# HG changeset patch # User Raimund Renkert # Date 1373029184 -7200 # Node ID 2bf8ef754356322e7e376b1343c8c608231f5678 # Parent 01148d036b9b2a9123e6a6efcdbb5b6da0003c79 Mark LOrt objects as readonly. diff -r 01148d036b9b -r 2bf8ef754356 src/main/java/de/intevation/lada/model/LOrt.java --- a/src/main/java/de/intevation/lada/model/LOrt.java Fri Jul 05 14:59:27 2013 +0200 +++ b/src/main/java/de/intevation/lada/model/LOrt.java Fri Jul 05 14:59:44 2013 +0200 @@ -15,6 +15,7 @@ import javax.persistence.Table; import javax.persistence.Temporal; import javax.persistence.TemporalType; +import javax.persistence.Transient; /** * LOrt generated by hbm2java @@ -29,6 +30,7 @@ private String ortsTyp; private String ortszusatztext; private Date letzteAenderung; + private boolean readonly; public LOrt() { } @@ -107,4 +109,13 @@ this.letzteAenderung = letzteAenderung; } + @Transient + public boolean isReadonly() { + return readonly; + } + + public void setReadonly(boolean readonly) { + this.readonly = readonly; + } + } diff -r 01148d036b9b -r 2bf8ef754356 src/main/java/de/intevation/lada/rest/LOrtService.java --- a/src/main/java/de/intevation/lada/rest/LOrtService.java Fri Jul 05 14:59:27 2013 +0200 +++ b/src/main/java/de/intevation/lada/rest/LOrtService.java Fri Jul 05 14:59:44 2013 +0200 @@ -1,6 +1,7 @@ package de.intevation.lada.rest; import java.util.ArrayList; +import java.util.List; import javax.enterprise.context.RequestScoped; import javax.inject.Inject; @@ -18,6 +19,7 @@ import de.intevation.lada.auth.Authentication; import de.intevation.lada.auth.AuthenticationException; +import de.intevation.lada.auth.Authorization; import de.intevation.lada.data.QueryBuilder; import de.intevation.lada.data.Repository; import de.intevation.lada.model.LOrt; @@ -47,6 +49,10 @@ @Named("ldapauth") private Authentication authentication; + @Inject + @Named("dataauthorization") + private Authorization authorization; + /** * Request LOrt via a filter. * @@ -77,7 +83,14 @@ new QueryBuilder( repository.getEntityManager(), LOrt.class); builder.and("probeId", probeId); - return repository.filter(builder.getQuery()); + Response response = repository.filter(builder.getQuery()); + List list = (List) response.getData(); + boolean readonly = authorization.isReadOnly(probeId); + for (LOrt ort: list) { + ort.setReadonly(readonly); + } + response.setData(list); + return response; } return new Response(false, 698, new ArrayList()); } @@ -103,7 +116,8 @@ ) { try { String probeId = ort.getProbeId(); - if (authentication.hasAccess(headers, probeId)) { + if (authentication.hasAccess(headers, probeId) && + !authorization.isReadOnly(probeId)) { return repository.update(ort); } return new Response(false, 698, new ArrayList()); @@ -129,7 +143,8 @@ ) { try { String probeId = ort.getProbeId(); - if (authentication.hasAccess(headers, probeId)) { + if (authentication.hasAccess(headers, probeId) && + !authorization.isReadOnly(probeId)) { return repository.create(ort); } return new Response(false, 698, new ArrayList());