Mercurial > lada > lada-server
changeset 236:2bf8ef754356
Mark LOrt objects as readonly.
| author | Raimund Renkert <rrenkert@intevation.de> |
|---|---|
| date | Fri, 05 Jul 2013 14:59:44 +0200 |
| parents | 01148d036b9b |
| children | fc8dfa211fb4 c00ee4e49d7d |
| files | src/main/java/de/intevation/lada/model/LOrt.java src/main/java/de/intevation/lada/rest/LOrtService.java |
| diffstat | 2 files changed, 29 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/src/main/java/de/intevation/lada/model/LOrt.java Fri Jul 05 14:59:27 2013 +0200 +++ b/src/main/java/de/intevation/lada/model/LOrt.java Fri Jul 05 14:59:44 2013 +0200 @@ -15,6 +15,7 @@ import javax.persistence.Table; import javax.persistence.Temporal; import javax.persistence.TemporalType; +import javax.persistence.Transient; /** * LOrt generated by hbm2java @@ -29,6 +30,7 @@ private String ortsTyp; private String ortszusatztext; private Date letzteAenderung; + private boolean readonly; public LOrt() { } @@ -107,4 +109,13 @@ this.letzteAenderung = letzteAenderung; } + @Transient + public boolean isReadonly() { + return readonly; + } + + public void setReadonly(boolean readonly) { + this.readonly = readonly; + } + }
--- a/src/main/java/de/intevation/lada/rest/LOrtService.java Fri Jul 05 14:59:27 2013 +0200 +++ b/src/main/java/de/intevation/lada/rest/LOrtService.java Fri Jul 05 14:59:44 2013 +0200 @@ -1,6 +1,7 @@ package de.intevation.lada.rest; import java.util.ArrayList; +import java.util.List; import javax.enterprise.context.RequestScoped; import javax.inject.Inject; @@ -18,6 +19,7 @@ import de.intevation.lada.auth.Authentication; import de.intevation.lada.auth.AuthenticationException; +import de.intevation.lada.auth.Authorization; import de.intevation.lada.data.QueryBuilder; import de.intevation.lada.data.Repository; import de.intevation.lada.model.LOrt; @@ -47,6 +49,10 @@ @Named("ldapauth") private Authentication authentication; + @Inject + @Named("dataauthorization") + private Authorization authorization; + /** * Request LOrt via a filter. * @@ -77,7 +83,14 @@ new QueryBuilder<LOrt>( repository.getEntityManager(), LOrt.class); builder.and("probeId", probeId); - return repository.filter(builder.getQuery()); + Response response = repository.filter(builder.getQuery()); + List<LOrt> list = (List<LOrt>) response.getData(); + boolean readonly = authorization.isReadOnly(probeId); + for (LOrt ort: list) { + ort.setReadonly(readonly); + } + response.setData(list); + return response; } return new Response(false, 698, new ArrayList<LOrt>()); } @@ -103,7 +116,8 @@ ) { try { String probeId = ort.getProbeId(); - if (authentication.hasAccess(headers, probeId)) { + if (authentication.hasAccess(headers, probeId) && + !authorization.isReadOnly(probeId)) { return repository.update(ort); } return new Response(false, 698, new ArrayList<LOrt>()); @@ -129,7 +143,8 @@ ) { try { String probeId = ort.getProbeId(); - if (authentication.hasAccess(headers, probeId)) { + if (authentication.hasAccess(headers, probeId) && + !authorization.isReadOnly(probeId)) { return repository.create(ort); } return new Response(false, 698, new ArrayList<LOrt>());