diff options
author | Abyss777 <abyss@fox5.ru> | 2016-11-23 09:17:07 +0500 |
---|---|---|
committer | Abyss777 <abyss@fox5.ru> | 2016-11-23 09:17:07 +0500 |
commit | 685fd3826b64b14106aeace0a647e71a4cc4fe81 (patch) | |
tree | 0a66b3ce6ce21964c539c4627e04640738f04c2b /src/org/traccar/api/resource | |
parent | 2e2ec32b732f27df9c73f83a1982944cae45bf70 (diff) | |
parent | 5f867c6077f79a2a1d3b8ec18f78c3a2657ba698 (diff) | |
download | traccar-server-685fd3826b64b14106aeace0a647e71a4cc4fe81.tar.gz traccar-server-685fd3826b64b14106aeace0a647e71a4cc4fe81.tar.bz2 traccar-server-685fd3826b64b14106aeace0a647e71a4cc4fe81.zip |
Merge remote-tracking branch 'upstream/master' into maintenanceevents
Diffstat (limited to 'src/org/traccar/api/resource')
-rw-r--r-- | src/org/traccar/api/resource/SessionResource.java | 2 | ||||
-rw-r--r-- | src/org/traccar/api/resource/UserResource.java | 17 |
2 files changed, 5 insertions, 14 deletions
diff --git a/src/org/traccar/api/resource/SessionResource.java b/src/org/traccar/api/resource/SessionResource.java index 996865c4b..5f1c597d1 100644 --- a/src/org/traccar/api/resource/SessionResource.java +++ b/src/org/traccar/api/resource/SessionResource.java @@ -80,7 +80,7 @@ public class SessionResource extends BaseResource { } if (userId != null) { - Context.getPermissionsManager().checkUser(userId); + Context.getPermissionsManager().checkUserEnabled(userId); return Context.getPermissionsManager().getUser(userId); } else { throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).build()); diff --git a/src/org/traccar/api/resource/UserResource.java b/src/org/traccar/api/resource/UserResource.java index a9edced25..ddbca6b0f 100644 --- a/src/org/traccar/api/resource/UserResource.java +++ b/src/org/traccar/api/resource/UserResource.java @@ -49,6 +49,7 @@ public class UserResource extends BaseResource { public Response add(User entity) throws SQLException { if (!Context.getPermissionsManager().isAdmin(getUserId())) { Context.getPermissionsManager().checkRegistration(getUserId()); + Context.getPermissionsManager().checkUserUpdate(getUserId(), new User(), entity); } Context.getPermissionsManager().addUser(entity); if (Context.getNotificationManager() != null) { @@ -60,19 +61,9 @@ public class UserResource extends BaseResource { @Path("{id}") @PUT public Response update(User entity) throws SQLException { - User old = Context.getPermissionsManager().getUser(entity.getId()); - if (old.getExpirationTime() == null && entity.getExpirationTime() != null - || old.getExpirationTime() != null && !old.getExpirationTime().equals(entity.getExpirationTime()) - || old.getAdmin() != entity.getAdmin() - || old.getReadonly() != entity.getReadonly() - || old.getDisabled() != entity.getDisabled() - || old.getDeviceLimit() != entity.getDeviceLimit() - || old.getToken() == null && entity.getToken() != null - || old.getToken() != null && !old.getToken().equals(entity.getToken())) { - Context.getPermissionsManager().checkAdmin(getUserId()); - } else { - Context.getPermissionsManager().checkUser(getUserId(), entity.getId()); - } + User before = Context.getPermissionsManager().getUser(entity.getId()); + Context.getPermissionsManager().checkUser(getUserId(), entity.getId()); + Context.getPermissionsManager().checkUserUpdate(getUserId(), before, entity); Context.getPermissionsManager().updateUser(entity); if (Context.getNotificationManager() != null) { Context.getNotificationManager().refresh(); |