Changeset 20:715aa11d138b in AnnotationManagerN4J for src/main/java/de/mpiwg/itgroup/annotations/Annotation.java
Legend:
- Unmodified
- Added
- Removed
-
src/main/java/de/mpiwg/itgroup/annotations/Annotation.java
r16 r20 4 4 package de.mpiwg.itgroup.annotations; 5 5 6 import java.util.List;7 6 import java.util.Set; 8 7 … … 92 91 93 92 /** 94 * Returns if the requested action is allowed on this annotation.93 * Returns if the requested action is allowed for the given user on this annotation. 95 94 * 96 95 * @param action … … 103 102 Actor reader = getReadPermission(); 104 103 if (reader == null) { 104 // if not specified then everybody is allowed 105 105 return true; 106 106 } else { … … 112 112 Actor updater = getUpdatePermission(); 113 113 if (updater == null) { 114 // if not specified then everybody is allowed 114 115 return true; 115 116 } else { … … 119 120 // require at least an authenticated user 120 121 if (user == null) return false; 121 Actor updater = getUpdatePermission(); 122 if (updater == null) { 123 return true; 124 } else { 125 return updater.isEquivalentWith(user, store); 122 Actor deleter = getDeletePermission(); 123 if (deleter == null) { 124 // if not specified then only creator is allowed 125 deleter = creator; 126 126 } 127 return deleter.isEquivalentWith(user, store); 127 128 } else if (action.equals("admin")) { 128 129 // require at least an authenticated user … … 130 131 Actor admin = getAdminPermission(); 131 132 if (admin == null) { 132 return true; 133 } else { 134 return admin.isEquivalentWith(user, store); 133 // if not specified then only creator is allowed 134 admin = creator; 135 135 } 136 return admin.isEquivalentWith(user, store); 136 137 } 137 138 return false; … … 274 275 */ 275 276 public Actor getAdminPermission() { 276 return adminPermission; 277 if (adminPermission != null) { 278 return adminPermission; 279 } else { 280 // if not specified then only creator is allowed 281 return this.creator; 282 } 277 283 } 278 284 … … 288 294 */ 289 295 public Actor getDeletePermission() { 290 return deletePermission; 296 if (deletePermission != null) { 297 return deletePermission; 298 } else { 299 // if not specified then only creator is allowed 300 return this.creator; 301 } 291 302 } 292 303
Note: See TracChangeset
for help on using the changeset viewer.