From bb0a5ccd64ab8fa7c33ad9a6c37c695f2c3eef7e Mon Sep 17 00:00:00 2001
From: Abyss777 <abyss@fox5.ru>
Date: Mon, 27 Feb 2017 11:22:56 +0500
Subject: - Add server-wide "device readonly" flag - Allow "device readonly"
 users send commands

---
 schema/changelog-3.11.xml                         |  4 ++++
 setup/default.xml                                 |  1 +
 src/org/traccar/api/resource/CommandResource.java |  1 -
 src/org/traccar/database/PermissionsManager.java  |  2 +-
 src/org/traccar/model/Server.java                 | 10 ++++++++++
 5 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/schema/changelog-3.11.xml b/schema/changelog-3.11.xml
index a8deb0295..c169e1146 100644
--- a/schema/changelog-3.11.xml
+++ b/schema/changelog-3.11.xml
@@ -16,6 +16,10 @@
       <column name="sms" type="BOOLEAN" defaultValueBoolean="false" />
     </addColumn>
 
+    <addColumn tableName="server">
+      <column name="devicereadonly" type="BOOLEAN" defaultValueBoolean="false" />
+    </addColumn>
+
   </changeSet>
 
 </databaseChangeLog>
diff --git a/setup/default.xml b/setup/default.xml
index b5bc4202a..80351f6a6 100644
--- a/setup/default.xml
+++ b/setup/default.xml
@@ -41,6 +41,7 @@
         UPDATE server SET
         registration = :registration,
         readonly = :readonly,
+        deviceReadonly = :deviceReadonly,
         map = :map,
         bingKey = :bingKey,
         mapUrl = :mapUrl,
diff --git a/src/org/traccar/api/resource/CommandResource.java b/src/org/traccar/api/resource/CommandResource.java
index e13ae9de8..41b263bf9 100644
--- a/src/org/traccar/api/resource/CommandResource.java
+++ b/src/org/traccar/api/resource/CommandResource.java
@@ -34,7 +34,6 @@ public class CommandResource extends BaseResource {
     @POST
     public Response add(Command entity) {
         Context.getPermissionsManager().checkReadonly(getUserId());
-        Context.getPermissionsManager().checkDeviceReadonly(getUserId());
         Context.getPermissionsManager().checkDevice(getUserId(), entity.getDeviceId());
         Context.getConnectionManager().getActiveDevice(entity.getDeviceId()).sendCommand(entity);
         return Response.ok(entity).build();
diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java
index 78589ad88..5313859df 100644
--- a/src/org/traccar/database/PermissionsManager.java
+++ b/src/org/traccar/database/PermissionsManager.java
@@ -223,7 +223,7 @@ public class PermissionsManager {
     }
 
     public void checkDeviceReadonly(long userId) throws SecurityException {
-        if (!isAdmin(userId) && isDeviceReadonly(userId)) {
+        if (!isAdmin(userId) && (server.getDeviceReadonly() || isDeviceReadonly(userId))) {
             throw new SecurityException("Account is device readonly");
         }
     }
diff --git a/src/org/traccar/model/Server.java b/src/org/traccar/model/Server.java
index 5cf26f7f2..b588a4de0 100644
--- a/src/org/traccar/model/Server.java
+++ b/src/org/traccar/model/Server.java
@@ -46,6 +46,16 @@ public class Server extends Extensible {
         this.readonly = readonly;
     }
 
+    private boolean deviceReadonly;
+
+    public boolean getDeviceReadonly() {
+        return deviceReadonly;
+    }
+
+    public void setDeviceReadonly(boolean deviceReadonly) {
+        this.deviceReadonly = deviceReadonly;
+    }
+
     private String map;
 
     public String getMap() {
-- 
cgit v1.2.3