Mercurial > lada > lada-server

diff src/main/java/de/intevation/lada/rest/ProbeService.java @ 601:ddab1ecb2898

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Use the authorization filter in all REST operations.
author Raimund Renkert <raimund.renkert@intevation.de>
date Wed, 08 Apr 2015 10:45:27 +0200
parents 31c4bd94d74e
children 21a49dc9984d
line wrap: on
line diff
--- a/src/main/java/de/intevation/lada/rest/ProbeService.java	Wed Apr 08 10:44:24 2015 +0200
+++ b/src/main/java/de/intevation/lada/rest/ProbeService.java	Wed Apr 08 10:45:27 2015 +0200
@@ -103,8 +103,6 @@
         @Context UriInfo info,
         @Context HttpServletRequest request
     ) {
-        logger.debug("user: " + request.getAttribute("lada.user.name"));
-        logger.debug("roles: " + request.getAttribute("lada.user.roles"));
         MultivaluedMap<String, String> params = info.getQueryParameters();
         if (params.isEmpty() || !params.containsKey("qid")) {
             return defaultRepo.getAll(LProbe.class, "land");
@@ -228,7 +226,10 @@
         if(violation.hasWarnings()) {
             response.setWarnings(violation.getWarnings());
         }
-        return response;
+        return authorization.filter(
+            request,
+            response,
+            LProbe.class);
     }
 
     /**
@@ -270,7 +271,10 @@
         if (violation.hasWarnings()) {
             updated.setWarnings(violation.getWarnings());
         }
-        return updated;
+        return authorization.filter(
+            request,
+            updated,
+            LProbe.class);
     }
 
     /**
This site is hosted by Intevation GmbH (Datenschutzerklärung und Impressum | Privacy Policy and Imprint)