aboutsummaryrefslogtreecommitdiff
path: root/src/org/traccar/database/PermissionsManager.java
diff options
context:
space:
mode:
authorAbyss777 <abyss@fox5.ru>2016-11-23 09:17:07 +0500
committerAbyss777 <abyss@fox5.ru>2016-11-23 09:17:07 +0500
commit685fd3826b64b14106aeace0a647e71a4cc4fe81 (patch)
tree0a66b3ce6ce21964c539c4627e04640738f04c2b /src/org/traccar/database/PermissionsManager.java
parent2e2ec32b732f27df9c73f83a1982944cae45bf70 (diff)
parent5f867c6077f79a2a1d3b8ec18f78c3a2657ba698 (diff)
downloadtrackermap-server-685fd3826b64b14106aeace0a647e71a4cc4fe81.tar.gz
trackermap-server-685fd3826b64b14106aeace0a647e71a4cc4fe81.tar.bz2
trackermap-server-685fd3826b64b14106aeace0a647e71a4cc4fe81.zip
Merge remote-tracking branch 'upstream/master' into maintenanceevents
Diffstat (limited to 'src/org/traccar/database/PermissionsManager.java')
-rw-r--r--src/org/traccar/database/PermissionsManager.java16
1 files changed, 14 insertions, 2 deletions
diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java
index 71633f6ef..078a5f935 100644
--- a/src/org/traccar/database/PermissionsManager.java
+++ b/src/org/traccar/database/PermissionsManager.java
@@ -29,6 +29,7 @@ import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
+import java.util.Objects;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
@@ -155,7 +156,7 @@ public class PermissionsManager {
}
}
- public void checkUser(long userId) throws SecurityException {
+ public void checkUserEnabled(long userId) throws SecurityException {
User user = getUser(userId);
if (user.getDisabled()) {
throw new SecurityException("Account is disabled");
@@ -165,6 +166,17 @@ public class PermissionsManager {
}
}
+ public void checkUserUpdate(long userId, User before, User after) throws SecurityException {
+ if (before.getAdmin() != after.getAdmin()
+ || before.getReadonly() != after.getReadonly()
+ || before.getDisabled() != after.getDisabled()
+ || before.getDeviceLimit() != after.getDeviceLimit()
+ || !Objects.equals(before.getExpirationTime(), after.getExpirationTime())
+ || !Objects.equals(before.getToken(), after.getToken())) {
+ checkAdmin(userId);
+ }
+ }
+
public void checkUser(long userId, long otherUserId) throws SecurityException {
if (userId != otherUserId) {
checkAdmin(userId);
@@ -244,7 +256,7 @@ public class PermissionsManager {
public User login(String email, String password) throws SQLException {
User user = dataManager.login(email, password);
if (user != null) {
- checkUser(user.getId());
+ checkUserEnabled(user.getId());
return users.get(user.getId());
}
return null;