# HG changeset patch # User ymh # Date 1389876514 -3600 # Node ID 66db2c72cc0d92adcd4a17f54ee1a03eb251473e # Parent 521fee5b7fe482331675b842b2d02b4f8d1d0457 check that node and edge can be edited diff -r 521fee5b7fe4 -r 66db2c72cc0d server/src/main/java/org/iri_research/renkan/coweb/event/AbstractSyncEventManager.java --- a/server/src/main/java/org/iri_research/renkan/coweb/event/AbstractSyncEventManager.java Thu Jan 16 01:29:02 2014 +0100 +++ b/server/src/main/java/org/iri_research/renkan/coweb/event/AbstractSyncEventManager.java Thu Jan 16 13:48:34 2014 +0100 @@ -109,6 +109,8 @@ } protected abstract List getObjectList(Project project); + + protected abstract void checkUpdate(String clientId, Map data); @Override public void update(String clientId, Map data) { @@ -116,6 +118,8 @@ this.logger.debug("AbstractSyncEventManager: update " + this.getClass().getName()); + checkUpdate(clientId, data); + @SuppressWarnings("unchecked") Map values = (Map) data.get("value"); String obj_id = (String) values.get("id"); @@ -162,10 +166,17 @@ @Override public abstract void insert(String clientId, Map data); + + protected abstract void checkDelete(String clientId, Map data); + @Override public void delete(String clientId, Map data) { + this.logger.debug("AbstractSyncEventManager: delete " + + this.getClass().getName()); + checkDelete(clientId, data); + @SuppressWarnings("unchecked") Map values = (Map) data.get("value"); String project_id = (String) values.get("_project_id"); diff -r 521fee5b7fe4 -r 66db2c72cc0d server/src/main/java/org/iri_research/renkan/coweb/event/EdgeSyncEventManager.java --- a/server/src/main/java/org/iri_research/renkan/coweb/event/EdgeSyncEventManager.java Thu Jan 16 01:29:02 2014 +0100 +++ b/server/src/main/java/org/iri_research/renkan/coweb/event/EdgeSyncEventManager.java Thu Jan 16 13:48:34 2014 +0100 @@ -127,4 +127,40 @@ return project.getEdges(); } + private boolean checkWrite(String clientId, Map data) { + + @SuppressWarnings("unchecked") + Map values = (Map) data.get("value"); + String project_id = (String) values.get("_project_id"); + + String edge_id = (String) values.get("id"); + + Edge edge = this.getEdgesRepository().findOne(edge_id); + + if(edge==null) { + return true; + } + else if ( (project_id == edge.getProjectId()) || (project_id != null && project_id.equals(edge.getProjectId()))) { + return true; + } + else { + return false; + } + } + + @Override + protected void checkUpdate(String clientId, Map data) { + + if(!checkWrite(clientId, data)) { + throw new CowebException("Error when updating edge","Edge not in correct project"); + } + } + + @Override + protected void checkDelete(String clientId, Map data) { + if(!checkWrite(clientId, data)) { + throw new CowebException("Error when updating edge","Edge not in correct project"); + } + } + } diff -r 521fee5b7fe4 -r 66db2c72cc0d server/src/main/java/org/iri_research/renkan/coweb/event/NodeSyncEventManager.java --- a/server/src/main/java/org/iri_research/renkan/coweb/event/NodeSyncEventManager.java Thu Jan 16 01:29:02 2014 +0100 +++ b/server/src/main/java/org/iri_research/renkan/coweb/event/NodeSyncEventManager.java Thu Jan 16 13:48:34 2014 +0100 @@ -116,4 +116,41 @@ return project.getNodes(); } + private boolean checkWrite(String clientId, Map data) { + + @SuppressWarnings("unchecked") + Map values = (Map) data.get("value"); + String project_id = (String) values.get("_project_id"); + + String node_id = (String) values.get("id"); + + Node node = this.getNodesRepository().findOne(node_id); + + if(node==null) { + return true; + } + else if ( (project_id == node.getProjectId()) || (project_id != null && project_id.equals(node.getProjectId()))) { + return true; + } + else { + return false; + } + } + + @Override + protected void checkUpdate(String clientId, Map data) { + + if(!checkWrite(clientId, data)) { + throw new CowebException("Error when updating node","Node not in correct project"); + } + } + + @Override + protected void checkDelete(String clientId, Map data) { + if(!checkWrite(clientId, data)) { + throw new CowebException("Error when updating node","Node not in correct project"); + } + } + + } diff -r 521fee5b7fe4 -r 66db2c72cc0d server/src/main/java/org/iri_research/renkan/coweb/event/ProjectSyncEventManager.java --- a/server/src/main/java/org/iri_research/renkan/coweb/event/ProjectSyncEventManager.java Thu Jan 16 01:29:02 2014 +0100 +++ b/server/src/main/java/org/iri_research/renkan/coweb/event/ProjectSyncEventManager.java Thu Jan 16 13:48:34 2014 +0100 @@ -74,4 +74,14 @@ throw new UnsupportedOperationException("Get object list called error"); } + @Override + protected void checkUpdate(String clientId, Map data) { + //do nothing + } + + @Override + protected void checkDelete(String clientId, Map data) { + //do nothing + } + } diff -r 521fee5b7fe4 -r 66db2c72cc0d server/src/main/java/org/iri_research/renkan/coweb/event/UserSyncEventManager.java --- a/server/src/main/java/org/iri_research/renkan/coweb/event/UserSyncEventManager.java Thu Jan 16 01:29:02 2014 +0100 +++ b/server/src/main/java/org/iri_research/renkan/coweb/event/UserSyncEventManager.java Thu Jan 16 13:48:34 2014 +0100 @@ -92,7 +92,16 @@ protected List getObjectList(Project project) { // TODO: correct this, this is wrong, just put here to cpmpile return null; - // return project.getUsers(); + } + + @Override + protected void checkUpdate(String clientId, Map data) { + // do nothing + } + + @Override + protected void checkDelete(String clientId, Map data) { + // do nothing } }