aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/org/traccar/api/security
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/org/traccar/api/security')
-rw-r--r--src/main/java/org/traccar/api/security/LoginService.java7
-rw-r--r--src/main/java/org/traccar/api/security/PermissionsService.java4
2 files changed, 6 insertions, 5 deletions
diff --git a/src/main/java/org/traccar/api/security/LoginService.java b/src/main/java/org/traccar/api/security/LoginService.java
index 32487f06b..88bafcfb5 100644
--- a/src/main/java/org/traccar/api/security/LoginService.java
+++ b/src/main/java/org/traccar/api/security/LoginService.java
@@ -58,7 +58,7 @@ public class LoginService {
}
long userId = tokenManager.verifyToken(token);
User user = storage.getObject(User.class, new Request(
- new Columns.All(), new Condition.Equals("id", "id", userId)));
+ new Columns.All(), new Condition.Equals("id", userId)));
if (user != null) {
checkUserEnabled(user);
}
@@ -66,11 +66,12 @@ public class LoginService {
}
public User login(String email, String password) throws StorageException {
+ email = email.trim();
User user = storage.getObject(User.class, new Request(
new Columns.All(),
new Condition.Or(
- new Condition.Equals("email", "email", email.trim()),
- new Condition.Equals("login", "email"))));
+ new Condition.Equals("email", email),
+ new Condition.Equals("login", email))));
if (user != null) {
if (ldapProvider != null && user.getLogin() != null && ldapProvider.login(user.getLogin(), password)
|| !forceLdap && user.isPasswordValid(password)) {
diff --git a/src/main/java/org/traccar/api/security/PermissionsService.java b/src/main/java/org/traccar/api/security/PermissionsService.java
index ddfaaab94..0d4877fdb 100644
--- a/src/main/java/org/traccar/api/security/PermissionsService.java
+++ b/src/main/java/org/traccar/api/security/PermissionsService.java
@@ -62,7 +62,7 @@ public class PermissionsService {
user = new ServiceAccountUser();
} else {
user = storage.getObject(
- User.class, new Request(new Columns.All(), new Condition.Equals("id", "id", userId)));
+ User.class, new Request(new Columns.All(), new Condition.Equals("id", userId)));
}
}
return user;
@@ -187,7 +187,7 @@ public class PermissionsService {
var object = storage.getObject(clazz, new Request(
new Columns.Include("id"),
new Condition.And(
- new Condition.Equals("id", "id", objectId),
+ new Condition.Equals("id", objectId),
new Condition.Permission(
User.class, userId, clazz.equals(User.class) ? ManagedUser.class : clazz))));
if (object == null) {