Ignore:
Timestamp:
Aug 28, 2012, 6:23:12 PM (12 years ago)
Author:
casties
Branch:
default
Message:

ASSIGNED - # 249: Annotations shared in groups
https://it-dev.mpiwg-berlin.mpg.de/tracs/mpdl-project-software/ticket/249

File:
1 edited

Legend:

Unmodified
Added
Removed

  • src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotations.java

    r14 r15  
    77import java.io.IOException;
    88
    9 import org.json.JSONArray;
    109import org.json.JSONException;
    1110import org.json.JSONObject;
     
    1918
    2019import de.mpiwg.itgroup.annotations.Annotation;
     20import de.mpiwg.itgroup.annotations.Person;
    2121import de.mpiwg.itgroup.annotations.neo4j.AnnotationStore;
    2222
     
    5252
    5353        // do authentication
    54         String authUser = this.checkAuthToken(entity);
     54        Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
    5555        logger.debug("request authenticated=" + authUser);
    5656
    5757        Annotation annot = getAnnotationStore().getAnnotationById(id);
    5858        if (annot != null) {
    59             if (! annot.isActionAllowed("read", authUser)) {
     59            if (! annot.isActionAllowed("read", authUser, null)) {
    6060                setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!");
    6161                return null;
     
    8484       
    8585        // do authentication TODO: who's allowed to create?
    86         String authUser = this.checkAuthToken(entity);
     86        Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
    8787        logger.debug("request authenticated=" + authUser);
    8888        if (authUser == null) {
     
    142142
    143143        // do authentication
    144         String authUser = this.checkAuthToken(entity);
     144        Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
    145145        logger.debug("request authenticated=" + authUser);
    146146
     
    160160                return null;
    161161            }
    162             if (! storedAnnot.isActionAllowed("update", authUser)) {
     162            if (! storedAnnot.isActionAllowed("update", authUser, null)) {
    163163                setStatus(Status.CLIENT_ERROR_FORBIDDEN);
    164164                return null;
     
    205205
    206206        // do authentication
    207         String authUser = this.checkAuthToken(entity);
     207        Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
    208208        logger.debug("request authenticated=" + authUser);
    209209        Annotation annot = getAnnotationStore().getAnnotationById(id);
    210210        if (annot != null) {
    211             if (! annot.isActionAllowed("delete", authUser)) {
     211            if (! annot.isActionAllowed("delete", authUser, null)) {
    212212                setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!");
    213213                return null;
Note: See TracChangeset for help on using the changeset viewer.