diff options
Diffstat (limited to 'src/org/traccar/api/resource/UserResource.java')
| -rw-r--r-- | src/org/traccar/api/resource/UserResource.java | 38 |
1 files changed, 28 insertions, 10 deletions
diff --git a/src/org/traccar/api/resource/UserResource.java b/src/org/traccar/api/resource/UserResource.java index 678daac9b..dd59a11ee 100644 --- a/src/org/traccar/api/resource/UserResource.java +++ b/src/org/traccar/api/resource/UserResource.java @@ -1,5 +1,5 @@ /* - * Copyright 2015 - 2016 Anton Tananaev (anton@traccar.org) + * Copyright 2015 - 2017 Anton Tananaev (anton@traccar.org) * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -28,6 +28,7 @@ import javax.ws.rs.PUT; import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; +import javax.ws.rs.QueryParam; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import java.sql.SQLException; @@ -40,25 +41,42 @@ import java.util.Date; public class UserResource extends BaseResource { @GET - public Collection<User> get() throws SQLException { - Context.getPermissionsManager().checkAdmin(getUserId()); - return Context.getPermissionsManager().getUsers(); + public Collection<User> get(@QueryParam("userId") long userId) throws SQLException { + if (Context.getPermissionsManager().isAdmin(getUserId())) { + if (userId != 0) { + return Context.getPermissionsManager().getUsers(userId); + } else { + return Context.getPermissionsManager().getAllUsers(); + } + } else if (Context.getPermissionsManager().isManager(getUserId())) { + return Context.getPermissionsManager().getManagedUsers(getUserId()); + } else { + throw new SecurityException("Admin or manager access required"); + } } @PermitAll @POST public Response add(User entity) throws SQLException { if (!Context.getPermissionsManager().isAdmin(getUserId())) { - Context.getPermissionsManager().checkRegistration(getUserId()); Context.getPermissionsManager().checkUserUpdate(getUserId(), new User(), entity); - entity.setDeviceLimit(Context.getConfig().getInteger("users.defaultDeviceLimit")); - int expirationDays = Context.getConfig().getInteger("users.defaultExpirationDays"); - if (expirationDays > 0) { - entity.setExpirationTime( - new Date(System.currentTimeMillis() + (long) expirationDays * 24 * 3600 * 1000)); + if (Context.getPermissionsManager().isManager(getUserId())) { + Context.getPermissionsManager().checkUserLimit(getUserId()); + } else { + Context.getPermissionsManager().checkRegistration(getUserId()); + entity.setDeviceLimit(Context.getConfig().getInteger("users.defaultDeviceLimit")); + int expirationDays = Context.getConfig().getInteger("users.defaultExpirationDays"); + if (expirationDays > 0) { + entity.setExpirationTime( + new Date(System.currentTimeMillis() + (long) expirationDays * 24 * 3600 * 1000)); + } } } Context.getPermissionsManager().addUser(entity); + if (Context.getPermissionsManager().isManager(getUserId())) { + Context.getDataManager().linkUser(getUserId(), entity.getId()); + } + Context.getPermissionsManager().refreshUserPermissions(); if (Context.getNotificationManager() != null) { Context.getNotificationManager().refresh(); } |