Changeset 37:34b9d044d0bf in AnnotationManagerN4J for src/main/java


Ignore:
Timestamp:
Sep 26, 2012, 12:48:41 PM (12 years ago)
Author:
dwinter
Branch:
default
Message:

authorisation added
js / css aufgeraeumt

Location:
src/main/java/de/mpiwg/itgroup/annotations/restlet
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotations.java

    r34 r37  
    5656        logger.debug("annotation-id=" + id);
    5757
     58       
     59        // do authentication
     60        Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
     61        logger.debug("request authenticated=" + authUser);
     62
    5863        if (id == null) {
    5964           
    60             return getAllAnnotations();
    61         }
    62 
    63         // do authentication
    64         Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
    65         logger.debug("request authenticated=" + authUser);
    66 
     65            return getAllAnnotations(authUser);
     66        }
     67
     68     
    6769        AnnotationStore store = getAnnotationStore();
    6870        Annotation annot = store.getAnnotationById(id);
     
    8385    }
    8486
    85     private Representation getAllAnnotations() {
     87    private Representation getAllAnnotations(Person authUser) {
    8688       
    8789         Form form = getRequest().getResourceRef().getQueryAsForm();
     
    98100        List<Annotation> annotations = store.getAnnotations(null, null);
    99101        for (Annotation annotation : annotations) {
    100                
     102                 //check permission
     103                         if (!annotation.isActionAllowed("read", authUser, store)) continue;
     104     
    101105                 JSONObject jo = createAnnotatorJson(annotation,false);
    102106             results.add(jo);

  • src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotationsByTags.java

    r31 r37  
    1818import de.mpiwg.itgroup.annotations.Annotation;
    1919import de.mpiwg.itgroup.annotations.NS;
     20import de.mpiwg.itgroup.annotations.Person;
    2021import de.mpiwg.itgroup.annotations.Tag;
    2122import de.mpiwg.itgroup.annotations.neo4j.AnnotationStore;
     
    3839        setCorsHeaders();
    3940       
     41        // do authentication
     42        Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
     43        logger.debug("request authenticated=" + authUser);
     44
     45       
    4046        String jsonId = (String) getRequest().getAttributes().get("id");
    4147       
     
    6066       
    6167                for (Annotation annot : annotations) {
    62             JSONObject jo = createAnnotatorJson(annot,false);
     68                        //check permission
     69                        if (!annot.isActionAllowed("read", authUser, store)) continue;
     70           
     71                        JSONObject jo = createAnnotatorJson(annot,false);
    6372            results.add(jo);
    6473        }
Note: See TracChangeset for help on using the changeset viewer.