# HG changeset patch
# User Raimund Renkert <raimund.renkert@intevation.de>
# Date 1447948350 -3600
# Node ID 8c336f08e76fbd8385efe1115493acdcc4d5cc9c
# Parent  385fab3be7f47d44d8593a2af1c8359dc114d5d8
Addedd method to authorize a messung using the id and the status.

diff -r 385fab3be7f4 -r 8c336f08e76f src/main/java/de/intevation/lada/util/auth/Authorization.java
--- a/src/main/java/de/intevation/lada/util/auth/Authorization.java	Thu Nov 19 08:50:33 2015 +0100
+++ b/src/main/java/de/intevation/lada/util/auth/Authorization.java	Thu Nov 19 16:52:30 2015 +0100
@@ -20,6 +20,7 @@
     public <T> Response filter(Object source, Response data, Class<T> clazz);
     public <T> boolean isAuthorized(
         Object source, Object data, RequestMethod method, Class<T> clazz);
+    public <T> boolean isAuthorized(int id, Class<T> clazz);
     public boolean isAuthorized(UserInfo userInfo, Object data);
     boolean isReadOnly(Integer probeId);
 }
diff -r 385fab3be7f4 -r 8c336f08e76f src/main/java/de/intevation/lada/util/auth/DefaultAuthorization.java
--- a/src/main/java/de/intevation/lada/util/auth/DefaultAuthorization.java	Thu Nov 19 08:50:33 2015 +0100
+++ b/src/main/java/de/intevation/lada/util/auth/DefaultAuthorization.java	Thu Nov 19 16:52:30 2015 +0100
@@ -86,4 +86,9 @@
     public boolean isAuthorized(UserInfo userInfo, Object data) {
         return true;
     }
+
+    @Override
+    public <T> boolean isAuthorized(int id, Class<T> clazz) {
+        return true;
+    }
 }
diff -r 385fab3be7f4 -r 8c336f08e76f src/main/java/de/intevation/lada/util/auth/HeaderAuthorization.java
--- a/src/main/java/de/intevation/lada/util/auth/HeaderAuthorization.java	Thu Nov 19 08:50:33 2015 +0100
+++ b/src/main/java/de/intevation/lada/util/auth/HeaderAuthorization.java	Thu Nov 19 16:52:30 2015 +0100
@@ -107,6 +107,28 @@
         return data;
     }
 
+    @Override
+    public <T> boolean isAuthorized(int id, Class<T> clazz) {
+        if (clazz == LMessung.class) {
+            LMessung messung = repository.getByIdPlain(
+                LMessung.class,
+                id,
+                "land");
+            if (messung.getStatus() == null) {
+                return false;
+            }
+            LStatusProtokoll status = repository.getByIdPlain(
+                LStatusProtokoll.class,
+                messung.getStatus(),
+                "land");
+            if (status.getStatusWert() == 0) {
+                return false;
+            }
+            return true;
+        }
+        return false;
+    }
+
     /**
      * Check whether a user is authorized to operate on the given data.
      *
diff -r 385fab3be7f4 -r 8c336f08e76f src/main/java/de/intevation/lada/util/auth/TestAuthorization.java
--- a/src/main/java/de/intevation/lada/util/auth/TestAuthorization.java	Thu Nov 19 08:50:33 2015 +0100
+++ b/src/main/java/de/intevation/lada/util/auth/TestAuthorization.java	Thu Nov 19 16:52:30 2015 +0100
@@ -58,4 +58,9 @@
         return false;
     }
 
+    @Override
+    public <T> boolean isAuthorized(int id, Class<T> clazz) {
+        return true;
+    }
+
 }