# HG changeset patch # User Raimund Renkert # Date 1427129627 -3600 # Node ID 6de05718ac8d208abb98581ba36b78a6016b7409 # Parent b3eee641431016ef7f8184d2e6111a5e5bcbab5c Filter messstellen, netzbetreiber and verwaltungseinheiten. diff -r b3eee6414310 -r 6de05718ac8d src/main/java/de/intevation/lada/rest/stamm/MessstelleService.java --- a/src/main/java/de/intevation/lada/rest/stamm/MessstelleService.java Mon Mar 23 17:53:19 2015 +0100 +++ b/src/main/java/de/intevation/lada/rest/stamm/MessstelleService.java Mon Mar 23 17:53:47 2015 +0100 @@ -7,8 +7,11 @@ */ package de.intevation.lada.rest.stamm; +import java.util.ArrayList; + import javax.enterprise.context.RequestScoped; import javax.inject.Inject; +import javax.servlet.http.HttpServletRequest; import javax.ws.rs.GET; import javax.ws.rs.Path; import javax.ws.rs.PathParam; @@ -18,16 +21,13 @@ import javax.ws.rs.core.MediaType; import javax.ws.rs.core.UriInfo; -import org.apache.log4j.Logger; - import de.intevation.lada.model.stamm.MessStelle; -import de.intevation.lada.util.annotation.AuthenticationConfig; import de.intevation.lada.util.annotation.AuthorizationConfig; import de.intevation.lada.util.annotation.RepositoryConfig; -import de.intevation.lada.util.auth.Authentication; -import de.intevation.lada.util.auth.AuthenticationType; import de.intevation.lada.util.auth.Authorization; import de.intevation.lada.util.auth.AuthorizationType; +import de.intevation.lada.util.auth.UserInfo; +import de.intevation.lada.util.data.QueryBuilder; import de.intevation.lada.util.data.Repository; import de.intevation.lada.util.data.RepositoryType; import de.intevation.lada.util.rest.Response; @@ -36,23 +36,14 @@ @RequestScoped public class MessstelleService { - /* The logger used in this class.*/ - @Inject - private Logger logger; - /* The data repository granting read/write access.*/ @Inject @RepositoryConfig(type=RepositoryType.RO) private Repository defaultRepo; - /* The authentication module.*/ - @Inject - @AuthenticationConfig(type=AuthenticationType.NONE) - private Authentication authentication; - /* The authorization module.*/ @Inject - @AuthorizationConfig(type=AuthorizationType.NONE) + @AuthorizationConfig(type=AuthorizationType.OPEN_ID) private Authorization authorization; /** @@ -65,13 +56,15 @@ @Produces(MediaType.APPLICATION_JSON) public Response get( @Context HttpHeaders headers, + @Context HttpServletRequest request, @Context UriInfo info ) { - if (!authentication.isAuthenticated(headers)) { - logger.debug("User is not authenticated!"); - return new Response(false, 699, null); - } - return defaultRepo.getAll(MessStelle.class, "stamm"); + UserInfo userInfo = authorization.getInfo(request); + QueryBuilder builder = + new QueryBuilder( + defaultRepo.entityManager("stamm"), MessStelle.class); + builder.or("id", userInfo.getMessstellen()); + return defaultRepo.filter(builder.getQuery(), "stamm"); } /** @@ -84,15 +77,13 @@ @Produces(MediaType.APPLICATION_JSON) public Response getById( @Context HttpHeaders headers, + @Context HttpServletRequest request, @PathParam("id") String id ) { - if (!authentication.isAuthenticated(headers)) { - logger.debug("User is not authenticated!"); - return new Response(false, 699, null); + UserInfo userInfo = authorization.getInfo(request); + if (userInfo.getMessstellen().contains(id)) { + return defaultRepo.getById(MessStelle.class, id, "stamm"); } - return defaultRepo.getById( - MessStelle.class, - id, - "stamm"); + return new Response(false, 698, new ArrayList()); } } diff -r b3eee6414310 -r 6de05718ac8d src/main/java/de/intevation/lada/rest/stamm/NetzbetreiberService.java --- a/src/main/java/de/intevation/lada/rest/stamm/NetzbetreiberService.java Mon Mar 23 17:53:19 2015 +0100 +++ b/src/main/java/de/intevation/lada/rest/stamm/NetzbetreiberService.java Mon Mar 23 17:53:47 2015 +0100 @@ -7,8 +7,11 @@ */ package de.intevation.lada.rest.stamm; +import java.util.ArrayList; + import javax.enterprise.context.RequestScoped; import javax.inject.Inject; +import javax.servlet.http.HttpServletRequest; import javax.ws.rs.GET; import javax.ws.rs.Path; import javax.ws.rs.PathParam; @@ -18,16 +21,13 @@ import javax.ws.rs.core.MediaType; import javax.ws.rs.core.UriInfo; -import org.apache.log4j.Logger; - import de.intevation.lada.model.stamm.NetzBetreiber; -import de.intevation.lada.util.annotation.AuthenticationConfig; import de.intevation.lada.util.annotation.AuthorizationConfig; import de.intevation.lada.util.annotation.RepositoryConfig; -import de.intevation.lada.util.auth.Authentication; -import de.intevation.lada.util.auth.AuthenticationType; import de.intevation.lada.util.auth.Authorization; import de.intevation.lada.util.auth.AuthorizationType; +import de.intevation.lada.util.auth.UserInfo; +import de.intevation.lada.util.data.QueryBuilder; import de.intevation.lada.util.data.Repository; import de.intevation.lada.util.data.RepositoryType; import de.intevation.lada.util.rest.Response; @@ -36,23 +36,14 @@ @RequestScoped public class NetzbetreiberService { - /* The logger used in this class.*/ - @Inject - private Logger logger; - /* The data repository granting read/write access.*/ @Inject @RepositoryConfig(type=RepositoryType.RO) private Repository defaultRepo; - /* The authentication module.*/ - @Inject - @AuthenticationConfig(type=AuthenticationType.NONE) - private Authentication authentication; - /* The authorization module.*/ @Inject - @AuthorizationConfig(type=AuthorizationType.NONE) + @AuthorizationConfig(type=AuthorizationType.OPEN_ID) private Authorization authorization; /** @@ -65,13 +56,15 @@ @Produces(MediaType.APPLICATION_JSON) public Response get( @Context HttpHeaders headers, + @Context HttpServletRequest request, @Context UriInfo info ) { - if (!authentication.isAuthenticated(headers)) { - logger.debug("User is not authenticated!"); - return new Response(false, 699, null); - } - return defaultRepo.getAll(NetzBetreiber.class, "stamm"); + UserInfo userInfo = authorization.getInfo(request); + QueryBuilder builder = + new QueryBuilder( + defaultRepo.entityManager("stamm"), NetzBetreiber.class); + builder.or("id", userInfo.getNetzbetreiber()); + return defaultRepo.filter(builder.getQuery(), "stamm"); } /** @@ -84,15 +77,13 @@ @Produces(MediaType.APPLICATION_JSON) public Response getById( @Context HttpHeaders headers, + @Context HttpServletRequest request, @PathParam("id") String id ) { - if (!authentication.isAuthenticated(headers)) { - logger.debug("User is not authenticated!"); - return new Response(false, 699, null); + UserInfo userInfo = authorization.getInfo(request); + if (userInfo.getNetzbetreiber().contains(id)) { + return defaultRepo.getById(NetzBetreiber.class, id, "stamm"); } - return defaultRepo.getById( - NetzBetreiber.class, - id, - "stamm"); + return new Response(false, 698, new ArrayList()); } } diff -r b3eee6414310 -r 6de05718ac8d src/main/java/de/intevation/lada/rest/stamm/VerwaltungseinheitService.java --- a/src/main/java/de/intevation/lada/rest/stamm/VerwaltungseinheitService.java Mon Mar 23 17:53:19 2015 +0100 +++ b/src/main/java/de/intevation/lada/rest/stamm/VerwaltungseinheitService.java Mon Mar 23 17:53:47 2015 +0100 @@ -16,18 +16,12 @@ import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.UriInfo; -import org.apache.log4j.Logger; - import de.intevation.lada.model.stamm.Verwaltungseinheit; -import de.intevation.lada.util.annotation.AuthenticationConfig; -import de.intevation.lada.util.annotation.AuthorizationConfig; import de.intevation.lada.util.annotation.RepositoryConfig; -import de.intevation.lada.util.auth.Authentication; -import de.intevation.lada.util.auth.AuthenticationType; -import de.intevation.lada.util.auth.Authorization; -import de.intevation.lada.util.auth.AuthorizationType; +import de.intevation.lada.util.data.QueryBuilder; import de.intevation.lada.util.data.Repository; import de.intevation.lada.util.data.RepositoryType; import de.intevation.lada.util.rest.Response; @@ -36,25 +30,11 @@ @RequestScoped public class VerwaltungseinheitService { - /* The logger used in this class.*/ - @Inject - private Logger logger; - /* The data repository granting read/write access.*/ @Inject @RepositoryConfig(type=RepositoryType.RO) private Repository defaultRepo; - /* The authentication module.*/ - @Inject - @AuthenticationConfig(type=AuthenticationType.NONE) - private Authentication authentication; - - /* The authorization module.*/ - @Inject - @AuthorizationConfig(type=AuthorizationType.NONE) - private Authorization authorization; - /** * Get all objects. * @@ -67,11 +47,16 @@ @Context HttpHeaders headers, @Context UriInfo info ) { - if (!authentication.isAuthenticated(headers)) { - logger.debug("User is not authenticated!"); - return new Response(false, 699, null); + MultivaluedMap params = info.getQueryParameters(); + if (params.isEmpty() || !params.containsKey("query")) { + return defaultRepo.getAll(Verwaltungseinheit.class, "stamm"); } - return defaultRepo.getAll(Verwaltungseinheit.class, "stamm"); + String filter = params.getFirst("query"); + QueryBuilder builder = + new QueryBuilder( + defaultRepo.entityManager("stamm"), Verwaltungseinheit.class); + builder.andLike("bezeichnung", filter + "%"); + return defaultRepo.filter(builder.getQuery(), "stamm"); } /** @@ -86,10 +71,6 @@ @Context HttpHeaders headers, @PathParam("id") String id ) { - if (!authentication.isAuthenticated(headers)) { - logger.debug("User is not authenticated!"); - return new Response(false, 699, null); - } return defaultRepo.getById( Verwaltungseinheit.class, id,