aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/org/traccar/api/BaseObjectResource.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/org/traccar/api/BaseObjectResource.java')
-rw-r--r--src/main/java/org/traccar/api/BaseObjectResource.java188
1 files changed, 65 insertions, 123 deletions
diff --git a/src/main/java/org/traccar/api/BaseObjectResource.java b/src/main/java/org/traccar/api/BaseObjectResource.java
index 22756f62a..2aaed2bb5 100644
--- a/src/main/java/org/traccar/api/BaseObjectResource.java
+++ b/src/main/java/org/traccar/api/BaseObjectResource.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2017 - 2020 Anton Tananaev (anton@traccar.org)
+ * Copyright 2017 - 2022 Anton Tananaev (anton@traccar.org)
* Copyright 2017 - 2018 Andrey Kunitsyn (andrey@traccar.org)
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -16,70 +16,48 @@
*/
package org.traccar.api;
-import java.sql.SQLException;
-import java.util.Set;
-
-import javax.ws.rs.DELETE;
-import javax.ws.rs.GET;
-import javax.ws.rs.POST;
-import javax.ws.rs.PUT;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.core.Response;
-
-import org.traccar.Context;
-import org.traccar.database.BaseObjectManager;
-import org.traccar.database.ExtendedObjectManager;
-import org.traccar.database.ManagableObjects;
-import org.traccar.database.SimpleObjectManager;
+import org.traccar.api.security.ServiceAccountUser;
import org.traccar.helper.LogAction;
import org.traccar.model.BaseModel;
-import org.traccar.model.Calendar;
-import org.traccar.model.Command;
-import org.traccar.model.Device;
import org.traccar.model.Group;
-import org.traccar.model.GroupedModel;
-import org.traccar.model.ScheduledModel;
+import org.traccar.model.Permission;
import org.traccar.model.User;
+import org.traccar.session.ConnectionManager;
+import org.traccar.session.cache.CacheManager;
import org.traccar.storage.StorageException;
+import org.traccar.storage.query.Columns;
+import org.traccar.storage.query.Condition;
+import org.traccar.storage.query.Request;
+
+import jakarta.inject.Inject;
+import jakarta.ws.rs.DELETE;
+import jakarta.ws.rs.GET;
+import jakarta.ws.rs.POST;
+import jakarta.ws.rs.PUT;
+import jakarta.ws.rs.Path;
+import jakarta.ws.rs.PathParam;
+import jakarta.ws.rs.core.Response;
public abstract class BaseObjectResource<T extends BaseModel> extends BaseResource {
- private final Class<T> baseClass;
+ @Inject
+ private CacheManager cacheManager;
- public BaseObjectResource(Class<T> baseClass) {
- this.baseClass = baseClass;
- }
+ @Inject
+ private ConnectionManager connectionManager;
- protected final Class<T> getBaseClass() {
- return baseClass;
- }
+ protected final Class<T> baseClass;
- protected final Set<Long> getSimpleManagerItems(BaseObjectManager<T> manager, boolean all, long userId) {
- Set<Long> result;
- if (all) {
- if (Context.getPermissionsManager().getUserAdmin(getUserId())) {
- result = manager.getAllItems();
- } else {
- Context.getPermissionsManager().checkManager(getUserId());
- result = ((ManagableObjects) manager).getManagedItems(getUserId());
- }
- } else {
- if (userId == 0) {
- userId = getUserId();
- }
- Context.getPermissionsManager().checkUser(getUserId(), userId);
- result = ((ManagableObjects) manager).getUserItems(userId);
- }
- return result;
+ public BaseObjectResource(Class<T> baseClass) {
+ this.baseClass = baseClass;
}
@Path("{id}")
@GET
- public Response getSingle(@PathParam("id") long id) throws SQLException {
- Context.getPermissionsManager().checkPermission(baseClass, getUserId(), id);
- BaseObjectManager<T> manager = Context.getManager(baseClass);
- T entity = manager.getById(id);
+ public Response getSingle(@PathParam("id") long id) throws StorageException {
+ permissionsService.checkPermission(baseClass, getUserId(), id);
+ T entity = storage.getObject(baseClass, new Request(
+ new Columns.All(), new Condition.Equals("id", id)));
if (entity != null) {
return Response.ok(entity).build();
} else {
@@ -89,102 +67,66 @@ public abstract class BaseObjectResource<T extends BaseModel> extends BaseResour
@POST
public Response add(T entity) throws StorageException {
- Context.getPermissionsManager().checkReadonly(getUserId());
- if (baseClass.equals(Device.class)) {
- Context.getPermissionsManager().checkDeviceReadonly(getUserId());
- Context.getPermissionsManager().checkDeviceLimit(getUserId());
- } else if (baseClass.equals(Command.class)) {
- Context.getPermissionsManager().checkLimitCommands(getUserId());
- } else if (entity instanceof GroupedModel && ((GroupedModel) entity).getGroupId() != 0) {
- Context.getPermissionsManager().checkPermission(
- Group.class, getUserId(), ((GroupedModel) entity).getGroupId());
- } else if (entity instanceof ScheduledModel && ((ScheduledModel) entity).getCalendarId() != 0) {
- Context.getPermissionsManager().checkPermission(
- Calendar.class, getUserId(), ((ScheduledModel) entity).getCalendarId());
- }
+ permissionsService.checkEdit(getUserId(), entity, true);
- BaseObjectManager<T> manager = Context.getManager(baseClass);
- manager.addItem(entity);
+ entity.setId(storage.addObject(entity, new Request(new Columns.Exclude("id"))));
LogAction.create(getUserId(), entity);
- Context.getDataManager().linkObject(User.class, getUserId(), baseClass, entity.getId(), true);
- LogAction.link(getUserId(), User.class, getUserId(), baseClass, entity.getId());
-
- if (manager instanceof SimpleObjectManager) {
- ((SimpleObjectManager<T>) manager).refreshUserItems();
- } else if (baseClass.equals(Group.class) || baseClass.equals(Device.class)) {
- Context.getPermissionsManager().refreshDeviceAndGroupPermissions();
- Context.getPermissionsManager().refreshAllExtendedPermissions();
+ if (getUserId() != ServiceAccountUser.ID) {
+ storage.addPermission(new Permission(User.class, getUserId(), baseClass, entity.getId()));
+ cacheManager.invalidatePermission(true, User.class, getUserId(), baseClass, entity.getId());
+ connectionManager.invalidatePermission(true, User.class, getUserId(), baseClass, entity.getId());
+ LogAction.link(getUserId(), User.class, getUserId(), baseClass, entity.getId());
}
+
return Response.ok(entity).build();
}
@Path("{id}")
@PUT
public Response update(T entity) throws StorageException {
- Context.getPermissionsManager().checkReadonly(getUserId());
- if (baseClass.equals(Device.class)) {
- Context.getPermissionsManager().checkDeviceReadonly(getUserId());
- } else if (baseClass.equals(User.class)) {
- User before = Context.getPermissionsManager().getUser(entity.getId());
- Context.getPermissionsManager().checkUserUpdate(getUserId(), before, (User) entity);
- } else if (baseClass.equals(Command.class)) {
- Context.getPermissionsManager().checkLimitCommands(getUserId());
- } else if (entity instanceof GroupedModel && ((GroupedModel) entity).getGroupId() != 0) {
- Context.getPermissionsManager().checkPermission(
- Group.class, getUserId(), ((GroupedModel) entity).getGroupId());
- } else if (entity instanceof ScheduledModel && ((ScheduledModel) entity).getCalendarId() != 0) {
- Context.getPermissionsManager().checkPermission(
- Calendar.class, getUserId(), ((ScheduledModel) entity).getCalendarId());
+ permissionsService.checkEdit(getUserId(), entity, false);
+ permissionsService.checkPermission(baseClass, getUserId(), entity.getId());
+
+ if (entity instanceof User) {
+ User before = storage.getObject(User.class, new Request(
+ new Columns.All(), new Condition.Equals("id", entity.getId())));
+ permissionsService.checkUserUpdate(getUserId(), before, (User) entity);
+ } else if (entity instanceof Group) {
+ Group group = (Group) entity;
+ if (group.getId() == group.getGroupId()) {
+ throw new IllegalArgumentException("Cycle in group hierarchy");
+ }
}
- Context.getPermissionsManager().checkPermission(baseClass, getUserId(), entity.getId());
- Context.getManager(baseClass).updateItem(entity);
+ storage.updateObject(entity, new Request(
+ new Columns.Exclude("id"),
+ new Condition.Equals("id", entity.getId())));
+ if (entity instanceof User) {
+ User user = (User) entity;
+ if (user.getHashedPassword() != null) {
+ storage.updateObject(entity, new Request(
+ new Columns.Include("hashedPassword", "salt"),
+ new Condition.Equals("id", entity.getId())));
+ }
+ }
+ cacheManager.updateOrInvalidate(true, entity);
LogAction.edit(getUserId(), entity);
- if (baseClass.equals(Group.class) || baseClass.equals(Device.class)) {
- Context.getPermissionsManager().refreshDeviceAndGroupPermissions();
- Context.getPermissionsManager().refreshAllExtendedPermissions();
- }
return Response.ok(entity).build();
}
@Path("{id}")
@DELETE
public Response remove(@PathParam("id") long id) throws StorageException {
- Context.getPermissionsManager().checkReadonly(getUserId());
- if (baseClass.equals(Device.class)) {
- Context.getPermissionsManager().checkDeviceReadonly(getUserId());
- } else if (baseClass.equals(Command.class)) {
- Context.getPermissionsManager().checkLimitCommands(getUserId());
- }
- Context.getPermissionsManager().checkPermission(baseClass, getUserId(), id);
+ permissionsService.checkEdit(getUserId(), baseClass, false);
+ permissionsService.checkPermission(baseClass, getUserId(), id);
+
+ storage.removeObject(baseClass, new Request(new Condition.Equals("id", id)));
+ cacheManager.invalidate(baseClass, id);
- BaseObjectManager<T> manager = Context.getManager(baseClass);
- manager.removeItem(id);
LogAction.remove(getUserId(), baseClass, id);
- if (manager instanceof SimpleObjectManager) {
- ((SimpleObjectManager<T>) manager).refreshUserItems();
- if (manager instanceof ExtendedObjectManager) {
- ((ExtendedObjectManager<T>) manager).refreshExtendedPermissions();
- }
- }
- if (baseClass.equals(Group.class) || baseClass.equals(Device.class) || baseClass.equals(User.class)) {
- if (baseClass.equals(Group.class)) {
- Context.getGroupsManager().refreshItems();
- Context.getDeviceManager().updateDeviceCache(true);
- }
- Context.getPermissionsManager().refreshDeviceAndGroupPermissions();
- if (baseClass.equals(User.class)) {
- Context.getPermissionsManager().refreshAllUsersPermissions();
- } else {
- Context.getPermissionsManager().refreshAllExtendedPermissions();
- }
- } else if (baseClass.equals(Calendar.class)) {
- Context.getGeofenceManager().refreshItems();
- Context.getNotificationManager().refreshItems();
- }
return Response.noContent().build();
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-17 11:59:22 +0000