aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/org/traccar/api/security
diff options
context:
space:
mode:
authorIván Ávalos <avalos@disroot.org>2024-08-03 20:52:00 -0600
committerIván Ávalos <avalos@disroot.org>2024-08-03 20:52:00 -0600
commit55f6d92c09a5b1d8566b53633d07be3d31010d3b (patch)
treeb86bed801b0bbadb72c7e839296dae1d28b12bbb /src/main/java/org/traccar/api/security
parentc04ad7d48331253c095fc123ded1b00f6ff871d3 (diff)
parent2788174193def918a3a1a5be3bbed24c9613323f (diff)
downloadtrackermap-server-55f6d92c09a5b1d8566b53633d07be3d31010d3b.tar.gz
trackermap-server-55f6d92c09a5b1d8566b53633d07be3d31010d3b.tar.bz2
trackermap-server-55f6d92c09a5b1d8566b53633d07be3d31010d3b.zip
Merge tag 'tags/v6.3'
Diffstat (limited to 'src/main/java/org/traccar/api/security')
-rw-r--r--src/main/java/org/traccar/api/security/PermissionsService.java21
1 files changed, 11 insertions, 10 deletions
diff --git a/src/main/java/org/traccar/api/security/PermissionsService.java b/src/main/java/org/traccar/api/security/PermissionsService.java
index d60bbafb8..721793c2f 100644
--- a/src/main/java/org/traccar/api/security/PermissionsService.java
+++ b/src/main/java/org/traccar/api/security/PermissionsService.java
@@ -98,10 +98,12 @@ public class PermissionsService {
}
}
- public void checkEdit(long userId, Class<?> clazz, boolean addition) throws StorageException, SecurityException {
+ public void checkEdit(
+ long userId, Class<?> clazz, boolean addition, boolean skipReadonly)
+ throws StorageException, SecurityException {
if (!getUser(userId).getAdministrator()) {
boolean denied = false;
- if (getServer().getReadonly() || getUser(userId).getReadonly()) {
+ if (!skipReadonly && (getServer().getReadonly() || getUser(userId).getReadonly())) {
denied = true;
} else if (clazz.equals(Device.class)) {
denied = getServer().getDeviceReadonly() || getUser(userId).getDeviceReadonly()
@@ -121,11 +123,12 @@ public class PermissionsService {
}
}
- public void checkEdit(long userId, BaseModel object, boolean addition) throws StorageException, SecurityException {
+ public void checkEdit(
+ long userId, BaseModel object, boolean addition, boolean skipReadonly)
+ throws StorageException, SecurityException {
if (!getUser(userId).getAdministrator()) {
- checkEdit(userId, object.getClass(), addition);
- if (object instanceof GroupedModel) {
- GroupedModel after = ((GroupedModel) object);
+ checkEdit(userId, object.getClass(), addition, skipReadonly);
+ if (object instanceof GroupedModel after) {
if (after.getGroupId() > 0) {
GroupedModel before = null;
if (!addition) {
@@ -137,8 +140,7 @@ public class PermissionsService {
}
}
}
- if (object instanceof Schedulable) {
- Schedulable after = ((Schedulable) object);
+ if (object instanceof Schedulable after) {
if (after.getCalendarId() > 0) {
Schedulable before = null;
if (!addition) {
@@ -150,8 +152,7 @@ public class PermissionsService {
}
}
}
- if (object instanceof Notification) {
- Notification after = ((Notification) object);
+ if (object instanceof Notification after) {
if (after.getCommandId() > 0) {
Notification before = null;
if (!addition) {