Check readonly and registration flags

1 files changed, 21 insertions, 1 deletions

diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java
index a38a29c32..b0f544a42 100644
--- a/src/org/traccar/database/PermissionsManager.java
+++ b/src/org/traccar/database/PermissionsManager.java
@@ -23,12 +23,15 @@ import java.util.Map;
 import java.util.Set;
 import org.traccar.helper.Log;
 import org.traccar.model.Permission;
+import org.traccar.model.Server;
 import org.traccar.model.User;
 
 public class PermissionsManager {
 
     private final DataManager dataManager;
 
+    private Server server;
+
     private final Map<Long, User> users = new HashMap<>();
 
     private final Map<Long, Set<Long>> permissions = new HashMap<>();
@@ -49,6 +52,7 @@ public class PermissionsManager {
         users.clear();
         permissions.clear();
         try {
+            server = dataManager.getServer();
             for (User user : dataManager.getUsers()) {
                 users.put(user.getId(), user);
             }
@@ -60,8 +64,12 @@ public class PermissionsManager {
         }
     }
 
+    private boolean isAdmin(long userId) {
+        return users.containsKey(userId) && users.get(userId).getAdmin();
+    }
+
     public void checkAdmin(long userId) throws SecurityException {
-        if (!users.containsKey(userId) || !users.get(userId).getAdmin()) {
+        if (!isAdmin(userId)) {
             throw new SecurityException("Admin access required");
         }
     }
@@ -82,4 +90,16 @@ public class PermissionsManager {
         }
     }
 
+    public void checkRegistration(long userId) {
+        if (!server.getRegistration() && !isAdmin(userId)) {
+            throw new SecurityException("Registration disabled");
+        }
+    }
+
+    public void checkReadonly(long userId) {
+        if (server.getReadonly() && !isAdmin(userId)) {
+            throw new SecurityException("Readonly user");
+        }
+    }
+
 }