From e74c64f27dc30473d9ef866c5c52e3dd6bee2fc3 Mon Sep 17 00:00:00 2001
From: Anton Tananaev <anton@traccar.org>
Date: Thu, 16 Jun 2022 07:45:19 -0700
Subject: Refactor device permissions check

---
 .../java/org/traccar/api/security/PermissionsService.java   | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'src/main/java/org/traccar/api/security')

diff --git a/src/main/java/org/traccar/api/security/PermissionsService.java b/src/main/java/org/traccar/api/security/PermissionsService.java
index f39ded2b7..8732a0d04 100644
--- a/src/main/java/org/traccar/api/security/PermissionsService.java
+++ b/src/main/java/org/traccar/api/security/PermissionsService.java
@@ -92,6 +92,19 @@ public class PermissionsService {
         }
     }
 
+    public void checkUserEnabled(long userId) throws StorageException, SecurityException {
+        User user = getUser(userId);
+        if (user == null) {
+            throw new SecurityException("Unknown account");
+        }
+        if (user.getDisabled()) {
+            throw new SecurityException("Account is disabled");
+        }
+        if (user.getExpirationTime() != null && System.currentTimeMillis() > user.getExpirationTime().getTime()) {
+            throw new SecurityException("Account has expired");
+        }
+    }
+
     public void checkEdit(long userId, Class<?> clazz, boolean addition) throws StorageException, SecurityException {
         if (!getUser(userId).getAdministrator()) {
             boolean denied = false;
-- 
cgit v1.2.3