Changeset 4217 for DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/rest/AnnotationResource.java
- Timestamp:
- 01/06/14 17:20:05 (10 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
DASISH/t5.6/backend/annotator-backend/trunk/annotator-backend/src/main/java/eu/dasish/annotation/backend/rest/AnnotationResource.java
r4209 r4217 80 80 @Context 81 81 private Providers providers; 82 83 84 82 final String default_permission = "reader"; 85 83 private static final Logger logger = LoggerFactory.getLogger(AnnotationResource.class); … … 97 95 } 98 96 99 100 101 97 public void setProviders(Providers providers) { 102 98 this.providers = providers; … … 116 112 dbIntegrityService.setServiceURI(baseURIstr); 117 113 final Number annotationID = dbIntegrityService.getAnnotationInternalIdentifier(UUID.fromString(ExternalIdentifier)); 118 String remoteUser = httpServletRequest.getRemoteUser(); 119 final Number userID = dbIntegrityService.getUserInternalIDFromRemoteID(remoteUser); 120 if (canRead(userID, annotationID)) { 121 final Annotation annotation = dbIntegrityService.getAnnotation(annotationID); 122 JAXBElement<Annotation> rootElement = new ObjectFactory().createAnnotation(annotation); 123 logger.info("getAnnotation method: OK"); 124 return rootElement; 125 } else { 126 httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "The logged-in user cannot read the annotation."); 114 if (annotationID != null) { 115 String remoteUser = httpServletRequest.getRemoteUser(); 116 final Number userID = dbIntegrityService.getUserInternalIDFromRemoteID(remoteUser); 117 if (canRead(userID, annotationID)) { 118 final Annotation annotation = dbIntegrityService.getAnnotation(annotationID); 119 JAXBElement<Annotation> rootElement = new ObjectFactory().createAnnotation(annotation); 120 logger.info("getAnnotation method: OK"); 121 return rootElement; 122 } else { 123 httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "The logged-in user cannot read the annotation."); 124 return null; 125 } 126 } else { 127 httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The annotation with the given id is not found in the database"); 127 128 return null; 128 129 } … … 139 140 dbIntegrityService.setServiceURI(uriInfo.getBaseUri().toString()); 140 141 final Number annotationID = dbIntegrityService.getAnnotationInternalIdentifier(UUID.fromString(ExternalIdentifier)); 141 final Number userID = dbIntegrityService.getUserInternalIDFromRemoteID(httpServletRequest.getRemoteUser()); 142 if (canRead(userID, annotationID)) { 143 final ReferenceList TargetList = dbIntegrityService.getAnnotationTargets(annotationID); 144 logger.info("getAnnotationTargets method: OK"); 145 return new ObjectFactory().createTargetList(TargetList); 146 } else { 147 httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "The logged-in user cannot read the annotation."); 142 if (annotationID != null) { 143 final Number userID = dbIntegrityService.getUserInternalIDFromRemoteID(httpServletRequest.getRemoteUser()); 144 if (canRead(userID, annotationID)) { 145 final ReferenceList TargetList = dbIntegrityService.getAnnotationTargets(annotationID); 146 logger.info("getAnnotationTargets method: OK"); 147 return new ObjectFactory().createTargetList(TargetList); 148 } else { 149 httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "The logged-in user cannot read the annotation."); 150 return null; 151 } 152 } else { 153 httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The annotation with the given id is not found in the database"); 148 154 return null; 149 155 } … … 183 189 final Number annotationID = dbIntegrityService.getAnnotationInternalIdentifier(UUID.fromString(ExternalIdentifier)); 184 190 final Number userID = dbIntegrityService.getUserInternalIDFromRemoteID(httpServletRequest.getRemoteUser()); 185 if (canRead(userID, annotationID)) { 186 final UserWithPermissionList permissionList = dbIntegrityService.getPermissionsForAnnotation(annotationID); 187 logger.info("getAnnotationPermissions method: OK"); 188 return new ObjectFactory().createPermissionList(permissionList); 189 } else { 190 httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "The logged-in user cannot read the annotation."); 191 return null; 192 } 193 191 if (annotationID != null) { 192 if (canRead(userID, annotationID)) { 193 final UserWithPermissionList permissionList = dbIntegrityService.getPermissionsForAnnotation(annotationID); 194 logger.info("getAnnotationPermissions method: OK"); 195 return new ObjectFactory().createPermissionList(permissionList); 196 } else { 197 httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "The logged-in user cannot read the annotation."); 198 return null; 199 } 200 } else { 201 httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The annotation with the given id is not found in the database"); 202 return null; 203 } 194 204 } 195 205 … … 203 213 final Number annotationID = dbIntegrityService.getAnnotationInternalIdentifier(UUID.fromString(externalIdentifier)); 204 214 final Number userID = dbIntegrityService.getUserInternalIDFromRemoteID(httpServletRequest.getRemoteUser()); 205 if (isOwner(userID, annotationID)) { 206 int[] resultDelete = dbIntegrityService.deleteAnnotation(annotationID); 207 String result = Integer.toString(resultDelete[0]); 208 logger.info("deleteAnnotation method: OK"); 209 return result + " annotation(s) deleted."; 210 } else { 211 httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "The logged-in user cannot delete the annotation. Only the owner can delete the annotation."); 212 return null; 213 } 214 215 if (annotationID != null) { 216 if (isOwner(userID, annotationID)) { 217 int[] resultDelete = dbIntegrityService.deleteAnnotation(annotationID); 218 String result = Integer.toString(resultDelete[0]); 219 logger.info("deleteAnnotation method: OK"); 220 return result + " annotation(s) deleted."; 221 } else { 222 httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "The logged-in user cannot delete the annotation. Only the owner can delete the annotation."); 223 return null; 224 } 225 } else { 226 httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The annotation with the given id is not found in the database"); 227 return null; 228 } 215 229 } 216 230 … … 246 260 } 247 261 final Number annotationID = dbIntegrityService.getAnnotationInternalIdentifier(UUID.fromString(externalIdentifier)); 248 final Number userID = dbIntegrityService.getUserInternalIDFromRemoteID(httpServletRequest.getRemoteUser()); 249 if (canWrite(userID, annotationID)) { 250 int updatedRows = dbIntegrityService.updateUsersAnnotation(userID, annotation); 251 logger.info("updateAnnotation method: OK"); 252 return new ObjectFactory().createResponseBody(makeAnnotationResponseEnvelope(annotationID)); 253 254 } else { 255 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 256 return null; 257 } 258 262 if (annotationID != null) { 263 final Number userID = dbIntegrityService.getUserInternalIDFromRemoteID(httpServletRequest.getRemoteUser()); 264 if (canWrite(userID, annotationID)) { 265 int updatedRows = dbIntegrityService.updateUsersAnnotation(userID, annotation); 266 logger.info("updateAnnotation method: OK"); 267 return new ObjectFactory().createResponseBody(makeAnnotationResponseEnvelope(annotationID)); 268 269 } else { 270 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 271 return null; 272 } 273 } else { 274 httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The annotation with the given id is not found in the database"); 275 return null; 276 } 259 277 } 260 278 … … 270 288 final Number annotationID = dbIntegrityService.getAnnotationInternalIdentifier(UUID.fromString(externalIdentifier)); 271 289 final Number userID = dbIntegrityService.getUserInternalIDFromRemoteID(httpServletRequest.getRemoteUser()); 272 if (canWrite(userID, annotationID)) { 273 int updatedRows = dbIntegrityService.updateAnnotationBody(annotationID, annotationBody); 274 logger.info("updateAnnotationBody method: OK"); 275 return new ObjectFactory().createResponseBody(makeAnnotationResponseEnvelope(annotationID)); 276 } else { 277 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 278 return null; 279 } 280 290 if (annotationID != null) { 291 if (canWrite(userID, annotationID)) { 292 int updatedRows = dbIntegrityService.updateAnnotationBody(annotationID, annotationBody); 293 logger.info("updateAnnotationBody method: OK"); 294 return new ObjectFactory().createResponseBody(makeAnnotationResponseEnvelope(annotationID)); 295 } else { 296 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 297 return null; 298 } 299 } else { 300 httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The annotation with the given id is not found in the database"); 301 return null; 302 } 281 303 } 282 304 … … 291 313 final Number remoteUserID = dbIntegrityService.getUserInternalIDFromRemoteID(httpServletRequest.getRemoteUser()); 292 314 final Number userID = dbIntegrityService.getUserInternalIdentifier(UUID.fromString(userExternalId)); 293 if (isOwner(remoteUserID, annotationID)) { 294 int result = (dbIntegrityService.getPermission(annotationID, userID) != null) 295 ? dbIntegrityService.updateAnnotationPrincipalPermission(annotationID, userID, permission) 296 : dbIntegrityService.addAnnotationPrincipalPermission(annotationID, userID, permission); 297 logger.info("updatePermission method: OK"); 298 return result + " rows are updated/added"; 299 300 } else { 301 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 315 if (annotationID != null) { 316 if (isOwner(remoteUserID, annotationID)) { 317 int result = (dbIntegrityService.getPermission(annotationID, userID) != null) 318 ? dbIntegrityService.updateAnnotationPrincipalPermission(annotationID, userID, permission) 319 : dbIntegrityService.addAnnotationPrincipalPermission(annotationID, userID, permission); 320 logger.info("updatePermission method: OK"); 321 return result + " rows are updated/added"; 322 323 } else { 324 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 325 return null; 326 } 327 } else { 328 httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The annotation with the given id is not found in the database"); 302 329 return null; 303 330 } … … 313 340 final Number annotationID = dbIntegrityService.getAnnotationInternalIdentifier(UUID.fromString(annotationExternalId)); 314 341 final Number remoteUserID = dbIntegrityService.getUserInternalIDFromRemoteID(httpServletRequest.getRemoteUser()); 315 if (isOwner(remoteUserID, annotationID)) { 316 int updatedRows = dbIntegrityService.updatePermissions(annotationID, permissions); 317 logger.info("updatePermissions method: OK"); 318 return new ObjectFactory().createResponseBody(makePermissionResponseEnvelope(annotationID)); 319 } else { 320 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 342 if (annotationID != null) { 343 if (isOwner(remoteUserID, annotationID)) { 344 int updatedRows = dbIntegrityService.updatePermissions(annotationID, permissions); 345 logger.info("updatePermissions method: OK"); 346 return new ObjectFactory().createResponseBody(makePermissionResponseEnvelope(annotationID)); 347 } else { 348 httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); 349 return null; 350 } 351 } else { 352 httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "The annotation with the given id is not found in the database"); 321 353 return null; 322 354 }
Note: See TracChangeset
for help on using the changeset viewer.