seg_yinzy
/
myems
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added access control to EnergyItem

pull/84/head
Caozhenhui 2021-11-30 10:00:38 +08:00
parent dfec9a8fc0
commit 16c7e858fb
5 changed files with 21 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
admin/app/controllers/settings/category/energyitem.controller.js
View File

@ -1,6 +1,7 @@
'use strict'; 'use strict';
app.controller('EnergyItemController', function($scope, $translate,$uibModal, CategoryService, EnergyItemService, toaster,SweetAlert) { app.controller('EnergyItemController', function($scope, $translate,$uibModal, CategoryService, EnergyItemService, toaster,SweetAlert) {
$scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user"));
$scope.getAllCategories = function() { $scope.getAllCategories = function() {
CategoryService.getAllCategories(function (response) { CategoryService.getAllCategories(function (response) {
if (angular.isDefined(response.status) && response.status === 200) { if (angular.isDefined(response.status) && response.status === 200) {
@ -38,7 +39,8 @@ app.controller('EnergyItemController', function($scope, $translate,$uibModal, Ca
} }
}); });
modalInstance.result.then(function(energyItem) { modalInstance.result.then(function(energyItem) {
EnergyItemService.addEnergyItem(energyItem, function(response) { let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
EnergyItemService.addEnergyItem(energyItem, headers, function(response) {
if (angular.isDefined(response.status) && response.status === 201) { if (angular.isDefined(response.status) && response.status === 201) {
toaster.pop({ toaster.pop({
type: "success", type: "success",
@ -78,7 +80,8 @@ app.controller('EnergyItemController', function($scope, $translate,$uibModal, Ca
}); });
modalInstance.result.then(function (modifiedEnergyItem) { modalInstance.result.then(function (modifiedEnergyItem) {
EnergyItemService.editEnergyItem(modifiedEnergyItem, function (response){ let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
EnergyItemService.editEnergyItem(modifiedEnergyItem, headers, function (response){
if(angular.isDefined(response.status) && response.status === 200){ if(angular.isDefined(response.status) && response.status === 200){
toaster.pop({ toaster.pop({
type: "success", type: "success",
@ -114,7 +117,8 @@ app.controller('EnergyItemController', function($scope, $translate,$uibModal, Ca
closeOnCancel: true }, closeOnCancel: true },
function (isConfirm) { function (isConfirm) {
if (isConfirm) { if (isConfirm) {
EnergyItemService.deleteEnergyItem(energyItem, function (response) { let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
EnergyItemService.deleteEnergyItem(energyItem, headers, function (response) {
if (angular.isDefined(response.status) && response.status === 204) { if (angular.isDefined(response.status) && response.status === 204) {
toaster.pop({ toaster.pop({
type: "success", type: "success",

12
admin/app/services/settings/category/energyitem.service.js
View File

@ -17,24 +17,24 @@ app.factory('EnergyItemService', function($http) {
callback(response); callback(response);
}); });
}, },
addEnergyItem: function(energyItem, callback) { addEnergyItem: function(energyItem, headers, callback) {
$http.post(getAPI()+'energyitems',{data:energyItem}) $http.post(getAPI()+'energyitems',{data:energyItem}, {headers})
.then(function (response) { .then(function (response) {
callback(response); callback(response);
}, function (response) { }, function (response) {
callback(response); callback(response);
}); });
}, },
editEnergyItem: function(energyItem, callback) { editEnergyItem: function(energyItem, headers, callback) {
$http.put(getAPI()+'energyitems/'+energyItem.id,{data:energyItem}) $http.put(getAPI()+'energyitems/'+energyItem.id,{data:energyItem}, {headers})
.then(function (response) { .then(function (response) {
callback(response); callback(response);
}, function (response) { }, function (response) {
callback(response); callback(response);
}); });
}, },
deleteEnergyItem: function(energyItem, callback) { deleteEnergyItem: function(energyItem, headers, callback) {
$http.delete(getAPI()+'energyitems/'+energyItem.id) $http.delete(getAPI()+'energyitems/'+energyItem.id, {headers})
.then(function (response) { .then(function (response) {
callback(response); callback(response);
}, function (response) { }, function (response) {

2
myems-api/MyEMS.postman_collection.json
View File

@ -1,6 +1,6 @@
{ {
"info": { "info": {
"_postman_id": "1a6c20d8-4d7a-49a1-a5e9-3d4261ba0505", "_postman_id": "36fe4322-48fb-414c-8328-665d2872c2b7",
"name": "MyEMS", "name": "MyEMS",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json" "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
}, },

6
myems-api/README.md
View File

@ -669,15 +669,15 @@ curl -i -X GET {{base_url}}/energyitems
``` ```
* DELETE an Energy Item by ID * DELETE an Energy Item by ID
```bash ```bash
curl -i -X DELETE {{base_url}}/energyitems/{id} curl -i -H "User-UUID: dcdb67d1-6116-4987-916f-6fc6cf2bc0e4" -H "Token: GET-TOKEN-AFTER-LOGIN" -X DELETE {{base_url}}/energyitems/{id}
``` ```
* POST Create an Energy Item * POST Create an Energy Item
```bash ```bash
curl -i -H "Content-Type: application/json" -X POST -d '{"data":{"name":"空调用电","energy_category_id":1}}' {{base_url}}/energyitems curl -i -H "Content-Type: application/json" -H "User-UUID: dcdb67d1-6116-4987-916f-6fc6cf2bc0e4" -H "Token: GET-TOKEN-AFTER-LOGIN" -X POST -d '{"data":{"name":"空调用电","energy_category_id":1}}' {{base_url}}/energyitems
``` ```
* PUT Update an Energy Item * PUT Update an Energy Item
```bash ```bash
curl -i -H "Content-Type: application/json" -X PUT -d '{"data":{"name":"动力用电","energy_category_id":1}}' {{base_url}}/energyitems/{id} curl -i -H "Content-Type: application/json" -H "User-UUID: dcdb67d1-6116-4987-916f-6fc6cf2bc0e4" -H "Token: GET-TOKEN-AFTER-LOGIN" -X PUT -d '{"data":{"name":"动力用电","energy_category_id":1}}' {{base_url}}/energyitems/{id}
``` ```
### Equipment ### Equipment

5
myems-api/core/energyitem.py
View File

@ -3,7 +3,7 @@ import simplejson as json
import mysql.connector import mysql.connector
import config import config
import uuid import uuid
from core.useractivity import user_logger from core.useractivity import user_logger, access_control
class EnergyItemCollection: class EnergyItemCollection:
@ -55,6 +55,7 @@ class EnergyItemCollection:
@user_logger @user_logger
def on_post(req, resp): def on_post(req, resp):
"""Handles POST requests""" """Handles POST requests"""
access_control(req)
try: try:
raw_json = req.stream.read().decode('utf-8') raw_json = req.stream.read().decode('utf-8')
except Exception as ex: except Exception as ex:
@ -165,6 +166,7 @@ class EnergyItemItem:
@staticmethod @staticmethod
@user_logger @user_logger
def on_delete(req, resp, id_): def on_delete(req, resp, id_):
access_control(req)
if not id_.isdigit() or int(id_) <= 0: if not id_.isdigit() or int(id_) <= 0:
raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
description='API.INVALID_ENERGY_ITEM_ID') description='API.INVALID_ENERGY_ITEM_ID')
@ -225,6 +227,7 @@ class EnergyItemItem:
@user_logger @user_logger
def on_put(req, resp, id_): def on_put(req, resp, id_):
"""Handles PUT requests""" """Handles PUT requests"""
access_control(req)
try: try:
raw_json = req.stream.read().decode('utf-8') raw_json = req.stream.read().decode('utf-8')
except Exception as ex: except Exception as ex: