aboutsummaryrefslogtreecommitdiff
path: root/src/org/traccar/api/resource/CommandResource.java
diff options
context:
space:
mode:
authorAnton Tananaev <anton.tananaev@gmail.com>2015-12-20 14:40:15 +1300
committerAnton Tananaev <anton.tananaev@gmail.com>2015-12-20 14:40:15 +1300
commit3eff91673944f202e0aebe20faa925011568b685 (patch)
tree8b3db829d90ca73faa132463eff8661a7335936f /src/org/traccar/api/resource/CommandResource.java
parent4d29679dec4508d28af7651cdfd130e5a218b387 (diff)
downloadtrackermap-server-3eff91673944f202e0aebe20faa925011568b685.tar.gz
trackermap-server-3eff91673944f202e0aebe20faa925011568b685.tar.bz2
trackermap-server-3eff91673944f202e0aebe20faa925011568b685.zip
Check permissions for REST API calls
Diffstat (limited to 'src/org/traccar/api/resource/CommandResource.java')
-rw-r--r--src/org/traccar/api/resource/CommandResource.java2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/org/traccar/api/resource/CommandResource.java b/src/org/traccar/api/resource/CommandResource.java
index fa0755143..3cd39d182 100644
--- a/src/org/traccar/api/resource/CommandResource.java
+++ b/src/org/traccar/api/resource/CommandResource.java
@@ -25,6 +25,7 @@ import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
+import javax.ws.rs.core.SecurityContext;
@Path("commands")
@Produces(MediaType.APPLICATION_JSON)
@@ -33,6 +34,7 @@ public class CommandResource extends BaseResource {
@POST
public Response add(Command entity) {
+ Context.getPermissionsManager().checkDevice(getUserId(), entity.getDeviceId());
Context.getConnectionManager().getActiveDevice(entity.getDeviceId()).sendCommand(entity);
return Response.ok(entity).build();
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-22 04:08:02 +0000