aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorparveenkumaryadav <parveenkumardeeva@gmail.com>2018-01-10 17:27:41 +0530
committerparveenkumaryadav <parveenkumardeeva@gmail.com>2018-01-10 17:27:41 +0530
commit11601949460beb5ef621e9f2c776900f48b3e96c (patch)
tree93d1eaebb6f638179912dd787f06034096b35650
parent6428e67fe7732d15adcf27ffd261e3eda96840cd (diff)
downloadtrackermap-server-11601949460beb5ef621e9f2c776900f48b3e96c.tar.gz
trackermap-server-11601949460beb5ef621e9f2c776900f48b3e96c.tar.bz2
trackermap-server-11601949460beb5ef621e9f2c776900f48b3e96c.zip
Simplify Odometer permission API
-rw-r--r--src/org/traccar/api/resource/DeviceResource.java5
-rw-r--r--src/org/traccar/database/PermissionsManager.java8
2 files changed, 5 insertions, 8 deletions
diff --git a/src/org/traccar/api/resource/DeviceResource.java b/src/org/traccar/api/resource/DeviceResource.java
index c04b3b474..ddf8832ed 100644
--- a/src/org/traccar/api/resource/DeviceResource.java
+++ b/src/org/traccar/api/resource/DeviceResource.java
@@ -88,7 +88,10 @@ public class DeviceResource extends BaseObjectResource<Device> {
@Path("{id}/distance")
@PUT
public Response updateTotalDistance(DeviceTotalDistance entity) throws SQLException {
- Context.getPermissionsManager().checkDeviceManagerOrAdmin(getUserId(), entity.getDeviceId());
+ if (!Context.getPermissionsManager().getUserAdmin(getUserId())) {
+ Context.getPermissionsManager().checkManager(getUserId());
+ Context.getPermissionsManager().checkPermission(Device.class, getUserId(), entity.getDeviceId());
+ }
Context.getDeviceManager().resetTotalDistance(entity);
LogAction.resetTotalDistance(getUserId(), entity.getDeviceId());
return Response.noContent().build();
diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java
index 05806175c..60bda99ce 100644
--- a/src/org/traccar/database/PermissionsManager.java
+++ b/src/org/traccar/database/PermissionsManager.java
@@ -300,13 +300,7 @@ public class PermissionsManager {
}
public void checkDevice(long userId, long deviceId) throws SecurityException {
- if (!Context.getDeviceManager().getUserItems(userId).contains(deviceId)) {
- checkDeviceManagerOrAdmin(userId, deviceId);
- }
- }
-
- public void checkDeviceManagerOrAdmin(long userId, long deviceId) throws SecurityException {
- if (!getUserAdmin(userId)) {
+ if (!Context.getDeviceManager().getUserItems(userId).contains(deviceId) && !getUserAdmin(userId)) {
checkManager(userId);
for (long managedUserId : usersManager.getUserItems(userId)) {
if (Context.getDeviceManager().getUserItems(managedUserId).contains(deviceId)) {