diff --git a/back/src/org/kar/karideo/api/DataResource.java b/back/src/org/kar/karideo/api/DataResource.java index 01b830f..4a5f8ca 100644 --- a/back/src/org/kar/karideo/api/DataResource.java +++ b/back/src/org/kar/karideo/api/DataResource.java @@ -3,17 +3,21 @@ package org.kar.karideo.api; import org.glassfish.jersey.media.multipart.FormDataContentDisposition; import org.glassfish.jersey.media.multipart.FormDataParam; import org.kar.karideo.ConfigVariable; +import org.kar.karideo.GenericContext; import org.kar.karideo.WebLauncher; import org.kar.karideo.db.DBEntry; import org.kar.karideo.model.Data; import org.kar.karideo.model.DataSmall; import javax.annotation.security.PermitAll; +import javax.annotation.security.RolesAllowed; import javax.imageio.ImageIO; import javax.ws.rs.*; +import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; +import javax.ws.rs.core.SecurityContext; import javax.ws.rs.core.StreamingOutput; import java.awt.*; import java.awt.image.BufferedImage; @@ -323,7 +327,12 @@ public class DataResource { @POST @Path("/upload/") @Consumes({MediaType.MULTIPART_FORM_DATA}) - public Response uploadFile(@FormDataParam("file") InputStream fileInputStream, @FormDataParam("file") FormDataContentDisposition fileMetaData) { + @RolesAllowed("USER") + public Response uploadFile(@Context SecurityContext sc, @FormDataParam("file") InputStream fileInputStream, @FormDataParam("file") FormDataContentDisposition fileMetaData) { + GenericContext gc = (GenericContext) sc.getUserPrincipal(); + System.out.println("==================================================="); + System.out.println("== DATA uploadFile " + gc.user); + System.out.println("==================================================="); //public NodeSmall uploadFile(final FormDataMultiPart form) { System.out.println("Upload file: "); String filePath = ConfigVariable.getTmpDataFolder() + File.separator + tmpFolderId++; @@ -340,15 +349,13 @@ public class DataResource { //@Secured @GET @Path("{id}") - //@RolesAllowed("GUEST") + @RolesAllowed("USER") @Produces(MediaType.APPLICATION_OCTET_STREAM) - public Response retriveDataId(/*@Context SecurityContext sc,*/ @HeaderParam("Range") String range, @PathParam("id") Long id) throws Exception { - /* - GenericContext gc = (GenericContext) sc.getUserPrincipal(); + public Response retriveDataId(@Context SecurityContext sc, @HeaderParam("Range") String range, @PathParam("id") Long id) throws Exception { + GenericContext gc = (GenericContext) sc.getUserPrincipal(); System.out.println("==================================================="); - System.out.println("== USER get data ? " + gc.user); + System.out.println("== DATA retriveDataId ? " + gc.user); System.out.println("==================================================="); - */ DataSmall value = getSmall(id); if (value == null) { Response.status(404). @@ -361,15 +368,13 @@ public class DataResource { //@Secured @GET @Path("thumbnail/{id}") - //@RolesAllowed("GUEST") + @RolesAllowed("USER") @Produces(MediaType.APPLICATION_OCTET_STREAM) - public Response retriveDataThumbnailId(/*@Context SecurityContext sc,*/ @HeaderParam("Range") String range, @PathParam("id") Long id) throws Exception { - /* + public Response retriveDataThumbnailId(@Context SecurityContext sc, @HeaderParam("Range") String range, @PathParam("id") Long id) throws Exception { GenericContext gc = (GenericContext) sc.getUserPrincipal(); System.out.println("==================================================="); - System.out.println("== USER get data ? " + gc.user); + System.out.println("== DATA retriveDataThumbnailId ? " + gc.user); System.out.println("==================================================="); - */ DataSmall value = getSmall(id); if (value == null) { Response.status(404). @@ -410,15 +415,13 @@ public class DataResource { //@Secured @GET @Path("{id}/{name}") - //@RolesAllowed("GUEST") + @RolesAllowed("USER") @Produces(MediaType.APPLICATION_OCTET_STREAM) - public Response retriveDataFull(/*@Context SecurityContext sc,*/ @HeaderParam("Range") String range, @PathParam("id") Long id, @PathParam("name") String name) throws Exception { - /* + public Response retriveDataFull(@Context SecurityContext sc, @HeaderParam("Range") String range, @PathParam("id") Long id, @PathParam("name") String name) throws Exception { GenericContext gc = (GenericContext) sc.getUserPrincipal(); System.out.println("==================================================="); - System.out.println("== USER get data ? " + gc.user); + System.out.println("== DATA retriveDataFull ? " + gc.user); System.out.println("==================================================="); - */ DataSmall value = getSmall(id); if (value == null) { Response.status(404). diff --git a/back/src/org/kar/karideo/api/SeriesResource.java b/back/src/org/kar/karideo/api/SeriesResource.java index 748a1d7..744a576 100644 --- a/back/src/org/kar/karideo/api/SeriesResource.java +++ b/back/src/org/kar/karideo/api/SeriesResource.java @@ -54,7 +54,7 @@ public class SeriesResource { @Path("{id}/add_cover") @Consumes({MediaType.MULTIPART_FORM_DATA}) public Response uploadCover(@PathParam("id") Long id, - @FormDataParam("file_name") String fileName, + @FormDataParam("fileName") String fileName, @FormDataParam("file") InputStream fileInputStream, @FormDataParam("file") FormDataContentDisposition fileMetaData ) { @@ -62,8 +62,8 @@ public class SeriesResource { } @GET - @Path("{id}/rm_cover/{cover_id}") - public Response removeCover(@PathParam("id") Long nodeId, @PathParam("cover_id") Long coverId) { + @Path("{id}/rm_cover/{coverId}") + public Response removeCover(@PathParam("id") Long nodeId, @PathParam("coverId") Long coverId) { return NodeInterface.removeCover(typeInNode, nodeId, coverId); }