Check permissions for REST API calls

author: Anton Tananaev <anton.tananaev@gmail.com> 2015-12-20 14:40:15 +1300
committer: Anton Tananaev <anton.tananaev@gmail.com> 2015-12-20 14:40:15 +1300
commit: 3eff91673944f202e0aebe20faa925011568b685 (patch)
tree: 8b3db829d90ca73faa132463eff8661a7335936f /src/org/traccar/api/resource/SessionResource.java
parent: 4d29679dec4508d28af7651cdfd130e5a218b387 (diff)
download: trackermap-server-3eff91673944f202e0aebe20faa925011568b685.tar.gz
trackermap-server-3eff91673944f202e0aebe20faa925011568b685.tar.bz2
trackermap-server-3eff91673944f202e0aebe20faa925011568b685.zip
1 files changed, 14 insertions, 21 deletions
diff --git a/src/org/traccar/api/resource/SessionResource.java b/src/org/traccar/api/resource/SessionResource.java
index 554b6760e..745088a4d 100644
--- a/src/org/traccar/api/resource/SessionResource.java
+++ b/src/org/traccar/api/resource/SessionResource.java
@@ -45,32 +45,25 @@ public class SessionResource extends BaseResource {
 
     @PermitAll
     @GET
-    public User get() {
-        try {
-            Long userId = (Long) request.getSession().getAttribute(USER_ID_KEY);
-            if (userId != null) {
-                return Context.getDataManager().getUser(userId);
-            } else {
-                throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).build());
-            }
-        } catch (SQLException e) {
-            throw new WebApplicationException(e);
+    public User get() throws SQLException {
+        Long userId = (Long) request.getSession().getAttribute(USER_ID_KEY);
+        if (userId != null) {
+            return Context.getDataManager().getUser(userId);
+        } else {
+            throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).build());
         }
     }
 
     @PermitAll
     @POST
-    public User add(@FormParam("email") String email, @FormParam("password") String password) {
-        try {
-            User user = Context.getDataManager().login(email, password);
-            if (user != null) {
-                request.getSession().setAttribute(USER_ID_KEY, user.getId());
-                return user;
-            } else {
-                throw new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED).build());
-            }
-        } catch (SQLException e) {
-            throw new WebApplicationException(e);
+    public User add(
+            @FormParam("email") String email, @FormParam("password") String password) throws SQLException {
+        User user = Context.getDataManager().login(email, password);
+        if (user != null) {
+            request.getSession().setAttribute(USER_ID_KEY, user.getId());
+            return user;
+        } else {
+            throw new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED).build());
         }
     }
author	Anton Tananaev <anton.tananaev@gmail.com>	2015-12-20 14:40:15 +1300
committer	Anton Tananaev <anton.tananaev@gmail.com>	2015-12-20 14:40:15 +1300
commit	3eff91673944f202e0aebe20faa925011568b685 (patch)
tree	8b3db829d90ca73faa132463eff8661a7335936f /src/org/traccar/api/resource/SessionResource.java
parent	4d29679dec4508d28af7651cdfd130e5a218b387 (diff)
download	trackermap-server-3eff91673944f202e0aebe20faa925011568b685.tar.gz trackermap-server-3eff91673944f202e0aebe20faa925011568b685.tar.bz2 trackermap-server-3eff91673944f202e0aebe20faa925011568b685.zip