Changeset 105:7417f5915181 in AnnotationManagerN4J for src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java
Legend:
- Unmodified
- Added
- Removed
-
src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java
r102 r105 57 57 import de.mpiwg.itgroup.annotations.Actor; 58 58 import de.mpiwg.itgroup.annotations.Annotation; 59 import de.mpiwg.itgroup.annotations.Annotation.Action; 59 60 import de.mpiwg.itgroup.annotations.Annotation.FragmentTypes; 60 61 import de.mpiwg.itgroup.annotations.Group; … … 680 681 * permissions 681 682 */ 682 if (jo.has("permissions")) { 683 JSONObject permissions = jo.getJSONObject("permissions"); 684 if (permissions.has("admin")) { 685 JSONArray perms = permissions.getJSONArray("admin"); 686 Actor actor = getActorFromPermissions(perms); 687 annot.setAdminPermission(actor); 688 } 689 if (permissions.has("delete")) { 690 JSONArray perms = permissions.getJSONArray("delete"); 691 Actor actor = getActorFromPermissions(perms); 692 annot.setDeletePermission(actor); 693 } 694 if (permissions.has("update")) { 695 JSONArray perms = permissions.getJSONArray("update"); 696 Actor actor = getActorFromPermissions(perms); 697 annot.setUpdatePermission(actor); 698 } 699 if (permissions.has("read")) { 700 JSONArray perms = permissions.getJSONArray("read"); 701 Actor actor = getActorFromPermissions(perms); 702 annot.setReadPermission(actor); 703 } 704 } 683 if (jo.has("permissions")) { 684 // change permissions only if user has admin permission 685 if (annot.isActionAllowed(Action.admin, authUser, getAnnotationStore())) { 686 JSONObject permissions = jo.getJSONObject("permissions"); 687 if (permissions.has("admin")) { 688 JSONArray perms = permissions.getJSONArray("admin"); 689 Actor actor = getActorFromPermissions(perms); 690 annot.setAdminPermission(actor); 691 } 692 if (permissions.has("delete")) { 693 JSONArray perms = permissions.getJSONArray("delete"); 694 Actor actor = getActorFromPermissions(perms); 695 annot.setDeletePermission(actor); 696 } 697 if (permissions.has("update")) { 698 JSONArray perms = permissions.getJSONArray("update"); 699 Actor actor = getActorFromPermissions(perms); 700 annot.setUpdatePermission(actor); 701 } 702 if (permissions.has("read")) { 703 JSONArray perms = permissions.getJSONArray("read"); 704 Actor actor = getActorFromPermissions(perms); 705 annot.setReadPermission(actor); 706 } 707 } 708 } 705 709 706 710 /*
Note: See TracChangeset
for help on using the changeset viewer.