From ba9551ce3e4a3aade38d5f3b2ac7dee9d022a466 Mon Sep 17 00:00:00 2001 From: Anton Tananaev Date: Mon, 27 Apr 2015 15:15:01 +1200 Subject: Implement permissions manager --- src/org/traccar/Context.java | 8 +++ src/org/traccar/database/DataManager.java | 20 +++---- src/org/traccar/database/PermissionsManager.java | 69 ++++++++++++++++++++++++ src/org/traccar/http/MainServlet.java | 31 +++++------ 4 files changed, 99 insertions(+), 29 deletions(-) create mode 100644 src/org/traccar/database/PermissionsManager.java (limited to 'src/org') diff --git a/src/org/traccar/Context.java b/src/org/traccar/Context.java index c34ceb3a7..af32267c9 100644 --- a/src/org/traccar/Context.java +++ b/src/org/traccar/Context.java @@ -25,6 +25,7 @@ import org.traccar.http.WebServer; import java.io.FileInputStream; import java.util.Properties; +import org.traccar.database.PermissionsManager; public class Context { @@ -52,6 +53,12 @@ public class Context { return dataCache; } + private static PermissionsManager permissionsManager; + + public static PermissionsManager getPermissionsManager() { + return permissionsManager; + } + private static ReverseGeocoder reverseGeocoder; public static ReverseGeocoder getReverseGeocoder() { @@ -84,6 +91,7 @@ public class Context { dataManager = new DataManager(properties); dataCache = new DataCache(dataManager); + permissionsManager = new PermissionsManager(); if (Boolean.parseBoolean(properties.getProperty("geocoder.enable"))) { String type = properties.getProperty("geocoder.type"); diff --git a/src/org/traccar/database/DataManager.java b/src/org/traccar/database/DataManager.java index d53ec7838..f60fd4cb3 100644 --- a/src/org/traccar/database/DataManager.java +++ b/src/org/traccar/database/DataManager.java @@ -364,23 +364,23 @@ public class DataManager { connection.close(); } } - - public List getDeviceList(long userId) throws SQLException { + + public Collection> getPermissions() throws SQLException { Connection connection = dataSource.getConnection(); try { PreparedStatement statement = connection.prepareStatement( - "SELECT id FROM device WHERE id IN (" + - "SELECT device_id FROM user_device WHERE user_id = ?);"); + "SELECT user_id, device_id FROM user_device;"); try { - statement.setLong(1, userId); - - ResultSet resultSet = statement.executeQuery(); + statement.execute(); + ResultSet resultSet = statement.getResultSet(); - List result = new LinkedList(); + List> result = new LinkedList>(); while (resultSet.next()) { - result.add(resultSet.getLong(1)); + result.add(new AbstractMap.SimpleEntry( + resultSet.getLong(1), resultSet.getLong(2))); } + return result; } finally { statement.close(); @@ -389,7 +389,7 @@ public class DataManager { connection.close(); } } - + public JsonArray getDevices(long userId) throws SQLException { Connection connection = dataSource.getConnection(); diff --git a/src/org/traccar/database/PermissionsManager.java b/src/org/traccar/database/PermissionsManager.java new file mode 100644 index 000000000..16ddd336d --- /dev/null +++ b/src/org/traccar/database/PermissionsManager.java @@ -0,0 +1,69 @@ +/* + * Copyright 2015 Anton Tananaev (anton.tananaev@gmail.com) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.traccar.database; + +import java.sql.SQLException; +import java.util.Collection; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Map; +import java.util.Set; +import org.traccar.Context; +import org.traccar.helper.Log; + +public class PermissionsManager { + + private final Map> permissions = new HashMap>(); + + private Set getNotNull(long userId) { + if (!permissions.containsKey(userId)) { + permissions.put(userId, new HashSet()); + } + return permissions.get(userId); + } + + public PermissionsManager() { + refresh(); + } + + public final void refresh() { + permissions.clear(); + try { + for (Map.Entry entry : Context.getDataManager().getPermissions()) { + getNotNull(entry.getKey()).add(entry.getValue()); + } + } catch (SQLException error) { + Log.warning(error); + } + } + + public Collection allowedDevices(long userId) { + return getNotNull(userId); + } + + public void checkDevice(long userId, long deviceId) throws SecurityException { + if (getNotNull(userId).contains(deviceId)) { + throw new SecurityException(); + } + } + + public void checkDevices(long userId, Collection devices) throws SecurityException { + if (getNotNull(userId).containsAll(devices)) { + throw new SecurityException(); + } + } + +} diff --git a/src/org/traccar/http/MainServlet.java b/src/org/traccar/http/MainServlet.java index 65a1bf624..74a3bb3d5 100644 --- a/src/org/traccar/http/MainServlet.java +++ b/src/org/traccar/http/MainServlet.java @@ -16,6 +16,7 @@ package org.traccar.http; import java.io.IOException; +import java.security.Permission; import java.sql.SQLException; import java.util.Collection; import java.util.HashMap; @@ -72,7 +73,7 @@ public class MainServlet extends HttpServlet { private boolean destroyed; private final long userId; - private final List devices; + private final Collection devices; private Timeout sessionTimeout; private Timeout requestTimeout; private final Map positions = new HashMap(); @@ -84,10 +85,17 @@ public class MainServlet extends HttpServlet { } } - public AsyncSession(long userId, List devices) { + public AsyncSession(long userId, Collection devices) { logEvent("create userId: " + userId + " devices: " + devices.size()); this.userId = userId; this.devices = devices; + + Collection initialPositions = Context.getDataCache().getInitialState(devices); + for (Position position : initialPositions) { + positions.put(position.getDeviceId(), position); + } + + Context.getDataCache().addListener(devices, dataListener); } @Override @@ -141,16 +149,6 @@ public class MainServlet extends HttpServlet { } } }; - - public synchronized void init() { - logEvent("init"); - Collection initialPositions = Context.getDataCache().getInitialState(devices); - for (Position position : initialPositions) { - positions.put(position.getDeviceId(), position); - } - - Context.getDataCache().addListener(devices, dataListener); - } public synchronized void request(AsyncContext context) { logEvent("request context: " + context.hashCode()); @@ -207,13 +205,8 @@ public class MainServlet extends HttpServlet { synchronized (asyncSessions) { if (!asyncSessions.containsKey(userId)) { - try { - List devices = Context.getDataManager().getDeviceList(userId); - asyncSessions.put(userId, new AsyncSession(userId, devices)); - } catch (SQLException error) { - Log.warning(error); - } - asyncSessions.get(userId).init(); + Collection devices = Context.getPermissionsManager().allowedDevices(userId); + asyncSessions.put(userId, new AsyncSession(userId, devices)); } asyncSessions.get(userId).request(context); -- cgit v1.2.3