diff options
author | Anton Tananaev <anton.tananaev@gmail.com> | 2016-11-18 00:16:55 +1300 |
---|---|---|
committer | Anton Tananaev <anton.tananaev@gmail.com> | 2016-11-18 00:16:55 +1300 |
commit | 468e3b0aa03fbe69b4c590743cf9f6886ef99751 (patch) | |
tree | 5a663969b2701f3a8d092fc43437754ceda81cfa /src | |
parent | af6c734879aa483efcc8150d5fdb704f40fb59cd (diff) | |
download | traccar-server-468e3b0aa03fbe69b4c590743cf9f6886ef99751.tar.gz traccar-server-468e3b0aa03fbe69b4c590743cf9f6886ef99751.tar.bz2 traccar-server-468e3b0aa03fbe69b4c590743cf9f6886ef99751.zip |
Check account on every call
Diffstat (limited to 'src')
-rw-r--r-- | src/org/traccar/api/SecurityRequestFilter.java | 1 | ||||
-rw-r--r-- | src/org/traccar/database/PermissionsManager.java | 16 |
2 files changed, 14 insertions, 3 deletions
diff --git a/src/org/traccar/api/SecurityRequestFilter.java b/src/org/traccar/api/SecurityRequestFilter.java index 598e4566d..be74a3607 100644 --- a/src/org/traccar/api/SecurityRequestFilter.java +++ b/src/org/traccar/api/SecurityRequestFilter.java @@ -80,6 +80,7 @@ public class SecurityRequestFilter implements ContainerRequestFilter { Long userId = (Long) request.getSession().getAttribute(SessionResource.USER_ID_KEY); if (userId != null) { + Context.getPermissionsManager().checkUser(userId); Context.getStatisticsManager().registerRequest(userId); securityContext = new UserSecurityContext(new UserPrincipal(userId)); } diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java index e620d5334..1c995a11d 100644 --- a/src/org/traccar/database/PermissionsManager.java +++ b/src/org/traccar/database/PermissionsManager.java @@ -146,7 +146,17 @@ public class PermissionsManager { public void checkReadonly(long userId) throws SecurityException { if (!isAdmin(userId) && (server.getReadonly() || isReadonly(userId))) { - throw new SecurityException("User is readonly"); + throw new SecurityException("Account is readonly"); + } + } + + public void checkUser(long userId) throws SecurityException { + User user = getUser(userId); + if (user.getDisabled()) { + throw new SecurityException("Account is disabled"); + } + if (user.getExpirationTime() != null && System.currentTimeMillis() > user.getExpirationTime().getTime()) { + throw new SecurityException("Account has expired"); } } @@ -217,8 +227,8 @@ public class PermissionsManager { public User login(String email, String password) throws SQLException { User user = dataManager.login(email, password); - if (user != null && !user.getDisabled() && (user.getExpirationTime() == null - || user.getExpirationTime().getTime() > System.currentTimeMillis())) { + if (user != null) { + checkUser(user.getId()); return users.get(user.getId()); } return null; |