Mercurial > lada > lada-server

diff src/main/java/de/intevation/lada/rest/MessprogrammService.java @ 1332:65ed13ff9945 2.6.1

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Changed authorization for Messprogramm. * Added 'readonly' flag * Only user with function '4' and the corresponding 'netzbetreiber' are allowed to edit. * User authorized to create a 'probe' are allowed to generate proben.
author Raimund Renkert <raimund.renkert@intevation.de>
date Wed, 29 Mar 2017 14:25:56 +0200
parents 4ee336c65ab3
children
line wrap: on
line diff
--- a/src/main/java/de/intevation/lada/rest/MessprogrammService.java	Mon Mar 27 17:04:32 2017 +0200
+++ b/src/main/java/de/intevation/lada/rest/MessprogrammService.java	Wed Mar 29 14:25:56 2017 +0200
@@ -32,6 +32,7 @@
 import de.intevation.lada.util.annotation.RepositoryConfig;
 import de.intevation.lada.util.auth.Authorization;
 import de.intevation.lada.util.auth.AuthorizationType;
+import de.intevation.lada.util.data.QueryBuilder;
 import de.intevation.lada.util.data.Repository;
 import de.intevation.lada.util.data.RepositoryType;
 import de.intevation.lada.util.rest.RequestMethod;
@@ -95,7 +96,7 @@
      */
     @Inject
     @RepositoryConfig(type=RepositoryType.RW)
-    private Repository defaultRepo;
+    private Repository repository;
 
     /**
      * The authorization module.
@@ -145,7 +146,7 @@
     ) {
         MultivaluedMap<String, String> params = info.getQueryParameters();
         if (params.isEmpty() || !params.containsKey("qid")) {
-            return defaultRepo.getAll(Messprogramm.class, "land");
+            return repository.getAll(Messprogramm.class, "land");
         }
         Integer id = null;
         try {
@@ -168,9 +169,35 @@
             }
             result = result.subList(start, end);
         }
+        QueryBuilder<Messprogramm> mBuilder = new QueryBuilder<Messprogramm>(
+            repository.entityManager("land"), Messprogramm.class);
+        for (Map<String, Object> entry: result) {
+            mBuilder.or("id", (Integer)entry.get("id"));
+        }
+        Response r = repository.filter(mBuilder.getQuery(), "land");
+        r = authorization.filter(request, r, Messprogramm.class);
+        List<Messprogramm> messprogramme = (List<Messprogramm>)r.getData();
+        for (Map<String, Object> entry: result) {
+            Integer mId = Integer.valueOf(entry.get("id").toString());
+            setAuthData(messprogramme, entry, mId);
+        }
+
         return new Response(true, 200, result, size);
     }
 
+    private void setAuthData(
+        List<Messprogramm> messprogamme,
+        Map<String, Object> entry,
+        Integer id
+    ) {
+        for (int i = 0; i < messprogamme.size(); i++) {
+            if (id.equals(messprogamme.get(i).getId())) {
+                entry.put("readonly", messprogamme.get(i).isReadonly());
+                return;
+            }
+        }
+    }
+
     /**
      * Get a Messprogramm object by id.
      * <p>
@@ -189,7 +216,7 @@
     ) {
         return authorization.filter(
             request,
-            defaultRepo.getById(Messprogramm.class, Integer.valueOf(id), "land"),
+            repository.getById(Messprogramm.class, Integer.valueOf(id), "land"),
             Messprogramm.class);
     }
 
@@ -254,10 +281,10 @@
             messprogramm = factory.findUmweltId(messprogramm);
         }
         /* Persist the new messprogramm object*/
-        Response response = defaultRepo.create(messprogramm, "land");
+        Response response = repository.create(messprogramm, "land");
         Messprogramm ret = (Messprogramm)response.getData();
         Response created =
-            defaultRepo.getById(Messprogramm.class, ret.getId(), "land");
+            repository.getById(Messprogramm.class, ret.getId(), "land");
         return authorization.filter(
             request,
             new Response(true, 200, created.getData()),
@@ -325,11 +352,11 @@
         if (messprogramm.getUmwId() == null || messprogramm.getUmwId().equals("")) {
             messprogramm = factory.findUmweltId(messprogramm);
         }
-        Response response = defaultRepo.update(messprogramm, "land");
+        Response response = repository.update(messprogramm, "land");
         if (!response.getSuccess()) {
             return response;
         }
-        Response updated = defaultRepo.getById(
+        Response updated = repository.getById(
             Messprogramm.class,
             ((Messprogramm)response.getData()).getId(), "land");
         return authorization.filter(
@@ -354,9 +381,9 @@
         @Context HttpServletRequest request,
         @PathParam("id") String id
     ) {
-        /* Get the messung object by id*/
+        /* Get the messprogamm object by id*/
         Response messprogramm =
-            defaultRepo.getById(Messprogramm.class, Integer.valueOf(id), "land");
+            repository.getById(Messprogramm.class, Integer.valueOf(id), "land");
         Messprogramm messprogrammObj = (Messprogramm)messprogramm.getData();
         if (!authorization.isAuthorized(
                 request,
@@ -367,7 +394,7 @@
             return new Response(false, 699, null);
         }
         /* Delete the messprogramm object*/
-        Response response = defaultRepo.delete(messprogrammObj, "land");
+        Response response = repository.delete(messprogrammObj, "land");
         return response;
     }
 }
This site is hosted by Intevation GmbH (Datenschutzerklärung und Impressum | Privacy Policy and Imprint)