aboutsummaryrefslogtreecommitdiff
path: root/src/org/traccar/database
diff options
context:
space:
mode:
authorAnton Tananaev <anton.tananaev@gmail.com>2015-04-27 15:15:01 +1200
committerAnton Tananaev <anton.tananaev@gmail.com>2015-04-27 15:15:01 +1200
commitba9551ce3e4a3aade38d5f3b2ac7dee9d022a466 (patch)
tree6a07bddf4e23a6733fc891a5bea0660c9a7af282 /src/org/traccar/database
parent3083db3929e27933d3ab5eab9fa0c1e221e94eec (diff)
downloadtrackermap-server-ba9551ce3e4a3aade38d5f3b2ac7dee9d022a466.tar.gz
trackermap-server-ba9551ce3e4a3aade38d5f3b2ac7dee9d022a466.tar.bz2
trackermap-server-ba9551ce3e4a3aade38d5f3b2ac7dee9d022a466.zip
Implement permissions manager
Diffstat (limited to 'src/org/traccar/database')
-rw-r--r--src/org/traccar/database/DataManager.java20
-rw-r--r--src/org/traccar/database/PermissionsManager.java69
2 files changed, 79 insertions, 10 deletions
diff --git a/src/org/traccar/database/DataManager.java b/src/org/traccar/database/DataManager.java
index d53ec7838..f60fd4cb3 100644
--- a/src/org/traccar/database/DataManager.java
+++ b/src/org/traccar/database/DataManager.java
@@ -364,23 +364,23 @@ public class DataManager {
connection.close();
}
}
-
- public List<Long> getDeviceList(long userId) throws SQLException {
+
+ public Collection<Map.Entry<Long, Long>> getPermissions() throws SQLException {
Connection connection = dataSource.getConnection();
try {
PreparedStatement statement = connection.prepareStatement(
- "SELECT id FROM device WHERE id IN (" +
- "SELECT device_id FROM user_device WHERE user_id = ?);");
+ "SELECT user_id, device_id FROM user_device;");
try {
- statement.setLong(1, userId);
-
- ResultSet resultSet = statement.executeQuery();
+ statement.execute();
+ ResultSet resultSet = statement.getResultSet();
- List<Long> result = new LinkedList<Long>();
+ List<Map.Entry<Long, Long>> result = new LinkedList<Map.Entry<Long, Long>>();
while (resultSet.next()) {
- result.add(resultSet.getLong(1));
+ result.add(new AbstractMap.SimpleEntry<Long, Long>(
+ resultSet.getLong(1), resultSet.getLong(2)));
}
+
return result;
} finally {
statement.close();
@@ -389,7 +389,7 @@ public class DataManager {
connection.close();
}
}
-
+
public JsonArray getDevices(long userId) throws SQLException {
Connection connection = dataSource.getConnection();
diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java
new file mode 100644
index 000000000..16ddd336d
--- /dev/null
+++ b/src/org/traccar/database/PermissionsManager.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2015 Anton Tananaev (anton.tananaev@gmail.com)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.traccar.database;
+
+import java.sql.SQLException;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+import org.traccar.Context;
+import org.traccar.helper.Log;
+
+public class PermissionsManager {
+
+ private final Map<Long, Set<Long>> permissions = new HashMap<Long, Set<Long>>();
+
+ private Set<Long> getNotNull(long userId) {
+ if (!permissions.containsKey(userId)) {
+ permissions.put(userId, new HashSet<Long>());
+ }
+ return permissions.get(userId);
+ }
+
+ public PermissionsManager() {
+ refresh();
+ }
+
+ public final void refresh() {
+ permissions.clear();
+ try {
+ for (Map.Entry<Long, Long> entry : Context.getDataManager().getPermissions()) {
+ getNotNull(entry.getKey()).add(entry.getValue());
+ }
+ } catch (SQLException error) {
+ Log.warning(error);
+ }
+ }
+
+ public Collection<Long> allowedDevices(long userId) {
+ return getNotNull(userId);
+ }
+
+ public void checkDevice(long userId, long deviceId) throws SecurityException {
+ if (getNotNull(userId).contains(deviceId)) {
+ throw new SecurityException();
+ }
+ }
+
+ public void checkDevices(long userId, Collection<Long> devices) throws SecurityException {
+ if (getNotNull(userId).containsAll(devices)) {
+ throw new SecurityException();
+ }
+ }
+
+}