From 17f5a899a08b992507b574eeb4047b1f6bfa8629 Mon Sep 17 00:00:00 2001 From: Abyss777 Date: Wed, 19 Oct 2016 18:35:28 +0500 Subject: - Filter events on server side - Use common path for templates - Filter events about geofences that user do not have access (minor security fix) - Removed unused function - Visual templates improvements --- src/org/traccar/api/resource/EventResource.java | 13 ++----- src/org/traccar/database/DataManager.java | 11 +----- src/org/traccar/model/Event.java | 2 + src/org/traccar/reports/Events.java | 52 +++++++++++++------------ src/org/traccar/reports/Route.java | 6 +-- src/org/traccar/reports/Summary.java | 6 +-- src/org/traccar/reports/Trips.java | 6 +-- 7 files changed, 42 insertions(+), 54 deletions(-) (limited to 'src/org') diff --git a/src/org/traccar/api/resource/EventResource.java b/src/org/traccar/api/resource/EventResource.java index 74a748ea5..c0a8f968d 100644 --- a/src/org/traccar/api/resource/EventResource.java +++ b/src/org/traccar/api/resource/EventResource.java @@ -1,14 +1,12 @@ package org.traccar.api.resource; import java.sql.SQLException; -import java.util.Collection; import javax.ws.rs.Consumes; import javax.ws.rs.GET; import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; -import javax.ws.rs.QueryParam; import javax.ws.rs.core.MediaType; import org.traccar.Context; @@ -26,14 +24,9 @@ public class EventResource extends BaseResource { public Event get(@PathParam("id") long id) throws SQLException { Event event = Context.getDataManager().getEvent(id); Context.getPermissionsManager().checkDevice(getUserId(), event.getDeviceId()); + if (event.getGeofenceId() != 0) { + Context.getPermissionsManager().checkGeofence(getUserId(), event.getGeofenceId()); + } return event; } - - @GET - public Collection get( - @QueryParam("deviceId") long deviceId, @QueryParam("type") String type, - @QueryParam("interval") int interval) throws SQLException { - Context.getPermissionsManager().checkDevice(getUserId(), deviceId); - return Context.getDataManager().getLastEvents(deviceId, type, interval); - } } diff --git a/src/org/traccar/database/DataManager.java b/src/org/traccar/database/DataManager.java index 58d16d7f5..e98e1429c 100644 --- a/src/org/traccar/database/DataManager.java +++ b/src/org/traccar/database/DataManager.java @@ -20,7 +20,6 @@ import java.lang.reflect.Method; import java.net.URL; import java.net.URLClassLoader; import java.sql.SQLException; -import java.util.Calendar; import java.util.Collection; import java.util.Date; @@ -332,22 +331,14 @@ public class DataManager { .executeUpdate()); } - public Collection getEvents(long deviceId, String type, Date from, Date to) throws SQLException { + public Collection getEvents(long deviceId, Date from, Date to) throws SQLException { return QueryBuilder.create(dataSource, getQuery("database.selectEvents")) .setLong("deviceId", deviceId) - .setString("type", type) .setDate("from", from) .setDate("to", to) .executeQuery(Event.class); } - public Collection getLastEvents(long deviceId, String type, int interval) throws SQLException { - Calendar calendar = Calendar.getInstance(); - calendar.add(Calendar.SECOND, -interval); - Date from = calendar.getTime(); - return getEvents(deviceId, type, from, new Date()); - } - public Collection getGeofences() throws SQLException { return QueryBuilder.create(dataSource, getQuery("database.selectGeofencesAll")) .executeQuery(Geofence.class); diff --git a/src/org/traccar/model/Event.java b/src/org/traccar/model/Event.java index c3c8b5320..5b4b0e089 100644 --- a/src/org/traccar/model/Event.java +++ b/src/org/traccar/model/Event.java @@ -35,6 +35,8 @@ public class Event extends Message { public Event() { } + public static final String ALL_EVENTS = "allEvents"; + public static final String TYPE_COMMAND_RESULT = "commandResult"; public static final String TYPE_DEVICE_ONLINE = "deviceOnline"; diff --git a/src/org/traccar/reports/Events.java b/src/org/traccar/reports/Events.java index 9f58e1bf4..37bf7b227 100644 --- a/src/org/traccar/reports/Events.java +++ b/src/org/traccar/reports/Events.java @@ -23,12 +23,10 @@ import java.io.OutputStream; import java.sql.SQLException; import java.util.ArrayList; import java.util.Collection; -import java.util.Comparator; import java.util.Date; import java.util.HashMap; +import java.util.Iterator; import java.util.List; -import java.util.SortedSet; -import java.util.TreeSet; import javax.json.Json; import javax.json.JsonArrayBuilder; @@ -58,9 +56,14 @@ public final class Events { JsonArrayBuilder json = Json.createArrayBuilder(); for (long deviceId: ReportUtils.getDeviceList(deviceIds, groupIds)) { Context.getPermissionsManager().checkDevice(userId, deviceId); - for (String type : types) { - for (Event event : Context.getDataManager().getEvents(deviceId, type, from, to)) { - json.add(JsonConverter.objectToJson(event)); + Collection events = Context.getDataManager().getEvents(deviceId, from, to); + boolean all = types.isEmpty() || types.contains(Event.ALL_EVENTS); + for (Event event : events) { + if (all || types.contains(event.getType())) { + long geofenceId = event.getGeofenceId(); + if (geofenceId == 0 || Context.getGeofenceManager().checkGeofence(userId, geofenceId)) { + json.add(JsonConverter.objectToJson(event)); + } } } } @@ -75,28 +78,27 @@ public final class Events { HashMap geofenceNames = new HashMap<>(); for (long deviceId: ReportUtils.getDeviceList(deviceIds, groupIds)) { Context.getPermissionsManager().checkDevice(userId, deviceId); - SortedSet eventReports = new TreeSet(new Comparator() { - @Override - public int compare(Event e1, Event e2) { - return e1.getServerTime().compareTo(e2.getServerTime()); - } - }); - for (String type : types) { - Collection events = Context.getDataManager().getEvents(deviceId, type, from, to); - for (Event event : events) { + Collection events = Context.getDataManager().getEvents(deviceId, from, to); + boolean all = types.isEmpty() || types.contains(Event.ALL_EVENTS); + for (Iterator iterator = events.iterator(); iterator.hasNext();) { + Event event = iterator.next(); + if (all || types.contains(event.getType())) { long geofenceId = event.getGeofenceId(); if (geofenceId != 0) { - Geofence geofence = Context.getGeofenceManager().getGeofence(geofenceId); - if (geofence != null) { - geofenceNames.put(geofenceId, geofence.getName()); + if (Context.getGeofenceManager().checkGeofence(userId, geofenceId)) { + Geofence geofence = Context.getGeofenceManager().getGeofence(geofenceId); + if (geofence != null) { + geofenceNames.put(geofenceId, geofence.getName()); + } } else { - geofenceNames.put(geofenceId, Long.toString(geofenceId)); + iterator.remove(); } } - eventReports.add(event); + } else { + iterator.remove(); } } - if (!eventReports.isEmpty()) { + if (!events.isEmpty()) { DeviceReport deviceEvents = new DeviceReport(); Device device = Context.getIdentityManager().getDeviceById(deviceId); deviceEvents.setDeviceName(device.getName()); @@ -107,13 +109,13 @@ public final class Events { deviceEvents.setGroupName(group.getName()); } } - deviceEvents.setObjects(eventReports); + deviceEvents.setObjects(events); devicesEvents.add(deviceEvents); } } - String templatePath = Context.getConfig().getString("report.events.template.excel", - "templates/export/events.xlsx"); - try (InputStream inputStream = new FileInputStream(templatePath)) { + String templatePath = Context.getConfig().getString("report.templatesPath", + "templates/export/"); + try (InputStream inputStream = new FileInputStream(templatePath + "/events.xlsx")) { org.jxls.common.Context jxlsContext = PoiTransformer.createInitialContext(); jxlsContext.putVar("devices", devicesEvents); jxlsContext.putVar("sheetNames", sheetNames); diff --git a/src/org/traccar/reports/Route.java b/src/org/traccar/reports/Route.java index 1bb7b564a..7cefe04a3 100644 --- a/src/org/traccar/reports/Route.java +++ b/src/org/traccar/reports/Route.java @@ -83,9 +83,9 @@ public final class Route { devicesRoutes.add(deviceRoutes); } } - String templatePath = Context.getConfig().getString("report.route.template.excel", - "templates/export/route.xlsx"); - try (InputStream inputStream = new FileInputStream(templatePath)) { + String templatePath = Context.getConfig().getString("report.templatesPath", + "templates/export/"); + try (InputStream inputStream = new FileInputStream(templatePath + "/route.xlsx")) { org.jxls.common.Context jxlsContext = PoiTransformer.createInitialContext(); jxlsContext.putVar("devices", devicesRoutes); jxlsContext.putVar("sheetNames", sheetNames); diff --git a/src/org/traccar/reports/Summary.java b/src/org/traccar/reports/Summary.java index e7f41bcd6..14f8b7839 100644 --- a/src/org/traccar/reports/Summary.java +++ b/src/org/traccar/reports/Summary.java @@ -92,9 +92,9 @@ public final class Summary { Context.getPermissionsManager().checkDevice(userId, deviceId); summaries.add(calculateSummaryResult(deviceId, from, to)); } - String templatePath = Context.getConfig().getString("report.summary.template.excel", - "templates/export/summary.xlsx"); - try (InputStream inputStream = new FileInputStream(templatePath)) { + String templatePath = Context.getConfig().getString("report.templatesPath", + "templates/export/"); + try (InputStream inputStream = new FileInputStream(templatePath + "/summary.xlsx")) { org.jxls.common.Context jxlsContext = PoiTransformer.createInitialContext(); jxlsContext.putVar("summaries", summaries); jxlsContext.putVar("from", from); diff --git a/src/org/traccar/reports/Trips.java b/src/org/traccar/reports/Trips.java index c912dc651..27863d877 100644 --- a/src/org/traccar/reports/Trips.java +++ b/src/org/traccar/reports/Trips.java @@ -202,9 +202,9 @@ public final class Trips { devicesTrips.add(deviceTrips); } } - String templatePath = Context.getConfig().getString("report.trips.template.excel", - "templates/export/trips.xlsx"); - try (InputStream inputStream = new FileInputStream(templatePath)) { + String templatePath = Context.getConfig().getString("report.templatesPath", + "templates/export/"); + try (InputStream inputStream = new FileInputStream(templatePath + "/trips.xlsx")) { org.jxls.common.Context jxlsContext = PoiTransformer.createInitialContext(); jxlsContext.putVar("devices", devicesTrips); jxlsContext.putVar("sheetNames", sheetNames); -- cgit v1.2.3