1 files changed, 10 insertions, 16 deletions

diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java
index 269dfc7bf..71633f6ef 100644
--- a/src/org/traccar/database/PermissionsManager.java
+++ b/src/org/traccar/database/PermissionsManager.java
@@ -29,7 +29,6 @@ import java.util.Collection;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map;
-import java.util.Map.Entry;
 import java.util.Set;
 import java.util.concurrent.ConcurrentHashMap;
 
@@ -40,7 +39,7 @@ public class PermissionsManager {
     private volatile Server server;
 
     private final Map<Long, User> users = new ConcurrentHashMap<>();
-    private final Map<Long, String> usersTokens = new HashMap<>();
+    private final Map<String, Long> usersTokens = new HashMap<>();
 
     private final Map<Long, Set<Long>> groupPermissions = new HashMap<>();
     private final Map<Long, Set<Long>> devicePermissions = new HashMap<>();
@@ -89,7 +88,7 @@ public class PermissionsManager {
             for (User user : dataManager.getUsers()) {
                 users.put(user.getId(), user);
                 if (user.getToken() != null) {
-                    usersTokens.put(user.getId(), user.getToken());
+                    usersTokens.put(user.getToken(), user.getId());
                 }
             }
         } catch (SQLException error) {
@@ -217,26 +216,28 @@ public class PermissionsManager {
         dataManager.addUser(user);
         users.put(user.getId(), user);
         if (user.getToken() != null) {
-            usersTokens.put(user.getId(), user.getToken());
+            usersTokens.put(user.getToken(), user.getId());
         }
         refreshPermissions();
     }
 
     public void updateUser(User user) throws SQLException {
         dataManager.updateUser(user);
+        User old = users.get(user.getId());
         users.put(user.getId(), user);
         if (user.getToken() != null) {
-            usersTokens.put(user.getId(), user.getToken());
-        } else if (usersTokens.containsKey(user.getId())) {
-            usersTokens.remove(user.getId());
+            usersTokens.put(user.getToken(), user.getId());
+        }
+        if (old.getToken() != null && !old.getToken().equals(user.getToken())) {
+            usersTokens.remove(old.getToken());
         }
         refreshPermissions();
     }
 
     public void removeUser(long userId) throws SQLException {
         dataManager.removeUser(userId);
+        usersTokens.remove(users.get(userId).getToken());
         users.remove(userId);
-        usersTokens.remove(userId);
         refreshPermissions();
     }
 
@@ -250,14 +251,7 @@ public class PermissionsManager {
     }
 
     public User getUserByToken(String token) {
-        if (usersTokens.containsValue(token)) {
-            for (Entry<Long, String> entry : usersTokens.entrySet()) {
-                if (entry.getValue().equals(token)) {
-                    return users.get(entry.getKey());
-                }
-            }
-        }
-        return null;
+        return users.get(usersTokens.get(token));
     }
 
 }