seg_yinzy
/
myems
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added access control to sensor

pull/89/head
Caozhenhui 2021-12-03 16:36:48 +08:00
parent fb8284ca52
commit 2eaa8df6c6
5 changed files with 27 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
admin/app/controllers/settings/sensor/sensor.controller.js
View File

@ -1,7 +1,7 @@
'use strict'; 'use strict';
app.controller('SensorController', function($scope, $translate, $uibModal, SensorService, toaster, SweetAlert) { app.controller('SensorController', function($scope, $window, $translate, $uibModal, SensorService, toaster, SweetAlert) {
$scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user"));
$scope.getAllSensors = function() { $scope.getAllSensors = function() {
SensorService.getAllSensors(function (response) { SensorService.getAllSensors(function (response) {
if (angular.isDefined(response.status) && response.status === 200) { if (angular.isDefined(response.status) && response.status === 200) {
@ -27,7 +27,9 @@ app.controller('SensorController', function($scope, $translate, $uibModal, Sens
} }
}); });
modalInstance.result.then(function(sensor) { modalInstance.result.then(function(sensor) {
SensorService.addSensor(sensor, function (response) { let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
SensorService.addSensor(sensor, {headers},
function (response) {
if (angular.isDefined(response.status) && response.status === 201) { if (angular.isDefined(response.status) && response.status === 201) {
toaster.pop({ toaster.pop({
type: "success", type: "success",
@ -67,7 +69,8 @@ app.controller('SensorController', function($scope, $translate, $uibModal, Sens
}); });
modalInstance.result.then(function(modifiedSensor) { modalInstance.result.then(function(modifiedSensor) {
SensorService.editSensor(modifiedSensor, function (response) { let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
SensorService.editSensor(modifiedSensor, {headers}, function (response) {
if (angular.isDefined(response.status) && response.status === 200) { if (angular.isDefined(response.status) && response.status === 200) {
toaster.pop({ toaster.pop({
type: "success", type: "success",
@ -105,7 +108,8 @@ app.controller('SensorController', function($scope, $translate, $uibModal, Sens
}, },
function(isConfirm) { function(isConfirm) {
if (isConfirm) { if (isConfirm) {
SensorService.deleteSensor(sensor, function (response) { let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
SensorService.deleteSensor(sensor, {headers}, function (response) {
if (angular.isDefined(response.status) && response.status === 204) { if (angular.isDefined(response.status) && response.status === 204) {
toaster.pop({ toaster.pop({
type: "success", type: "success",

6
admin/app/controllers/settings/sensor/sensorpoint.controller.js
View File

@ -80,7 +80,8 @@ app.controller('SensorPointController', function (
$scope.pairPoint = function (dragEl, dropEl) { $scope.pairPoint = function (dragEl, dropEl) {
var pointid = angular.element('#' + dragEl).scope().point.id; var pointid = angular.element('#' + dragEl).scope().point.id;
var sensorid = $scope.currentSensor.id; var sensorid = $scope.currentSensor.id;
SensorPointService.addPair(sensorid, pointid, function (response) { let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
SensorPointService.addPair(sensorid, pointid, {headers}, function (response) {
if (angular.isDefined(response.status) && response.status === 201) { if (angular.isDefined(response.status) && response.status === 201) {
toaster.pop({ toaster.pop({
type: "success", type: "success",
@ -106,7 +107,8 @@ app.controller('SensorPointController', function (
} }
var sensorpointid = angular.element('#' + dragEl).scope().sensorpoint.id; var sensorpointid = angular.element('#' + dragEl).scope().sensorpoint.id;
var sensorid = $scope.currentSensor.id; var sensorid = $scope.currentSensor.id;
SensorPointService.deletePair(sensorid, sensorpointid, function (response) { let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
SensorPointService.deletePair(sensorid, sensorpointid, {headers}, function (response) {
if (angular.isDefined(response.status) && response.status === 204) { if (angular.isDefined(response.status) && response.status === 204) {
toaster.pop({ toaster.pop({
type: "success", type: "success",

12
admin/app/services/settings/sensor/sensor.service.js
View File

@ -17,24 +17,24 @@ app.factory('SensorService', function($http) {
callback(response); callback(response);
}); });
}, },
addSensor: function(sensor, callback) { addSensor: function(sensor, headers, callback) {
$http.post(getAPI()+'sensors',{data:sensor}) $http.post(getAPI()+'sensors',{data:sensor}, {headers})
.then(function (response) { .then(function (response) {
callback(response); callback(response);
}, function (response) { }, function (response) {
callback(response); callback(response);
}); });
}, },
editSensor: function(sensor, callback) { editSensor: function(sensor, headers, callback) {
$http.put(getAPI()+'sensors/'+sensor.id,{data:sensor}) $http.put(getAPI()+'sensors/'+sensor.id,{data:sensor}, {headers})
.then(function (response) { .then(function (response) {
callback(response); callback(response);
}, function (response) { }, function (response) {
callback(response); callback(response);
}); });
}, },
deleteSensor: function(sensor, callback) { deleteSensor: function(sensor, headers, callback) {
$http.delete(getAPI()+'sensors/'+sensor.id) $http.delete(getAPI()+'sensors/'+sensor.id, {headers})
.then(function (response) { .then(function (response) {
callback(response); callback(response);
}, function (response) { }, function (response) {

4
admin/app/services/settings/sensor/sensorpoint.service.js
View File

@ -1,7 +1,7 @@
'use strict'; 'use strict';
app.factory('SensorPointService', function($http) { app.factory('SensorPointService', function($http) {
return { return {
addPair: function(sensorID,pointID,callback) { addPair: function(sensorID,pointID, headers, callback) {
$http.post(getAPI()+'sensors/'+sensorID+'/points',{data:{'point_id':pointID}}) $http.post(getAPI()+'sensors/'+sensorID+'/points',{data:{'point_id':pointID}})
.then(function (response) { .then(function (response) {
callback(response); callback(response);
@ -10,7 +10,7 @@ app.factory('SensorPointService', function($http) {
}); });
}, },
deletePair: function(sensorID,pointID, callback) { deletePair: function(sensorID,pointID, headers, callback) {
$http.delete(getAPI()+'sensors/'+sensorID+'/points/'+pointID) $http.delete(getAPI()+'sensors/'+sensorID+'/points/'+pointID)
.then(function (response) { .then(function (response) {
callback(response); callback(response);

7
myems-api/core/sensor.py
View File

@ -3,7 +3,7 @@ import simplejson as json
import mysql.connector import mysql.connector
import config import config
import uuid import uuid
from core.useractivity import user_logger from core.useractivity import user_logger, access_control
class SensorCollection: class SensorCollection:
@ -44,6 +44,7 @@ class SensorCollection:
@user_logger @user_logger
def on_post(req, resp): def on_post(req, resp):
"""Handles POST requests""" """Handles POST requests"""
access_control(req)
try: try:
raw_json = req.stream.read().decode('utf-8') raw_json = req.stream.read().decode('utf-8')
except Exception as ex: except Exception as ex:
@ -133,6 +134,7 @@ class SensorItem:
@staticmethod @staticmethod
@user_logger @user_logger
def on_delete(req, resp, id_): def on_delete(req, resp, id_):
access_control(req)
if not id_.isdigit() or int(id_) <= 0: if not id_.isdigit() or int(id_) <= 0:
raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
description='API.INVALID_SENSOR_ID') description='API.INVALID_SENSOR_ID')
@ -209,6 +211,7 @@ class SensorItem:
@user_logger @user_logger
def on_put(req, resp, id_): def on_put(req, resp, id_):
"""Handles PUT requests""" """Handles PUT requests"""
access_control(req)
try: try:
raw_json = req.stream.read().decode('utf-8') raw_json = req.stream.read().decode('utf-8')
except Exception as ex: except Exception as ex:
@ -320,6 +323,7 @@ class SensorPointCollection:
@user_logger @user_logger
def on_post(req, resp, id_): def on_post(req, resp, id_):
"""Handles POST requests""" """Handles POST requests"""
access_control(req)
try: try:
raw_json = req.stream.read().decode('utf-8') raw_json = req.stream.read().decode('utf-8')
except Exception as ex: except Exception as ex:
@ -387,6 +391,7 @@ class SensorPointItem:
@staticmethod @staticmethod
@user_logger @user_logger
def on_delete(req, resp, id_, pid): def on_delete(req, resp, id_, pid):
access_control(req)
if not id_.isdigit() or int(id_) <= 0: if not id_.isdigit() or int(id_) <= 0:
raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
description='API.INVALID_SENSOR_ID') description='API.INVALID_SENSOR_ID')