Changeset 20:715aa11d138b in AnnotationManagerN4J for src


Ignore:
Timestamp:
Sep 7, 2012, 4:09:49 PM (12 years ago)
Author:
casties
Branch:
default
Message:

fixes in permission handling: admin and delete default to creator.

Location:
src/main/java/de/mpiwg/itgroup/annotations
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • src/main/java/de/mpiwg/itgroup/annotations/Annotation.java

    r16 r20  
    44package de.mpiwg.itgroup.annotations;
    55
    6 import java.util.List;
    76import java.util.Set;
    87
     
    9291   
    9392    /**
    94      * Returns if the requested action is allowed on this annotation.
     93     * Returns if the requested action is allowed for the given user on this annotation.
    9594     *
    9695     * @param action
     
    103102            Actor reader = getReadPermission();
    104103            if (reader == null) {
     104                // if not specified then everybody is allowed
    105105                return true;
    106106            } else {
     
    112112            Actor updater = getUpdatePermission();
    113113            if (updater == null) {
     114                // if not specified then everybody is allowed
    114115                return true;
    115116            } else {
     
    119120            // require at least an authenticated user
    120121            if (user == null) return false;
    121             Actor updater = getUpdatePermission();
    122             if (updater == null) {
    123                 return true;
    124             } else {
    125                 return updater.isEquivalentWith(user, store);
     122            Actor deleter = getDeletePermission();
     123            if (deleter == null) {
     124                // if not specified then only creator is allowed
     125                deleter = creator;
    126126            }
     127            return deleter.isEquivalentWith(user, store);
    127128        } else if (action.equals("admin")) {
    128129            // require at least an authenticated user
     
    130131            Actor admin = getAdminPermission();
    131132            if (admin == null) {
    132                 return true;
    133             } else {
    134                 return admin.isEquivalentWith(user, store);
     133                // if not specified then only creator is allowed
     134                admin = creator;
    135135            }
     136            return admin.isEquivalentWith(user, store);
    136137        }
    137138        return false;
     
    274275     */
    275276    public Actor getAdminPermission() {
    276         return adminPermission;
     277        if (adminPermission != null) {
     278            return adminPermission;
     279        } else {
     280            // if not specified then only creator is allowed
     281            return this.creator;
     282        }
    277283    }
    278284
     
    288294     */
    289295    public Actor getDeletePermission() {
    290         return deletePermission;
     296        if (deletePermission != null) {
     297            return deletePermission;
     298        } else {
     299            // if not specified then only creator is allowed
     300            return this.creator;
     301        }
    291302    }
    292303

  • src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotations.java

    r16 r20  
    7474
    7575    /**
    76      * POST with JSON content-type.
     76     * POST with JSON content-type. Creates a new Annotation.
    7777     *
    7878     * @return
     
    128128
    129129    /**
    130      * PUT with JSON content-type.
     130     * PUT with JSON content-type. Modifies an Annotation.
    131131     *
    132132     * @param entity
     
    191191
    192192    /**
    193      * DELETE with JSON content-type.
     193     * DELETE with JSON content-type. Deletes an Annotation.
    194194     *
    195195     * @param entity
Note: See TracChangeset for help on using the changeset viewer.