aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--schema/changelog-3.8.xml15
-rw-r--r--setup/default.xml9
-rw-r--r--src/org/traccar/api/SecurityRequestFilter.java40
-rw-r--r--src/org/traccar/api/resource/DeviceResource.java7
-rw-r--r--src/org/traccar/api/resource/SessionResource.java12
-rw-r--r--src/org/traccar/api/resource/UserResource.java13
-rw-r--r--src/org/traccar/database/PermissionsManager.java38
-rw-r--r--src/org/traccar/model/User.java57
-rw-r--r--src/org/traccar/protocol/AutoGradeProtocolDecoder.java7
-rw-r--r--src/org/traccar/protocol/UproProtocolDecoder.java2
-rw-r--r--test/org/traccar/protocol/MeiligaoProtocolDecoderTest.java3
-rw-r--r--test/org/traccar/protocol/Tk103ProtocolDecoderTest.java6
12 files changed, 179 insertions, 30 deletions
diff --git a/schema/changelog-3.8.xml b/schema/changelog-3.8.xml
index 780a2d029..f53673eae 100644
--- a/schema/changelog-3.8.xml
+++ b/schema/changelog-3.8.xml
@@ -107,5 +107,20 @@
<column name="category" type="VARCHAR(128)" />
</addColumn>
+ <addColumn tableName="users">
+ <column name="disabled" type="BOOLEAN" defaultValueBoolean="false" />
+ </addColumn>
+ <addColumn tableName="users">
+ <column name="expirationtime" type="TIMESTAMP" />
+ </addColumn>
+ <addColumn tableName="users">
+ <column name="devicelimit" type="INT" defaultValueNumeric="0" />
+ </addColumn>
+ <addColumn tableName="users">
+ <column name="token" type="VARCHAR(128)" />
+ </addColumn>
+
+ <addUniqueConstraint tableName="users" columnNames="token" constraintName="uk_user_token" />
+
</changeSet>
</databaseChangeLog>
diff --git a/setup/default.xml b/setup/default.xml
index f50f3904f..e6d701f4c 100644
--- a/setup/default.xml
+++ b/setup/default.xml
@@ -62,8 +62,8 @@
</entry>
<entry key='database.insertUser'>
- INSERT INTO users (name, email, hashedPassword, salt, admin, map, distanceUnit, speedUnit, latitude, longitude, zoom, twelveHourFormat, attributes)
- VALUES (:name, :email, :hashedPassword, :salt, :admin, :map, :distanceUnit, :speedUnit, :latitude, :longitude, :zoom, :twelveHourFormat, :attributes)
+ INSERT INTO users (name, email, hashedPassword, salt, admin, map, distanceUnit, speedUnit, latitude, longitude, zoom, twelveHourFormat, coordinateFormat, disabled, expirationTime, deviceLimit, token, attributes)
+ VALUES (:name, :email, :hashedPassword, :salt, :admin, :map, :distanceUnit, :speedUnit, :latitude, :longitude, :zoom, :twelveHourFormat, :coordinateFormat, :disabled, :expirationTime, :deviceLimit, :token, :attributes)
</entry>
<entry key='database.updateUser'>
@@ -78,6 +78,11 @@
longitude = :longitude,
zoom = :zoom,
twelveHourFormat = :twelveHourFormat,
+ coordinateFormat = :coordinateFormat,
+ disabled = :disabled,
+ expirationTime = :expirationTime,
+ deviceLimit = :deviceLimit,
+ token = :token,
attributes = :attributes
WHERE id = :id
</entry>
diff --git a/src/org/traccar/api/SecurityRequestFilter.java b/src/org/traccar/api/SecurityRequestFilter.java
index fd4c77525..3f2390754 100644
--- a/src/org/traccar/api/SecurityRequestFilter.java
+++ b/src/org/traccar/api/SecurityRequestFilter.java
@@ -17,6 +17,7 @@ package org.traccar.api;
import org.traccar.Context;
import org.traccar.api.resource.SessionResource;
+import org.traccar.helper.Log;
import org.traccar.model.User;
import javax.annotation.security.PermitAll;
@@ -62,28 +63,35 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
SecurityContext securityContext = null;
- String authHeader = requestContext.getHeaderString(AUTHORIZATION_HEADER);
- if (authHeader != null) {
+ try {
- try {
- String[] auth = decodeBasicAuth(authHeader);
- User user = Context.getDataManager().login(auth[0], auth[1]);
- if (user != null) {
- Context.getStatisticsManager().registerRequest(user.getId());
- securityContext = new UserSecurityContext(new UserPrincipal(user.getId()));
+ String authHeader = requestContext.getHeaderString(AUTHORIZATION_HEADER);
+ if (authHeader != null) {
+
+ try {
+ String[] auth = decodeBasicAuth(authHeader);
+ User user = Context.getPermissionsManager().login(auth[0], auth[1]);
+ if (user != null) {
+ Context.getStatisticsManager().registerRequest(user.getId());
+ securityContext = new UserSecurityContext(new UserPrincipal(user.getId()));
+ }
+ } catch (SQLException e) {
+ throw new WebApplicationException(e);
}
- } catch (SQLException e) {
- throw new WebApplicationException(e);
- }
- } else if (request.getSession() != null) {
+ } else if (request.getSession() != null) {
+
+ Long userId = (Long) request.getSession().getAttribute(SessionResource.USER_ID_KEY);
+ if (userId != null) {
+ Context.getPermissionsManager().checkUser(userId);
+ Context.getStatisticsManager().registerRequest(userId);
+ securityContext = new UserSecurityContext(new UserPrincipal(userId));
+ }
- Long userId = (Long) request.getSession().getAttribute(SessionResource.USER_ID_KEY);
- if (userId != null) {
- Context.getStatisticsManager().registerRequest(userId);
- securityContext = new UserSecurityContext(new UserPrincipal(userId));
}
+ } catch (SecurityException e) {
+ Log.warning(e);
}
if (securityContext != null) {
diff --git a/src/org/traccar/api/resource/DeviceResource.java b/src/org/traccar/api/resource/DeviceResource.java
index f20ed86ad..0b389ede1 100644
--- a/src/org/traccar/api/resource/DeviceResource.java
+++ b/src/org/traccar/api/resource/DeviceResource.java
@@ -58,6 +58,13 @@ public class DeviceResource extends BaseResource {
@POST
public Response add(Device entity) throws SQLException {
Context.getPermissionsManager().checkReadonly(getUserId());
+ int deviceLimit = Context.getPermissionsManager().getUser(getUserId()).getDeviceLimit();
+ if (deviceLimit != 0) {
+ int deviceCount = Context.getPermissionsManager().getDevicePermissions(getUserId()).size();
+ if (deviceCount >= deviceLimit) {
+ throw new SecurityException("User device limit reached");
+ }
+ }
Context.getDeviceManager().addDevice(entity);
Context.getDataManager().linkDevice(getUserId(), entity.getId());
Context.getPermissionsManager().refreshPermissions();
diff --git a/src/org/traccar/api/resource/SessionResource.java b/src/org/traccar/api/resource/SessionResource.java
index 2847e41c1..996865c4b 100644
--- a/src/org/traccar/api/resource/SessionResource.java
+++ b/src/org/traccar/api/resource/SessionResource.java
@@ -29,6 +29,7 @@ import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@@ -48,7 +49,7 @@ public class SessionResource extends BaseResource {
@PermitAll
@GET
- public User get() throws SQLException {
+ public User get(@QueryParam("token") String token) throws SQLException {
Long userId = (Long) request.getSession().getAttribute(USER_ID_KEY);
if (userId == null) {
Cookie[] cookies = request.getCookies();
@@ -64,7 +65,13 @@ public class SessionResource extends BaseResource {
}
}
if (email != null && password != null) {
- User user = Context.getDataManager().login(email, password);
+ User user = Context.getPermissionsManager().login(email, password);
+ if (user != null) {
+ userId = user.getId();
+ request.getSession().setAttribute(USER_ID_KEY, userId);
+ }
+ } else if (token != null) {
+ User user = Context.getPermissionsManager().getUserByToken(token);
if (user != null) {
userId = user.getId();
request.getSession().setAttribute(USER_ID_KEY, userId);
@@ -73,6 +80,7 @@ public class SessionResource extends BaseResource {
}
if (userId != null) {
+ Context.getPermissionsManager().checkUser(userId);
return Context.getPermissionsManager().getUser(userId);
} else {
throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).build());
diff --git a/src/org/traccar/api/resource/UserResource.java b/src/org/traccar/api/resource/UserResource.java
index f0a8597cc..2ff1639f6 100644
--- a/src/org/traccar/api/resource/UserResource.java
+++ b/src/org/traccar/api/resource/UserResource.java
@@ -60,13 +60,18 @@ public class UserResource extends BaseResource {
@Path("{id}")
@PUT
public Response update(@PathParam("id") long id, User entity) throws SQLException {
- if (entity.getAdmin()) {
+ User old = Context.getPermissionsManager().getUser(entity.getId());
+ if (old.getExpirationTime() == null && entity.getExpirationTime() != null
+ || old.getExpirationTime() != null && !old.getExpirationTime().equals(entity.getExpirationTime())
+ || old.getAdmin() != entity.getAdmin()
+ || old.getReadonly() != entity.getReadonly()
+ || old.getDisabled() != entity.getDisabled()
+ || old.getDeviceLimit() != entity.getDeviceLimit()
+ || old.getToken() == null && entity.getToken() != null
+ || old.getToken() != null && !old.getToken().equals(entity.getToken())) {
Context.getPermissionsManager().checkAdmin(getUserId());
} else {
Context.getPermissionsManager().checkUser(getUserId(), entity.getId());
- if (!entity.getReadonly()) {
- Context.getPermissionsManager().checkReadonly(entity.getId());
- }
}
Context.getPermissionsManager().updateUser(entity);
if (Context.getNotificationManager() != null) {
diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java
index b0ae504d0..71633f6ef 100644
--- a/src/org/traccar/database/PermissionsManager.java
+++ b/src/org/traccar/database/PermissionsManager.java
@@ -39,6 +39,7 @@ public class PermissionsManager {
private volatile Server server;
private final Map<Long, User> users = new ConcurrentHashMap<>();
+ private final Map<String, Long> usersTokens = new HashMap<>();
private final Map<Long, Set<Long>> groupPermissions = new HashMap<>();
private final Map<Long, Set<Long>> devicePermissions = new HashMap<>();
@@ -81,10 +82,14 @@ public class PermissionsManager {
public final void refreshUsers() {
users.clear();
+ usersTokens.clear();
try {
server = dataManager.getServer();
for (User user : dataManager.getUsers()) {
users.put(user.getId(), user);
+ if (user.getToken() != null) {
+ usersTokens.put(user.getToken(), user.getId());
+ }
}
} catch (SQLException error) {
Log.warning(error);
@@ -146,7 +151,17 @@ public class PermissionsManager {
public void checkReadonly(long userId) throws SecurityException {
if (!isAdmin(userId) && (server.getReadonly() || isReadonly(userId))) {
- throw new SecurityException("User is readonly");
+ throw new SecurityException("Account is readonly");
+ }
+ }
+
+ public void checkUser(long userId) throws SecurityException {
+ User user = getUser(userId);
+ if (user.getDisabled()) {
+ throw new SecurityException("Account is disabled");
+ }
+ if (user.getExpirationTime() != null && System.currentTimeMillis() > user.getExpirationTime().getTime()) {
+ throw new SecurityException("Account has expired");
}
}
@@ -200,28 +215,43 @@ public class PermissionsManager {
public void addUser(User user) throws SQLException {
dataManager.addUser(user);
users.put(user.getId(), user);
+ if (user.getToken() != null) {
+ usersTokens.put(user.getToken(), user.getId());
+ }
refreshPermissions();
}
public void updateUser(User user) throws SQLException {
dataManager.updateUser(user);
+ User old = users.get(user.getId());
users.put(user.getId(), user);
+ if (user.getToken() != null) {
+ usersTokens.put(user.getToken(), user.getId());
+ }
+ if (old.getToken() != null && !old.getToken().equals(user.getToken())) {
+ usersTokens.remove(old.getToken());
+ }
refreshPermissions();
}
public void removeUser(long userId) throws SQLException {
dataManager.removeUser(userId);
+ usersTokens.remove(users.get(userId).getToken());
users.remove(userId);
refreshPermissions();
}
public User login(String email, String password) throws SQLException {
User user = dataManager.login(email, password);
- if (user != null && users.get(user.getId()) != null) {
+ if (user != null) {
+ checkUser(user.getId());
return users.get(user.getId());
- } else {
- return null;
}
+ return null;
+ }
+
+ public User getUserByToken(String token) {
+ return users.get(usersTokens.get(token));
}
}
diff --git a/src/org/traccar/model/User.java b/src/org/traccar/model/User.java
index aa0b33713..411b556fc 100644
--- a/src/org/traccar/model/User.java
+++ b/src/org/traccar/model/User.java
@@ -18,6 +18,8 @@ package org.traccar.model;
import com.fasterxml.jackson.annotation.JsonIgnore;
import org.traccar.helper.Hashing;
+import java.util.Date;
+
public class User extends Extensible {
private String name;
@@ -140,6 +142,61 @@ public class User extends Extensible {
this.coordinateFormat = coordinateFormat;
}
+ private boolean disabled;
+
+ public boolean getDisabled() {
+ return disabled;
+ }
+
+ public void setDisabled(boolean disabled) {
+ this.disabled = disabled;
+ }
+
+ private Date expirationTime;
+
+ public Date getExpirationTime() {
+ if (expirationTime != null) {
+ return new Date(expirationTime.getTime());
+ } else {
+ return null;
+ }
+ }
+
+ public void setExpirationTime(Date expirationTime) {
+ if (expirationTime != null) {
+ this.expirationTime = new Date(expirationTime.getTime());
+ } else {
+ this.expirationTime = null;
+ }
+ }
+
+ private int deviceLimit;
+
+ public int getDeviceLimit() {
+ return deviceLimit;
+ }
+
+ public void setDeviceLimit(int deviceLimit) {
+ this.deviceLimit = deviceLimit;
+ }
+
+ private String token;
+
+ public String getToken() {
+ return token;
+ }
+
+ public void setToken(String token) {
+ if (token != null) {
+ if (!token.matches("^[a-zA-Z0-9]{16,}$")) {
+ throw new IllegalArgumentException("Illegal token");
+ }
+ this.token = token;
+ } else {
+ this.token = null;
+ }
+ }
+
public String getPassword() {
return null;
}
diff --git a/src/org/traccar/protocol/AutoGradeProtocolDecoder.java b/src/org/traccar/protocol/AutoGradeProtocolDecoder.java
index d520c282c..d8fe8b1a2 100644
--- a/src/org/traccar/protocol/AutoGradeProtocolDecoder.java
+++ b/src/org/traccar/protocol/AutoGradeProtocolDecoder.java
@@ -18,6 +18,7 @@ package org.traccar.protocol;
import org.jboss.netty.channel.Channel;
import org.traccar.BaseProtocolDecoder;
import org.traccar.DeviceSession;
+import org.traccar.helper.BitUtil;
import org.traccar.helper.DateBuilder;
import org.traccar.helper.Parser;
import org.traccar.helper.PatternBuilder;
@@ -43,7 +44,7 @@ public class AutoGradeProtocolDecoder extends BaseProtocolDecoder {
.number("([d.]{5})") // speed
.number("(dd)(dd)(dd)") // time
.number("([d.]{6})") // course
- .expression(".") // status
+ .expression("(.)") // status
.number("A(xxxx)")
.number("B(xxxx)")
.number("C(xxxx)")
@@ -88,6 +89,10 @@ public class AutoGradeProtocolDecoder extends BaseProtocolDecoder {
position.setCourse(parser.nextDouble());
+ int status = (byte) parser.next().charAt(0);
+ position.set(Position.KEY_STATUS, status);
+ position.set(Position.KEY_IGNITION, BitUtil.check(status, 0));
+
for (int i = 1; i <= 5; i++) {
position.set(Position.PREFIX_ADC + i, parser.next());
}
diff --git a/src/org/traccar/protocol/UproProtocolDecoder.java b/src/org/traccar/protocol/UproProtocolDecoder.java
index c6f400cae..24a0f5dcd 100644
--- a/src/org/traccar/protocol/UproProtocolDecoder.java
+++ b/src/org/traccar/protocol/UproProtocolDecoder.java
@@ -127,7 +127,7 @@ public class UproProtocolDecoder extends BaseProtocolDecoder {
odometer <<= 4;
odometer += data[i].charAt(j) - '0';
}
- position.set(Position.KEY_ODOMETER, odometer);
+ position.set(Position.KEY_ODOMETER, odometer * 2 * 1852 / 3600);
break;
case 'P':
position.set(Position.KEY_MCC, Integer.parseInt(data[i].substring(1, 5)));
diff --git a/test/org/traccar/protocol/MeiligaoProtocolDecoderTest.java b/test/org/traccar/protocol/MeiligaoProtocolDecoderTest.java
index 94f91e825..10fa3f971 100644
--- a/test/org/traccar/protocol/MeiligaoProtocolDecoderTest.java
+++ b/test/org/traccar/protocol/MeiligaoProtocolDecoderTest.java
@@ -11,6 +11,9 @@ public class MeiligaoProtocolDecoderTest extends ProtocolTest {
MeiligaoProtocolDecoder decoder = new MeiligaoProtocolDecoder(new MeiligaoProtocol());
verifyPosition(decoder, binary(
+ "242400706573402852404799553130313932372e3030302c412c313732362e38323739332c4e2c30373832382e31393637312c452c312e382c362e342c3137313131362c2c2a32427c312e36387c3534342e327c313030307c303030302c303030307c3030303032383638373a1a0d0a"));
+
+ verifyPosition(decoder, binary(
"2424007d0000000000000099553231303333302e3030302c562c343533342e333832342c532c30373230332e303630302c572c302e30302c302c3231313031362c2c2a31327c302e307c3332397c323030307c303030452c303030437c303244413030303145413634393541417c31307c30303030303030306e540d0a"));
verifyAttributes(decoder, binary(
diff --git a/test/org/traccar/protocol/Tk103ProtocolDecoderTest.java b/test/org/traccar/protocol/Tk103ProtocolDecoderTest.java
index ba820f2f6..4c6f0e004 100644
--- a/test/org/traccar/protocol/Tk103ProtocolDecoderTest.java
+++ b/test/org/traccar/protocol/Tk103ProtocolDecoderTest.java
@@ -10,6 +10,12 @@ public class Tk103ProtocolDecoderTest extends ProtocolTest {
Tk103ProtocolDecoder decoder = new Tk103ProtocolDecoder(new Tk103Protocol());
+ verifyNothing(decoder, text(
+ "(027028258309BQ86,0,05550c21b10d1d0f431008bd114c0ea5078400010007a100423932,161117005322,01000001)"));
+
+ verifyNothing(decoder, text(
+ "(027028258309BQ86,0,05470c0eb20d040f4410022911360e92077e00010007a1004237c7,161117005232,01000001)"));
+
verifyPosition(decoder, text(
"(01602009983BR00160830V1855.7022S4817.8731W000.0002729000.0010000000L00000000)"));