aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorAnton Tananaev <anton.tananaev@gmail.com>2016-11-18 00:16:55 +1300
committerAnton Tananaev <anton.tananaev@gmail.com>2016-11-18 00:16:55 +1300
commit468e3b0aa03fbe69b4c590743cf9f6886ef99751 (patch)
tree5a663969b2701f3a8d092fc43437754ceda81cfa /src
parentaf6c734879aa483efcc8150d5fdb704f40fb59cd (diff)
downloadtraccar-server-468e3b0aa03fbe69b4c590743cf9f6886ef99751.tar.gz
traccar-server-468e3b0aa03fbe69b4c590743cf9f6886ef99751.tar.bz2
traccar-server-468e3b0aa03fbe69b4c590743cf9f6886ef99751.zip
Check account on every call
Diffstat (limited to 'src')
-rw-r--r--src/org/traccar/api/SecurityRequestFilter.java1
-rw-r--r--src/org/traccar/database/PermissionsManager.java16
2 files changed, 14 insertions, 3 deletions
diff --git a/src/org/traccar/api/SecurityRequestFilter.java b/src/org/traccar/api/SecurityRequestFilter.java
index 598e4566d..be74a3607 100644
--- a/src/org/traccar/api/SecurityRequestFilter.java
+++ b/src/org/traccar/api/SecurityRequestFilter.java
@@ -80,6 +80,7 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
Long userId = (Long) request.getSession().getAttribute(SessionResource.USER_ID_KEY);
if (userId != null) {
+ Context.getPermissionsManager().checkUser(userId);
Context.getStatisticsManager().registerRequest(userId);
securityContext = new UserSecurityContext(new UserPrincipal(userId));
}
diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java
index e620d5334..1c995a11d 100644
--- a/src/org/traccar/database/PermissionsManager.java
+++ b/src/org/traccar/database/PermissionsManager.java
@@ -146,7 +146,17 @@ public class PermissionsManager {
public void checkReadonly(long userId) throws SecurityException {
if (!isAdmin(userId) && (server.getReadonly() || isReadonly(userId))) {
- throw new SecurityException("User is readonly");
+ throw new SecurityException("Account is readonly");
+ }
+ }
+
+ public void checkUser(long userId) throws SecurityException {
+ User user = getUser(userId);
+ if (user.getDisabled()) {
+ throw new SecurityException("Account is disabled");
+ }
+ if (user.getExpirationTime() != null && System.currentTimeMillis() > user.getExpirationTime().getTime()) {
+ throw new SecurityException("Account has expired");
}
}
@@ -217,8 +227,8 @@ public class PermissionsManager {
public User login(String email, String password) throws SQLException {
User user = dataManager.login(email, password);
- if (user != null && !user.getDisabled() && (user.getExpirationTime() == null
- || user.getExpirationTime().getTime() > System.currentTimeMillis())) {
+ if (user != null) {
+ checkUser(user.getId());
return users.get(user.getId());
}
return null;