changeset 236:2bf8ef754356

Mark LOrt objects as readonly.
author Raimund Renkert <rrenkert@intevation.de>
date Fri, 05 Jul 2013 14:59:44 +0200
parents 01148d036b9b
children fc8dfa211fb4 c00ee4e49d7d
files src/main/java/de/intevation/lada/model/LOrt.java src/main/java/de/intevation/lada/rest/LOrtService.java
diffstat 2 files changed, 29 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/src/main/java/de/intevation/lada/model/LOrt.java	Fri Jul 05 14:59:27 2013 +0200
+++ b/src/main/java/de/intevation/lada/model/LOrt.java	Fri Jul 05 14:59:44 2013 +0200
@@ -15,6 +15,7 @@
 import javax.persistence.Table;
 import javax.persistence.Temporal;
 import javax.persistence.TemporalType;
+import javax.persistence.Transient;
 
 /**
  * LOrt generated by hbm2java
@@ -29,6 +30,7 @@
 	private String ortsTyp;
 	private String ortszusatztext;
 	private Date letzteAenderung;
+	private boolean readonly;
 
 	public LOrt() {
 	}
@@ -107,4 +109,13 @@
 		this.letzteAenderung = letzteAenderung;
 	}
 
+    @Transient
+    public boolean isReadonly() {
+        return readonly;
+    }
+
+    public void setReadonly(boolean readonly) {
+        this.readonly = readonly;
+    }
+
 }
--- a/src/main/java/de/intevation/lada/rest/LOrtService.java	Fri Jul 05 14:59:27 2013 +0200
+++ b/src/main/java/de/intevation/lada/rest/LOrtService.java	Fri Jul 05 14:59:44 2013 +0200
@@ -1,6 +1,7 @@
 package de.intevation.lada.rest;
 
 import java.util.ArrayList;
+import java.util.List;
 
 import javax.enterprise.context.RequestScoped;
 import javax.inject.Inject;
@@ -18,6 +19,7 @@
 
 import de.intevation.lada.auth.Authentication;
 import de.intevation.lada.auth.AuthenticationException;
+import de.intevation.lada.auth.Authorization;
 import de.intevation.lada.data.QueryBuilder;
 import de.intevation.lada.data.Repository;
 import de.intevation.lada.model.LOrt;
@@ -47,6 +49,10 @@
     @Named("ldapauth")
     private Authentication authentication;
 
+    @Inject
+    @Named("dataauthorization")
+    private Authorization authorization;
+
     /**
      * Request LOrt via a filter.
      *
@@ -77,7 +83,14 @@
                     new QueryBuilder<LOrt>(
                         repository.getEntityManager(), LOrt.class);
                 builder.and("probeId", probeId);
-                return repository.filter(builder.getQuery());
+                Response response = repository.filter(builder.getQuery());
+                List<LOrt> list = (List<LOrt>) response.getData();
+                boolean readonly = authorization.isReadOnly(probeId);
+                for (LOrt ort: list) {
+                    ort.setReadonly(readonly);
+                }
+                response.setData(list);
+                return response;
             }
             return new Response(false, 698, new ArrayList<LOrt>());
         }
@@ -103,7 +116,8 @@
     ) {
         try {
             String probeId = ort.getProbeId();
-            if (authentication.hasAccess(headers, probeId)) {
+            if (authentication.hasAccess(headers, probeId) &&
+                !authorization.isReadOnly(probeId)) {
                 return repository.update(ort);
             }
             return new Response(false, 698, new ArrayList<LOrt>());
@@ -129,7 +143,8 @@
     ) {
         try {
             String probeId = ort.getProbeId();
-            if (authentication.hasAccess(headers, probeId)) {
+            if (authentication.hasAccess(headers, probeId) &&
+                !authorization.isReadOnly(probeId)) {
                 return repository.create(ort);
             }
             return new Response(false, 698, new ArrayList<LOrt>());
This site is hosted by Intevation GmbH (Datenschutzerklärung und Impressum | Privacy Policy and Imprint)