From 8dad0208975bf29e868a5ca9b6a844863f50d86c Mon Sep 17 00:00:00 2001 From: parveenkumaryadav Date: Wed, 10 Jan 2018 15:03:07 +0530 Subject: Odometer permission to both Admin or Manager --- src/org/traccar/api/resource/DeviceResource.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/org/traccar/api/resource/DeviceResource.java') diff --git a/src/org/traccar/api/resource/DeviceResource.java b/src/org/traccar/api/resource/DeviceResource.java index 0ea532567..c432a04f4 100644 --- a/src/org/traccar/api/resource/DeviceResource.java +++ b/src/org/traccar/api/resource/DeviceResource.java @@ -88,7 +88,7 @@ public class DeviceResource extends BaseObjectResource { @Path("{id}/distance") @PUT public Response updateTotalDistance(DeviceTotalDistance entity) throws SQLException { - Context.getPermissionsManager().checkAdmin(getUserId()); + Context.getPermissionsManager().checkDevice(getUserId(), entity.getDeviceId()); Context.getDeviceManager().resetTotalDistance(entity); LogAction.resetTotalDistance(getUserId(), entity.getDeviceId()); return Response.noContent().build(); -- cgit v1.2.3 From 6428e67fe7732d15adcf27ffd261e3eda96840cd Mon Sep 17 00:00:00 2001 From: parveenkumaryadav Date: Wed, 10 Jan 2018 16:17:25 +0530 Subject: Remove Odometer permission to User bug fix --- src/org/traccar/api/resource/DeviceResource.java | 2 +- src/org/traccar/database/PermissionsManager.java | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) (limited to 'src/org/traccar/api/resource/DeviceResource.java') diff --git a/src/org/traccar/api/resource/DeviceResource.java b/src/org/traccar/api/resource/DeviceResource.java index c432a04f4..c04b3b474 100644 --- a/src/org/traccar/api/resource/DeviceResource.java +++ b/src/org/traccar/api/resource/DeviceResource.java @@ -88,7 +88,7 @@ public class DeviceResource extends BaseObjectResource { @Path("{id}/distance") @PUT public Response updateTotalDistance(DeviceTotalDistance entity) throws SQLException { - Context.getPermissionsManager().checkDevice(getUserId(), entity.getDeviceId()); + Context.getPermissionsManager().checkDeviceManagerOrAdmin(getUserId(), entity.getDeviceId()); Context.getDeviceManager().resetTotalDistance(entity); LogAction.resetTotalDistance(getUserId(), entity.getDeviceId()); return Response.noContent().build(); diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java index 60bda99ce..05806175c 100644 --- a/src/org/traccar/database/PermissionsManager.java +++ b/src/org/traccar/database/PermissionsManager.java @@ -300,7 +300,13 @@ public class PermissionsManager { } public void checkDevice(long userId, long deviceId) throws SecurityException { - if (!Context.getDeviceManager().getUserItems(userId).contains(deviceId) && !getUserAdmin(userId)) { + if (!Context.getDeviceManager().getUserItems(userId).contains(deviceId)) { + checkDeviceManagerOrAdmin(userId, deviceId); + } + } + + public void checkDeviceManagerOrAdmin(long userId, long deviceId) throws SecurityException { + if (!getUserAdmin(userId)) { checkManager(userId); for (long managedUserId : usersManager.getUserItems(userId)) { if (Context.getDeviceManager().getUserItems(managedUserId).contains(deviceId)) { -- cgit v1.2.3 From 11601949460beb5ef621e9f2c776900f48b3e96c Mon Sep 17 00:00:00 2001 From: parveenkumaryadav Date: Wed, 10 Jan 2018 17:27:41 +0530 Subject: Simplify Odometer permission API --- src/org/traccar/api/resource/DeviceResource.java | 5 ++++- src/org/traccar/database/PermissionsManager.java | 8 +------- 2 files changed, 5 insertions(+), 8 deletions(-) (limited to 'src/org/traccar/api/resource/DeviceResource.java') diff --git a/src/org/traccar/api/resource/DeviceResource.java b/src/org/traccar/api/resource/DeviceResource.java index c04b3b474..ddf8832ed 100644 --- a/src/org/traccar/api/resource/DeviceResource.java +++ b/src/org/traccar/api/resource/DeviceResource.java @@ -88,7 +88,10 @@ public class DeviceResource extends BaseObjectResource { @Path("{id}/distance") @PUT public Response updateTotalDistance(DeviceTotalDistance entity) throws SQLException { - Context.getPermissionsManager().checkDeviceManagerOrAdmin(getUserId(), entity.getDeviceId()); + if (!Context.getPermissionsManager().getUserAdmin(getUserId())) { + Context.getPermissionsManager().checkManager(getUserId()); + Context.getPermissionsManager().checkPermission(Device.class, getUserId(), entity.getDeviceId()); + } Context.getDeviceManager().resetTotalDistance(entity); LogAction.resetTotalDistance(getUserId(), entity.getDeviceId()); return Response.noContent().build(); diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java index 05806175c..60bda99ce 100644 --- a/src/org/traccar/database/PermissionsManager.java +++ b/src/org/traccar/database/PermissionsManager.java @@ -300,13 +300,7 @@ public class PermissionsManager { } public void checkDevice(long userId, long deviceId) throws SecurityException { - if (!Context.getDeviceManager().getUserItems(userId).contains(deviceId)) { - checkDeviceManagerOrAdmin(userId, deviceId); - } - } - - public void checkDeviceManagerOrAdmin(long userId, long deviceId) throws SecurityException { - if (!getUserAdmin(userId)) { + if (!Context.getDeviceManager().getUserItems(userId).contains(deviceId) && !getUserAdmin(userId)) { checkManager(userId); for (long managedUserId : usersManager.getUserItems(userId)) { if (Context.getDeviceManager().getUserItems(managedUserId).contains(deviceId)) { -- cgit v1.2.3