aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/org/traccar/api
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/org/traccar/api')
-rw-r--r--src/main/java/org/traccar/api/BaseObjectResource.java11
-rw-r--r--src/main/java/org/traccar/api/MediaFilter.java2
-rw-r--r--src/main/java/org/traccar/api/resource/CommandResource.java2
-rw-r--r--src/main/java/org/traccar/api/resource/DeviceResource.java8
-rw-r--r--src/main/java/org/traccar/api/resource/EventResource.java2
-rw-r--r--src/main/java/org/traccar/api/resource/PasswordResource.java7
-rw-r--r--src/main/java/org/traccar/api/resource/PositionResource.java2
-rw-r--r--src/main/java/org/traccar/api/resource/ServerResource.java2
-rw-r--r--src/main/java/org/traccar/api/resource/SessionResource.java2
-rw-r--r--src/main/java/org/traccar/api/resource/UserResource.java3
-rw-r--r--src/main/java/org/traccar/api/security/LoginService.java7
-rw-r--r--src/main/java/org/traccar/api/security/PermissionsService.java4
12 files changed, 28 insertions, 24 deletions
diff --git a/src/main/java/org/traccar/api/BaseObjectResource.java b/src/main/java/org/traccar/api/BaseObjectResource.java
index 0ec2bfeaa..904781e54 100644
--- a/src/main/java/org/traccar/api/BaseObjectResource.java
+++ b/src/main/java/org/traccar/api/BaseObjectResource.java
@@ -56,7 +56,7 @@ public abstract class BaseObjectResource<T extends BaseModel> extends BaseResour
public Response getSingle(@PathParam("id") long id) throws StorageException {
permissionsService.checkPermission(baseClass, getUserId(), id);
T entity = storage.getObject(baseClass, new Request(
- new Columns.All(), new Condition.Equals("id", "id", id)));
+ new Columns.All(), new Condition.Equals("id", id)));
if (entity != null) {
return Response.ok(entity).build();
} else {
@@ -86,7 +86,7 @@ public abstract class BaseObjectResource<T extends BaseModel> extends BaseResour
if (entity instanceof User) {
User before = storage.getObject(User.class, new Request(
- new Columns.All(), new Condition.Equals("id", "id", entity.getId())));
+ new Columns.All(), new Condition.Equals("id", entity.getId())));
permissionsService.checkUserUpdate(getUserId(), before, (User) entity);
} else if (entity instanceof Group) {
Group group = (Group) entity;
@@ -97,12 +97,13 @@ public abstract class BaseObjectResource<T extends BaseModel> extends BaseResour
storage.updateObject(entity, new Request(
new Columns.Exclude("id"),
- new Condition.Equals("id", "id")));
+ new Condition.Equals("id", entity.getId())));
if (entity instanceof User) {
User user = (User) entity;
if (user.getHashedPassword() != null) {
storage.updateObject(entity, new Request(
- new Columns.Include("hashedPassword", "salt"), new Condition.Equals("id", "id")));
+ new Columns.Include("hashedPassword", "salt"),
+ new Condition.Equals("id", entity.getId())));
}
}
cacheManager.updateOrInvalidate(true, entity);
@@ -117,7 +118,7 @@ public abstract class BaseObjectResource<T extends BaseModel> extends BaseResour
permissionsService.checkEdit(getUserId(), baseClass, false);
permissionsService.checkPermission(baseClass, getUserId(), id);
- storage.removeObject(baseClass, new Request(new Condition.Equals("id", "id", id)));
+ storage.removeObject(baseClass, new Request(new Condition.Equals("id", id)));
cacheManager.invalidate(baseClass, id);
LogAction.remove(getUserId(), baseClass, id);
diff --git a/src/main/java/org/traccar/api/MediaFilter.java b/src/main/java/org/traccar/api/MediaFilter.java
index 6d95c66a8..ab75bdc5d 100644
--- a/src/main/java/org/traccar/api/MediaFilter.java
+++ b/src/main/java/org/traccar/api/MediaFilter.java
@@ -84,7 +84,7 @@ public class MediaFilter implements Filter {
String[] parts = path != null ? path.split("/") : null;
if (parts != null && parts.length >= 2) {
Device device = storage.getObject(Device.class, new Request(
- new Columns.All(), new Condition.Equals("uniqueId", "uniqueId", parts[1])));
+ new Columns.All(), new Condition.Equals("uniqueId", parts[1])));
if (device != null) {
permissionsServiceProvider.get().checkPermission(Device.class, userId, device.getId());
chain.doFilter(request, response);
diff --git a/src/main/java/org/traccar/api/resource/CommandResource.java b/src/main/java/org/traccar/api/resource/CommandResource.java
index 92804e725..80b9fd18f 100644
--- a/src/main/java/org/traccar/api/resource/CommandResource.java
+++ b/src/main/java/org/traccar/api/resource/CommandResource.java
@@ -110,7 +110,7 @@ public class CommandResource extends ExtendedObjectResource<Command> {
permissionsService.checkPermission(Command.class, getUserId(), entity.getId());
long deviceId = entity.getDeviceId();
entity = storage.getObject(baseClass, new Request(
- new Columns.All(), new Condition.Equals("id", "id", entity.getId())));
+ new Columns.All(), new Condition.Equals("id", entity.getId())));
entity.setDeviceId(deviceId);
} else {
permissionsService.checkRestriction(getUserId(), UserRestrictions::getLimitCommands);
diff --git a/src/main/java/org/traccar/api/resource/DeviceResource.java b/src/main/java/org/traccar/api/resource/DeviceResource.java
index 1d9bc20ec..c0b0cea0d 100644
--- a/src/main/java/org/traccar/api/resource/DeviceResource.java
+++ b/src/main/java/org/traccar/api/resource/DeviceResource.java
@@ -84,14 +84,14 @@ public class DeviceResource extends BaseObjectResource<Device> {
result.addAll(storage.getObjects(Device.class, new Request(
new Columns.All(),
new Condition.And(
- new Condition.Equals("uniqueId", "uniqueId", uniqueId),
+ new Condition.Equals("uniqueId", uniqueId),
new Condition.Permission(User.class, getUserId(), Device.class)))));
}
for (Long deviceId : deviceIds) {
result.addAll(storage.getObjects(Device.class, new Request(
new Columns.All(),
new Condition.And(
- new Condition.Equals("id", "id", deviceId),
+ new Condition.Equals("id", deviceId),
new Condition.Permission(User.class, getUserId(), Device.class)))));
}
return result;
@@ -142,7 +142,7 @@ public class DeviceResource extends BaseObjectResource<Device> {
device.setPositionId(position.getId());
storage.updateObject(device, new Request(
new Columns.Include("positionId"),
- new Condition.Equals("id", "id")));
+ new Condition.Equals("id", device.getId())));
try {
cacheManager.addDevice(position.getDeviceId());
@@ -169,7 +169,7 @@ public class DeviceResource extends BaseObjectResource<Device> {
Device device = storage.getObject(Device.class, new Request(
new Columns.All(),
new Condition.And(
- new Condition.Equals("id", "id", deviceId),
+ new Condition.Equals("id", deviceId),
new Condition.Permission(User.class, getUserId(), Device.class))));
if (device != null) {
String name = "device";
diff --git a/src/main/java/org/traccar/api/resource/EventResource.java b/src/main/java/org/traccar/api/resource/EventResource.java
index 3870e9af9..afdaf52b5 100644
--- a/src/main/java/org/traccar/api/resource/EventResource.java
+++ b/src/main/java/org/traccar/api/resource/EventResource.java
@@ -41,7 +41,7 @@ public class EventResource extends BaseResource {
@GET
public Event get(@PathParam("id") long id) throws StorageException {
Event event = storage.getObject(Event.class, new Request(
- new Columns.All(), new Condition.Equals("id", "id", id)));
+ new Columns.All(), new Condition.Equals("id", id)));
if (event == null) {
throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND).build());
}
diff --git a/src/main/java/org/traccar/api/resource/PasswordResource.java b/src/main/java/org/traccar/api/resource/PasswordResource.java
index 625ff4cb1..ebf4e3b91 100644
--- a/src/main/java/org/traccar/api/resource/PasswordResource.java
+++ b/src/main/java/org/traccar/api/resource/PasswordResource.java
@@ -59,7 +59,7 @@ public class PasswordResource extends BaseResource {
throws StorageException, MessagingException, GeneralSecurityException, IOException {
User user = storage.getObject(User.class, new Request(
- new Columns.All(), new Condition.Equals("email", "email", email)));
+ new Columns.All(), new Condition.Equals("email", email)));
if (user != null) {
var velocityContext = textTemplateFormatter.prepareContext(permissionsService.getServer(), user);
velocityContext.put("token", tokenManager.generateToken(user.getId()));
@@ -78,11 +78,12 @@ public class PasswordResource extends BaseResource {
long userId = tokenManager.verifyToken(token);
User user = storage.getObject(User.class, new Request(
- new Columns.All(), new Condition.Equals("id", "id", userId)));
+ new Columns.All(), new Condition.Equals("id", userId)));
if (user != null) {
user.setPassword(password);
storage.updateObject(user, new Request(
- new Columns.Include("hashedPassword", "salt"), new Condition.Equals("id", "id")));
+ new Columns.Include("hashedPassword", "salt"),
+ new Condition.Equals("id", userId)));
return Response.ok().build();
}
return Response.status(Response.Status.NOT_FOUND).build();
diff --git a/src/main/java/org/traccar/api/resource/PositionResource.java b/src/main/java/org/traccar/api/resource/PositionResource.java
index 7d7921085..042dd1e23 100644
--- a/src/main/java/org/traccar/api/resource/PositionResource.java
+++ b/src/main/java/org/traccar/api/resource/PositionResource.java
@@ -67,7 +67,7 @@ public class PositionResource extends BaseResource {
var positions = new ArrayList<Position>();
for (long positionId : positionIds) {
Position position = storage.getObject(Position.class, new Request(
- new Columns.All(), new Condition.Equals("id", "id", positionId)));
+ new Columns.All(), new Condition.Equals("id", positionId)));
permissionsService.checkPermission(Device.class, getUserId(), position.getDeviceId());
positions.add(position);
}
diff --git a/src/main/java/org/traccar/api/resource/ServerResource.java b/src/main/java/org/traccar/api/resource/ServerResource.java
index e35cd7d95..e7f0b93ca 100644
--- a/src/main/java/org/traccar/api/resource/ServerResource.java
+++ b/src/main/java/org/traccar/api/resource/ServerResource.java
@@ -76,7 +76,7 @@ public class ServerResource extends BaseResource {
permissionsService.checkAdmin(getUserId());
storage.updateObject(entity, new Request(
new Columns.Exclude("id"),
- new Condition.Equals("id", "id")));
+ new Condition.Equals("id", entity.getId())));
cacheManager.updateOrInvalidate(true, entity);
LogAction.edit(getUserId(), entity);
return Response.ok(entity).build();
diff --git a/src/main/java/org/traccar/api/resource/SessionResource.java b/src/main/java/org/traccar/api/resource/SessionResource.java
index 05f492d73..1e984fbd0 100644
--- a/src/main/java/org/traccar/api/resource/SessionResource.java
+++ b/src/main/java/org/traccar/api/resource/SessionResource.java
@@ -122,7 +122,7 @@ public class SessionResource extends BaseResource {
public User get(@PathParam("id") long userId) throws StorageException {
permissionsService.checkAdmin(getUserId());
User user = storage.getObject(User.class, new Request(
- new Columns.All(), new Condition.Equals("id", "id", userId)));
+ new Columns.All(), new Condition.Equals("id", userId)));
request.getSession().setAttribute(USER_ID_KEY, user.getId());
LogAction.login(user.getId(), ServletHelper.retrieveRemoteAddress(request));
return user;
diff --git a/src/main/java/org/traccar/api/resource/UserResource.java b/src/main/java/org/traccar/api/resource/UserResource.java
index dd71de4c6..91875ef51 100644
--- a/src/main/java/org/traccar/api/resource/UserResource.java
+++ b/src/main/java/org/traccar/api/resource/UserResource.java
@@ -100,7 +100,8 @@ public class UserResource extends BaseObjectResource<User> {
entity.setId(storage.addObject(entity, new Request(new Columns.Exclude("id"))));
storage.updateObject(entity, new Request(
- new Columns.Include("hashedPassword", "salt"), new Condition.Equals("id", "id")));
+ new Columns.Include("hashedPassword", "salt"),
+ new Condition.Equals("id", entity.getId())));
LogAction.create(getUserId(), entity);
diff --git a/src/main/java/org/traccar/api/security/LoginService.java b/src/main/java/org/traccar/api/security/LoginService.java
index 32487f06b..88bafcfb5 100644
--- a/src/main/java/org/traccar/api/security/LoginService.java
+++ b/src/main/java/org/traccar/api/security/LoginService.java
@@ -58,7 +58,7 @@ public class LoginService {
}
long userId = tokenManager.verifyToken(token);
User user = storage.getObject(User.class, new Request(
- new Columns.All(), new Condition.Equals("id", "id", userId)));
+ new Columns.All(), new Condition.Equals("id", userId)));
if (user != null) {
checkUserEnabled(user);
}
@@ -66,11 +66,12 @@ public class LoginService {
}
public User login(String email, String password) throws StorageException {
+ email = email.trim();
User user = storage.getObject(User.class, new Request(
new Columns.All(),
new Condition.Or(
- new Condition.Equals("email", "email", email.trim()),
- new Condition.Equals("login", "email"))));
+ new Condition.Equals("email", email),
+ new Condition.Equals("login", email))));
if (user != null) {
if (ldapProvider != null && user.getLogin() != null && ldapProvider.login(user.getLogin(), password)
|| !forceLdap && user.isPasswordValid(password)) {
diff --git a/src/main/java/org/traccar/api/security/PermissionsService.java b/src/main/java/org/traccar/api/security/PermissionsService.java
index ddfaaab94..0d4877fdb 100644
--- a/src/main/java/org/traccar/api/security/PermissionsService.java
+++ b/src/main/java/org/traccar/api/security/PermissionsService.java
@@ -62,7 +62,7 @@ public class PermissionsService {
user = new ServiceAccountUser();
} else {
user = storage.getObject(
- User.class, new Request(new Columns.All(), new Condition.Equals("id", "id", userId)));
+ User.class, new Request(new Columns.All(), new Condition.Equals("id", userId)));
}
}
return user;
@@ -187,7 +187,7 @@ public class PermissionsService {
var object = storage.getObject(clazz, new Request(
new Columns.Include("id"),
new Condition.And(
- new Condition.Equals("id", "id", objectId),
+ new Condition.Equals("id", objectId),
new Condition.Permission(
User.class, userId, clazz.equals(User.class) ? ManagedUser.class : clazz))));
if (object == null) {