aboutsummaryrefslogtreecommitdiff
path: root/src/org/traccar/http/BaseServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/org/traccar/http/BaseServlet.java')
-rw-r--r--src/org/traccar/http/BaseServlet.java13
1 files changed, 9 insertions, 4 deletions
diff --git a/src/org/traccar/http/BaseServlet.java b/src/org/traccar/http/BaseServlet.java
index be4b41631..9dba2e647 100644
--- a/src/org/traccar/http/BaseServlet.java
+++ b/src/org/traccar/http/BaseServlet.java
@@ -25,7 +25,6 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
import org.traccar.model.User;
public abstract class BaseServlet extends HttpServlet {
@@ -46,14 +45,20 @@ public abstract class BaseServlet extends HttpServlet {
protected abstract boolean handle(String command, HttpServletRequest req, HttpServletResponse resp) throws Exception;
- public long getUserId(HttpSession session) {
- User user = (User) session.getAttribute(USER_KEY);
+ public long getUserId(HttpServletRequest req) {
+ User user = (User) req.getSession().getAttribute(USER_KEY);
if (user == null) {
- throw new AccessControlException("User is not logged in");
+ throw new AccessControlException("User not logged in");
}
return user.getId();
}
+ public void securityCheck(boolean check) throws SecurityException {
+ if (!check) {
+ throw new SecurityException("Access denied");
+ }
+ }
+
public void sendResponse(Writer writer, boolean success) throws IOException {
JsonObjectBuilder result = Json.createObjectBuilder();
result.add("success", success);
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-08 22:26:13 +0000