Changeset 15:58357a4b86de in AnnotationManagerN4J for src/main/java/de/mpiwg/itgroup/annotations/restlet
- Timestamp:
- Aug 28, 2012, 6:23:12 PM (12 years ago)
- Branch:
- default
- Location:
- src/main/java/de/mpiwg/itgroup/annotations/restlet
- Files:
-
- 1 added
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotations.java
r14 r15 7 7 import java.io.IOException; 8 8 9 import org.json.JSONArray;10 9 import org.json.JSONException; 11 10 import org.json.JSONObject; … … 19 18 20 19 import de.mpiwg.itgroup.annotations.Annotation; 20 import de.mpiwg.itgroup.annotations.Person; 21 21 import de.mpiwg.itgroup.annotations.neo4j.AnnotationStore; 22 22 … … 52 52 53 53 // do authentication 54 String authUser = this.checkAuthToken(entity);54 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); 55 55 logger.debug("request authenticated=" + authUser); 56 56 57 57 Annotation annot = getAnnotationStore().getAnnotationById(id); 58 58 if (annot != null) { 59 if (! annot.isActionAllowed("read", authUser )) {59 if (! annot.isActionAllowed("read", authUser, null)) { 60 60 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!"); 61 61 return null; … … 84 84 85 85 // do authentication TODO: who's allowed to create? 86 String authUser = this.checkAuthToken(entity);86 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); 87 87 logger.debug("request authenticated=" + authUser); 88 88 if (authUser == null) { … … 142 142 143 143 // do authentication 144 String authUser = this.checkAuthToken(entity);144 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); 145 145 logger.debug("request authenticated=" + authUser); 146 146 … … 160 160 return null; 161 161 } 162 if (! storedAnnot.isActionAllowed("update", authUser )) {162 if (! storedAnnot.isActionAllowed("update", authUser, null)) { 163 163 setStatus(Status.CLIENT_ERROR_FORBIDDEN); 164 164 return null; … … 205 205 206 206 // do authentication 207 String authUser = this.checkAuthToken(entity);207 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); 208 208 logger.debug("request authenticated=" + authUser); 209 209 Annotation annot = getAnnotationStore().getAnnotationById(id); 210 210 if (annot != null) { 211 if (! annot.isActionAllowed("delete", authUser )) {211 if (! annot.isActionAllowed("delete", authUser, null)) { 212 212 setStatus(Status.CLIENT_ERROR_FORBIDDEN, "Not Authorized!"); 213 213 return null; -
src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java
r14 r15 533 533 } 534 534 535 @SuppressWarnings("unused") 535 @SuppressWarnings("unused") // i in for loop 536 536 protected Actor getActorFromPermissions(JSONArray perms) throws JSONException { 537 537 Actor actor = null; -
src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorSearch.java
r14 r15 16 16 17 17 import de.mpiwg.itgroup.annotations.Annotation; 18 import de.mpiwg.itgroup.annotations.Person; 19 import de.mpiwg.itgroup.annotations.neo4j.AnnotationStore; 18 20 19 21 /** … … 42 44 setCorsHeaders(); 43 45 // do authentication 44 String authUser = this.checkAuthToken(entity);46 Person authUser = Person.createPersonWithId(this.checkAuthToken(entity)); 45 47 logger.debug("request authenticated=" + authUser); 46 48 … … 54 56 // do search 55 57 logger.debug(String.format("searching for uri=%s user=%s", uri, user)); 56 List<Annotation> annots = getAnnotationStore().searchByUriUser(uri, user, limit, offset); 58 AnnotationStore store = getAnnotationStore(); 59 List<Annotation> annots = store.searchByUriUser(uri, user, limit, offset); 57 60 for (Annotation annot : annots) { 58 61 // check permission 59 if (!annot.isActionAllowed("read", authUser )) continue;62 if (!annot.isActionAllowed("read", authUser, store)) continue; 60 63 JSONObject jo = createAnnotatorJson(annot, (authUser == null)); 61 64 if (jo != null) { -
src/main/java/de/mpiwg/itgroup/annotations/restlet/RestServer.java
r6 r15 166 166 router.attach("/annotator/annotations/{id}", AnnotatorAnnotations.class); 167 167 router.attach("/annotator/search", AnnotatorSearch.class); 168 router.attach("/annotator/groups", AnnotatorGroups.class); 168 169 169 170 // router.attach("",redirector); router.attach("/annotator",
Note: See TracChangeset
for help on using the changeset viewer.