Skip to content
Snippets Groups Projects
Commit 1670a2e1 authored by kfilippopolitis's avatar kfilippopolitis
Browse files

Updated getExperiment so an experiment can be accessed in two cases: 1. If it...

Updated getExperiment so an experiment can be accessed in two cases: 1. If it is shared to everyone 2. If it is not shared only the owner can access it. If none of the above is the case it will return a UNAUTHORIZED Http Status.
parent ded2e389
No related branches found
No related tags found
1 merge request!15Experiments ownership
......@@ -103,6 +103,11 @@ public class ExperimentApi {
return new ResponseEntity<>("Not found", HttpStatus.NOT_FOUND);
}
if (!experiment.isShared() && experiment.getCreatedBy().getUsername().compareTo(userInfo.getUser().getUsername()) != 0) {
return new ResponseEntity<>("You have no access to the experiment", HttpStatus.UNAUTHORIZED);
}
UserActionLogging.LogUserAction(userInfo.getUser().getUsername(), "Get an experiment ", " uuid : " + uuid);
return new ResponseEntity<>(gsonOnlyExposed.toJson(experiment.jsonify()), HttpStatus.OK);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment