Mercurial > lada > lada-server
diff src/main/java/de/intevation/lada/rest/ProbeService.java @ 601:ddab1ecb2898
Use the authorization filter in all REST operations.
author | Raimund Renkert <raimund.renkert@intevation.de> |
---|---|
date | Wed, 08 Apr 2015 10:45:27 +0200 |
parents | 31c4bd94d74e |
children | 21a49dc9984d |
line wrap: on
line diff
--- a/src/main/java/de/intevation/lada/rest/ProbeService.java Wed Apr 08 10:44:24 2015 +0200 +++ b/src/main/java/de/intevation/lada/rest/ProbeService.java Wed Apr 08 10:45:27 2015 +0200 @@ -103,8 +103,6 @@ @Context UriInfo info, @Context HttpServletRequest request ) { - logger.debug("user: " + request.getAttribute("lada.user.name")); - logger.debug("roles: " + request.getAttribute("lada.user.roles")); MultivaluedMap<String, String> params = info.getQueryParameters(); if (params.isEmpty() || !params.containsKey("qid")) { return defaultRepo.getAll(LProbe.class, "land"); @@ -228,7 +226,10 @@ if(violation.hasWarnings()) { response.setWarnings(violation.getWarnings()); } - return response; + return authorization.filter( + request, + response, + LProbe.class); } /** @@ -270,7 +271,10 @@ if (violation.hasWarnings()) { updated.setWarnings(violation.getWarnings()); } - return updated; + return authorization.filter( + request, + updated, + LProbe.class); } /**