From 4030d3207c157a3fcee2653c18440898b6b2a2e6 Mon Sep 17 00:00:00 2001 From: Anton Tananaev Date: Fri, 3 Jun 2022 17:06:30 -0700 Subject: Remove attributes manager --- .../org/traccar/api/security/PermissionsService.java | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) (limited to 'src/main/java/org/traccar/api/security') diff --git a/src/main/java/org/traccar/api/security/PermissionsService.java b/src/main/java/org/traccar/api/security/PermissionsService.java index ac687fc1c..9daef355e 100644 --- a/src/main/java/org/traccar/api/security/PermissionsService.java +++ b/src/main/java/org/traccar/api/security/PermissionsService.java @@ -61,8 +61,8 @@ public class PermissionsService { return user; } - public boolean isAdmin(long userId) throws StorageException { - return getUser(userId).getAdministrator(); + public boolean notAdmin(long userId) throws StorageException { + return !getUser(userId).getAdministrator(); } public void checkAdmin(long userId) throws StorageException, SecurityException { @@ -134,16 +134,11 @@ public class PermissionsService { if (!getUser(userId).getAdministrator() && !(clazz.equals(User.class) && userId == objectId)) { var objects = storage.getObjects(clazz, new Request( new Columns.Include("id"), - new Condition.Permission( - User.class, userId, clazz.equals(User.class) ? ManagedUser.class : clazz))); - boolean found = false; - for (var object : objects) { - if (object.getId() == objectId) { - found = true; - break; - } - } - if (!found) { + new Condition.And( + new Condition.Equals("id", "id", objectId), + new Condition.Permission( + User.class, userId, clazz.equals(User.class) ? ManagedUser.class : clazz)))); + if (!objects.isEmpty()) { throw new SecurityException(clazz.getSimpleName() + " access denied"); } } -- cgit v1.2.3