aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--schema/changelog-3.10.xml4
-rw-r--r--setup/default.xml6
-rw-r--r--src/org/traccar/api/resource/UserPermissionResource.java9
-rw-r--r--src/org/traccar/database/CalendarManager.java4
-rw-r--r--src/org/traccar/database/DataManager.java8
-rw-r--r--src/org/traccar/database/DeviceManager.java8
-rw-r--r--src/org/traccar/database/GeofenceManager.java4
-rw-r--r--src/org/traccar/database/PermissionsManager.java59
-rw-r--r--src/org/traccar/model/UserPermission.java10
9 files changed, 53 insertions, 59 deletions
diff --git a/schema/changelog-3.10.xml b/schema/changelog-3.10.xml
index 5ba882e0f..137b3bc82 100644
--- a/schema/changelog-3.10.xml
+++ b/schema/changelog-3.10.xml
@@ -56,13 +56,13 @@
<column name="userid" type="INT">
<constraints nullable="false" />
</column>
- <column name="otheruserid" type="INT">
+ <column name="manageduserid" type="INT">
<constraints nullable="false" />
</column>
</createTable>
<addForeignKeyConstraint baseTableName="user_user" baseColumnNames="userid" constraintName="fk_user_user_userid" referencedTableName="users" referencedColumnNames="id" onDelete="CASCADE" />
- <addForeignKeyConstraint baseTableName="user_user" baseColumnNames="otheruserid" constraintName="fk_user_user_otheruserid" referencedTableName="users" referencedColumnNames="id" onDelete="CASCADE" />
+ <addForeignKeyConstraint baseTableName="user_user" baseColumnNames="manageduserid" constraintName="fk_user_user_manageduserid" referencedTableName="users" referencedColumnNames="id" onDelete="CASCADE" />
</changeSet>
</databaseChangeLog>
diff --git a/setup/default.xml b/setup/default.xml
index eab11e10e..0ab3163f0 100644
--- a/setup/default.xml
+++ b/setup/default.xml
@@ -353,15 +353,15 @@
</entry>
<entry key='database.selectUserPermissions'>
- SELECT userId, otherUserId FROM user_user
+ SELECT userId, managedUserId FROM user_user
</entry>
<entry key='database.linkUser'>
- INSERT INTO user_user (userId, otherUserId) VALUES (:userId, :otherUserId)
+ INSERT INTO user_user (userId, managedUserId) VALUES (:userId, :managedUserId)
</entry>
<entry key='database.unlinkUser'>
- DELETE FROM user_user WHERE userId = :userId AND otherUserId = :otherUserId
+ DELETE FROM user_user WHERE userId = :userId AND managedUserId = :managedUserId
</entry>
<!-- PROTOCOL CONFIG -->
diff --git a/src/org/traccar/api/resource/UserPermissionResource.java b/src/org/traccar/api/resource/UserPermissionResource.java
index 35e22e6d4..a97c4a665 100644
--- a/src/org/traccar/api/resource/UserPermissionResource.java
+++ b/src/org/traccar/api/resource/UserPermissionResource.java
@@ -38,18 +38,17 @@ public class UserPermissionResource extends BaseResource {
@POST
public Response add(UserPermission entity) throws SQLException {
Context.getPermissionsManager().checkAdmin(getUserId());
- if (entity.getUserId() == entity.getOtherUserId()) {
- throw new SecurityException("Selfmanagement prohibited");
+ if (entity.getUserId() != entity.getManagedUserId()) {
+ Context.getDataManager().linkUser(entity.getUserId(), entity.getManagedUserId());
+ Context.getPermissionsManager().refreshUserPermissions();
}
- Context.getDataManager().linkUser(entity.getUserId(), entity.getOtherUserId());
- Context.getPermissionsManager().refreshUserPermissions();
return Response.ok(entity).build();
}
@DELETE
public Response remove(UserPermission entity) throws SQLException {
Context.getPermissionsManager().checkAdmin(getUserId());
- Context.getDataManager().unlinkUser(entity.getUserId(), entity.getOtherUserId());
+ Context.getDataManager().unlinkUser(entity.getUserId(), entity.getManagedUserId());
Context.getPermissionsManager().refreshUserPermissions();
return Response.noContent().build();
}
diff --git a/src/org/traccar/database/CalendarManager.java b/src/org/traccar/database/CalendarManager.java
index d755bd396..31d484327 100644
--- a/src/org/traccar/database/CalendarManager.java
+++ b/src/org/traccar/database/CalendarManager.java
@@ -73,8 +73,8 @@ public class CalendarManager {
public Collection<Calendar> getManagedCalendars(long userId) {
ArrayList<Calendar> result = new ArrayList<>();
result.addAll(getUserCalendars(userId));
- for (long otherUserId : Context.getPermissionsManager().getUserPermissions(userId)) {
- result.addAll(getUserCalendars(otherUserId));
+ for (long managedUserId : Context.getPermissionsManager().getUserPermissions(userId)) {
+ result.addAll(getUserCalendars(managedUserId));
}
return result;
}
diff --git a/src/org/traccar/database/DataManager.java b/src/org/traccar/database/DataManager.java
index 2dea7ef40..8337762f7 100644
--- a/src/org/traccar/database/DataManager.java
+++ b/src/org/traccar/database/DataManager.java
@@ -534,17 +534,17 @@ public class DataManager {
.executeQuery(UserPermission.class);
}
- public void linkUser(long userId, long otherUserId) throws SQLException {
+ public void linkUser(long userId, long managedUserId) throws SQLException {
QueryBuilder.create(dataSource, getQuery("database.linkUser"))
.setLong("userId", userId)
- .setLong("otherUserId", otherUserId)
+ .setLong("managedUserId", managedUserId)
.executeUpdate();
}
- public void unlinkUser(long userId, long otherUserId) throws SQLException {
+ public void unlinkUser(long userId, long managedUserId) throws SQLException {
QueryBuilder.create(dataSource, getQuery("database.unlinkUser"))
.setLong("userId", userId)
- .setLong("otherUserId", otherUserId)
+ .setLong("managedUserId", managedUserId)
.executeUpdate();
}
}
diff --git a/src/org/traccar/database/DeviceManager.java b/src/org/traccar/database/DeviceManager.java
index bcb3185ca..8e75903db 100644
--- a/src/org/traccar/database/DeviceManager.java
+++ b/src/org/traccar/database/DeviceManager.java
@@ -163,8 +163,8 @@ public class DeviceManager implements IdentityManager {
public Collection<Device> getManagedDevices(long userId) throws SQLException {
Collection<Device> devices = new ArrayList<>();
devices.addAll(getDevices(userId));
- for (long otherUserId : Context.getPermissionsManager().getUserPermissions(userId)) {
- devices.addAll(getDevices(otherUserId));
+ for (long managedUserId : Context.getPermissionsManager().getUserPermissions(userId)) {
+ devices.addAll(getDevices(managedUserId));
}
return devices;
}
@@ -301,8 +301,8 @@ public class DeviceManager implements IdentityManager {
public Collection<Group> getManagedGroups(long userId) throws SQLException {
Collection<Group> groups = new ArrayList<>();
groups.addAll(getGroups(userId));
- for (long otherUserId : Context.getPermissionsManager().getUserPermissions(userId)) {
- groups.addAll(getGroups(otherUserId));
+ for (long managedUserId : Context.getPermissionsManager().getUserPermissions(userId)) {
+ groups.addAll(getGroups(managedUserId));
}
return groups;
}
diff --git a/src/org/traccar/database/GeofenceManager.java b/src/org/traccar/database/GeofenceManager.java
index adc93aa29..b8e6a5d73 100644
--- a/src/org/traccar/database/GeofenceManager.java
+++ b/src/org/traccar/database/GeofenceManager.java
@@ -245,8 +245,8 @@ public class GeofenceManager {
public final Set<Long> getManagedGeofencesIds(long userId) {
Set<Long> geofences = new HashSet<>();
geofences.addAll(getUserGeofencesIds(userId));
- for (long otherUserId : Context.getPermissionsManager().getUserPermissions(userId)) {
- geofences.addAll(getUserGeofencesIds(otherUserId));
+ for (long managedUserId : Context.getPermissionsManager().getUserPermissions(userId)) {
+ geofences.addAll(getUserGeofencesIds(managedUserId));
}
return geofences;
}
diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java
index 3c62f84c2..c49ffb00c 100644
--- a/src/org/traccar/database/PermissionsManager.java
+++ b/src/org/traccar/database/PermissionsManager.java
@@ -30,7 +30,6 @@ import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
-import java.util.Iterator;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
@@ -114,7 +113,7 @@ public class PermissionsManager {
userPermissions.clear();
try {
for (UserPermission permission : dataManager.getUserPermissions()) {
- getUserPermissions(permission.getUserId()).add(permission.getOtherUserId());
+ getUserPermissions(permission.getUserId()).add(permission.getManagedUserId());
}
} catch (SQLException error) {
Log.warning(error);
@@ -250,27 +249,25 @@ public class PermissionsManager {
public void checkGroup(long userId, long groupId) throws SecurityException {
if (!getGroupPermissions(userId).contains(groupId) && !isAdmin(userId)) {
- Iterator<Long> iterator = getUserPermissions(userId).iterator();
- boolean managed = false;
- while (!managed && iterator.hasNext()) {
- managed = getGroupPermissions(iterator.next()).contains(groupId);
- }
- if (!managed) {
- throw new SecurityException("Group access denied");
+ checkManager(userId);
+ for (long managedUserId : getUserPermissions(userId)) {
+ if (getGroupPermissions(managedUserId).contains(groupId)) {
+ return;
+ }
}
+ throw new SecurityException("Group access denied");
}
}
public void checkDevice(long userId, long deviceId) throws SecurityException {
if (!getDevicePermissions(userId).contains(deviceId) && !isAdmin(userId)) {
- Iterator<Long> iterator = getUserPermissions(userId).iterator();
- boolean managed = false;
- while (!managed && iterator.hasNext()) {
- managed = getDevicePermissions(iterator.next()).contains(deviceId);
- }
- if (!managed) {
- throw new SecurityException("Device access denied");
+ checkManager(userId);
+ for (long managedUserId : getUserPermissions(userId)) {
+ if (getDevicePermissions(managedUserId).contains(deviceId)) {
+ return;
+ }
}
+ throw new SecurityException("Device access denied");
}
}
@@ -282,27 +279,25 @@ public class PermissionsManager {
public void checkGeofence(long userId, long geofenceId) throws SecurityException {
if (!Context.getGeofenceManager().checkGeofence(userId, geofenceId) && !isAdmin(userId)) {
- Iterator<Long> iterator = getUserPermissions(userId).iterator();
- boolean managed = false;
- while (!managed && iterator.hasNext()) {
- managed = Context.getGeofenceManager().checkGeofence(iterator.next(), geofenceId);
- }
- if (!managed) {
- throw new SecurityException("Geofence access denied");
+ checkManager(userId);
+ for (long managedUserId : getUserPermissions(userId)) {
+ if (Context.getGeofenceManager().checkGeofence(managedUserId, geofenceId)) {
+ return;
+ }
}
+ throw new SecurityException("Geofence access denied");
}
}
public void checkCalendar(long userId, long calendarId) throws SecurityException {
if (!Context.getCalendarManager().checkCalendar(userId, calendarId) && !isAdmin(userId)) {
- Iterator<Long> iterator = getUserPermissions(userId).iterator();
- boolean managed = false;
- while (!managed && iterator.hasNext()) {
- managed = Context.getCalendarManager().checkCalendar(iterator.next(), calendarId);
- }
- if (!managed) {
- throw new SecurityException("Calendar access denied");
+ checkManager(userId);
+ for (long managedUserId : getUserPermissions(userId)) {
+ if (Context.getCalendarManager().checkCalendar(managedUserId, calendarId)) {
+ return;
+ }
}
+ throw new SecurityException("Calendar access denied");
}
}
@@ -321,8 +316,8 @@ public class PermissionsManager {
public Collection<User> getUsers(long userId) {
Collection<User> result = new ArrayList<>();
- for (long otherUserId : getUserPermissions(userId)) {
- result.add(users.get(otherUserId));
+ for (long managedUserId : getUserPermissions(userId)) {
+ result.add(users.get(managedUserId));
}
return result;
}
diff --git a/src/org/traccar/model/UserPermission.java b/src/org/traccar/model/UserPermission.java
index fce98edf0..39ead5ef1 100644
--- a/src/org/traccar/model/UserPermission.java
+++ b/src/org/traccar/model/UserPermission.java
@@ -28,14 +28,14 @@ public class UserPermission {
this.userId = userId;
}
- private long otherUserId;
+ private long managedUserId;
- public long getOtherUserId() {
- return otherUserId;
+ public long getManagedUserId() {
+ return managedUserId;
}
- public void setOtherUserId(long otherUserId) {
- this.otherUserId = otherUserId;
+ public void setManagedUserId(long managedUserId) {
+ this.managedUserId = managedUserId;
}
}