aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--schema/changelog-4.16.xml21
-rw-r--r--schema/changelog-master.xml1
-rw-r--r--src/main/java/org/traccar/api/resource/PositionResource.java3
-rw-r--r--src/main/java/org/traccar/api/resource/ReportResource.java12
-rw-r--r--src/main/java/org/traccar/database/PermissionsManager.java16
-rw-r--r--src/main/java/org/traccar/model/Server.java12
-rw-r--r--src/main/java/org/traccar/model/User.java10
7 files changed, 70 insertions, 5 deletions
diff --git a/schema/changelog-4.16.xml b/schema/changelog-4.16.xml
new file mode 100644
index 000000000..0b6493f03
--- /dev/null
+++ b/schema/changelog-4.16.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<databaseChangeLog
+ xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog
+ http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.4.xsd"
+ logicalFilePath="changelog-4.16">
+
+ <changeSet author="author" id="changelog-4.16">
+
+ <addColumn tableName="tc_servers">
+ <column name="disablereports" type="BOOLEAN" defaultValueBoolean="false" />
+ </addColumn>
+
+ <addColumn tableName="tc_users">
+ <column name="disablereports" type="BOOLEAN" defaultValueBoolean="false" />
+ </addColumn>
+
+ </changeSet>
+
+</databaseChangeLog>
diff --git a/schema/changelog-master.xml b/schema/changelog-master.xml
index 245367de3..354037cdd 100644
--- a/schema/changelog-master.xml
+++ b/schema/changelog-master.xml
@@ -29,5 +29,6 @@
<include file="changelog-4.11.xml" relativeToChangelogFile="true" />
<include file="changelog-4.13.xml" relativeToChangelogFile="true" />
<include file="changelog-4.15.xml" relativeToChangelogFile="true" />
+ <include file="changelog-4.16.xml" relativeToChangelogFile="true" />
</databaseChangeLog>
diff --git a/src/main/java/org/traccar/api/resource/PositionResource.java b/src/main/java/org/traccar/api/resource/PositionResource.java
index 998d59706..53157197b 100644
--- a/src/main/java/org/traccar/api/resource/PositionResource.java
+++ b/src/main/java/org/traccar/api/resource/PositionResource.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2015 - 2020 Anton Tananaev (anton@traccar.org)
+ * Copyright 2015 - 2022 Anton Tananaev (anton@traccar.org)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -55,6 +55,7 @@ public class PositionResource extends BaseResource {
} else {
Context.getPermissionsManager().checkDevice(getUserId(), deviceId);
if (from != null && to != null) {
+ Context.getPermissionsManager().checkDisableReports(getUserId());
return Context.getDataManager().getPositions(deviceId, from, to);
} else {
return Collections.singleton(Context.getDeviceManager().getLastPosition(deviceId));
diff --git a/src/main/java/org/traccar/api/resource/ReportResource.java b/src/main/java/org/traccar/api/resource/ReportResource.java
index 7347bfd64..23ffaf54c 100644
--- a/src/main/java/org/traccar/api/resource/ReportResource.java
+++ b/src/main/java/org/traccar/api/resource/ReportResource.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2016 - 2020 Anton Tananaev (anton@traccar.org)
+ * Copyright 2016 - 2022 Anton Tananaev (anton@traccar.org)
* Copyright 2016 - 2018 Andrey Kunitsyn (andrey@traccar.org)
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -99,6 +99,7 @@ public class ReportResource extends BaseResource {
public Collection<Position> getRoute(
@QueryParam("deviceId") final List<Long> deviceIds, @QueryParam("groupId") final List<Long> groupIds,
@QueryParam("from") Date from, @QueryParam("to") Date to) throws SQLException {
+ Context.getPermissionsManager().checkDisableReports(getUserId());
LogAction.logReport(getUserId(), "route", from, to, deviceIds, groupIds);
return Route.getObjects(getUserId(), deviceIds, groupIds, from, to);
}
@@ -110,6 +111,7 @@ public class ReportResource extends BaseResource {
@QueryParam("deviceId") final List<Long> deviceIds, @QueryParam("groupId") final List<Long> groupIds,
@QueryParam("from") Date from, @QueryParam("to") Date to, @QueryParam("mail") boolean mail)
throws SQLException, IOException {
+ Context.getPermissionsManager().checkDisableReports(getUserId());
return executeReport(getUserId(), mail, stream -> {
LogAction.logReport(getUserId(), "route", from, to, deviceIds, groupIds);
Route.getExcel(stream, getUserId(), deviceIds, groupIds, from, to);
@@ -122,6 +124,7 @@ public class ReportResource extends BaseResource {
@QueryParam("deviceId") final List<Long> deviceIds, @QueryParam("groupId") final List<Long> groupIds,
@QueryParam("type") final List<String> types,
@QueryParam("from") Date from, @QueryParam("to") Date to) throws SQLException {
+ Context.getPermissionsManager().checkDisableReports(getUserId());
LogAction.logReport(getUserId(), "events", from, to, deviceIds, groupIds);
return Events.getObjects(getUserId(), deviceIds, groupIds, types, from, to);
}
@@ -134,6 +137,7 @@ public class ReportResource extends BaseResource {
@QueryParam("type") final List<String> types,
@QueryParam("from") Date from, @QueryParam("to") Date to, @QueryParam("mail") boolean mail)
throws SQLException, IOException {
+ Context.getPermissionsManager().checkDisableReports(getUserId());
return executeReport(getUserId(), mail, stream -> {
LogAction.logReport(getUserId(), "events", from, to, deviceIds, groupIds);
Events.getExcel(stream, getUserId(), deviceIds, groupIds, types, from, to);
@@ -146,6 +150,7 @@ public class ReportResource extends BaseResource {
@QueryParam("deviceId") final List<Long> deviceIds, @QueryParam("groupId") final List<Long> groupIds,
@QueryParam("from") Date from, @QueryParam("to") Date to, @QueryParam("daily") boolean daily)
throws SQLException {
+ Context.getPermissionsManager().checkDisableReports(getUserId());
LogAction.logReport(getUserId(), "summary", from, to, deviceIds, groupIds);
return Summary.getObjects(getUserId(), deviceIds, groupIds, from, to, daily);
}
@@ -158,6 +163,7 @@ public class ReportResource extends BaseResource {
@QueryParam("from") Date from, @QueryParam("to") Date to, @QueryParam("daily") boolean daily,
@QueryParam("mail") boolean mail)
throws SQLException, IOException {
+ Context.getPermissionsManager().checkDisableReports(getUserId());
return executeReport(getUserId(), mail, stream -> {
LogAction.logReport(getUserId(), "summary", from, to, deviceIds, groupIds);
Summary.getExcel(stream, getUserId(), deviceIds, groupIds, from, to, daily);
@@ -170,6 +176,7 @@ public class ReportResource extends BaseResource {
public Collection<TripReport> getTrips(
@QueryParam("deviceId") final List<Long> deviceIds, @QueryParam("groupId") final List<Long> groupIds,
@QueryParam("from") Date from, @QueryParam("to") Date to) throws SQLException {
+ Context.getPermissionsManager().checkDisableReports(getUserId());
LogAction.logReport(getUserId(), "trips", from, to, deviceIds, groupIds);
return Trips.getObjects(getUserId(), deviceIds, groupIds, from, to);
}
@@ -181,6 +188,7 @@ public class ReportResource extends BaseResource {
@QueryParam("deviceId") final List<Long> deviceIds, @QueryParam("groupId") final List<Long> groupIds,
@QueryParam("from") Date from, @QueryParam("to") Date to, @QueryParam("mail") boolean mail)
throws SQLException, IOException {
+ Context.getPermissionsManager().checkDisableReports(getUserId());
return executeReport(getUserId(), mail, stream -> {
LogAction.logReport(getUserId(), "trips", from, to, deviceIds, groupIds);
Trips.getExcel(stream, getUserId(), deviceIds, groupIds, from, to);
@@ -193,6 +201,7 @@ public class ReportResource extends BaseResource {
public Collection<StopReport> getStops(
@QueryParam("deviceId") final List<Long> deviceIds, @QueryParam("groupId") final List<Long> groupIds,
@QueryParam("from") Date from, @QueryParam("to") Date to) throws SQLException {
+ Context.getPermissionsManager().checkDisableReports(getUserId());
LogAction.logReport(getUserId(), "stops", from, to, deviceIds, groupIds);
return Stops.getObjects(getUserId(), deviceIds, groupIds, from, to);
}
@@ -204,6 +213,7 @@ public class ReportResource extends BaseResource {
@QueryParam("deviceId") final List<Long> deviceIds, @QueryParam("groupId") final List<Long> groupIds,
@QueryParam("from") Date from, @QueryParam("to") Date to, @QueryParam("mail") boolean mail)
throws SQLException, IOException {
+ Context.getPermissionsManager().checkDisableReports(getUserId());
return executeReport(getUserId(), mail, stream -> {
LogAction.logReport(getUserId(), "stops", from, to, deviceIds, groupIds);
Stops.getExcel(stream, getUserId(), deviceIds, groupIds, from, to);
diff --git a/src/main/java/org/traccar/database/PermissionsManager.java b/src/main/java/org/traccar/database/PermissionsManager.java
index 32464cf90..ab841a521 100644
--- a/src/main/java/org/traccar/database/PermissionsManager.java
+++ b/src/main/java/org/traccar/database/PermissionsManager.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2015 - 2021 Anton Tananaev (anton@traccar.org)
+ * Copyright 2015 - 2022 Anton Tananaev (anton@traccar.org)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -274,6 +274,11 @@ public class PermissionsManager {
return user != null && user.getLimitCommands();
}
+ public boolean getUserDisableReport(long userId) {
+ User user = getUser(userId);
+ return user != null && user.getDisableReports();
+ }
+
public void checkReadonly(long userId) throws SecurityException {
if (!getUserAdmin(userId) && (server.getReadonly() || getUserReadonly(userId))) {
throw new SecurityException("Account is readonly");
@@ -292,6 +297,12 @@ public class PermissionsManager {
}
}
+ public void checkDisableReports(long userId) throws SecurityException {
+ if (!getUserAdmin(userId) && (server.getDisableReports() || getUserDisableReport(userId))) {
+ throw new SecurityException("Account has reports disabled");
+ }
+ }
+
public void checkUserDeviceCommand(long userId, long deviceId, long commandId) throws SecurityException {
if (!getUserAdmin(userId) && Context.getCommandsManager().checkDeviceCommand(deviceId, commandId)) {
throw new SecurityException("Command can not be sent to this device");
@@ -326,7 +337,8 @@ public class PermissionsManager {
if (before.getReadonly() != after.getReadonly()
|| before.getDeviceReadonly() != after.getDeviceReadonly()
|| before.getDisabled() != after.getDisabled()
- || before.getLimitCommands() != after.getLimitCommands()) {
+ || before.getLimitCommands() != after.getLimitCommands()
+ || before.getDisableReports() != after.getDisableReports()) {
if (userId == after.getId()) {
checkAdmin(userId);
}
diff --git a/src/main/java/org/traccar/model/Server.java b/src/main/java/org/traccar/model/Server.java
index 7bdb53b22..03d087cac 100644
--- a/src/main/java/org/traccar/model/Server.java
+++ b/src/main/java/org/traccar/model/Server.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2015 - 2021 Anton Tananaev (anton@traccar.org)
+ * Copyright 2015 - 2022 Anton Tananaev (anton@traccar.org)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -152,6 +152,16 @@ public class Server extends ExtendedModel {
this.limitCommands = limitCommands;
}
+ private boolean disableReports;
+
+ public boolean getDisableReports() {
+ return disableReports;
+ }
+
+ public void setDisableReports(boolean disableReports) {
+ this.disableReports = disableReports;
+ }
+
private String poiLayer;
public String getPoiLayer() {
diff --git a/src/main/java/org/traccar/model/User.java b/src/main/java/org/traccar/model/User.java
index 976b6aac0..359bdc2c2 100644
--- a/src/main/java/org/traccar/model/User.java
+++ b/src/main/java/org/traccar/model/User.java
@@ -224,6 +224,16 @@ public class User extends ExtendedModel {
private String poiLayer;
+ private boolean disableReports;
+
+ public boolean getDisableReports() {
+ return disableReports;
+ }
+
+ public void setDisableReports(boolean disableReports) {
+ this.disableReports = disableReports;
+ }
+
public String getPoiLayer() {
return poiLayer;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 00:08:58 +0000