1.1 --- a/webidor/src/main/java/cz/xelfi/quoridor/webidor/resources/Games.java Tue Dec 08 19:57:02 2009 +0100
1.2 +++ b/webidor/src/main/java/cz/xelfi/quoridor/webidor/resources/Games.java Wed Dec 23 07:59:16 2009 +0100
1.3 @@ -134,7 +134,7 @@
1.4 @QueryParam("loginID") @DefaultValue("") String loginId,
1.5 @PathParam("id") String id,
1.6 @QueryParam("move") @DefaultValue("-1") int move
1.7 - ) {
1.8 + ) throws IOException {
1.9 Game g = findGame(id, move);
1.10 if (canSee(g.getId(), loginId)) {
1.11 return g;
1.12 @@ -142,7 +142,7 @@
1.13 throw new WebApplicationException(Status.UNAUTHORIZED);
1.14 }
1.15
1.16 - private boolean canSee(GameId id, String loginId) {
1.17 + private boolean canSee(GameId id, String loginId) throws IOException {
1.18 if (!id.isFinished()) {
1.19 return true;
1.20 }
1.21 @@ -156,6 +156,10 @@
1.22 if (logUser.equals(id.getBlack())) {
1.23 return true;
1.24 }
1.25 + User info = quoridor.getUsers().getUserInfo(loginId, logUser);
1.26 + if (info != null && info.hasPermission("games")) {
1.27 + return true;
1.28 + }
1.29 return false;
1.30 }
1.31
1.32 @@ -204,7 +208,7 @@
1.33 public List<GameId> listGames(
1.34 @DefaultValue("") @QueryParam("loginID") String loginId,
1.35 @DefaultValue("") @QueryParam("status") String status
1.36 - ) {
1.37 + ) throws IOException {
1.38 List<GameId> arr = new ArrayList<GameId>(games.size());
1.39 for (Game g : games) {
1.40 if (!canSee(g.getId(), loginId)) {