aboutsummaryrefslogtreecommitdiff
path: root/src/org/traccar/api/resource/UserResource.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/org/traccar/api/resource/UserResource.java')
-rw-r--r--src/org/traccar/api/resource/UserResource.java38
1 files changed, 28 insertions, 10 deletions
diff --git a/src/org/traccar/api/resource/UserResource.java b/src/org/traccar/api/resource/UserResource.java
index 678daac9b..dd59a11ee 100644
--- a/src/org/traccar/api/resource/UserResource.java
+++ b/src/org/traccar/api/resource/UserResource.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2015 - 2016 Anton Tananaev (anton@traccar.org)
+ * Copyright 2015 - 2017 Anton Tananaev (anton@traccar.org)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -28,6 +28,7 @@ import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import java.sql.SQLException;
@@ -40,25 +41,42 @@ import java.util.Date;
public class UserResource extends BaseResource {
@GET
- public Collection<User> get() throws SQLException {
- Context.getPermissionsManager().checkAdmin(getUserId());
- return Context.getPermissionsManager().getUsers();
+ public Collection<User> get(@QueryParam("userId") long userId) throws SQLException {
+ if (Context.getPermissionsManager().isAdmin(getUserId())) {
+ if (userId != 0) {
+ return Context.getPermissionsManager().getUsers(userId);
+ } else {
+ return Context.getPermissionsManager().getAllUsers();
+ }
+ } else if (Context.getPermissionsManager().isManager(getUserId())) {
+ return Context.getPermissionsManager().getManagedUsers(getUserId());
+ } else {
+ throw new SecurityException("Admin or manager access required");
+ }
}
@PermitAll
@POST
public Response add(User entity) throws SQLException {
if (!Context.getPermissionsManager().isAdmin(getUserId())) {
- Context.getPermissionsManager().checkRegistration(getUserId());
Context.getPermissionsManager().checkUserUpdate(getUserId(), new User(), entity);
- entity.setDeviceLimit(Context.getConfig().getInteger("users.defaultDeviceLimit"));
- int expirationDays = Context.getConfig().getInteger("users.defaultExpirationDays");
- if (expirationDays > 0) {
- entity.setExpirationTime(
- new Date(System.currentTimeMillis() + (long) expirationDays * 24 * 3600 * 1000));
+ if (Context.getPermissionsManager().isManager(getUserId())) {
+ Context.getPermissionsManager().checkUserLimit(getUserId());
+ } else {
+ Context.getPermissionsManager().checkRegistration(getUserId());
+ entity.setDeviceLimit(Context.getConfig().getInteger("users.defaultDeviceLimit"));
+ int expirationDays = Context.getConfig().getInteger("users.defaultExpirationDays");
+ if (expirationDays > 0) {
+ entity.setExpirationTime(
+ new Date(System.currentTimeMillis() + (long) expirationDays * 24 * 3600 * 1000));
+ }
}
}
Context.getPermissionsManager().addUser(entity);
+ if (Context.getPermissionsManager().isManager(getUserId())) {
+ Context.getDataManager().linkUser(getUserId(), entity.getId());
+ }
+ Context.getPermissionsManager().refreshUserPermissions();
if (Context.getNotificationManager() != null) {
Context.getNotificationManager().refresh();
}