aboutsummaryrefslogtreecommitdiff
path: root/src/org/traccar/http/DeviceServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/org/traccar/http/DeviceServlet.java')
-rw-r--r--src/org/traccar/http/DeviceServlet.java14
1 files changed, 8 insertions, 6 deletions
diff --git a/src/org/traccar/http/DeviceServlet.java b/src/org/traccar/http/DeviceServlet.java
index 1387c2a13..1e8e1f047 100644
--- a/src/org/traccar/http/DeviceServlet.java
+++ b/src/org/traccar/http/DeviceServlet.java
@@ -40,25 +40,27 @@ public class DeviceServlet extends BaseServlet {
private void get(HttpServletRequest req, HttpServletResponse resp) throws Exception {
sendResponse(resp.getWriter(), JsonConverter.arrayToJson(
- Context.getDataManager().getDevices(getUserId(req.getSession()))));
+ Context.getDataManager().getDevices(getUserId(req))));
}
private void add(HttpServletRequest req, HttpServletResponse resp) throws Exception {
Device device = JsonConverter.objectFromJson(req.getReader(), new Device());
Context.getDataManager().addDevice(device);
- Context.getDataManager().linkDevice(getUserId(req.getSession()), device.getId());
+ Context.getDataManager().linkDevice(getUserId(req), device.getId());
sendResponse(resp.getWriter(), JsonConverter.objectToJson(device));
}
private void update(HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Context.getDataManager().updateDevice(JsonConverter.objectFromJson(
- req.getReader(), new Device()));
+ Device device = JsonConverter.objectFromJson(req.getReader(), new Device());
+ Context.getPermissionsManager().checkDevice(getUserId(req), device.getId());
+ Context.getDataManager().updateDevice(device);
sendResponse(resp.getWriter(), true);
}
private void remove(HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Context.getDataManager().removeDevice(JsonConverter.objectFromJson(
- req.getReader(), new Device()));
+ Device device = JsonConverter.objectFromJson(req.getReader(), new Device());
+ Context.getPermissionsManager().checkDevice(getUserId(req), device.getId());
+ Context.getDataManager().removeDevice(device);
sendResponse(resp.getWriter(), true);
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-30 09:59:39 +0000