1.1 --- a/webidor/src/main/java/cz/xelfi/quoridor/webidor/resources/Games.java	Sat Sep 12 05:00:28 2009 +0200
     1.2 +++ b/webidor/src/main/java/cz/xelfi/quoridor/webidor/resources/Games.java	Sun Sep 13 16:48:54 2009 +0200
     1.3 @@ -48,19 +48,23 @@
     1.4  import javax.ws.rs.PathParam;
     1.5  import javax.ws.rs.Produces;
     1.6  import javax.ws.rs.QueryParam;
     1.7 +import javax.ws.rs.WebApplicationException;
     1.8  import javax.ws.rs.core.MediaType;
     1.9 +import javax.ws.rs.core.Response.Status;
    1.10  
    1.11  /**
    1.12   *
    1.13   * @author Jaroslav Tulach <jtulach@netbeans.org>
    1.14   */
    1.15  public final class Games {
    1.16 +    private final Quoridor quoridor;
    1.17      private final List<Game> games = new ArrayList<Game>();
    1.18      private final File dir;
    1.19      private static final Logger LOG = Logger.getLogger(Games.class.getName());
    1.20  
    1.21 -    public Games(File dir) {
    1.22 +    public Games(File dir, Quoridor quoridor) {
    1.23          this.dir = dir;
    1.24 +        this.quoridor = quoridor;
    1.25          File[] arr = dir.listFiles();
    1.26          if (arr != null) {
    1.27              for (File f : arr) {
    1.28 @@ -77,15 +81,24 @@
    1.29      @POST
    1.30      @Produces({ MediaType.APPLICATION_JSON, MediaType.TEXT_XML })
    1.31      public GameId createGame(
    1.32 +        @QueryParam("loginID") String id,
    1.33          @QueryParam("white") String white,
    1.34          @QueryParam("black") String black
    1.35      ) throws IOException {
    1.36 +        String logUser = quoridor.isLoggedIn(id);
    1.37 +        if (logUser == null) {
    1.38 +            throw new WebApplicationException(Status.UNAUTHORIZED);
    1.39 +        }
    1.40          if (white == null) {
    1.41 -            throw new IllegalArgumentException("Must specify white");
    1.42 +            throw new WebApplicationException(Status.PRECONDITION_FAILED);
    1.43          }
    1.44          if (black == null) {
    1.45 -            throw new IllegalArgumentException("Must specify black");
    1.46 +            throw new WebApplicationException(Status.PRECONDITION_FAILED);
    1.47          }
    1.48 +        if (!logUser.equals(white) && !logUser.equals(black)) {
    1.49 +            throw new WebApplicationException(Status.PRECONDITION_FAILED);
    1.50 +        }
    1.51 +
    1.52          Game g = new Game(white, black);
    1.53          storeGame(g);
    1.54          games.add(g);
    1.55 @@ -118,10 +131,19 @@
    1.56      @Path("{id}")
    1.57      @Produces({ MediaType.APPLICATION_JSON, MediaType.TEXT_XML })
    1.58      public GameId applyMove(
    1.59 +        @QueryParam("loginID") String loginId,
    1.60          @PathParam("id") String id,
    1.61          @QueryParam("player") String player,
    1.62          @QueryParam("move") String move
    1.63      ) throws IllegalPositionException {
    1.64 +        String logUser = quoridor.isLoggedIn(loginId);
    1.65 +        if (logUser == null) {
    1.66 +            throw new WebApplicationException(Status.UNAUTHORIZED);
    1.67 +        }
    1.68 +        if (!logUser.equals(player)) {
    1.69 +            throw new WebApplicationException(Status.UNAUTHORIZED);
    1.70 +        }
    1.71 +
    1.72          Game g = findGame(id);
    1.73          if (g == null) {
    1.74              throw new IllegalArgumentException("Unknown game " + id);