diff options
Diffstat (limited to 'src/org/traccar/database/PermissionsManager.java')
| -rw-r--r-- | src/org/traccar/database/PermissionsManager.java | 56 |
1 files changed, 42 insertions, 14 deletions
diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java index c676dea23..dc37bbc84 100644 --- a/src/org/traccar/database/PermissionsManager.java +++ b/src/org/traccar/database/PermissionsManager.java @@ -1,5 +1,5 @@ /* - * Copyright 2015 Anton Tananaev (anton.tananaev@gmail.com) + * Copyright 2015 - 2016 Anton Tananaev (anton.tananaev@gmail.com) * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,13 +16,15 @@ package org.traccar.database; import java.sql.SQLException; -import java.util.Collection; import java.util.HashMap; import java.util.HashSet; import java.util.Map; import java.util.Set; import org.traccar.helper.Log; -import org.traccar.model.Permission; +import org.traccar.model.Device; +import org.traccar.model.DevicePermission; +import org.traccar.model.Group; +import org.traccar.model.GroupPermission; import org.traccar.model.Server; import org.traccar.model.User; @@ -34,13 +36,21 @@ public class PermissionsManager { private final Map<Long, User> users = new HashMap<>(); - private final Map<Long, Set<Long>> permissions = new HashMap<>(); + private final Map<Long, Set<Long>> groupPermissions = new HashMap<>(); + private final Map<Long, Set<Long>> devicePermissions = new HashMap<>(); - private Set<Long> getPermissions(long userId) { - if (!permissions.containsKey(userId)) { - permissions.put(userId, new HashSet<Long>()); + public Set<Long> getGroupPermissions(long userId) { + if (!groupPermissions.containsKey(userId)) { + groupPermissions.put(userId, new HashSet<Long>()); } - return permissions.get(userId); + return groupPermissions.get(userId); + } + + public Set<Long> getDevicePermissions(long userId) { + if (!devicePermissions.containsKey(userId)) { + devicePermissions.put(userId, new HashSet<Long>()); + } + return devicePermissions.get(userId); } public PermissionsManager(DataManager dataManager) { @@ -50,15 +60,31 @@ public class PermissionsManager { public final void refresh() { users.clear(); - permissions.clear(); + groupPermissions.clear(); + devicePermissions.clear(); try { server = dataManager.getServer(); for (User user : dataManager.getUsers()) { users.put(user.getId(), user); } - for (Permission permission : dataManager.getPermissions()) { - getPermissions(permission.getUserId()).add(permission.getDeviceId()); + + GroupTree groupTree = new GroupTree(dataManager.getAllGroups(), dataManager.getAllDevices()); + for (GroupPermission permission : dataManager.getGroupPermissions()) { + Set<Long> userGroupPermissions = getGroupPermissions(permission.getUserId()); + Set<Long> userDevicePermissions = getDevicePermissions(permission.getUserId()); + userGroupPermissions.add(permission.getGroupId()); + for (Group group : groupTree.getGroups(permission.getGroupId())) { + userGroupPermissions.add(group.getId()); + } + for (Device device : groupTree.getDevices(permission.getGroupId())) { + userDevicePermissions.add(device.getId()); + } + } + + for (DevicePermission permission : dataManager.getDevicePermissions()) { + getDevicePermissions(permission.getUserId()).add(permission.getDeviceId()); } + } catch (SQLException error) { Log.warning(error); } @@ -80,12 +106,14 @@ public class PermissionsManager { } } - public Collection<Long> allowedDevices(long userId) { - return getPermissions(userId); + public void checkGroup(long userId, long groupId) throws SecurityException { + if (!getGroupPermissions(userId).contains(groupId)) { + throw new SecurityException("Group access denied"); + } } public void checkDevice(long userId, long deviceId) throws SecurityException { - if (!getPermissions(userId).contains(deviceId)) { + if (!getDevicePermissions(userId).contains(deviceId)) { throw new SecurityException("Device access denied"); } } |