diff options
author | Anton Tananaev <anton.tananaev@gmail.com> | 2017-01-18 00:33:59 +1300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-01-18 00:33:59 +1300 |
commit | 2cdc0c93b759dfbdaff0c5577862b151d9aadf7f (patch) | |
tree | b397ec630e858c76d7ea3ca29305def271f08f62 /src/org/traccar/api | |
parent | 09a5ceb7b1681cb50338f37f775e13a5121e4385 (diff) | |
parent | 68abcc05ddd3633167f4e1c45d0ae9cf05dbcc43 (diff) | |
download | traccar-server-2cdc0c93b759dfbdaff0c5577862b151d9aadf7f.tar.gz traccar-server-2cdc0c93b759dfbdaff0c5577862b151d9aadf7f.tar.bz2 traccar-server-2cdc0c93b759dfbdaff0c5577862b151d9aadf7f.zip |
Merge pull request #2801 from Abyss777/manager
Implement user management
Diffstat (limited to 'src/org/traccar/api')
-rw-r--r-- | src/org/traccar/api/resource/CalendarResource.java | 12 | ||||
-rw-r--r-- | src/org/traccar/api/resource/DevicePermissionResource.java | 13 | ||||
-rw-r--r-- | src/org/traccar/api/resource/DeviceResource.java | 18 | ||||
-rw-r--r-- | src/org/traccar/api/resource/GeofenceResource.java | 14 | ||||
-rw-r--r-- | src/org/traccar/api/resource/GroupPermissionResource.java | 10 | ||||
-rw-r--r-- | src/org/traccar/api/resource/GroupResource.java | 10 | ||||
-rw-r--r-- | src/org/traccar/api/resource/UserPermissionResource.java | 56 | ||||
-rw-r--r-- | src/org/traccar/api/resource/UserResource.java | 38 |
8 files changed, 133 insertions, 38 deletions
diff --git a/src/org/traccar/api/resource/CalendarResource.java b/src/org/traccar/api/resource/CalendarResource.java index 0a9bb5daf..641d3b4b5 100644 --- a/src/org/traccar/api/resource/CalendarResource.java +++ b/src/org/traccar/api/resource/CalendarResource.java @@ -1,6 +1,6 @@ /* - * Copyright 2016 Anton Tananaev (anton@traccar.org) - * Copyright 2016 Andrey Kunitsyn (andrey@traccar.org) + * Copyright 2016 - 2017 Anton Tananaev (anton@traccar.org) + * Copyright 2016 - 2017 Andrey Kunitsyn (andrey@traccar.org) * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -45,8 +45,12 @@ public class CalendarResource extends BaseResource { @QueryParam("all") boolean all, @QueryParam("userId") long userId) throws SQLException { if (all) { - Context.getPermissionsManager().checkAdmin(getUserId()); - return Context.getCalendarManager().getAllCalendars(); + if (Context.getPermissionsManager().isAdmin(getUserId())) { + return Context.getCalendarManager().getAllCalendars(); + } else { + Context.getPermissionsManager().checkManager(getUserId()); + return Context.getCalendarManager().getManagedCalendars(getUserId()); + } } else { if (userId == 0) { userId = getUserId(); diff --git a/src/org/traccar/api/resource/DevicePermissionResource.java b/src/org/traccar/api/resource/DevicePermissionResource.java index 3b89507fa..af38676b0 100644 --- a/src/org/traccar/api/resource/DevicePermissionResource.java +++ b/src/org/traccar/api/resource/DevicePermissionResource.java @@ -1,5 +1,5 @@ /* - * Copyright 2015 - 2016 Anton Tananaev (anton@traccar.org) + * Copyright 2015 - 2017 Anton Tananaev (anton@traccar.org) * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -35,7 +35,12 @@ public class DevicePermissionResource extends BaseResource { @POST public Response add(DevicePermission entity) throws SQLException { - Context.getPermissionsManager().checkAdmin(getUserId()); + Context.getPermissionsManager().checkReadonly(getUserId()); + Context.getPermissionsManager().checkUser(getUserId(), entity.getUserId()); + Context.getPermissionsManager().checkDevice(getUserId(), entity.getDeviceId()); + if (!Context.getPermissionsManager().isAdmin(getUserId())) { + Context.getPermissionsManager().checkDeviceLimit(entity.getUserId()); + } Context.getDataManager().linkDevice(entity.getUserId(), entity.getDeviceId()); Context.getPermissionsManager().refreshPermissions(); if (Context.getGeofenceManager() != null) { @@ -46,7 +51,9 @@ public class DevicePermissionResource extends BaseResource { @DELETE public Response remove(DevicePermission entity) throws SQLException { - Context.getPermissionsManager().checkAdmin(getUserId()); + Context.getPermissionsManager().checkReadonly(getUserId()); + Context.getPermissionsManager().checkUser(getUserId(), entity.getUserId()); + Context.getPermissionsManager().checkDevice(getUserId(), entity.getDeviceId()); Context.getDataManager().unlinkDevice(entity.getUserId(), entity.getDeviceId()); Context.getPermissionsManager().refreshPermissions(); if (Context.getGeofenceManager() != null) { diff --git a/src/org/traccar/api/resource/DeviceResource.java b/src/org/traccar/api/resource/DeviceResource.java index e4ecd3625..c9680ac77 100644 --- a/src/org/traccar/api/resource/DeviceResource.java +++ b/src/org/traccar/api/resource/DeviceResource.java @@ -1,5 +1,5 @@ /* - * Copyright 2015 - 2016 Anton Tananaev (anton@traccar.org) + * Copyright 2015 - 2017 Anton Tananaev (anton@traccar.org) * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -44,8 +44,12 @@ public class DeviceResource extends BaseResource { public Collection<Device> get( @QueryParam("all") boolean all, @QueryParam("userId") long userId) throws SQLException { if (all) { - Context.getPermissionsManager().checkAdmin(getUserId()); - return Context.getDeviceManager().getAllDevices(); + if (Context.getPermissionsManager().isAdmin(getUserId())) { + return Context.getDeviceManager().getAllDevices(); + } else { + Context.getPermissionsManager().checkManager(getUserId()); + return Context.getDeviceManager().getManagedDevices(getUserId()); + } } else { if (userId == 0) { userId = getUserId(); @@ -58,13 +62,7 @@ public class DeviceResource extends BaseResource { @POST public Response add(Device entity) throws SQLException { Context.getPermissionsManager().checkReadonly(getUserId()); - int deviceLimit = Context.getPermissionsManager().getUser(getUserId()).getDeviceLimit(); - if (deviceLimit != 0) { - int deviceCount = Context.getPermissionsManager().getDevicePermissions(getUserId()).size(); - if (deviceCount >= deviceLimit) { - throw new SecurityException("User device limit reached"); - } - } + Context.getPermissionsManager().checkDeviceLimit(getUserId()); Context.getDeviceManager().addDevice(entity); Context.getDataManager().linkDevice(getUserId(), entity.getId()); Context.getPermissionsManager().refreshPermissions(); diff --git a/src/org/traccar/api/resource/GeofenceResource.java b/src/org/traccar/api/resource/GeofenceResource.java index 591908813..d5acf106a 100644 --- a/src/org/traccar/api/resource/GeofenceResource.java +++ b/src/org/traccar/api/resource/GeofenceResource.java @@ -1,5 +1,5 @@ /* - * Copyright 2016 Anton Tananaev (anton@traccar.org) + * Copyright 2016 - 2017 Anton Tananaev (anton@traccar.org) * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -52,16 +52,20 @@ public class GeofenceResource extends BaseResource { geofenceManager.refreshGeofences(); } - Set<Long> result; + Set<Long> result = new HashSet<>(); if (all) { - Context.getPermissionsManager().checkAdmin(getUserId()); - result = new HashSet<>(geofenceManager.getAllGeofencesIds()); + if (Context.getPermissionsManager().isAdmin(getUserId())) { + result.addAll(geofenceManager.getAllGeofencesIds()); + } else { + Context.getPermissionsManager().checkManager(getUserId()); + result.addAll(geofenceManager.getManagedGeofencesIds(getUserId())); + } } else { if (userId == 0) { userId = getUserId(); } Context.getPermissionsManager().checkUser(getUserId(), userId); - result = new HashSet<>(geofenceManager.getUserGeofencesIds(userId)); + result.addAll(geofenceManager.getUserGeofencesIds(userId)); } if (groupId != 0) { diff --git a/src/org/traccar/api/resource/GroupPermissionResource.java b/src/org/traccar/api/resource/GroupPermissionResource.java index 07f101765..61a725222 100644 --- a/src/org/traccar/api/resource/GroupPermissionResource.java +++ b/src/org/traccar/api/resource/GroupPermissionResource.java @@ -1,5 +1,5 @@ /* - * Copyright 2016 Anton Tananaev (anton@traccar.org) + * Copyright 2016 - 2017 Anton Tananaev (anton@traccar.org) * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -35,7 +35,9 @@ public class GroupPermissionResource extends BaseResource { @POST public Response add(GroupPermission entity) throws SQLException { - Context.getPermissionsManager().checkAdmin(getUserId()); + Context.getPermissionsManager().checkReadonly(getUserId()); + Context.getPermissionsManager().checkUser(getUserId(), entity.getUserId()); + Context.getPermissionsManager().checkGroup(getUserId(), entity.getGroupId()); Context.getDataManager().linkGroup(entity.getUserId(), entity.getGroupId()); Context.getPermissionsManager().refreshPermissions(); if (Context.getGeofenceManager() != null) { @@ -46,7 +48,9 @@ public class GroupPermissionResource extends BaseResource { @DELETE public Response remove(GroupPermission entity) throws SQLException { - Context.getPermissionsManager().checkAdmin(getUserId()); + Context.getPermissionsManager().checkReadonly(getUserId()); + Context.getPermissionsManager().checkUser(getUserId(), entity.getUserId()); + Context.getPermissionsManager().checkGroup(getUserId(), entity.getGroupId()); Context.getDataManager().unlinkGroup(entity.getUserId(), entity.getGroupId()); Context.getPermissionsManager().refreshPermissions(); if (Context.getGeofenceManager() != null) { diff --git a/src/org/traccar/api/resource/GroupResource.java b/src/org/traccar/api/resource/GroupResource.java index c98a20b7e..ceba69105 100644 --- a/src/org/traccar/api/resource/GroupResource.java +++ b/src/org/traccar/api/resource/GroupResource.java @@ -1,5 +1,5 @@ /* - * Copyright 2016 Anton Tananaev (anton@traccar.org) + * Copyright 2016 - 2017 Anton Tananaev (anton@traccar.org) * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -42,8 +42,12 @@ public class GroupResource extends BaseResource { public Collection<Group> get( @QueryParam("all") boolean all, @QueryParam("userId") long userId) throws SQLException { if (all) { - Context.getPermissionsManager().checkAdmin(getUserId()); - return Context.getDeviceManager().getAllGroups(); + if (Context.getPermissionsManager().isAdmin(getUserId())) { + return Context.getDeviceManager().getAllGroups(); + } else { + Context.getPermissionsManager().checkManager(getUserId()); + return Context.getDeviceManager().getManagedGroups(getUserId()); + } } else { if (userId == 0) { userId = getUserId(); diff --git a/src/org/traccar/api/resource/UserPermissionResource.java b/src/org/traccar/api/resource/UserPermissionResource.java new file mode 100644 index 000000000..a97c4a665 --- /dev/null +++ b/src/org/traccar/api/resource/UserPermissionResource.java @@ -0,0 +1,56 @@ +/* + * Copyright 2017 Anton Tananaev (anton@traccar.org) + * Copyright 2017 Andrey Kunitsyn (andrey@traccar.org) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.traccar.api.resource; + +import java.sql.SQLException; + +import javax.ws.rs.Consumes; +import javax.ws.rs.DELETE; +import javax.ws.rs.POST; +import javax.ws.rs.Path; +import javax.ws.rs.Produces; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response; + +import org.traccar.Context; +import org.traccar.api.BaseResource; +import org.traccar.model.UserPermission; + +@Path("permissions/users") +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +public class UserPermissionResource extends BaseResource { + + @POST + public Response add(UserPermission entity) throws SQLException { + Context.getPermissionsManager().checkAdmin(getUserId()); + if (entity.getUserId() != entity.getManagedUserId()) { + Context.getDataManager().linkUser(entity.getUserId(), entity.getManagedUserId()); + Context.getPermissionsManager().refreshUserPermissions(); + } + return Response.ok(entity).build(); + } + + @DELETE + public Response remove(UserPermission entity) throws SQLException { + Context.getPermissionsManager().checkAdmin(getUserId()); + Context.getDataManager().unlinkUser(entity.getUserId(), entity.getManagedUserId()); + Context.getPermissionsManager().refreshUserPermissions(); + return Response.noContent().build(); + } + +} diff --git a/src/org/traccar/api/resource/UserResource.java b/src/org/traccar/api/resource/UserResource.java index 678daac9b..dd59a11ee 100644 --- a/src/org/traccar/api/resource/UserResource.java +++ b/src/org/traccar/api/resource/UserResource.java @@ -1,5 +1,5 @@ /* - * Copyright 2015 - 2016 Anton Tananaev (anton@traccar.org) + * Copyright 2015 - 2017 Anton Tananaev (anton@traccar.org) * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -28,6 +28,7 @@ import javax.ws.rs.PUT; import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; +import javax.ws.rs.QueryParam; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import java.sql.SQLException; @@ -40,25 +41,42 @@ import java.util.Date; public class UserResource extends BaseResource { @GET - public Collection<User> get() throws SQLException { - Context.getPermissionsManager().checkAdmin(getUserId()); - return Context.getPermissionsManager().getUsers(); + public Collection<User> get(@QueryParam("userId") long userId) throws SQLException { + if (Context.getPermissionsManager().isAdmin(getUserId())) { + if (userId != 0) { + return Context.getPermissionsManager().getUsers(userId); + } else { + return Context.getPermissionsManager().getAllUsers(); + } + } else if (Context.getPermissionsManager().isManager(getUserId())) { + return Context.getPermissionsManager().getManagedUsers(getUserId()); + } else { + throw new SecurityException("Admin or manager access required"); + } } @PermitAll @POST public Response add(User entity) throws SQLException { if (!Context.getPermissionsManager().isAdmin(getUserId())) { - Context.getPermissionsManager().checkRegistration(getUserId()); Context.getPermissionsManager().checkUserUpdate(getUserId(), new User(), entity); - entity.setDeviceLimit(Context.getConfig().getInteger("users.defaultDeviceLimit")); - int expirationDays = Context.getConfig().getInteger("users.defaultExpirationDays"); - if (expirationDays > 0) { - entity.setExpirationTime( - new Date(System.currentTimeMillis() + (long) expirationDays * 24 * 3600 * 1000)); + if (Context.getPermissionsManager().isManager(getUserId())) { + Context.getPermissionsManager().checkUserLimit(getUserId()); + } else { + Context.getPermissionsManager().checkRegistration(getUserId()); + entity.setDeviceLimit(Context.getConfig().getInteger("users.defaultDeviceLimit")); + int expirationDays = Context.getConfig().getInteger("users.defaultExpirationDays"); + if (expirationDays > 0) { + entity.setExpirationTime( + new Date(System.currentTimeMillis() + (long) expirationDays * 24 * 3600 * 1000)); + } } } Context.getPermissionsManager().addUser(entity); + if (Context.getPermissionsManager().isManager(getUserId())) { + Context.getDataManager().linkUser(getUserId(), entity.getId()); + } + Context.getPermissionsManager().refreshUserPermissions(); if (Context.getNotificationManager() != null) { Context.getNotificationManager().refresh(); } |