Gitiles
Code Review Sign In
korap.ids-mannheim.de / KorAP / Kustvakt / 9c484cf0537073d6181506526fdd6618dcb6a572^! / .
commit9c484cf0537073d6181506526fdd6618dcb6a572[log] [tgz]
authorMichael Hanl <micha.hanl@gmail.com>Mon Jun 06 20:33:19 2016 +0200
committerMichael Hanl <micha.hanl@gmail.com>Mon Jun 06 20:33:19 2016 +0200
tree86854022139c676b15735e97d9c6d681ebc59a08
parent00ef546cacc8067d69cc0552073cdfae20905b86 [diff]
public resource retrieval hot fix

Change-Id: I1936a2a19c50a52804e7209c520e37f886bcf1ce

diff --git a/src/main/java/de/ids_mannheim/korap/security/ac/ResourceFinder.java b/src/main/java/de/ids_mannheim/korap/security/ac/ResourceFinder.java
index 33cde6d..b27d26a 100644
--- a/src/main/java/de/ids_mannheim/korap/security/ac/ResourceFinder.java
+++ b/src/main/java/de/ids_mannheim/korap/security/ac/ResourceFinder.java

@@ -111,10 +111,11 @@
 
         List<String> id_set = Arrays.asList(ids);
         for (SecurityPolicy policy : policies) {
-            T r = (T) resourcedaos.get(KustvaktResource.class).findbyId(
-                    policy.getTarget(), User.UserFactory.getDemoUser());
-            if (id_set.isEmpty() || id_set.contains(r.getPersistentID()))
+            if (id_set.isEmpty() || id_set.contains(policy.getTarget())) {
+                T r = (T) resourcedaos.get(KustvaktResource.class).findbyId(
+                        policy.getTarget(), User.UserFactory.getDemoUser());
                 sets.add(r);
+            }
         }
         return sets;
     }

diff --git a/src/main/java/de/ids_mannheim/korap/web/service/full/ResourceService.java b/src/main/java/de/ids_mannheim/korap/web/service/full/ResourceService.java
index 2bced4f..8c8a599 100644
--- a/src/main/java/de/ids_mannheim/korap/web/service/full/ResourceService.java
+++ b/src/main/java/de/ids_mannheim/korap/web/service/full/ResourceService.java

@@ -148,7 +148,16 @@
                         ResourceFactory.getResourceClass(type));
         }
         catch (KustvaktException e) {
-            throw KustvaktResponseHandler.throwit(e);
+            if (e.getStatusCode() != StatusCodes.PERMISSION_DENIED)
+                throw KustvaktResponseHandler.throwit(e);
+
+            try {
+                Set set = ResourceFinder.searchPublicFiltered(cl_type, id);
+                resource = (KustvaktResource) set.toArray()[0];
+            }
+            catch (KustvaktException e1) {
+                throw KustvaktResponseHandler.throwit(e);
+            }
         }
         return Response.ok(JsonUtils.toJSON(resource.toMap())).build();
     }
@@ -377,10 +386,20 @@
                 resource = this.resourceHandler.findbyStrId(id, user,
                         ResourceFactory.getResourceClass(type));
         }
+        //todo: instead of throwing exception, build notification and rewrites into result query
         catch (KustvaktException e) {
-            //todo: instead of throwing exception, build notification and rewrites into result query
-            jlog.error("Exception encountered: {}", e.string());
-            throw KustvaktResponseHandler.throwit(e);
+            if (e.getStatusCode() != StatusCodes.PERMISSION_DENIED) {
+                jlog.error("Exception encountered: {}", e.string());
+                throw KustvaktResponseHandler.throwit(e);
+            }
+            try {
+                Set set = ResourceFinder.searchPublicFiltered(
+                        ResourceFactory.getResourceClass(type), id);
+                resource = (KustvaktResource) set.toArray()[0];
+            }
+            catch (KustvaktException e1) {
+                throw KustvaktResponseHandler.throwit(e);
+            }
         }
 
         if (resource != null) {