Add back-end readonly checks

author: Anton Tananaev <anton.tananaev@gmail.com> 2016-10-08 15:49:20 +1300
committer: Anton Tananaev <anton.tananaev@gmail.com> 2016-10-08 15:49:20 +1300
commit: 7d075e394580b6618d2001f46928cb2465bad0ca (patch)
tree: 3dd8fb08117fdd6568385dd18a3a58db3afd3cb6 /src
parent: 138c4ae9c215f2426ddb4b58cfbceb6a72e6259b (diff)
download: trackermap-server-7d075e394580b6618d2001f46928cb2465bad0ca.tar.gz
trackermap-server-7d075e394580b6618d2001f46928cb2465bad0ca.tar.bz2
trackermap-server-7d075e394580b6618d2001f46928cb2465bad0ca.zip
2 files changed, 13 insertions, 6 deletions
diff --git a/src/org/traccar/api/resource/UserResource.java b/src/org/traccar/api/resource/UserResource.java
index 2d187fe9d..7790dc908 100644
--- a/src/org/traccar/api/resource/UserResource.java
+++ b/src/org/traccar/api/resource/UserResource.java
@@ -64,6 +64,9 @@ public class UserResource extends BaseResource {
             Context.getPermissionsManager().checkAdmin(getUserId());
         } else {
             Context.getPermissionsManager().checkUser(getUserId(), entity.getId());
+            if (!entity.getReadonly()) {
+                Context.getPermissionsManager().checkReadonly(entity.getId());
+            }
         }
         Context.getPermissionsManager().updateUser(entity);
         if (Context.getNotificationManager() != null) {
diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java
index f5fed978a..e9aaef8f9 100644
--- a/src/org/traccar/database/PermissionsManager.java
+++ b/src/org/traccar/database/PermissionsManager.java
@@ -140,6 +140,16 @@ public class PermissionsManager {
         }
     }
 
+    public boolean isReadonly(long userId) {
+        return users.containsKey(userId) && users.get(userId).getReadonly();
+    }
+
+    public void checkReadonly(long userId) throws SecurityException {
+        if (isReadonly(userId)) {
+            throw new SecurityException("User is readonly");
+        }
+    }
+
     public void checkUser(long userId, long otherUserId) throws SecurityException {
         if (userId != otherUserId) {
             checkAdmin(userId);
@@ -164,12 +174,6 @@ public class PermissionsManager {
         }
     }
 
-    public void checkReadonly(long userId) {
-        if (server.getReadonly() && !isAdmin(userId)) {
-            throw new SecurityException("Readonly user");
-        }
-    }
-
     public void checkGeofence(long userId, long geofenceId) throws SecurityException {
         if (!Context.getGeofenceManager().checkGeofence(userId, geofenceId) && !isAdmin(userId)) {
             throw new SecurityException("Geofence access denied");
author	Anton Tananaev <anton.tananaev@gmail.com>	2016-10-08 15:49:20 +1300
committer	Anton Tananaev <anton.tananaev@gmail.com>	2016-10-08 15:49:20 +1300
commit	7d075e394580b6618d2001f46928cb2465bad0ca (patch)
tree	3dd8fb08117fdd6568385dd18a3a58db3afd3cb6 /src
parent	138c4ae9c215f2426ddb4b58cfbceb6a72e6259b (diff)
download	trackermap-server-7d075e394580b6618d2001f46928cb2465bad0ca.tar.gz trackermap-server-7d075e394580b6618d2001f46928cb2465bad0ca.tar.bz2 trackermap-server-7d075e394580b6618d2001f46928cb2465bad0ca.zip