Mercurial > lada > lada-server
changeset 589:d94f9d97b69a
Fixed authorization via openid.
author | Raimund Renkert <raimund.renkert@intevation.de> |
---|---|
date | Wed, 25 Mar 2015 16:11:48 +0100 |
parents | 7e9336df0aeb |
children | 843eff9bff02 |
files | src/main/java/de/intevation/lada/util/auth/OpenIdAuthorization.java |
diffstat | 1 files changed, 11 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/src/main/java/de/intevation/lada/util/auth/OpenIdAuthorization.java Tue Mar 24 11:48:23 2015 +0100 +++ b/src/main/java/de/intevation/lada/util/auth/OpenIdAuthorization.java Wed Mar 25 16:11:48 2015 +0100 @@ -12,6 +12,8 @@ import javax.persistence.Query; import javax.servlet.http.HttpServletRequest; +import org.apache.log4j.Logger; + import de.intevation.lada.model.land.LMessung; import de.intevation.lada.model.land.LProbe; import de.intevation.lada.util.annotation.AuthorizationConfig; @@ -27,6 +29,9 @@ public class OpenIdAuthorization implements Authorization { @Inject + private Logger logger; + + @Inject @RepositoryConfig(type=RepositoryType.RO) private Repository repository; @@ -84,7 +89,7 @@ } else if (method == RequestMethod.PUT || method == RequestMethod.DELETE) { - return isReadOnly(probe.getId()); + return !isReadOnly(probe.getId()); } else { return false; @@ -100,7 +105,7 @@ } else if (method == RequestMethod.PUT || method == RequestMethod.DELETE) { - return isReadOnly(probe.getId()); + return !isReadOnly(probe.getId()); } } else { @@ -112,12 +117,13 @@ id = (Integer) m.invoke(data); } catch (IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { + logger.warn(e.getCause() + ": " + e.getMessage()); return false; } Response response = repository.getById(LProbe.class, id, "land"); LProbe probe = (LProbe)response.getData(); - return isReadOnly(id) && getAuthorization(userInfo, probe); + return !isReadOnly(id) && getAuthorization(userInfo, probe); } if (m.getName().equals("getMessungsId")) { @@ -126,6 +132,7 @@ id = (Integer) m.invoke(data); } catch (IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { + logger.warn(e.getCause() + ": " + e.getMessage()); return false; } Response mResponse = @@ -134,7 +141,7 @@ Response pResponse = repository.getById(LProbe.class, messung.getProbeId(), "land"); LProbe probe = (LProbe)pResponse.getData(); - return isReadOnly(probe.getId()) && getAuthorization(userInfo, probe); + return !isReadOnly(probe.getId()) && getAuthorization(userInfo, probe); } } }