Merge remote-tracking branch 'upstream/master' into maintenanceevents

author: Abyss777 <abyss@fox5.ru> 2016-11-23 09:17:07 +0500
committer: Abyss777 <abyss@fox5.ru> 2016-11-23 09:17:07 +0500
commit: 685fd3826b64b14106aeace0a647e71a4cc4fe81 (patch)
tree: 0a66b3ce6ce21964c539c4627e04640738f04c2b /src/org/traccar/database
parent: 2e2ec32b732f27df9c73f83a1982944cae45bf70 (diff)
parent: 5f867c6077f79a2a1d3b8ec18f78c3a2657ba698 (diff)
download: trackermap-server-685fd3826b64b14106aeace0a647e71a4cc4fe81.tar.gz
trackermap-server-685fd3826b64b14106aeace0a647e71a4cc4fe81.tar.bz2
trackermap-server-685fd3826b64b14106aeace0a647e71a4cc4fe81.zip
1 files changed, 14 insertions, 2 deletions
diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java
index 71633f6ef..078a5f935 100644
--- a/src/org/traccar/database/PermissionsManager.java
+++ b/src/org/traccar/database/PermissionsManager.java
@@ -29,6 +29,7 @@ import java.util.Collection;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map;
+import java.util.Objects;
 import java.util.Set;
 import java.util.concurrent.ConcurrentHashMap;
 
@@ -155,7 +156,7 @@ public class PermissionsManager {
         }
     }
 
-    public void checkUser(long userId) throws SecurityException {
+    public void checkUserEnabled(long userId) throws SecurityException {
         User user = getUser(userId);
         if (user.getDisabled()) {
             throw new SecurityException("Account is disabled");
@@ -165,6 +166,17 @@ public class PermissionsManager {
         }
     }
 
+    public void checkUserUpdate(long userId, User before, User after) throws SecurityException {
+        if (before.getAdmin() != after.getAdmin()
+                || before.getReadonly() != after.getReadonly()
+                || before.getDisabled() != after.getDisabled()
+                || before.getDeviceLimit() != after.getDeviceLimit()
+                || !Objects.equals(before.getExpirationTime(), after.getExpirationTime())
+                || !Objects.equals(before.getToken(), after.getToken())) {
+            checkAdmin(userId);
+        }
+    }
+
     public void checkUser(long userId, long otherUserId) throws SecurityException {
         if (userId != otherUserId) {
             checkAdmin(userId);
@@ -244,7 +256,7 @@ public class PermissionsManager {
     public User login(String email, String password) throws SQLException {
         User user = dataManager.login(email, password);
         if (user != null) {
-            checkUser(user.getId());
+            checkUserEnabled(user.getId());
             return users.get(user.getId());
         }
         return null;
author	Abyss777 <abyss@fox5.ru>	2016-11-23 09:17:07 +0500
committer	Abyss777 <abyss@fox5.ru>	2016-11-23 09:17:07 +0500
commit	685fd3826b64b14106aeace0a647e71a4cc4fe81 (patch)
tree	0a66b3ce6ce21964c539c4627e04640738f04c2b /src/org/traccar/database
parent	2e2ec32b732f27df9c73f83a1982944cae45bf70 (diff)
parent	5f867c6077f79a2a1d3b8ec18f78c3a2657ba698 (diff)
download	trackermap-server-685fd3826b64b14106aeace0a647e71a4cc4fe81.tar.gz trackermap-server-685fd3826b64b14106aeace0a647e71a4cc4fe81.tar.bz2 trackermap-server-685fd3826b64b14106aeace0a647e71a4cc4fe81.zip