From cffbce4b3bc5ef817c4063a74f148a2a5986d58a Mon Sep 17 00:00:00 2001
From: Abyss777 <abyss@fox5.ru>
Date: Fri, 13 Jan 2017 09:26:52 +0500
Subject: Initial manager implementation

---
 src/org/traccar/api/resource/CalendarResource.java | 12 +++--
 .../api/resource/DevicePermissionResource.java     | 13 +++--
 src/org/traccar/api/resource/DeviceResource.java   | 18 +++----
 src/org/traccar/api/resource/GeofenceResource.java | 10 ++--
 .../api/resource/GroupPermissionResource.java      | 10 ++--
 src/org/traccar/api/resource/GroupResource.java    | 10 ++--
 .../api/resource/UserPermissionResource.java       | 57 ++++++++++++++++++++++
 src/org/traccar/api/resource/UserResource.java     | 38 +++++++++++----
 8 files changed, 132 insertions(+), 36 deletions(-)
 create mode 100644 src/org/traccar/api/resource/UserPermissionResource.java

(limited to 'src/org/traccar/api')

diff --git a/src/org/traccar/api/resource/CalendarResource.java b/src/org/traccar/api/resource/CalendarResource.java
index 0a9bb5daf..641d3b4b5 100644
--- a/src/org/traccar/api/resource/CalendarResource.java
+++ b/src/org/traccar/api/resource/CalendarResource.java
@@ -1,6 +1,6 @@
 /*
- * Copyright 2016 Anton Tananaev (anton@traccar.org)
- * Copyright 2016 Andrey Kunitsyn (andrey@traccar.org)
+ * Copyright 2016 - 2017 Anton Tananaev (anton@traccar.org)
+ * Copyright 2016 - 2017 Andrey Kunitsyn (andrey@traccar.org)
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -45,8 +45,12 @@ public class CalendarResource extends BaseResource {
             @QueryParam("all") boolean all, @QueryParam("userId") long userId) throws SQLException {
 
         if (all) {
-            Context.getPermissionsManager().checkAdmin(getUserId());
-            return Context.getCalendarManager().getAllCalendars();
+            if (Context.getPermissionsManager().isAdmin(getUserId())) {
+                return Context.getCalendarManager().getAllCalendars();
+            } else {
+                Context.getPermissionsManager().checkManager(getUserId());
+                return Context.getCalendarManager().getManagedCalendars(getUserId());
+            }
         } else {
             if (userId == 0) {
                 userId = getUserId();
diff --git a/src/org/traccar/api/resource/DevicePermissionResource.java b/src/org/traccar/api/resource/DevicePermissionResource.java
index 3b89507fa..af38676b0 100644
--- a/src/org/traccar/api/resource/DevicePermissionResource.java
+++ b/src/org/traccar/api/resource/DevicePermissionResource.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2015 - 2016 Anton Tananaev (anton@traccar.org)
+ * Copyright 2015 - 2017 Anton Tananaev (anton@traccar.org)
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -35,7 +35,12 @@ public class DevicePermissionResource extends BaseResource {
 
     @POST
     public Response add(DevicePermission entity) throws SQLException {
-        Context.getPermissionsManager().checkAdmin(getUserId());
+        Context.getPermissionsManager().checkReadonly(getUserId());
+        Context.getPermissionsManager().checkUser(getUserId(), entity.getUserId());
+        Context.getPermissionsManager().checkDevice(getUserId(), entity.getDeviceId());
+        if (!Context.getPermissionsManager().isAdmin(getUserId())) {
+            Context.getPermissionsManager().checkDeviceLimit(entity.getUserId());
+        }
         Context.getDataManager().linkDevice(entity.getUserId(), entity.getDeviceId());
         Context.getPermissionsManager().refreshPermissions();
         if (Context.getGeofenceManager() != null) {
@@ -46,7 +51,9 @@ public class DevicePermissionResource extends BaseResource {
 
     @DELETE
     public Response remove(DevicePermission entity) throws SQLException {
-        Context.getPermissionsManager().checkAdmin(getUserId());
+        Context.getPermissionsManager().checkReadonly(getUserId());
+        Context.getPermissionsManager().checkUser(getUserId(), entity.getUserId());
+        Context.getPermissionsManager().checkDevice(getUserId(), entity.getDeviceId());
         Context.getDataManager().unlinkDevice(entity.getUserId(), entity.getDeviceId());
         Context.getPermissionsManager().refreshPermissions();
         if (Context.getGeofenceManager() != null) {
diff --git a/src/org/traccar/api/resource/DeviceResource.java b/src/org/traccar/api/resource/DeviceResource.java
index e4ecd3625..c9680ac77 100644
--- a/src/org/traccar/api/resource/DeviceResource.java
+++ b/src/org/traccar/api/resource/DeviceResource.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2015 - 2016 Anton Tananaev (anton@traccar.org)
+ * Copyright 2015 - 2017 Anton Tananaev (anton@traccar.org)
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -44,8 +44,12 @@ public class DeviceResource extends BaseResource {
     public Collection<Device> get(
             @QueryParam("all") boolean all, @QueryParam("userId") long userId) throws SQLException {
         if (all) {
-            Context.getPermissionsManager().checkAdmin(getUserId());
-            return Context.getDeviceManager().getAllDevices();
+            if (Context.getPermissionsManager().isAdmin(getUserId())) {
+                return Context.getDeviceManager().getAllDevices();
+            } else {
+                Context.getPermissionsManager().checkManager(getUserId());
+                return Context.getDeviceManager().getManagedDevices(getUserId());
+            }
         } else {
             if (userId == 0) {
                 userId = getUserId();
@@ -58,13 +62,7 @@ public class DeviceResource extends BaseResource {
     @POST
     public Response add(Device entity) throws SQLException {
         Context.getPermissionsManager().checkReadonly(getUserId());
-        int deviceLimit = Context.getPermissionsManager().getUser(getUserId()).getDeviceLimit();
-        if (deviceLimit != 0) {
-            int deviceCount = Context.getPermissionsManager().getDevicePermissions(getUserId()).size();
-            if (deviceCount >= deviceLimit) {
-                throw new SecurityException("User device limit reached");
-            }
-        }
+        Context.getPermissionsManager().checkDeviceLimit(getUserId());
         Context.getDeviceManager().addDevice(entity);
         Context.getDataManager().linkDevice(getUserId(), entity.getId());
         Context.getPermissionsManager().refreshPermissions();
diff --git a/src/org/traccar/api/resource/GeofenceResource.java b/src/org/traccar/api/resource/GeofenceResource.java
index 591908813..5f085023a 100644
--- a/src/org/traccar/api/resource/GeofenceResource.java
+++ b/src/org/traccar/api/resource/GeofenceResource.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016 Anton Tananaev (anton@traccar.org)
+ * Copyright 2016 - 2017 Anton Tananaev (anton@traccar.org)
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -54,8 +54,12 @@ public class GeofenceResource extends BaseResource {
 
         Set<Long> result;
         if (all) {
-            Context.getPermissionsManager().checkAdmin(getUserId());
-            result = new HashSet<>(geofenceManager.getAllGeofencesIds());
+            if (Context.getPermissionsManager().isAdmin(getUserId())) {
+                result = new HashSet<>(geofenceManager.getAllGeofencesIds());
+            } else {
+                Context.getPermissionsManager().checkManager(getUserId());
+                result = new HashSet<>(geofenceManager.getManagedGeofencesIds(getUserId()));
+            }
         } else {
             if (userId == 0) {
                 userId = getUserId();
diff --git a/src/org/traccar/api/resource/GroupPermissionResource.java b/src/org/traccar/api/resource/GroupPermissionResource.java
index 07f101765..61a725222 100644
--- a/src/org/traccar/api/resource/GroupPermissionResource.java
+++ b/src/org/traccar/api/resource/GroupPermissionResource.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016 Anton Tananaev (anton@traccar.org)
+ * Copyright 2016 - 2017 Anton Tananaev (anton@traccar.org)
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -35,7 +35,9 @@ public class GroupPermissionResource extends BaseResource {
 
     @POST
     public Response add(GroupPermission entity) throws SQLException {
-        Context.getPermissionsManager().checkAdmin(getUserId());
+        Context.getPermissionsManager().checkReadonly(getUserId());
+        Context.getPermissionsManager().checkUser(getUserId(), entity.getUserId());
+        Context.getPermissionsManager().checkGroup(getUserId(), entity.getGroupId());
         Context.getDataManager().linkGroup(entity.getUserId(), entity.getGroupId());
         Context.getPermissionsManager().refreshPermissions();
         if (Context.getGeofenceManager() != null) {
@@ -46,7 +48,9 @@ public class GroupPermissionResource extends BaseResource {
 
     @DELETE
     public Response remove(GroupPermission entity) throws SQLException {
-        Context.getPermissionsManager().checkAdmin(getUserId());
+        Context.getPermissionsManager().checkReadonly(getUserId());
+        Context.getPermissionsManager().checkUser(getUserId(), entity.getUserId());
+        Context.getPermissionsManager().checkGroup(getUserId(), entity.getGroupId());
         Context.getDataManager().unlinkGroup(entity.getUserId(), entity.getGroupId());
         Context.getPermissionsManager().refreshPermissions();
         if (Context.getGeofenceManager() != null) {
diff --git a/src/org/traccar/api/resource/GroupResource.java b/src/org/traccar/api/resource/GroupResource.java
index c98a20b7e..ceba69105 100644
--- a/src/org/traccar/api/resource/GroupResource.java
+++ b/src/org/traccar/api/resource/GroupResource.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016 Anton Tananaev (anton@traccar.org)
+ * Copyright 2016 - 2017 Anton Tananaev (anton@traccar.org)
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -42,8 +42,12 @@ public class GroupResource extends BaseResource {
     public Collection<Group> get(
             @QueryParam("all") boolean all, @QueryParam("userId") long userId) throws SQLException {
         if (all) {
-            Context.getPermissionsManager().checkAdmin(getUserId());
-            return Context.getDeviceManager().getAllGroups();
+            if (Context.getPermissionsManager().isAdmin(getUserId())) {
+                return Context.getDeviceManager().getAllGroups();
+            } else {
+                Context.getPermissionsManager().checkManager(getUserId());
+                return Context.getDeviceManager().getManagedGroups(getUserId());
+            }
         } else {
             if (userId == 0) {
                 userId = getUserId();
diff --git a/src/org/traccar/api/resource/UserPermissionResource.java b/src/org/traccar/api/resource/UserPermissionResource.java
new file mode 100644
index 000000000..35e22e6d4
--- /dev/null
+++ b/src/org/traccar/api/resource/UserPermissionResource.java
@@ -0,0 +1,57 @@
+/*
+ * Copyright 2017 Anton Tananaev (anton@traccar.org)
+ * Copyright 2017 Andrey Kunitsyn (andrey@traccar.org)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.traccar.api.resource;
+
+import java.sql.SQLException;
+
+import javax.ws.rs.Consumes;
+import javax.ws.rs.DELETE;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+
+import org.traccar.Context;
+import org.traccar.api.BaseResource;
+import org.traccar.model.UserPermission;
+
+@Path("permissions/users")
+@Produces(MediaType.APPLICATION_JSON)
+@Consumes(MediaType.APPLICATION_JSON)
+public class UserPermissionResource extends BaseResource {
+
+    @POST
+    public Response add(UserPermission entity) throws SQLException {
+        Context.getPermissionsManager().checkAdmin(getUserId());
+        if (entity.getUserId() == entity.getOtherUserId()) {
+            throw new SecurityException("Selfmanagement prohibited");
+        }
+        Context.getDataManager().linkUser(entity.getUserId(), entity.getOtherUserId());
+        Context.getPermissionsManager().refreshUserPermissions();
+        return Response.ok(entity).build();
+    }
+
+    @DELETE
+    public Response remove(UserPermission entity) throws SQLException {
+        Context.getPermissionsManager().checkAdmin(getUserId());
+        Context.getDataManager().unlinkUser(entity.getUserId(), entity.getOtherUserId());
+        Context.getPermissionsManager().refreshUserPermissions();
+        return Response.noContent().build();
+    }
+
+}
diff --git a/src/org/traccar/api/resource/UserResource.java b/src/org/traccar/api/resource/UserResource.java
index 678daac9b..dd59a11ee 100644
--- a/src/org/traccar/api/resource/UserResource.java
+++ b/src/org/traccar/api/resource/UserResource.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2015 - 2016 Anton Tananaev (anton@traccar.org)
+ * Copyright 2015 - 2017 Anton Tananaev (anton@traccar.org)
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -28,6 +28,7 @@ import javax.ws.rs.PUT;
 import javax.ws.rs.Path;
 import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 import java.sql.SQLException;
@@ -40,25 +41,42 @@ import java.util.Date;
 public class UserResource extends BaseResource {
 
     @GET
-    public Collection<User> get() throws SQLException {
-        Context.getPermissionsManager().checkAdmin(getUserId());
-        return Context.getPermissionsManager().getUsers();
+    public Collection<User> get(@QueryParam("userId") long userId) throws SQLException {
+        if (Context.getPermissionsManager().isAdmin(getUserId())) {
+            if (userId != 0) {
+                return Context.getPermissionsManager().getUsers(userId);
+            } else {
+                return Context.getPermissionsManager().getAllUsers();
+            }
+        } else if (Context.getPermissionsManager().isManager(getUserId())) {
+            return Context.getPermissionsManager().getManagedUsers(getUserId());
+        } else {
+            throw new SecurityException("Admin or manager access required");
+        }
     }
 
     @PermitAll
     @POST
     public Response add(User entity) throws SQLException {
         if (!Context.getPermissionsManager().isAdmin(getUserId())) {
-            Context.getPermissionsManager().checkRegistration(getUserId());
             Context.getPermissionsManager().checkUserUpdate(getUserId(), new User(), entity);
-            entity.setDeviceLimit(Context.getConfig().getInteger("users.defaultDeviceLimit"));
-            int expirationDays = Context.getConfig().getInteger("users.defaultExpirationDays");
-            if (expirationDays > 0) {
-                entity.setExpirationTime(
-                    new Date(System.currentTimeMillis() + (long) expirationDays * 24 * 3600 * 1000));
+            if (Context.getPermissionsManager().isManager(getUserId())) {
+                Context.getPermissionsManager().checkUserLimit(getUserId());
+            } else {
+                Context.getPermissionsManager().checkRegistration(getUserId());
+                entity.setDeviceLimit(Context.getConfig().getInteger("users.defaultDeviceLimit"));
+                int expirationDays = Context.getConfig().getInteger("users.defaultExpirationDays");
+                if (expirationDays > 0) {
+                    entity.setExpirationTime(
+                        new Date(System.currentTimeMillis() + (long) expirationDays * 24 * 3600 * 1000));
+                }
             }
         }
         Context.getPermissionsManager().addUser(entity);
+        if (Context.getPermissionsManager().isManager(getUserId())) {
+            Context.getDataManager().linkUser(getUserId(), entity.getId());
+        }
+        Context.getPermissionsManager().refreshUserPermissions();
         if (Context.getNotificationManager() != null) {
             Context.getNotificationManager().refresh();
         }
-- 
cgit v1.2.3


From 8a19ed9994e6bdd531faa3021711fc0e89497ca8 Mon Sep 17 00:00:00 2001
From: Abyss777 <abyss@fox5.ru>
Date: Mon, 16 Jan 2017 16:27:51 +0500
Subject: - Rename otherUserId to managedUserId - Optimize getManaged*
 functions

---
 schema/changelog-3.10.xml                          |  4 +-
 setup/default.xml                                  |  6 +--
 .../api/resource/UserPermissionResource.java       |  9 ++--
 src/org/traccar/database/CalendarManager.java      |  4 +-
 src/org/traccar/database/DataManager.java          |  8 +--
 src/org/traccar/database/DeviceManager.java        |  8 +--
 src/org/traccar/database/GeofenceManager.java      |  4 +-
 src/org/traccar/database/PermissionsManager.java   | 59 ++++++++++------------
 src/org/traccar/model/UserPermission.java          | 10 ++--
 9 files changed, 53 insertions(+), 59 deletions(-)

(limited to 'src/org/traccar/api')

diff --git a/schema/changelog-3.10.xml b/schema/changelog-3.10.xml
index 5ba882e0f..137b3bc82 100644
--- a/schema/changelog-3.10.xml
+++ b/schema/changelog-3.10.xml
@@ -56,13 +56,13 @@
       <column name="userid" type="INT">
         <constraints nullable="false" />
       </column>
-      <column name="otheruserid" type="INT">
+      <column name="manageduserid" type="INT">
         <constraints nullable="false" />
       </column>
     </createTable>
 
     <addForeignKeyConstraint baseTableName="user_user" baseColumnNames="userid" constraintName="fk_user_user_userid" referencedTableName="users" referencedColumnNames="id" onDelete="CASCADE" />
-    <addForeignKeyConstraint baseTableName="user_user" baseColumnNames="otheruserid" constraintName="fk_user_user_otheruserid" referencedTableName="users" referencedColumnNames="id" onDelete="CASCADE" />
+    <addForeignKeyConstraint baseTableName="user_user" baseColumnNames="manageduserid" constraintName="fk_user_user_manageduserid" referencedTableName="users" referencedColumnNames="id" onDelete="CASCADE" />
 
   </changeSet>
 </databaseChangeLog>
diff --git a/setup/default.xml b/setup/default.xml
index eab11e10e..0ab3163f0 100644
--- a/setup/default.xml
+++ b/setup/default.xml
@@ -353,15 +353,15 @@
     </entry>
     
     <entry key='database.selectUserPermissions'>
-        SELECT userId, otherUserId FROM user_user
+        SELECT userId, managedUserId FROM user_user
     </entry>
 
     <entry key='database.linkUser'>
-        INSERT INTO user_user (userId, otherUserId) VALUES (:userId, :otherUserId)
+        INSERT INTO user_user (userId, managedUserId) VALUES (:userId, :managedUserId)
     </entry>
 
     <entry key='database.unlinkUser'>
-        DELETE FROM user_user WHERE userId = :userId AND otherUserId = :otherUserId
+        DELETE FROM user_user WHERE userId = :userId AND managedUserId = :managedUserId
     </entry>
 
     <!-- PROTOCOL CONFIG -->
diff --git a/src/org/traccar/api/resource/UserPermissionResource.java b/src/org/traccar/api/resource/UserPermissionResource.java
index 35e22e6d4..a97c4a665 100644
--- a/src/org/traccar/api/resource/UserPermissionResource.java
+++ b/src/org/traccar/api/resource/UserPermissionResource.java
@@ -38,18 +38,17 @@ public class UserPermissionResource extends BaseResource {
     @POST
     public Response add(UserPermission entity) throws SQLException {
         Context.getPermissionsManager().checkAdmin(getUserId());
-        if (entity.getUserId() == entity.getOtherUserId()) {
-            throw new SecurityException("Selfmanagement prohibited");
+        if (entity.getUserId() != entity.getManagedUserId()) {
+            Context.getDataManager().linkUser(entity.getUserId(), entity.getManagedUserId());
+            Context.getPermissionsManager().refreshUserPermissions();
         }
-        Context.getDataManager().linkUser(entity.getUserId(), entity.getOtherUserId());
-        Context.getPermissionsManager().refreshUserPermissions();
         return Response.ok(entity).build();
     }
 
     @DELETE
     public Response remove(UserPermission entity) throws SQLException {
         Context.getPermissionsManager().checkAdmin(getUserId());
-        Context.getDataManager().unlinkUser(entity.getUserId(), entity.getOtherUserId());
+        Context.getDataManager().unlinkUser(entity.getUserId(), entity.getManagedUserId());
         Context.getPermissionsManager().refreshUserPermissions();
         return Response.noContent().build();
     }
diff --git a/src/org/traccar/database/CalendarManager.java b/src/org/traccar/database/CalendarManager.java
index d755bd396..31d484327 100644
--- a/src/org/traccar/database/CalendarManager.java
+++ b/src/org/traccar/database/CalendarManager.java
@@ -73,8 +73,8 @@ public class CalendarManager {
     public Collection<Calendar> getManagedCalendars(long userId) {
         ArrayList<Calendar> result = new ArrayList<>();
         result.addAll(getUserCalendars(userId));
-        for (long otherUserId : Context.getPermissionsManager().getUserPermissions(userId)) {
-            result.addAll(getUserCalendars(otherUserId));
+        for (long managedUserId : Context.getPermissionsManager().getUserPermissions(userId)) {
+            result.addAll(getUserCalendars(managedUserId));
         }
         return result;
     }
diff --git a/src/org/traccar/database/DataManager.java b/src/org/traccar/database/DataManager.java
index 2dea7ef40..8337762f7 100644
--- a/src/org/traccar/database/DataManager.java
+++ b/src/org/traccar/database/DataManager.java
@@ -534,17 +534,17 @@ public class DataManager {
                 .executeQuery(UserPermission.class);
     }
 
-    public void linkUser(long userId, long otherUserId) throws SQLException {
+    public void linkUser(long userId, long managedUserId) throws SQLException {
         QueryBuilder.create(dataSource, getQuery("database.linkUser"))
                 .setLong("userId", userId)
-                .setLong("otherUserId", otherUserId)
+                .setLong("managedUserId", managedUserId)
                 .executeUpdate();
     }
 
-    public void unlinkUser(long userId, long otherUserId) throws SQLException {
+    public void unlinkUser(long userId, long managedUserId) throws SQLException {
         QueryBuilder.create(dataSource, getQuery("database.unlinkUser"))
                 .setLong("userId", userId)
-                .setLong("otherUserId", otherUserId)
+                .setLong("managedUserId", managedUserId)
                 .executeUpdate();
     }
 }
diff --git a/src/org/traccar/database/DeviceManager.java b/src/org/traccar/database/DeviceManager.java
index bcb3185ca..8e75903db 100644
--- a/src/org/traccar/database/DeviceManager.java
+++ b/src/org/traccar/database/DeviceManager.java
@@ -163,8 +163,8 @@ public class DeviceManager implements IdentityManager {
     public Collection<Device> getManagedDevices(long userId) throws SQLException {
         Collection<Device> devices = new ArrayList<>();
         devices.addAll(getDevices(userId));
-        for (long otherUserId : Context.getPermissionsManager().getUserPermissions(userId)) {
-            devices.addAll(getDevices(otherUserId));
+        for (long managedUserId : Context.getPermissionsManager().getUserPermissions(userId)) {
+            devices.addAll(getDevices(managedUserId));
         }
         return devices;
     }
@@ -301,8 +301,8 @@ public class DeviceManager implements IdentityManager {
     public Collection<Group> getManagedGroups(long userId) throws SQLException {
         Collection<Group> groups = new ArrayList<>();
         groups.addAll(getGroups(userId));
-        for (long otherUserId : Context.getPermissionsManager().getUserPermissions(userId)) {
-            groups.addAll(getGroups(otherUserId));
+        for (long managedUserId : Context.getPermissionsManager().getUserPermissions(userId)) {
+            groups.addAll(getGroups(managedUserId));
         }
         return groups;
     }
diff --git a/src/org/traccar/database/GeofenceManager.java b/src/org/traccar/database/GeofenceManager.java
index adc93aa29..b8e6a5d73 100644
--- a/src/org/traccar/database/GeofenceManager.java
+++ b/src/org/traccar/database/GeofenceManager.java
@@ -245,8 +245,8 @@ public class GeofenceManager {
     public final Set<Long> getManagedGeofencesIds(long userId) {
         Set<Long> geofences = new HashSet<>();
         geofences.addAll(getUserGeofencesIds(userId));
-        for (long otherUserId : Context.getPermissionsManager().getUserPermissions(userId)) {
-            geofences.addAll(getUserGeofencesIds(otherUserId));
+        for (long managedUserId : Context.getPermissionsManager().getUserPermissions(userId)) {
+            geofences.addAll(getUserGeofencesIds(managedUserId));
         }
         return geofences;
     }
diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java
index 3c62f84c2..c49ffb00c 100644
--- a/src/org/traccar/database/PermissionsManager.java
+++ b/src/org/traccar/database/PermissionsManager.java
@@ -30,7 +30,6 @@ import java.util.ArrayList;
 import java.util.Collection;
 import java.util.HashMap;
 import java.util.HashSet;
-import java.util.Iterator;
 import java.util.Map;
 import java.util.Objects;
 import java.util.Set;
@@ -114,7 +113,7 @@ public class PermissionsManager {
         userPermissions.clear();
         try {
             for (UserPermission permission : dataManager.getUserPermissions()) {
-                getUserPermissions(permission.getUserId()).add(permission.getOtherUserId());
+                getUserPermissions(permission.getUserId()).add(permission.getManagedUserId());
             }
         } catch (SQLException error) {
             Log.warning(error);
@@ -250,27 +249,25 @@ public class PermissionsManager {
 
     public void checkGroup(long userId, long groupId) throws SecurityException {
         if (!getGroupPermissions(userId).contains(groupId) && !isAdmin(userId)) {
-            Iterator<Long> iterator = getUserPermissions(userId).iterator();
-            boolean managed = false;
-            while (!managed && iterator.hasNext()) {
-                managed = getGroupPermissions(iterator.next()).contains(groupId);
-            }
-            if (!managed) {
-                throw new SecurityException("Group access denied");
+            checkManager(userId);
+            for (long managedUserId : getUserPermissions(userId)) {
+                if (getGroupPermissions(managedUserId).contains(groupId)) {
+                    return;
+                }
             }
+            throw new SecurityException("Group access denied");
         }
     }
 
     public void checkDevice(long userId, long deviceId) throws SecurityException {
         if (!getDevicePermissions(userId).contains(deviceId) && !isAdmin(userId)) {
-            Iterator<Long> iterator = getUserPermissions(userId).iterator();
-            boolean managed = false;
-            while (!managed && iterator.hasNext()) {
-                managed = getDevicePermissions(iterator.next()).contains(deviceId);
-            }
-            if (!managed) {
-                throw new SecurityException("Device access denied");
+            checkManager(userId);
+            for (long managedUserId : getUserPermissions(userId)) {
+                if (getDevicePermissions(managedUserId).contains(deviceId)) {
+                    return;
+                }
             }
+            throw new SecurityException("Device access denied");
         }
     }
 
@@ -282,27 +279,25 @@ public class PermissionsManager {
 
     public void checkGeofence(long userId, long geofenceId) throws SecurityException {
         if (!Context.getGeofenceManager().checkGeofence(userId, geofenceId) && !isAdmin(userId)) {
-            Iterator<Long> iterator = getUserPermissions(userId).iterator();
-            boolean managed = false;
-            while (!managed && iterator.hasNext()) {
-                managed = Context.getGeofenceManager().checkGeofence(iterator.next(), geofenceId);
-            }
-            if (!managed) {
-                throw new SecurityException("Geofence access denied");
+            checkManager(userId);
+            for (long managedUserId : getUserPermissions(userId)) {
+                if (Context.getGeofenceManager().checkGeofence(managedUserId, geofenceId)) {
+                    return;
+                }
             }
+            throw new SecurityException("Geofence access denied");
         }
     }
 
     public void checkCalendar(long userId, long calendarId) throws SecurityException {
         if (!Context.getCalendarManager().checkCalendar(userId, calendarId) && !isAdmin(userId)) {
-            Iterator<Long> iterator = getUserPermissions(userId).iterator();
-            boolean managed = false;
-            while (!managed && iterator.hasNext()) {
-                managed = Context.getCalendarManager().checkCalendar(iterator.next(), calendarId);
-            }
-            if (!managed) {
-                throw new SecurityException("Calendar access denied");
+            checkManager(userId);
+            for (long managedUserId : getUserPermissions(userId)) {
+                if (Context.getCalendarManager().checkCalendar(managedUserId, calendarId)) {
+                    return;
+                }
             }
+            throw new SecurityException("Calendar access denied");
         }
     }
 
@@ -321,8 +316,8 @@ public class PermissionsManager {
 
     public Collection<User> getUsers(long userId) {
         Collection<User> result = new ArrayList<>();
-        for (long otherUserId : getUserPermissions(userId)) {
-            result.add(users.get(otherUserId));
+        for (long managedUserId : getUserPermissions(userId)) {
+            result.add(users.get(managedUserId));
         }
         return result;
     }
diff --git a/src/org/traccar/model/UserPermission.java b/src/org/traccar/model/UserPermission.java
index fce98edf0..39ead5ef1 100644
--- a/src/org/traccar/model/UserPermission.java
+++ b/src/org/traccar/model/UserPermission.java
@@ -28,14 +28,14 @@ public class UserPermission {
         this.userId = userId;
     }
 
-    private long otherUserId;
+    private long managedUserId;
 
-    public long getOtherUserId() {
-        return otherUserId;
+    public long getManagedUserId() {
+        return managedUserId;
     }
 
-    public void setOtherUserId(long otherUserId) {
-        this.otherUserId = otherUserId;
+    public void setManagedUserId(long managedUserId) {
+        this.managedUserId = managedUserId;
     }
 
 }
-- 
cgit v1.2.3


From 68abcc05ddd3633167f4e1c45d0ae9cf05dbcc43 Mon Sep 17 00:00:00 2001
From: Abyss777 <abyss@fox5.ru>
Date: Tue, 17 Jan 2017 09:36:29 +0500
Subject: - rename otherUserId variable - optimize HashSet creation

---
 src/org/traccar/api/resource/GeofenceResource.java |  8 ++++----
 src/org/traccar/database/PermissionsManager.java   | 10 +++++-----
 2 files changed, 9 insertions(+), 9 deletions(-)

(limited to 'src/org/traccar/api')

diff --git a/src/org/traccar/api/resource/GeofenceResource.java b/src/org/traccar/api/resource/GeofenceResource.java
index 5f085023a..d5acf106a 100644
--- a/src/org/traccar/api/resource/GeofenceResource.java
+++ b/src/org/traccar/api/resource/GeofenceResource.java
@@ -52,20 +52,20 @@ public class GeofenceResource extends BaseResource {
             geofenceManager.refreshGeofences();
         }
 
-        Set<Long> result;
+        Set<Long> result = new HashSet<>();
         if (all) {
             if (Context.getPermissionsManager().isAdmin(getUserId())) {
-                result = new HashSet<>(geofenceManager.getAllGeofencesIds());
+                result.addAll(geofenceManager.getAllGeofencesIds());
             } else {
                 Context.getPermissionsManager().checkManager(getUserId());
-                result = new HashSet<>(geofenceManager.getManagedGeofencesIds(getUserId()));
+                result.addAll(geofenceManager.getManagedGeofencesIds(getUserId()));
             }
         } else {
             if (userId == 0) {
                 userId = getUserId();
             }
             Context.getPermissionsManager().checkUser(getUserId(), userId);
-            result = new HashSet<>(geofenceManager.getUserGeofencesIds(userId));
+            result.addAll(geofenceManager.getUserGeofencesIds(userId));
         }
 
         if (groupId != 0) {
diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java
index c49ffb00c..4a5f759a8 100644
--- a/src/org/traccar/database/PermissionsManager.java
+++ b/src/org/traccar/database/PermissionsManager.java
@@ -179,9 +179,9 @@ public class PermissionsManager {
         }
     }
 
-    public void checkManager(long userId, long otherUserId) throws SecurityException {
+    public void checkManager(long userId, long managedUserId) throws SecurityException {
         checkManager(userId);
-        if (!userPermissions.get(userId).contains(otherUserId)) {
+        if (!userPermissions.get(userId).contains(managedUserId)) {
             throw new SecurityException("User access denied");
         }
     }
@@ -241,9 +241,9 @@ public class PermissionsManager {
         }
     }
 
-    public void checkUser(long userId, long otherUserId) throws SecurityException {
-        if (userId != otherUserId && !isAdmin(userId)) {
-            checkManager(userId, otherUserId);
+    public void checkUser(long userId, long managedUserId) throws SecurityException {
+        if (userId != managedUserId && !isAdmin(userId)) {
+            checkManager(userId, managedUserId);
         }
     }
 
-- 
cgit v1.2.3