diff options
-rw-r--r-- | schema/changelog-3.8.xml | 15 | ||||
-rw-r--r-- | setup/default.xml | 9 | ||||
-rw-r--r-- | src/org/traccar/api/SecurityRequestFilter.java | 40 | ||||
-rw-r--r-- | src/org/traccar/api/resource/DeviceResource.java | 7 | ||||
-rw-r--r-- | src/org/traccar/api/resource/SessionResource.java | 12 | ||||
-rw-r--r-- | src/org/traccar/api/resource/UserResource.java | 13 | ||||
-rw-r--r-- | src/org/traccar/database/PermissionsManager.java | 38 | ||||
-rw-r--r-- | src/org/traccar/model/User.java | 57 | ||||
-rw-r--r-- | src/org/traccar/protocol/AutoGradeProtocolDecoder.java | 7 | ||||
-rw-r--r-- | src/org/traccar/protocol/UproProtocolDecoder.java | 2 | ||||
-rw-r--r-- | test/org/traccar/protocol/MeiligaoProtocolDecoderTest.java | 3 | ||||
-rw-r--r-- | test/org/traccar/protocol/Tk103ProtocolDecoderTest.java | 6 |
12 files changed, 179 insertions, 30 deletions
diff --git a/schema/changelog-3.8.xml b/schema/changelog-3.8.xml index 780a2d029..f53673eae 100644 --- a/schema/changelog-3.8.xml +++ b/schema/changelog-3.8.xml @@ -107,5 +107,20 @@ <column name="category" type="VARCHAR(128)" /> </addColumn> + <addColumn tableName="users"> + <column name="disabled" type="BOOLEAN" defaultValueBoolean="false" /> + </addColumn> + <addColumn tableName="users"> + <column name="expirationtime" type="TIMESTAMP" /> + </addColumn> + <addColumn tableName="users"> + <column name="devicelimit" type="INT" defaultValueNumeric="0" /> + </addColumn> + <addColumn tableName="users"> + <column name="token" type="VARCHAR(128)" /> + </addColumn> + + <addUniqueConstraint tableName="users" columnNames="token" constraintName="uk_user_token" /> + </changeSet> </databaseChangeLog> diff --git a/setup/default.xml b/setup/default.xml index f50f3904f..e6d701f4c 100644 --- a/setup/default.xml +++ b/setup/default.xml @@ -62,8 +62,8 @@ </entry> <entry key='database.insertUser'> - INSERT INTO users (name, email, hashedPassword, salt, admin, map, distanceUnit, speedUnit, latitude, longitude, zoom, twelveHourFormat, attributes) - VALUES (:name, :email, :hashedPassword, :salt, :admin, :map, :distanceUnit, :speedUnit, :latitude, :longitude, :zoom, :twelveHourFormat, :attributes) + INSERT INTO users (name, email, hashedPassword, salt, admin, map, distanceUnit, speedUnit, latitude, longitude, zoom, twelveHourFormat, coordinateFormat, disabled, expirationTime, deviceLimit, token, attributes) + VALUES (:name, :email, :hashedPassword, :salt, :admin, :map, :distanceUnit, :speedUnit, :latitude, :longitude, :zoom, :twelveHourFormat, :coordinateFormat, :disabled, :expirationTime, :deviceLimit, :token, :attributes) </entry> <entry key='database.updateUser'> @@ -78,6 +78,11 @@ longitude = :longitude, zoom = :zoom, twelveHourFormat = :twelveHourFormat, + coordinateFormat = :coordinateFormat, + disabled = :disabled, + expirationTime = :expirationTime, + deviceLimit = :deviceLimit, + token = :token, attributes = :attributes WHERE id = :id </entry> diff --git a/src/org/traccar/api/SecurityRequestFilter.java b/src/org/traccar/api/SecurityRequestFilter.java index fd4c77525..3f2390754 100644 --- a/src/org/traccar/api/SecurityRequestFilter.java +++ b/src/org/traccar/api/SecurityRequestFilter.java @@ -17,6 +17,7 @@ package org.traccar.api; import org.traccar.Context; import org.traccar.api.resource.SessionResource; +import org.traccar.helper.Log; import org.traccar.model.User; import javax.annotation.security.PermitAll; @@ -62,28 +63,35 @@ public class SecurityRequestFilter implements ContainerRequestFilter { SecurityContext securityContext = null; - String authHeader = requestContext.getHeaderString(AUTHORIZATION_HEADER); - if (authHeader != null) { + try { - try { - String[] auth = decodeBasicAuth(authHeader); - User user = Context.getDataManager().login(auth[0], auth[1]); - if (user != null) { - Context.getStatisticsManager().registerRequest(user.getId()); - securityContext = new UserSecurityContext(new UserPrincipal(user.getId())); + String authHeader = requestContext.getHeaderString(AUTHORIZATION_HEADER); + if (authHeader != null) { + + try { + String[] auth = decodeBasicAuth(authHeader); + User user = Context.getPermissionsManager().login(auth[0], auth[1]); + if (user != null) { + Context.getStatisticsManager().registerRequest(user.getId()); + securityContext = new UserSecurityContext(new UserPrincipal(user.getId())); + } + } catch (SQLException e) { + throw new WebApplicationException(e); } - } catch (SQLException e) { - throw new WebApplicationException(e); - } - } else if (request.getSession() != null) { + } else if (request.getSession() != null) { + + Long userId = (Long) request.getSession().getAttribute(SessionResource.USER_ID_KEY); + if (userId != null) { + Context.getPermissionsManager().checkUser(userId); + Context.getStatisticsManager().registerRequest(userId); + securityContext = new UserSecurityContext(new UserPrincipal(userId)); + } - Long userId = (Long) request.getSession().getAttribute(SessionResource.USER_ID_KEY); - if (userId != null) { - Context.getStatisticsManager().registerRequest(userId); - securityContext = new UserSecurityContext(new UserPrincipal(userId)); } + } catch (SecurityException e) { + Log.warning(e); } if (securityContext != null) { diff --git a/src/org/traccar/api/resource/DeviceResource.java b/src/org/traccar/api/resource/DeviceResource.java index f20ed86ad..0b389ede1 100644 --- a/src/org/traccar/api/resource/DeviceResource.java +++ b/src/org/traccar/api/resource/DeviceResource.java @@ -58,6 +58,13 @@ public class DeviceResource extends BaseResource { @POST public Response add(Device entity) throws SQLException { Context.getPermissionsManager().checkReadonly(getUserId()); + int deviceLimit = Context.getPermissionsManager().getUser(getUserId()).getDeviceLimit(); + if (deviceLimit != 0) { + int deviceCount = Context.getPermissionsManager().getDevicePermissions(getUserId()).size(); + if (deviceCount >= deviceLimit) { + throw new SecurityException("User device limit reached"); + } + } Context.getDeviceManager().addDevice(entity); Context.getDataManager().linkDevice(getUserId(), entity.getId()); Context.getPermissionsManager().refreshPermissions(); diff --git a/src/org/traccar/api/resource/SessionResource.java b/src/org/traccar/api/resource/SessionResource.java index 2847e41c1..996865c4b 100644 --- a/src/org/traccar/api/resource/SessionResource.java +++ b/src/org/traccar/api/resource/SessionResource.java @@ -29,6 +29,7 @@ import javax.ws.rs.GET; import javax.ws.rs.POST; import javax.ws.rs.Path; import javax.ws.rs.Produces; +import javax.ws.rs.QueryParam; import javax.ws.rs.WebApplicationException; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; @@ -48,7 +49,7 @@ public class SessionResource extends BaseResource { @PermitAll @GET - public User get() throws SQLException { + public User get(@QueryParam("token") String token) throws SQLException { Long userId = (Long) request.getSession().getAttribute(USER_ID_KEY); if (userId == null) { Cookie[] cookies = request.getCookies(); @@ -64,7 +65,13 @@ public class SessionResource extends BaseResource { } } if (email != null && password != null) { - User user = Context.getDataManager().login(email, password); + User user = Context.getPermissionsManager().login(email, password); + if (user != null) { + userId = user.getId(); + request.getSession().setAttribute(USER_ID_KEY, userId); + } + } else if (token != null) { + User user = Context.getPermissionsManager().getUserByToken(token); if (user != null) { userId = user.getId(); request.getSession().setAttribute(USER_ID_KEY, userId); @@ -73,6 +80,7 @@ public class SessionResource extends BaseResource { } if (userId != null) { + Context.getPermissionsManager().checkUser(userId); return Context.getPermissionsManager().getUser(userId); } else { throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).build()); diff --git a/src/org/traccar/api/resource/UserResource.java b/src/org/traccar/api/resource/UserResource.java index f0a8597cc..2ff1639f6 100644 --- a/src/org/traccar/api/resource/UserResource.java +++ b/src/org/traccar/api/resource/UserResource.java @@ -60,13 +60,18 @@ public class UserResource extends BaseResource { @Path("{id}") @PUT public Response update(@PathParam("id") long id, User entity) throws SQLException { - if (entity.getAdmin()) { + User old = Context.getPermissionsManager().getUser(entity.getId()); + if (old.getExpirationTime() == null && entity.getExpirationTime() != null + || old.getExpirationTime() != null && !old.getExpirationTime().equals(entity.getExpirationTime()) + || old.getAdmin() != entity.getAdmin() + || old.getReadonly() != entity.getReadonly() + || old.getDisabled() != entity.getDisabled() + || old.getDeviceLimit() != entity.getDeviceLimit() + || old.getToken() == null && entity.getToken() != null + || old.getToken() != null && !old.getToken().equals(entity.getToken())) { Context.getPermissionsManager().checkAdmin(getUserId()); } else { Context.getPermissionsManager().checkUser(getUserId(), entity.getId()); - if (!entity.getReadonly()) { - Context.getPermissionsManager().checkReadonly(entity.getId()); - } } Context.getPermissionsManager().updateUser(entity); if (Context.getNotificationManager() != null) { diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java index b0ae504d0..71633f6ef 100644 --- a/src/org/traccar/database/PermissionsManager.java +++ b/src/org/traccar/database/PermissionsManager.java @@ -39,6 +39,7 @@ public class PermissionsManager { private volatile Server server; private final Map<Long, User> users = new ConcurrentHashMap<>(); + private final Map<String, Long> usersTokens = new HashMap<>(); private final Map<Long, Set<Long>> groupPermissions = new HashMap<>(); private final Map<Long, Set<Long>> devicePermissions = new HashMap<>(); @@ -81,10 +82,14 @@ public class PermissionsManager { public final void refreshUsers() { users.clear(); + usersTokens.clear(); try { server = dataManager.getServer(); for (User user : dataManager.getUsers()) { users.put(user.getId(), user); + if (user.getToken() != null) { + usersTokens.put(user.getToken(), user.getId()); + } } } catch (SQLException error) { Log.warning(error); @@ -146,7 +151,17 @@ public class PermissionsManager { public void checkReadonly(long userId) throws SecurityException { if (!isAdmin(userId) && (server.getReadonly() || isReadonly(userId))) { - throw new SecurityException("User is readonly"); + throw new SecurityException("Account is readonly"); + } + } + + public void checkUser(long userId) throws SecurityException { + User user = getUser(userId); + if (user.getDisabled()) { + throw new SecurityException("Account is disabled"); + } + if (user.getExpirationTime() != null && System.currentTimeMillis() > user.getExpirationTime().getTime()) { + throw new SecurityException("Account has expired"); } } @@ -200,28 +215,43 @@ public class PermissionsManager { public void addUser(User user) throws SQLException { dataManager.addUser(user); users.put(user.getId(), user); + if (user.getToken() != null) { + usersTokens.put(user.getToken(), user.getId()); + } refreshPermissions(); } public void updateUser(User user) throws SQLException { dataManager.updateUser(user); + User old = users.get(user.getId()); users.put(user.getId(), user); + if (user.getToken() != null) { + usersTokens.put(user.getToken(), user.getId()); + } + if (old.getToken() != null && !old.getToken().equals(user.getToken())) { + usersTokens.remove(old.getToken()); + } refreshPermissions(); } public void removeUser(long userId) throws SQLException { dataManager.removeUser(userId); + usersTokens.remove(users.get(userId).getToken()); users.remove(userId); refreshPermissions(); } public User login(String email, String password) throws SQLException { User user = dataManager.login(email, password); - if (user != null && users.get(user.getId()) != null) { + if (user != null) { + checkUser(user.getId()); return users.get(user.getId()); - } else { - return null; } + return null; + } + + public User getUserByToken(String token) { + return users.get(usersTokens.get(token)); } } diff --git a/src/org/traccar/model/User.java b/src/org/traccar/model/User.java index aa0b33713..411b556fc 100644 --- a/src/org/traccar/model/User.java +++ b/src/org/traccar/model/User.java @@ -18,6 +18,8 @@ package org.traccar.model; import com.fasterxml.jackson.annotation.JsonIgnore; import org.traccar.helper.Hashing; +import java.util.Date; + public class User extends Extensible { private String name; @@ -140,6 +142,61 @@ public class User extends Extensible { this.coordinateFormat = coordinateFormat; } + private boolean disabled; + + public boolean getDisabled() { + return disabled; + } + + public void setDisabled(boolean disabled) { + this.disabled = disabled; + } + + private Date expirationTime; + + public Date getExpirationTime() { + if (expirationTime != null) { + return new Date(expirationTime.getTime()); + } else { + return null; + } + } + + public void setExpirationTime(Date expirationTime) { + if (expirationTime != null) { + this.expirationTime = new Date(expirationTime.getTime()); + } else { + this.expirationTime = null; + } + } + + private int deviceLimit; + + public int getDeviceLimit() { + return deviceLimit; + } + + public void setDeviceLimit(int deviceLimit) { + this.deviceLimit = deviceLimit; + } + + private String token; + + public String getToken() { + return token; + } + + public void setToken(String token) { + if (token != null) { + if (!token.matches("^[a-zA-Z0-9]{16,}$")) { + throw new IllegalArgumentException("Illegal token"); + } + this.token = token; + } else { + this.token = null; + } + } + public String getPassword() { return null; } diff --git a/src/org/traccar/protocol/AutoGradeProtocolDecoder.java b/src/org/traccar/protocol/AutoGradeProtocolDecoder.java index d520c282c..d8fe8b1a2 100644 --- a/src/org/traccar/protocol/AutoGradeProtocolDecoder.java +++ b/src/org/traccar/protocol/AutoGradeProtocolDecoder.java @@ -18,6 +18,7 @@ package org.traccar.protocol; import org.jboss.netty.channel.Channel; import org.traccar.BaseProtocolDecoder; import org.traccar.DeviceSession; +import org.traccar.helper.BitUtil; import org.traccar.helper.DateBuilder; import org.traccar.helper.Parser; import org.traccar.helper.PatternBuilder; @@ -43,7 +44,7 @@ public class AutoGradeProtocolDecoder extends BaseProtocolDecoder { .number("([d.]{5})") // speed .number("(dd)(dd)(dd)") // time .number("([d.]{6})") // course - .expression(".") // status + .expression("(.)") // status .number("A(xxxx)") .number("B(xxxx)") .number("C(xxxx)") @@ -88,6 +89,10 @@ public class AutoGradeProtocolDecoder extends BaseProtocolDecoder { position.setCourse(parser.nextDouble()); + int status = (byte) parser.next().charAt(0); + position.set(Position.KEY_STATUS, status); + position.set(Position.KEY_IGNITION, BitUtil.check(status, 0)); + for (int i = 1; i <= 5; i++) { position.set(Position.PREFIX_ADC + i, parser.next()); } diff --git a/src/org/traccar/protocol/UproProtocolDecoder.java b/src/org/traccar/protocol/UproProtocolDecoder.java index c6f400cae..24a0f5dcd 100644 --- a/src/org/traccar/protocol/UproProtocolDecoder.java +++ b/src/org/traccar/protocol/UproProtocolDecoder.java @@ -127,7 +127,7 @@ public class UproProtocolDecoder extends BaseProtocolDecoder { odometer <<= 4; odometer += data[i].charAt(j) - '0'; } - position.set(Position.KEY_ODOMETER, odometer); + position.set(Position.KEY_ODOMETER, odometer * 2 * 1852 / 3600); break; case 'P': position.set(Position.KEY_MCC, Integer.parseInt(data[i].substring(1, 5))); diff --git a/test/org/traccar/protocol/MeiligaoProtocolDecoderTest.java b/test/org/traccar/protocol/MeiligaoProtocolDecoderTest.java index 94f91e825..10fa3f971 100644 --- a/test/org/traccar/protocol/MeiligaoProtocolDecoderTest.java +++ b/test/org/traccar/protocol/MeiligaoProtocolDecoderTest.java @@ -11,6 +11,9 @@ public class MeiligaoProtocolDecoderTest extends ProtocolTest { MeiligaoProtocolDecoder decoder = new MeiligaoProtocolDecoder(new MeiligaoProtocol()); verifyPosition(decoder, binary( + "242400706573402852404799553130313932372e3030302c412c313732362e38323739332c4e2c30373832382e31393637312c452c312e382c362e342c3137313131362c2c2a32427c312e36387c3534342e327c313030307c303030302c303030307c3030303032383638373a1a0d0a")); + + verifyPosition(decoder, binary( "2424007d0000000000000099553231303333302e3030302c562c343533342e333832342c532c30373230332e303630302c572c302e30302c302c3231313031362c2c2a31327c302e307c3332397c323030307c303030452c303030437c303244413030303145413634393541417c31307c30303030303030306e540d0a")); verifyAttributes(decoder, binary( diff --git a/test/org/traccar/protocol/Tk103ProtocolDecoderTest.java b/test/org/traccar/protocol/Tk103ProtocolDecoderTest.java index ba820f2f6..4c6f0e004 100644 --- a/test/org/traccar/protocol/Tk103ProtocolDecoderTest.java +++ b/test/org/traccar/protocol/Tk103ProtocolDecoderTest.java @@ -10,6 +10,12 @@ public class Tk103ProtocolDecoderTest extends ProtocolTest { Tk103ProtocolDecoder decoder = new Tk103ProtocolDecoder(new Tk103Protocol()); + verifyNothing(decoder, text( + "(027028258309BQ86,0,05550c21b10d1d0f431008bd114c0ea5078400010007a100423932,161117005322,01000001)")); + + verifyNothing(decoder, text( + "(027028258309BQ86,0,05470c0eb20d040f4410022911360e92077e00010007a1004237c7,161117005232,01000001)")); + verifyPosition(decoder, text( "(01602009983BR00160830V1855.7022S4817.8731W000.0002729000.0010000000L00000000)")); |