diff options
author | Abyss777 <abyss@fox5.ru> | 2017-07-21 11:55:38 +0500 |
---|---|---|
committer | Abyss777 <abyss@fox5.ru> | 2017-07-21 11:55:38 +0500 |
commit | f77912f14ed17bfbe533b664b6b82154c80e3b58 (patch) | |
tree | 62ad0749e28740be85743caa097afac516768302 /src/org | |
parent | b22735e5dbc22539a6bf9d36cff042094c50d927 (diff) | |
download | trackermap-server-f77912f14ed17bfbe533b664b6b82154c80e3b58.tar.gz trackermap-server-f77912f14ed17bfbe533b664b6b82154c80e3b58.tar.bz2 trackermap-server-f77912f14ed17bfbe533b664b6b82154c80e3b58.zip |
- Combine all permissions to one resource
- Add two helpers to BaseResource
Diffstat (limited to 'src/org')
-rw-r--r-- | src/org/traccar/api/BaseResource.java | 36 | ||||
-rw-r--r-- | src/org/traccar/api/resource/AttributeResource.java | 7 | ||||
-rw-r--r-- | src/org/traccar/api/resource/CalendarResource.java | 6 | ||||
-rw-r--r-- | src/org/traccar/api/resource/DeviceResource.java | 37 | ||||
-rw-r--r-- | src/org/traccar/api/resource/DriverResource.java | 6 | ||||
-rw-r--r-- | src/org/traccar/api/resource/GeofenceResource.java | 6 | ||||
-rw-r--r-- | src/org/traccar/api/resource/GroupResource.java | 37 | ||||
-rw-r--r-- | src/org/traccar/api/resource/PermissionsResource.java | 18 | ||||
-rw-r--r-- | src/org/traccar/api/resource/UserResource.java | 6 | ||||
-rw-r--r-- | src/org/traccar/database/DataManager.java | 18 |
10 files changed, 56 insertions, 121 deletions
diff --git a/src/org/traccar/api/BaseResource.java b/src/org/traccar/api/BaseResource.java index 44ef33c53..9ac30f5a7 100644 --- a/src/org/traccar/api/BaseResource.java +++ b/src/org/traccar/api/BaseResource.java @@ -15,8 +15,15 @@ */ package org.traccar.api; +import java.sql.SQLException; +import java.util.Iterator; +import java.util.Map; + import javax.ws.rs.core.SecurityContext; +import org.traccar.Context; +import org.traccar.model.BaseModel; + public class BaseResource { @javax.ws.rs.core.Context @@ -29,4 +36,33 @@ public class BaseResource { } return 0; } + + protected void handlePermission(Map<String, Long> entity, boolean link) throws SQLException { + if (entity.size() != 2) { + throw new IllegalArgumentException(); + } + Iterator<String> iterator = entity.keySet().iterator(); + String owner = iterator.next(); + String property = iterator.next(); + long ownerId = entity.get(owner); + long propertyId = entity.get(property); + + if (!link && owner.equals("userId") && property.equals("deviceId")) { + if (getUserId() != ownerId) { + Context.getPermissionsManager().checkUser(getUserId(), ownerId); + } else { + Context.getPermissionsManager().checkAdmin(getUserId()); + } + } else { + Context.getPermissionsManager().checkPermission(owner.replace("Id", ""), getUserId(), ownerId); + } + Context.getPermissionsManager().checkPermission(property.replace("Id", ""), getUserId(), propertyId); + + Context.getDataManager().linkObject(owner, ownerId, property, propertyId, link); + } + + protected void linkNew(BaseModel entity) throws SQLException { + Context.getDataManager().linkObject("userId", getUserId(), + entity.getClass().getSimpleName(), entity.getId(), true); + } } diff --git a/src/org/traccar/api/resource/AttributeResource.java b/src/org/traccar/api/resource/AttributeResource.java index 2f731e3a7..c6c95e05c 100644 --- a/src/org/traccar/api/resource/AttributeResource.java +++ b/src/org/traccar/api/resource/AttributeResource.java @@ -19,7 +19,6 @@ package org.traccar.api.resource; import java.sql.SQLException; import java.util.Collection; import java.util.HashSet; -import java.util.LinkedHashMap; import java.util.Set; import javax.ws.rs.Consumes; @@ -86,11 +85,9 @@ public class AttributeResource extends BaseResource { } private Response add(Attribute entity) throws SQLException { + Context.getPermissionsManager().checkReadonly(getUserId()); Context.getAttributesManager().addItem(entity); - LinkedHashMap<String, Long> link = new LinkedHashMap<>(); - link.put("userId", getUserId()); - link.put("attributeId", entity.getId()); - Context.getDataManager().linkObject(link, true); + linkNew(entity); Context.getAttributesManager().refreshUserItems(); return Response.ok(entity).build(); } diff --git a/src/org/traccar/api/resource/CalendarResource.java b/src/org/traccar/api/resource/CalendarResource.java index f4ff9d4e9..0666f2fed 100644 --- a/src/org/traccar/api/resource/CalendarResource.java +++ b/src/org/traccar/api/resource/CalendarResource.java @@ -18,7 +18,6 @@ package org.traccar.api.resource; import java.sql.SQLException; import java.util.Collection; -import java.util.LinkedHashMap; import javax.ws.rs.Consumes; import javax.ws.rs.DELETE; @@ -67,10 +66,7 @@ public class CalendarResource extends BaseResource { public Response add(Calendar entity) throws SQLException { Context.getPermissionsManager().checkReadonly(getUserId()); Context.getCalendarManager().addItem(entity); - LinkedHashMap<String, Long> link = new LinkedHashMap<>(); - link.put("userId", getUserId()); - link.put("calendarId", entity.getId()); - Context.getDataManager().linkObject(link, true); + linkNew(entity); Context.getCalendarManager().refreshUserItems(); return Response.ok(entity).build(); } diff --git a/src/org/traccar/api/resource/DeviceResource.java b/src/org/traccar/api/resource/DeviceResource.java index 0f7579bae..285ed6a31 100644 --- a/src/org/traccar/api/resource/DeviceResource.java +++ b/src/org/traccar/api/resource/DeviceResource.java @@ -35,9 +35,7 @@ import javax.ws.rs.core.Response; import java.sql.SQLException; import java.util.ArrayList; import java.util.Collection; -import java.util.LinkedHashMap; import java.util.List; -import java.util.Map; @Path("devices") @Produces(MediaType.APPLICATION_JSON) @@ -79,10 +77,7 @@ public class DeviceResource extends BaseResource { Context.getPermissionsManager().checkDeviceReadonly(getUserId()); Context.getPermissionsManager().checkDeviceLimit(getUserId()); Context.getDeviceManager().addDevice(entity); - LinkedHashMap<String, Long> link = new LinkedHashMap<>(); - link.put("userId", getUserId()); - link.put("deviceId", entity.getId()); - Context.getDataManager().linkObject(link, true); + linkNew(entity); Context.getPermissionsManager().refreshPermissions(); Context.getPermissionsManager().refreshAllExtendedPermissions(); return Response.ok(entity).build(); @@ -121,34 +116,4 @@ public class DeviceResource extends BaseResource { return Response.noContent().build(); } - @Path("/{slave : (geofences|drivers|attributes)}") - @POST - public Response add(Map<String, Long> entity) throws SQLException { - Context.getPermissionsManager().checkReadonly(getUserId()); - if (entity.size() != 2) { - throw new IllegalArgumentException(); - } - for (String key : entity.keySet()) { - Context.getPermissionsManager().checkPermission(key.replace("Id", ""), getUserId(), entity.get(key)); - } - Context.getDataManager().linkObject(entity, true); - Context.getPermissionsManager().refreshPermissions(entity); - return Response.noContent().build(); - } - - @Path("/{slave : (geofences|drivers|attributes)}") - @DELETE - public Response remove(Map<String, Long> entity) throws SQLException { - Context.getPermissionsManager().checkReadonly(getUserId()); - for (String key : entity.keySet()) { - Context.getPermissionsManager().checkPermission(key.replace("Id", ""), getUserId(), entity.get(key)); - } - if (entity.size() != 2) { - throw new IllegalArgumentException(); - } - Context.getDataManager().linkObject(entity, false); - Context.getPermissionsManager().refreshPermissions(entity); - return Response.noContent().build(); - } - } diff --git a/src/org/traccar/api/resource/DriverResource.java b/src/org/traccar/api/resource/DriverResource.java index 91a502790..749674002 100644 --- a/src/org/traccar/api/resource/DriverResource.java +++ b/src/org/traccar/api/resource/DriverResource.java @@ -19,7 +19,6 @@ package org.traccar.api.resource; import java.sql.SQLException; import java.util.Collection; import java.util.HashSet; -import java.util.LinkedHashMap; import java.util.Set; import javax.ws.rs.Consumes; @@ -87,10 +86,7 @@ public class DriverResource extends BaseResource { public Response add(Driver entity) throws SQLException { Context.getPermissionsManager().checkReadonly(getUserId()); Context.getDriversManager().addItem(entity); - LinkedHashMap<String, Long> link = new LinkedHashMap<>(); - link.put("userId", getUserId()); - link.put("driverId", entity.getId()); - Context.getDataManager().linkObject(link, true); + linkNew(entity); Context.getDriversManager().refreshUserItems(); return Response.ok(entity).build(); } diff --git a/src/org/traccar/api/resource/GeofenceResource.java b/src/org/traccar/api/resource/GeofenceResource.java index c39d882b6..df4947a1b 100644 --- a/src/org/traccar/api/resource/GeofenceResource.java +++ b/src/org/traccar/api/resource/GeofenceResource.java @@ -35,7 +35,6 @@ import javax.ws.rs.core.Response; import java.sql.SQLException; import java.util.Collection; import java.util.HashSet; -import java.util.LinkedHashMap; import java.util.Set; @Path("geofences") @@ -86,10 +85,7 @@ public class GeofenceResource extends BaseResource { public Response add(Geofence entity) throws SQLException { Context.getPermissionsManager().checkReadonly(getUserId()); Context.getGeofenceManager().addItem(entity); - LinkedHashMap<String, Long> link = new LinkedHashMap<>(); - link.put("userId", getUserId()); - link.put("geofenceId", entity.getId()); - Context.getDataManager().linkObject(link, true); + linkNew(entity); Context.getGeofenceManager().refreshUserItems(); return Response.ok(entity).build(); } diff --git a/src/org/traccar/api/resource/GroupResource.java b/src/org/traccar/api/resource/GroupResource.java index 0d9572332..5d575ebfe 100644 --- a/src/org/traccar/api/resource/GroupResource.java +++ b/src/org/traccar/api/resource/GroupResource.java @@ -32,8 +32,6 @@ import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import java.sql.SQLException; import java.util.Collection; -import java.util.LinkedHashMap; -import java.util.Map; @Path("groups") @Produces(MediaType.APPLICATION_JSON) @@ -63,10 +61,7 @@ public class GroupResource extends BaseResource { public Response add(Group entity) throws SQLException { Context.getPermissionsManager().checkReadonly(getUserId()); Context.getDeviceManager().addGroup(entity); - LinkedHashMap<String, Long> link = new LinkedHashMap<>(); - link.put("userId", getUserId()); - link.put("groupId", entity.getId()); - Context.getDataManager().linkObject(link, true); + linkNew(entity); Context.getPermissionsManager().refreshPermissions(); Context.getPermissionsManager().refreshAllExtendedPermissions(); return Response.ok(entity).build(); @@ -93,34 +88,4 @@ public class GroupResource extends BaseResource { return Response.noContent().build(); } - @Path("/{slave : (geofences|drivers|attributes)}") - @POST - public Response add(Map<String, Long> entity) throws SQLException { - Context.getPermissionsManager().checkReadonly(getUserId()); - if (entity.size() != 2) { - throw new IllegalArgumentException(); - } - for (String key : entity.keySet()) { - Context.getPermissionsManager().checkPermission(key.replace("Id", ""), getUserId(), entity.get(key)); - } - Context.getDataManager().linkObject(entity, true); - Context.getPermissionsManager().refreshPermissions(entity); - return Response.noContent().build(); - } - - @Path("/{slave : (geofences|drivers|attributes)}") - @DELETE - public Response remove(Map<String, Long> entity) throws SQLException { - Context.getPermissionsManager().checkReadonly(getUserId()); - if (entity.size() != 2) { - throw new IllegalArgumentException(); - } - for (String key : entity.keySet()) { - Context.getPermissionsManager().checkPermission(key.replace("Id", ""), getUserId(), entity.get(key)); - } - Context.getDataManager().linkObject(entity, false); - Context.getPermissionsManager().refreshPermissions(entity); - return Response.noContent().build(); - } - } diff --git a/src/org/traccar/api/resource/PermissionsResource.java b/src/org/traccar/api/resource/PermissionsResource.java index e22ffae36..707242cf1 100644 --- a/src/org/traccar/api/resource/PermissionsResource.java +++ b/src/org/traccar/api/resource/PermissionsResource.java @@ -35,32 +35,18 @@ import org.traccar.api.BaseResource; @Consumes(MediaType.APPLICATION_JSON) public class PermissionsResource extends BaseResource { - @Path("/{slave : (users|devices|groups|geofences|drivers|attributes|calendars)}") @POST public Response add(Map<String, Long> entity) throws SQLException { Context.getPermissionsManager().checkReadonly(getUserId()); - if (entity.size() != 2) { - throw new IllegalArgumentException(); - } - for (String key : entity.keySet()) { - Context.getPermissionsManager().checkPermission(key.replace("Id", ""), getUserId(), entity.get(key)); - } - Context.getDataManager().linkObject(entity, true); + handlePermission(entity, true); Context.getPermissionsManager().refreshPermissions(entity); return Response.noContent().build(); } - @Path("/{slave : (users|devices|groups|geofences|drivers|attributes|calendars)}") @DELETE public Response remove(Map<String, Long> entity) throws SQLException { Context.getPermissionsManager().checkReadonly(getUserId()); - if (entity.size() != 2) { - throw new IllegalArgumentException(); - } - for (String key : entity.keySet()) { - Context.getPermissionsManager().checkPermission(key.replace("Id", ""), getUserId(), entity.get(key)); - } - Context.getDataManager().linkObject(entity, false); + handlePermission(entity, false); Context.getPermissionsManager().refreshPermissions(entity); return Response.noContent().build(); } diff --git a/src/org/traccar/api/resource/UserResource.java b/src/org/traccar/api/resource/UserResource.java index 94cc56b47..e710c940d 100644 --- a/src/org/traccar/api/resource/UserResource.java +++ b/src/org/traccar/api/resource/UserResource.java @@ -34,7 +34,6 @@ import javax.ws.rs.core.Response; import java.sql.SQLException; import java.util.Collection; import java.util.Date; -import java.util.LinkedHashMap; @Path("users") @Produces(MediaType.APPLICATION_JSON) @@ -75,10 +74,7 @@ public class UserResource extends BaseResource { } Context.getPermissionsManager().addUser(entity); if (Context.getPermissionsManager().isManager(getUserId())) { - LinkedHashMap<String, Long> link = new LinkedHashMap<>(); - link.put("userId", getUserId()); - link.put("managedUserId", entity.getId()); - Context.getDataManager().linkObject(link, true); + Context.getDataManager().linkObject("userId", getUserId(), "managedUserId", entity.getId(), true); } Context.getPermissionsManager().refreshUserPermissions(); if (Context.getNotificationManager() != null) { diff --git a/src/org/traccar/database/DataManager.java b/src/org/traccar/database/DataManager.java index 39a80ee72..9d8167acc 100644 --- a/src/org/traccar/database/DataManager.java +++ b/src/org/traccar/database/DataManager.java @@ -272,15 +272,17 @@ public class DataManager { return object.substring(0, 1).toUpperCase() + object.replace("Id", "").substring(1); } - public void linkObject(Map<String, Long> permission, boolean link) throws SQLException { - String query = "database." + (!link ? "un" : "") + "link"; - for (String key : permission.keySet()) { - query += makeName(key); - } + private String makeNameId(String object) { + return object.substring(0, 1).toLowerCase() + object.substring(1) + (object.indexOf("Id") == -1 ? "Id" : ""); + } + + public void linkObject(String owner, long ownerId, String property, long propertyId, + boolean link) throws SQLException { + String query = "database." + (!link ? "un" : "") + "link" + makeName(owner) + makeName(property); QueryBuilder queryBuilder = QueryBuilder.create(dataSource, getQuery(query)); - for (String key : permission.keySet()) { - queryBuilder.setLong(key, permission.get(key)); - } + + queryBuilder.setLong(makeNameId(owner), ownerId); + queryBuilder.setLong(makeNameId(property), propertyId); queryBuilder.executeUpdate(); } |