aboutsummaryrefslogtreecommitdiff
path: root/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'src/main')
-rw-r--r--src/main/java/org/traccar/api/resource/UserResource.java15
-rw-r--r--src/main/java/org/traccar/api/security/SecurityRequestFilter.java9
2 files changed, 21 insertions, 3 deletions
diff --git a/src/main/java/org/traccar/api/resource/UserResource.java b/src/main/java/org/traccar/api/resource/UserResource.java
index cbee3bd4a..587be014b 100644
--- a/src/main/java/org/traccar/api/resource/UserResource.java
+++ b/src/main/java/org/traccar/api/resource/UserResource.java
@@ -15,6 +15,10 @@
*/
package org.traccar.api.resource;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.ws.rs.DELETE;
+import jakarta.ws.rs.PathParam;
+import jakarta.ws.rs.core.Context;
import org.traccar.api.BaseObjectResource;
import org.traccar.config.Config;
import org.traccar.helper.LogAction;
@@ -47,6 +51,9 @@ public class UserResource extends BaseObjectResource<User> {
@Inject
private Config config;
+ @Context
+ private HttpServletRequest request;
+
public UserResource() {
super(User.class);
}
@@ -111,4 +118,12 @@ public class UserResource extends BaseObjectResource<User> {
return Response.ok(entity).build();
}
+ @Path("{id}")
+ @DELETE
+ public Response remove(@PathParam("id") long id) throws StorageException {
+ Response response = super.remove(id);
+ request.getSession().removeAttribute(SessionResource.USER_ID_KEY);
+ return response;
+ }
+
}
diff --git a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
index a34361854..ee964c9e4 100644
--- a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
+++ b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
@@ -101,9 +101,12 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
Long userId = (Long) request.getSession().getAttribute(SessionResource.USER_ID_KEY);
if (userId != null) {
- injector.getInstance(PermissionsService.class).getUser(userId).checkDisabled();
- statisticsManager.registerRequest(userId);
- securityContext = new UserSecurityContext(new UserPrincipal(userId));
+ User user = injector.getInstance(PermissionsService.class).getUser(userId);
+ if (user != null) {
+ user.checkDisabled();
+ statisticsManager.registerRequest(userId);
+ securityContext = new UserSecurityContext(new UserPrincipal(userId));
+ }
}
}