diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/org/traccar/Context.java | 9 | ||||
-rw-r--r-- | src/org/traccar/api/resource/DriverResource.java | 112 | ||||
-rw-r--r-- | src/org/traccar/database/PermissionsManager.java | 13 |
3 files changed, 134 insertions, 0 deletions
diff --git a/src/org/traccar/Context.java b/src/org/traccar/Context.java index 9626d949c..a4fc5b679 100644 --- a/src/org/traccar/Context.java +++ b/src/org/traccar/Context.java @@ -31,6 +31,7 @@ import org.traccar.database.AttributesManager; import org.traccar.database.ConnectionManager; import org.traccar.database.DataManager; import org.traccar.database.DeviceManager; +import org.traccar.database.DriversManager; import org.traccar.database.IdentityManager; import org.traccar.database.MediaManager; import org.traccar.database.NotificationManager; @@ -187,6 +188,12 @@ public final class Context { return attributesManager; } + private static DriversManager driversManager; + + public static DriversManager getDriversManager() { + return driversManager; + } + private static StatisticsManager statisticsManager; public static StatisticsManager getStatisticsManager() { @@ -330,6 +337,8 @@ public final class Context { attributesManager = new AttributesManager(dataManager); + driversManager = new DriversManager(dataManager); + statisticsManager = new StatisticsManager(); if (config.getBoolean("sms.smpp.enable")) { diff --git a/src/org/traccar/api/resource/DriverResource.java b/src/org/traccar/api/resource/DriverResource.java new file mode 100644 index 000000000..4ccd11182 --- /dev/null +++ b/src/org/traccar/api/resource/DriverResource.java @@ -0,0 +1,112 @@ +/* + * Copyright 2017 Anton Tananaev (anton@traccar.org) + * Copyright 2017 Andrey Kunitsyn (andrey@traccar.org) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.traccar.api.resource; + +import java.sql.SQLException; +import java.util.Collection; +import java.util.HashSet; +import java.util.Set; + +import javax.ws.rs.Consumes; +import javax.ws.rs.DELETE; +import javax.ws.rs.GET; +import javax.ws.rs.POST; +import javax.ws.rs.PUT; +import javax.ws.rs.Path; +import javax.ws.rs.PathParam; +import javax.ws.rs.Produces; +import javax.ws.rs.QueryParam; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response; + +import org.traccar.Context; +import org.traccar.api.BaseResource; +import org.traccar.database.DriversManager; +import org.traccar.model.Driver; + +@Path("drivers") +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +public class DriverResource extends BaseResource { + + @GET + public Collection<Driver> get( + @QueryParam("all") boolean all, @QueryParam("userId") long userId, @QueryParam("groupId") long groupId, + @QueryParam("deviceId") long deviceId, @QueryParam("refresh") boolean refresh) throws SQLException { + + DriversManager driversManager = Context.getDriversManager(); + if (refresh) { + driversManager.refreshDrivers(); + } + + Set<Long> result = new HashSet<>(); + if (all) { + if (Context.getPermissionsManager().isAdmin(getUserId())) { + result.addAll(driversManager.getAllDrivers()); + } else { + Context.getPermissionsManager().checkManager(getUserId()); + result.addAll(driversManager.getManagedDrivers(getUserId())); + } + } else { + if (userId == 0) { + userId = getUserId(); + } + Context.getPermissionsManager().checkUser(getUserId(), userId); + result.addAll(driversManager.getUserDrivers(userId)); + } + + if (groupId != 0) { + Context.getPermissionsManager().checkGroup(getUserId(), groupId); + result.retainAll(driversManager.getGroupDrivers(groupId)); + } + + if (deviceId != 0) { + Context.getPermissionsManager().checkDevice(getUserId(), deviceId); + result.retainAll(driversManager.getDeviceDrivers(deviceId)); + } + return driversManager.getDrivers(result); + + } + + @POST + public Response add(Driver entity) throws SQLException { + Context.getPermissionsManager().checkReadonly(getUserId()); + Context.getDriversManager().addDriver(entity); + Context.getDataManager().linkAttribute(getUserId(), entity.getId()); + Context.getAttributesManager().refreshUserAttributes(); + return Response.ok(entity).build(); + } + + @Path("{id}") + @PUT + public Response update(Driver entity) throws SQLException { + Context.getPermissionsManager().checkReadonly(getUserId()); + Context.getPermissionsManager().checkDriver(getUserId(), entity.getId()); + Context.getDriversManager().updateDriver(entity); + return Response.ok(entity).build(); + } + + @Path("{id}") + @DELETE + public Response remove(@PathParam("id") long id) throws SQLException { + Context.getPermissionsManager().checkReadonly(getUserId()); + Context.getPermissionsManager().checkDriver(getUserId(), id); + Context.getDriversManager().removeDriver(id); + return Response.noContent().build(); + } + +} diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java index 9a82efd48..82ca6af49 100644 --- a/src/org/traccar/database/PermissionsManager.java +++ b/src/org/traccar/database/PermissionsManager.java @@ -322,6 +322,19 @@ public class PermissionsManager { } } + public void checkDriver(long userId, long driverId) throws SecurityException { + if (!Context.getDriversManager().checkDriver(userId, driverId) && !isAdmin(userId)) { + checkManager(userId); + for (long managedUserId : getUserPermissions(userId)) { + if (Context.getDriversManager().checkDriver(managedUserId, driverId)) { + return; + } + } + throw new SecurityException("Driver access denied"); + } + } + + public void checkCalendar(long userId, long calendarId) throws SecurityException { if (!Context.getCalendarManager().checkCalendar(userId, calendarId) && !isAdmin(userId)) { checkManager(userId); |