Changeset 37:34b9d044d0bf in AnnotationManagerN4J for src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotationsByTags.java

Timestamp:

Sep 26, 2012, 12:48:41 PM (12 years ago)

Author:

dwinter

Branch:

default

Message:

authorisation added
js / css aufgeraeumt

File:

• src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotationsByTags.java (modified) (3 diffs)

src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotationsByTags.java

@@ -18 +18 @@
 import de.mpiwg.itgroup.annotations.Annotation;
 import de.mpiwg.itgroup.annotations.NS;
+import de.mpiwg.itgroup.annotations.Person;
 import de.mpiwg.itgroup.annotations.Tag;
 import de.mpiwg.itgroup.annotations.neo4j.AnnotationStore;
@@ -38 +39 @@
         setCorsHeaders();
        
+        // do authentication
+        Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
+        logger.debug("request authenticated=" + authUser);
+
+        
         String jsonId = (String) getRequest().getAttributes().get("id");
         
@@ -60 +66 @@
         
                 for (Annotation annot : annotations) {
-            JSONObject jo = createAnnotatorJson(annot,false);
+                        //check permission
+                        if (!annot.isActionAllowed("read", authUser, store)) continue;
+            
+                        JSONObject jo = createAnnotatorJson(annot,false);
             results.add(jo);
         }