for (String xpointer : xpointers) { - //String decoded = URLDecoder.decode(xpointer, "utf-8"); + // String decoded = URLDecoder.decode(xpointer, "utf-8"); String decoded = xpointer; Matcher m = rg.matcher(decoded); @@ -283,13 +315,14 @@ try { for (String xpointer : xpointers) { - //String decoded = URLDecoder.decode(xpointer, "utf-8"); + // String decoded = URLDecoder.decode(xpointer, "utf-8"); String decoded = xpointer; Matcher m = rg.matcher(decoded); if (m.find()) { { JSONObject jo = new JSONObject(); + @SuppressWarnings("unused") String unit = m.group(1); jo.put("x", m.group(2)); jo.put("y", m.group(3)); @@ -392,22 +425,25 @@ // get or create creator object Actor creator = annot.getCreator(); if (creator == null) { - creator = new Actor(false, null, null); + creator = new Person(); annot.setCreator(creator); } // username not required, if no username given authuser will be used String username = null; - String userUri = annot.getCreatorUri(); + String userUri = creator.getUri(); if (jo.has("user")) { if (jo.get("user") instanceof String) { // user is just a String username = jo.getString("user"); + creator.setId(username); // TODO: what if username and authUser are different? } else { // user is an object JSONObject user = jo.getJSONObject("user"); if (user.has("id")) { - username = user.getString("id"); + String id = user.getString("id"); + creator.setId(id); + username = id; } if (user.has("uri")) { userUri = user.getString("uri"); @@ -435,7 +471,7 @@ if (creator.getUri() == null) { creator.setUri(userUri); } - + if (annot.getCreated() == null) { // set creation date SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'"); @@ -456,7 +492,50 @@ String fragment = parseArea(area); annot.setTargetFragment(fragment); } + + // permissions + if (jo.has("permissions")) { + JSONObject permissions = jo.getJSONObject("permissions"); + if (permissions.has("admin")) { + JSONArray perms = permissions.getJSONArray("admin"); + Actor actor = getActorFromPermissions(perms); + annot.setAdminPermission(actor); + } + if (permissions.has("delete")) { + JSONArray perms = permissions.getJSONArray("delete"); + Actor actor = getActorFromPermissions(perms); + annot.setDeletePermission(actor); + } + if (permissions.has("update")) { + JSONArray perms = permissions.getJSONArray("update"); + Actor actor = getActorFromPermissions(perms); + annot.setUpdatePermission(actor); + } + if (permissions.has("read")) { + JSONArray perms = permissions.getJSONArray("read"); + Actor actor = getActorFromPermissions(perms); + annot.setReadPermission(actor); + } + } + return annot; } + @SuppressWarnings("unused") + protected Actor getActorFromPermissions(JSONArray perms) throws JSONException { + Actor actor = null; + for (int i = 0; i < perms.length(); ++i) { + String perm = perms.getString(i); + if (perm.toLowerCase().startsWith("group:")) { + String groupId = perm.substring(6); + actor = new Group(groupId); + } else { + actor = new Person(perm); + } + // we just take the first one + break; + } + return actor; + } + }