Merge pull request #2548 from tananaev/users

Add user expiration and device limit

1 files changed, 14 insertions, 4 deletions

diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java
index b0ae504d0..1c995a11d 100644
--- a/src/org/traccar/database/PermissionsManager.java
+++ b/src/org/traccar/database/PermissionsManager.java
@@ -146,7 +146,17 @@ public class PermissionsManager {
 
     public void checkReadonly(long userId) throws SecurityException {
         if (!isAdmin(userId) && (server.getReadonly() || isReadonly(userId))) {
-            throw new SecurityException("User is readonly");
+            throw new SecurityException("Account is readonly");
+        }
+    }
+
+    public void checkUser(long userId) throws SecurityException {
+        User user = getUser(userId);
+        if (user.getDisabled()) {
+            throw new SecurityException("Account is disabled");
+        }
+        if (user.getExpirationTime() != null && System.currentTimeMillis() > user.getExpirationTime().getTime()) {
+            throw new SecurityException("Account has expired");
         }
     }
 
@@ -217,11 +227,11 @@ public class PermissionsManager {
 
     public User login(String email, String password) throws SQLException {
         User user = dataManager.login(email, password);
-        if (user != null && users.get(user.getId()) != null) {
+        if (user != null) {
+            checkUser(user.getId());
             return users.get(user.getId());
-        } else {
-            return null;
         }
+        return null;
     }
 
 }