From 56c6fd3cfa7140d899ff8e964754e856a8c8b0d8 Mon Sep 17 00:00:00 2001
From: Anton Tananaev <anton@traccar.org>
Date: Mon, 27 Mar 2023 09:52:16 -0700
Subject: Check disabled users

---
 src/main/java/org/traccar/api/security/SecurityRequestFilter.java | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'src/main/java/org/traccar/api/security/SecurityRequestFilter.java')

diff --git a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
index 9992d49e7..e6641548a 100644
--- a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
+++ b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
@@ -15,6 +15,7 @@
  */
 package org.traccar.api.security;
 
+import com.google.inject.Injector;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.traccar.api.resource.SessionResource;
@@ -63,6 +64,9 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
     @Inject
     private StatisticsManager statisticsManager;
 
+    @Inject
+    private Injector injector;
+
     @Override
     public void filter(ContainerRequestContext requestContext) {
 
@@ -97,13 +101,14 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
 
                 Long userId = (Long) request.getSession().getAttribute(SessionResource.USER_ID_KEY);
                 if (userId != null) {
+                    injector.getInstance(PermissionsService.class).getUser(userId).checkDisabled();
                     statisticsManager.registerRequest(userId);
                     securityContext = new UserSecurityContext(new UserPrincipal(userId));
                 }
 
             }
 
-        } catch (SecurityException e) {
+        } catch (SecurityException | StorageException e) {
             LOGGER.warn("Authentication error", e);
         }
 
-- 
cgit v1.2.3