aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/org/traccar/api/resource
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/org/traccar/api/resource')
-rw-r--r--src/main/java/org/traccar/api/resource/EventResource.java20
-rw-r--r--src/main/java/org/traccar/api/resource/OrderResource.java35
-rw-r--r--src/main/java/org/traccar/api/resource/PasswordResource.java7
-rw-r--r--src/main/java/org/traccar/api/resource/PermissionsResource.java68
-rw-r--r--src/main/java/org/traccar/api/resource/SessionResource.java33
5 files changed, 131 insertions, 32 deletions
diff --git a/src/main/java/org/traccar/api/resource/EventResource.java b/src/main/java/org/traccar/api/resource/EventResource.java
index e0ccf7020..34e4a94ce 100644
--- a/src/main/java/org/traccar/api/resource/EventResource.java
+++ b/src/main/java/org/traccar/api/resource/EventResource.java
@@ -1,3 +1,18 @@
+/*
+ * Copyright 2016 - 2021 Anton Tananaev (anton@traccar.org)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
package org.traccar.api.resource;
import java.sql.SQLException;
@@ -7,7 +22,9 @@ import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
+import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
import org.traccar.Context;
import org.traccar.api.BaseResource;
@@ -25,6 +42,9 @@ public class EventResource extends BaseResource {
@GET
public Event get(@PathParam("id") long id) throws SQLException {
Event event = Context.getDataManager().getObject(Event.class, id);
+ if (event == null) {
+ throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).build());
+ }
Context.getPermissionsManager().checkDevice(getUserId(), event.getDeviceId());
if (event.getGeofenceId() != 0) {
Context.getPermissionsManager().checkPermission(Geofence.class, getUserId(), event.getGeofenceId());
diff --git a/src/main/java/org/traccar/api/resource/OrderResource.java b/src/main/java/org/traccar/api/resource/OrderResource.java
new file mode 100644
index 000000000..77608a508
--- /dev/null
+++ b/src/main/java/org/traccar/api/resource/OrderResource.java
@@ -0,0 +1,35 @@
+/*
+ * Copyright 2021 Anton Tananaev (anton@traccar.org)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.traccar.api.resource;
+
+import org.traccar.api.SimpleObjectResource;
+import org.traccar.model.Order;
+
+import javax.ws.rs.Consumes;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+
+@Path("orders")
+@Produces(MediaType.APPLICATION_JSON)
+@Consumes(MediaType.APPLICATION_JSON)
+public class OrderResource extends SimpleObjectResource<Order> {
+
+ public OrderResource() {
+ super(Order.class);
+ }
+
+}
diff --git a/src/main/java/org/traccar/api/resource/PasswordResource.java b/src/main/java/org/traccar/api/resource/PasswordResource.java
index 20e8d768d..1868a6191 100644
--- a/src/main/java/org/traccar/api/resource/PasswordResource.java
+++ b/src/main/java/org/traccar/api/resource/PasswordResource.java
@@ -19,7 +19,7 @@ import org.apache.velocity.VelocityContext;
import org.traccar.Context;
import org.traccar.api.BaseResource;
import org.traccar.model.User;
-import org.traccar.notification.FullMessage;
+import org.traccar.notification.NotificationMessage;
import org.traccar.notification.TextTemplateFormatter;
import javax.annotation.security.PermitAll;
@@ -53,8 +53,9 @@ public class PasswordResource extends BaseResource {
Context.getUsersManager().updateItem(user);
VelocityContext velocityContext = TextTemplateFormatter.prepareContext(null);
velocityContext.put("token", token);
- FullMessage message = TextTemplateFormatter.formatFullMessage(velocityContext, "passwordReset");
- Context.getMailManager().sendMessage(userId, message.getSubject(), message.getBody());
+ NotificationMessage fullMessage =
+ TextTemplateFormatter.formatMessage(velocityContext, "passwordReset", "full");
+ Context.getMailManager().sendMessage(userId, fullMessage.getSubject(), fullMessage.getBody());
break;
}
}
diff --git a/src/main/java/org/traccar/api/resource/PermissionsResource.java b/src/main/java/org/traccar/api/resource/PermissionsResource.java
index b89d9d376..54d3964b6 100644
--- a/src/main/java/org/traccar/api/resource/PermissionsResource.java
+++ b/src/main/java/org/traccar/api/resource/PermissionsResource.java
@@ -17,13 +17,17 @@
package org.traccar.api.resource;
import java.sql.SQLException;
+import java.util.Collections;
import java.util.LinkedHashMap;
+import java.util.List;
+import java.util.Set;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
+import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@@ -55,30 +59,62 @@ public class PermissionsResource extends BaseResource {
permission.getPropertyClass(), getUserId(), permission.getPropertyId());
}
+ private void checkPermissionTypes(List<LinkedHashMap<String, Long>> entities) {
+ Set<String> keys = null;
+ for (LinkedHashMap<String, Long> entity: entities) {
+ if (keys != null & !entity.keySet().equals(keys)) {
+ throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).build());
+ }
+ keys = entity.keySet();
+ }
+ }
+
+ @Path("bulk")
@POST
- public Response add(LinkedHashMap<String, Long> entity) throws SQLException, ClassNotFoundException {
+ public Response add(List<LinkedHashMap<String, Long>> entities) throws SQLException, ClassNotFoundException {
Context.getPermissionsManager().checkReadonly(getUserId());
- Permission permission = new Permission(entity);
- checkPermission(permission, true);
- Context.getDataManager().linkObject(permission.getOwnerClass(), permission.getOwnerId(),
- permission.getPropertyClass(), permission.getPropertyId(), true);
- LogAction.link(getUserId(), permission.getOwnerClass(), permission.getOwnerId(),
- permission.getPropertyClass(), permission.getPropertyId());
- Context.getPermissionsManager().refreshPermissions(permission);
+ checkPermissionTypes(entities);
+ for (LinkedHashMap<String, Long> entity: entities) {
+ Permission permission = new Permission(entity);
+ checkPermission(permission, true);
+ Context.getDataManager().linkObject(permission.getOwnerClass(), permission.getOwnerId(),
+ permission.getPropertyClass(), permission.getPropertyId(), true);
+ LogAction.link(getUserId(), permission.getOwnerClass(), permission.getOwnerId(),
+ permission.getPropertyClass(), permission.getPropertyId());
+ }
+ if (!entities.isEmpty()) {
+ Context.getPermissionsManager().refreshPermissions(new Permission(entities.get(0)));
+ }
return Response.noContent().build();
}
+ @POST
+ public Response add(LinkedHashMap<String, Long> entity) throws SQLException, ClassNotFoundException {
+ return add(Collections.singletonList(entity));
+ }
+
@DELETE
- public Response remove(LinkedHashMap<String, Long> entity) throws SQLException, ClassNotFoundException {
+ @Path("bulk")
+ public Response remove(List<LinkedHashMap<String, Long>> entities) throws SQLException, ClassNotFoundException {
Context.getPermissionsManager().checkReadonly(getUserId());
- Permission permission = new Permission(entity);
- checkPermission(permission, false);
- Context.getDataManager().linkObject(permission.getOwnerClass(), permission.getOwnerId(),
- permission.getPropertyClass(), permission.getPropertyId(), false);
- LogAction.unlink(getUserId(), permission.getOwnerClass(), permission.getOwnerId(),
- permission.getPropertyClass(), permission.getPropertyId());
- Context.getPermissionsManager().refreshPermissions(permission);
+ checkPermissionTypes(entities);
+ for (LinkedHashMap<String, Long> entity: entities) {
+ Permission permission = new Permission(entity);
+ checkPermission(permission, false);
+ Context.getDataManager().linkObject(permission.getOwnerClass(), permission.getOwnerId(),
+ permission.getPropertyClass(), permission.getPropertyId(), false);
+ LogAction.unlink(getUserId(), permission.getOwnerClass(), permission.getOwnerId(),
+ permission.getPropertyClass(), permission.getPropertyId());
+ }
+ if (!entities.isEmpty()) {
+ Context.getPermissionsManager().refreshPermissions(new Permission(entities.get(0)));
+ }
return Response.noContent().build();
}
+ @DELETE
+ public Response remove(LinkedHashMap<String, Long> entity) throws SQLException, ClassNotFoundException {
+ return remove(Collections.singletonList(entity));
+ }
+
}
diff --git a/src/main/java/org/traccar/api/resource/SessionResource.java b/src/main/java/org/traccar/api/resource/SessionResource.java
index e3c5d457f..60ce5490a 100644
--- a/src/main/java/org/traccar/api/resource/SessionResource.java
+++ b/src/main/java/org/traccar/api/resource/SessionResource.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2015 Anton Tananaev (anton@traccar.org)
+ * Copyright 2015 - 2021 Anton Tananaev (anton@traccar.org)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -57,8 +57,19 @@ public class SessionResource extends BaseResource {
@PermitAll
@GET
public User get(@QueryParam("token") String token) throws SQLException, UnsupportedEncodingException {
+
+ if (token != null) {
+ User user = Context.getUsersManager().getUserByToken(token);
+ if (user != null) {
+ Context.getPermissionsManager().checkUserEnabled(user.getId());
+ request.getSession().setAttribute(USER_ID_KEY, user.getId());
+ return user;
+ }
+ }
+
Long userId = (Long) request.getSession().getAttribute(USER_ID_KEY);
if (userId == null) {
+
Cookie[] cookies = request.getCookies();
String email = null, password = null;
if (cookies != null) {
@@ -77,24 +88,20 @@ public class SessionResource extends BaseResource {
if (email != null && password != null) {
User user = Context.getPermissionsManager().login(email, password);
if (user != null) {
- userId = user.getId();
- request.getSession().setAttribute(USER_ID_KEY, userId);
- }
- } else if (token != null) {
- User user = Context.getUsersManager().getUserByToken(token);
- if (user != null) {
- userId = user.getId();
- request.getSession().setAttribute(USER_ID_KEY, userId);
+ Context.getPermissionsManager().checkUserEnabled(user.getId());
+ request.getSession().setAttribute(USER_ID_KEY, user.getId());
+ return user;
}
}
- }
- if (userId != null) {
+ } else {
+
Context.getPermissionsManager().checkUserEnabled(userId);
return Context.getPermissionsManager().getUser(userId);
- } else {
- throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).build());
+
}
+
+ throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).build());
}
@PermitAll
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-01 12:23:41 +0000