diff options
Diffstat (limited to 'src/org/traccar')
-rw-r--r-- | src/org/traccar/api/BaseObjectResource.java | 2 | ||||
-rw-r--r-- | src/org/traccar/api/resource/CommandResource.java | 12 | ||||
-rw-r--r-- | src/org/traccar/api/resource/DeviceResource.java | 2 | ||||
-rw-r--r-- | src/org/traccar/api/resource/UserResource.java | 10 | ||||
-rw-r--r-- | src/org/traccar/database/CommandsManager.java | 2 | ||||
-rw-r--r-- | src/org/traccar/database/PermissionsManager.java | 36 |
6 files changed, 31 insertions, 33 deletions
diff --git a/src/org/traccar/api/BaseObjectResource.java b/src/org/traccar/api/BaseObjectResource.java index 4315832b5..f0f31a154 100644 --- a/src/org/traccar/api/BaseObjectResource.java +++ b/src/org/traccar/api/BaseObjectResource.java @@ -52,7 +52,7 @@ public abstract class BaseObjectResource<T extends BaseModel> extends BaseResour protected final Set<Long> getSimpleManagerItems(BaseObjectManager<T> manager, boolean all, long userId) { Set<Long> result = null; if (all) { - if (Context.getPermissionsManager().isAdmin(getUserId())) { + if (Context.getPermissionsManager().getUserAdmin(getUserId())) { result = manager.getAllItems(); } else { Context.getPermissionsManager().checkManager(getUserId()); diff --git a/src/org/traccar/api/resource/CommandResource.java b/src/org/traccar/api/resource/CommandResource.java index f7e7d4f8c..b7ea022de 100644 --- a/src/org/traccar/api/resource/CommandResource.java +++ b/src/org/traccar/api/resource/CommandResource.java @@ -49,9 +49,8 @@ public class CommandResource extends ExtendedObjectResource<Command> { @QueryParam("textChannel") boolean textChannel) throws SQLException { Context.getPermissionsManager().checkDevice(getUserId(), deviceId); CommandsManager commandsManager = Context.getCommandsManager(); - Set<Long> result = null; - result = new HashSet<>(commandsManager.getUserItems(getUserId())); - result.retainAll(commandsManager.getProperCommands(deviceId, textChannel)); + Set<Long> result = new HashSet<>(commandsManager.getUserItems(getUserId())); + result.retainAll(commandsManager.getSupportedCommands(deviceId, textChannel)); return commandsManager.getItems(result); } @@ -59,9 +58,8 @@ public class CommandResource extends ExtendedObjectResource<Command> { @Path("send") public Response send(Command entity) throws Exception { Context.getPermissionsManager().checkReadonly(getUserId()); - Command command = entity; - long deviceId = command.getDeviceId(); - long id = command.getId(); + long deviceId = entity.getDeviceId(); + long id = entity.getId(); if (deviceId != 0 && id != 0) { Context.getPermissionsManager().checkPermission(Command.class, getUserId(), id); Context.getPermissionsManager().checkDevice(getUserId(), deviceId); @@ -70,7 +68,7 @@ public class CommandResource extends ExtendedObjectResource<Command> { } else { Context.getPermissionsManager().checkLimitCommands(getUserId()); Context.getPermissionsManager().checkDevice(getUserId(), deviceId); - Context.getCommandsManager().sendCommand(command); + Context.getCommandsManager().sendCommand(entity); } return Response.ok(entity).build(); } diff --git a/src/org/traccar/api/resource/DeviceResource.java b/src/org/traccar/api/resource/DeviceResource.java index 1c2c653a4..1fae92dc7 100644 --- a/src/org/traccar/api/resource/DeviceResource.java +++ b/src/org/traccar/api/resource/DeviceResource.java @@ -53,7 +53,7 @@ public class DeviceResource extends BaseObjectResource<Device> { DeviceManager deviceManager = Context.getDeviceManager(); Set<Long> result = null; if (all) { - if (Context.getPermissionsManager().isAdmin(getUserId())) { + if (Context.getPermissionsManager().getUserAdmin(getUserId())) { result = deviceManager.getAllItems(); } else { Context.getPermissionsManager().checkManager(getUserId()); diff --git a/src/org/traccar/api/resource/UserResource.java b/src/org/traccar/api/resource/UserResource.java index b22e01216..0eb328ab5 100644 --- a/src/org/traccar/api/resource/UserResource.java +++ b/src/org/traccar/api/resource/UserResource.java @@ -48,13 +48,13 @@ public class UserResource extends BaseObjectResource<User> { public Collection<User> get(@QueryParam("userId") long userId) throws SQLException { UsersManager usersManager = Context.getUsersManager(); Set<Long> result = null; - if (Context.getPermissionsManager().isAdmin(getUserId())) { + if (Context.getPermissionsManager().getUserAdmin(getUserId())) { if (userId != 0) { result = usersManager.getUserItems(userId); } else { result = usersManager.getAllItems(); } - } else if (Context.getPermissionsManager().isManager(getUserId())) { + } else if (Context.getPermissionsManager().getUserManager(getUserId())) { result = usersManager.getManagedItems(getUserId()); } else { throw new SecurityException("Admin or manager access required"); @@ -66,9 +66,9 @@ public class UserResource extends BaseObjectResource<User> { @PermitAll @POST public Response add(User entity) throws SQLException { - if (!Context.getPermissionsManager().isAdmin(getUserId())) { + if (!Context.getPermissionsManager().getUserAdmin(getUserId())) { Context.getPermissionsManager().checkUserUpdate(getUserId(), new User(), entity); - if (Context.getPermissionsManager().isManager(getUserId())) { + if (Context.getPermissionsManager().getUserManager(getUserId())) { Context.getPermissionsManager().checkUserLimit(getUserId()); } else { Context.getPermissionsManager().checkRegistration(getUserId()); @@ -81,7 +81,7 @@ public class UserResource extends BaseObjectResource<User> { } } Context.getUsersManager().addItem(entity); - if (Context.getPermissionsManager().isManager(getUserId())) { + if (Context.getPermissionsManager().getUserManager(getUserId())) { Context.getDataManager().linkObject(User.class, getUserId(), ManagedUser.class, entity.getId(), true); } Context.getUsersManager().refreshUserItems(); diff --git a/src/org/traccar/database/CommandsManager.java b/src/org/traccar/database/CommandsManager.java index 9f97c929c..ded12e0d2 100644 --- a/src/org/traccar/database/CommandsManager.java +++ b/src/org/traccar/database/CommandsManager.java @@ -81,7 +81,7 @@ public class CommandsManager extends ExtendedObjectManager<Command> { } } - public Collection<Long> getProperCommands(long deviceId, boolean textChannel) { + public Collection<Long> getSupportedCommands(long deviceId, boolean textChannel) { List<Long> result = new ArrayList<>(); Position lastPosition = Context.getIdentityManager().getLastPosition(deviceId); for (long commandId : getAllDeviceItems(deviceId)) { diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java index 3da99dd13..0d9c780a6 100644 --- a/src/org/traccar/database/PermissionsManager.java +++ b/src/org/traccar/database/PermissionsManager.java @@ -137,24 +137,24 @@ public class PermissionsManager { } } - public boolean isAdmin(long userId) { + public boolean getUserAdmin(long userId) { User user = getUser(userId); return user != null && user.getAdmin(); } public void checkAdmin(long userId) throws SecurityException { - if (!isAdmin(userId)) { + if (!getUserAdmin(userId)) { throw new SecurityException("Admin access required"); } } - public boolean isManager(long userId) { + public boolean getUserManager(long userId) { User user = getUser(userId); return user != null && user.getUserLimit() != 0; } public void checkManager(long userId) throws SecurityException { - if (!isManager(userId)) { + if (!getUserManager(userId)) { throw new SecurityException("Manager access required"); } } @@ -177,7 +177,7 @@ public class PermissionsManager { int deviceLimit = getUser(userId).getDeviceLimit(); if (deviceLimit != -1) { int deviceCount = 0; - if (isManager(userId)) { + if (getUserManager(userId)) { deviceCount = Context.getDeviceManager().getManagedItems(userId).size(); } else { deviceCount = Context.getDeviceManager().getUserItems(userId).size(); @@ -188,41 +188,41 @@ public class PermissionsManager { } } - public boolean isReadonly(long userId) { + public boolean getUserReadonly(long userId) { User user = getUser(userId); return user != null && user.getReadonly(); } - public boolean isDeviceReadonly(long userId) { + public boolean getUserDeviceReadonly(long userId) { User user = getUser(userId); return user != null && user.getDeviceReadonly(); } - public boolean isLimitCommands(long userId) { + public boolean getUserLimitCommands(long userId) { User user = getUser(userId); return user != null && user.getLimitCommands(); } public void checkReadonly(long userId) throws SecurityException { - if (!isAdmin(userId) && (server.getReadonly() || isReadonly(userId))) { + if (!getUserAdmin(userId) && (server.getReadonly() || getUserReadonly(userId))) { throw new SecurityException("Account is readonly"); } } public void checkDeviceReadonly(long userId) throws SecurityException { - if (!isAdmin(userId) && (server.getDeviceReadonly() || isDeviceReadonly(userId))) { + if (!getUserAdmin(userId) && (server.getDeviceReadonly() || getUserDeviceReadonly(userId))) { throw new SecurityException("Account is device readonly"); } } public void checkLimitCommands(long userId) throws SecurityException { - if (!isAdmin(userId) && (server.getLimitCommands() || isLimitCommands(userId))) { + if (!getUserAdmin(userId) && (server.getLimitCommands() || getUserLimitCommands(userId))) { throw new SecurityException("Account has limit sending commands"); } } public void checkUserDeviceCommand(long userId, long deviceId, long commandId) throws SecurityException { - if (!isAdmin(userId) && Context.getCommandsManager().checkDeviceCommand(deviceId, commandId)) { + if (!getUserAdmin(userId) && Context.getCommandsManager().checkDeviceCommand(deviceId, commandId)) { throw new SecurityException("Command can not be sent to this device"); } } @@ -258,20 +258,20 @@ public class PermissionsManager { if (userId == after.getId()) { checkAdmin(userId); } - if (!isAdmin(userId)) { + if (!getUserAdmin(userId)) { checkManager(userId); } } } public void checkUser(long userId, long managedUserId) throws SecurityException { - if (userId != managedUserId && !isAdmin(userId)) { + if (userId != managedUserId && !getUserAdmin(userId)) { checkManager(userId, managedUserId); } } public void checkGroup(long userId, long groupId) throws SecurityException { - if (!getGroupPermissions(userId).contains(groupId) && !isAdmin(userId)) { + if (!getGroupPermissions(userId).contains(groupId) && !getUserAdmin(userId)) { checkManager(userId); for (long managedUserId : usersManager.getUserItems(userId)) { if (getGroupPermissions(managedUserId).contains(groupId)) { @@ -283,7 +283,7 @@ public class PermissionsManager { } public void checkDevice(long userId, long deviceId) throws SecurityException { - if (!Context.getDeviceManager().getUserItems(userId).contains(deviceId) && !isAdmin(userId)) { + if (!Context.getDeviceManager().getUserItems(userId).contains(deviceId) && !getUserAdmin(userId)) { checkManager(userId); for (long managedUserId : usersManager.getUserItems(userId)) { if (Context.getDeviceManager().getUserItems(managedUserId).contains(deviceId)) { @@ -295,7 +295,7 @@ public class PermissionsManager { } public void checkRegistration(long userId) { - if (!server.getRegistration() && !isAdmin(userId)) { + if (!server.getRegistration() && !getUserAdmin(userId)) { throw new SecurityException("Registration disabled"); } } @@ -324,7 +324,7 @@ public class PermissionsManager { throw new IllegalArgumentException("Unknown object type"); } - if (manager != null && !manager.checkItemPermission(userId, objectId) && !isAdmin(userId)) { + if (manager != null && !manager.checkItemPermission(userId, objectId) && !getUserAdmin(userId)) { checkManager(userId); for (long managedUserId : usersManager.getManagedItems(userId)) { if (manager.checkItemPermission(managedUserId, objectId)) { |