seg_yinzy
/
myems
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added access control to email message in api and admin

pull/90/head
13621160019@163.com 2021-12-04 19:52:12 +08:00
parent 3ec50fab0d
commit 3e536d503e
6 changed files with 125 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
admin/app/controllers/fdd/emailmessage/emailmessage.controller.js
View File

@ -1,9 +1,14 @@
'use strict';
app.controller('EmailMessageController', function($scope, $timeout,$translate,
app.controller('EmailMessageController', function(
$scope,
$window,
$timeout,
$translate,
EmailMessageAnalysisService,
toaster, SweetAlert) {
toaster,
SweetAlert) {
$scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user"));
$scope.$on('handleBroadcastEmailMessageOptionChanged', function (event, data) {
if (angular.isDefined(data.load)) {
$scope.tabledata = [];
@ -34,7 +39,8 @@ app.controller('EmailMessageController', function($scope, $timeout,$translate,
},
function(isConfirm) {
if (isConfirm) {
EmailMessageAnalysisService.deleteEmailMessage(emailmessage, function(response) {
let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
EmailMessageAnalysisService.deleteEmailMessage(emailmessage, headers, function(response) {
if (angular.isDefined(response.status) && response.status === 204) {
toaster.pop({
type: "success",
@ -50,11 +56,11 @@ app.controller('EmailMessageController', function($scope, $timeout,$translate,
body: $translate.instant(response.data.description),
showCloseButton: true,
});
}
});
}
});
}
);
};
});

12
admin/app/controllers/fdd/emailmessage/emailmessageoption.controller.js
View File

@ -1,7 +1,11 @@
'use strict';
app.controller('EmailMessageOptionController', function($scope, $timeout,
app.controller('EmailMessageOptionController', function(
$scope,
$window,
$timeout,
EmailMessageAnalysisService) {
$scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user"));
$scope.daterange = {
startDate: moment().subtract(7,'days'),
endDate: moment()
@ -18,13 +22,11 @@ app.controller('EmailMessageOptionController', function($scope, $timeout,
applyLabel: "OK",
cancelLabel: "Cancel",
},
eventHandlers:{
'apply.daterangepicker':function(ev,picker){
//$scope.execute();
}
}
};
$scope.execute = function() {
@ -37,8 +39,8 @@ app.controller('EmailMessageOptionController', function($scope, $timeout,
load: true,
period:$scope.currentPeriod
});
EmailMessageAnalysisService.getAnalysisResult(query, function(response) {
let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
EmailMessageAnalysisService.getAnalysisResult(query, headers, function(response) {
if (angular.isDefined(response.status) && response.status === 200) {
$scope.$emit('handleEmitEmailMessageOptionChanged', response.data);
}

10
admin/app/services/fdd/emailmessageanalysis.service.js
View File

@ -2,10 +2,8 @@
app.factory('EmailMessageAnalysisService', function($http) {
return {
getAnalysisResult: function(query,callback) {
var base="emailmessages";
var url=base+"/from/"+query.datestart+"/to/"+query.dateend;
$http.get(getAPI()+url)
getAnalysisResult: function(query, headers, callback) {
$http.get(getAPI()+"emailmessages"+"/from/"+query.datestart+"/to/"+query.dateend, {headers})
.then(function (response) {
callback(response);
}, function (response) {
@ -13,8 +11,8 @@ app.factory('EmailMessageAnalysisService', function($http) {
});
},
deleteEmailMessage: function(emailmessage, callback) {
$http.delete(getAPI()+'emailmessages/'+emailmessage.id)
deleteEmailMessage: function(emailmessage, headers, callback) {
$http.delete(getAPI()+'emailmessages/'+emailmessage.id, {headers})
.then(function (response) {
callback(response);
}, function (response) {

113
myems-api/MyEMS.postman_collection.json
View File

@ -1816,21 +1816,34 @@
"name": "Email Message",
"item": [
{
"name": "GET Email Messages from Startdate to Enddate",
"name": "GET Email Messages by Date Range",
"request": {
"method": "GET",
"header": [],
"header": [
{
"key": "User-UUID",
"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
"type": "text",
"description": "Any admin users' UUID"
},
{
"key": "Token",
"value": "592641a558bc1724c4b75bd80d7d37b9b6a441b9b2231e3a5b2843b1f1e4f6864608ca97c4db00c94012b3406bf0c45cf231b789d2f551c1d420aa4de09f75cd",
"type": "text",
"description": "Login to get a valid token"
}
],
"url": {
"raw": "{{base_url}}/emailmessages/from/2020-04-01/to/2020-05-01",
"raw": "{{base_url}}/emailmessages/from/2021-12-01/to/2021-12-31",
"host": [
"{{base_url}}"
],
"path": [
"emailmessages",
"from",
"2020-04-01",
"2021-12-01",
"to",
"2020-05-01"
"2021-12-31"
],
"query": [
{
@ -1847,7 +1860,20 @@
"name": "GET an Email Message by ID",
"request": {
"method": "GET",
"header": [],
"header": [
{
"key": "User-UUID",
"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
"type": "text",
"description": "Any admin users' UUID"
},
{
"key": "Token",
"value": "592641a558bc1724c4b75bd80d7d37b9b6a441b9b2231e3a5b2843b1f1e4f6864608ca97c4db00c94012b3406bf0c45cf231b789d2f551c1d420aa4de09f75cd",
"type": "text",
"description": "Login to get a valid token"
}
],
"url": {
"raw": "{{base_url}}/emailmessages/1",
"host": [
@ -1865,7 +1891,20 @@
"name": "POST Create New Email Message TODO",
"request": {
"method": "POST",
"header": [],
"header": [
{
"key": "User-UUID",
"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
"type": "text",
"description": "Any admin users' UUID"
},
{
"key": "Token",
"value": "592641a558bc1724c4b75bd80d7d37b9b6a441b9b2231e3a5b2843b1f1e4f6864608ca97c4db00c94012b3406bf0c45cf231b789d2f551c1d420aa4de09f75cd",
"type": "text",
"description": "Login to get a valid token"
}
],
"url": {
"raw": "{{base_url}}/emailmessages",
"host": [
@ -1882,7 +1921,20 @@
"name": "PUT Update an Email Message TODO",
"request": {
"method": "PUT",
"header": [],
"header": [
{
"key": "User-UUID",
"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
"type": "text",
"description": "Any admin users' UUID"
},
{
"key": "Token",
"value": "592641a558bc1724c4b75bd80d7d37b9b6a441b9b2231e3a5b2843b1f1e4f6864608ca97c4db00c94012b3406bf0c45cf231b789d2f551c1d420aa4de09f75cd",
"type": "text",
"description": "Login to get a valid token"
}
],
"url": {
"raw": ""
}
@ -1893,7 +1945,20 @@
"name": "DELETE an Email Message by ID",
"request": {
"method": "DELETE",
"header": [],
"header": [
{
"key": "User-UUID",
"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
"type": "text",
"description": "Any admin users' UUID"
},
{
"key": "Token",
"value": "592641a558bc1724c4b75bd80d7d37b9b6a441b9b2231e3a5b2843b1f1e4f6864608ca97c4db00c94012b3406bf0c45cf231b789d2f551c1d420aa4de09f75cd",
"type": "text",
"description": "Login to get a valid token"
}
],
"url": {
"raw": "{{base_url}}/emailmessages/2",
"host": [
@ -4651,12 +4716,14 @@
{
"key": "User-UUID",
"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
"type": "text"
"type": "text",
"description": "Any admin users' UUID"
},
{
"key": "Token",
"value": "e713a4845a2f936eef1dca4314e7fad875b898854c56b4c5176d219f5ee19a0831d2ee67c63b17c2f2a49474d090cccb024f98a797d96571bc61027cbe1995af",
"type": "text"
"type": "text",
"description": "Login to get a valid token"
}
],
"body": {
@ -4683,12 +4750,14 @@
{
"key": "User-UUID",
"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
"type": "text"
"type": "text",
"description": "Any admin users' UUID"
},
{
"key": "Token",
"value": "e713a4845a2f936eef1dca4314e7fad875b898854c56b4c5176d219f5ee19a0831d2ee67c63b17c2f2a49474d090cccb024f98a797d96571bc61027cbe1995af",
"type": "text"
"type": "text",
"description": "Login to get a valid token"
}
],
"body": {
@ -4716,12 +4785,14 @@
{
"key": "User-UUID",
"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
"type": "text"
"type": "text",
"description": "Any admin users' UUID"
},
{
"key": "Token",
"value": "e713a4845a2f936eef1dca4314e7fad875b898854c56b4c5176d219f5ee19a0831d2ee67c63b17c2f2a49474d090cccb024f98a797d96571bc61027cbe1995af",
"type": "text"
"type": "text",
"description": "Login to get a valid token"
}
],
"url": {
@ -4745,12 +4816,14 @@
{
"key": "User-UUID",
"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
"type": "text"
"type": "text",
"description": "Any admin users' UUID"
},
{
"key": "Token",
"value": "e713a4845a2f936eef1dca4314e7fad875b898854c56b4c5176d219f5ee19a0831d2ee67c63b17c2f2a49474d090cccb024f98a797d96571bc61027cbe1995af",
"type": "text"
"type": "text",
"description": "Login to get a valid token"
}
],
"body": {
@ -4798,12 +4871,14 @@
{
"key": "User-UUID",
"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
"type": "text"
"type": "text",
"description": "Any admin users' UUID"
},
{
"key": "Token",
"value": "e713a4845a2f936eef1dca4314e7fad875b898854c56b4c5176d219f5ee19a0831d2ee67c63b17c2f2a49474d090cccb024f98a797d96571bc61027cbe1995af",
"type": "text"
"type": "text",
"description": "Login to get a valid token"
}
],
"url": {

6
myems-api/README.md
View File

@ -504,11 +504,11 @@ Result in JSON
| status | string | Status ('new', 'sent', 'timeout' |
```bash
curl -i -X GET {{base_url}}/emailmessages/{id}
curl -i -H "User-UUID: 793f1bb4-6e25-4242-8cdc-2f662b25484f" -H "Token: GET-TOKEN-AFTER-LOGIN" -X GET {{base_url}}/emailmessages/{id}
```
* GET Email Messages from Startdate to Enddate
* GET Email Messages by Date Range
```bash
curl -i -X GET {{base_url}}/emailmessages/from/{startdate}/to/{enddate}
curl -i -H "User-UUID: 793f1bb4-6e25-4242-8cdc-2f662b25484f" -H "Token: GET-TOKEN-AFTER-LOGIN" -X GET {{base_url}}/emailmessages/from/{startdate}/to/{enddate}
```
* DELETE an Email Message by ID
```bash

5
myems-api/core/emailmessage.py
View File

@ -3,7 +3,7 @@ import json
import mysql.connector
import config
from datetime import datetime, timedelta, timezone
from core.useractivity import user_logger
from core.useractivity import user_logger, access_control
class EmailMessageCollection:
@ -18,6 +18,7 @@ class EmailMessageCollection:
@staticmethod
def on_get(req, resp, startdate, enddate):
access_control(req)
try:
start_datetime_local = datetime.strptime(startdate, '%Y-%m-%d')
except Exception:
@ -100,6 +101,7 @@ class EmailMessageItem:
@staticmethod
def on_get(req, resp, id_):
access_control(req)
if not id_.isdigit() or int(id_) <= 0:
raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
description='API.INVALID_EMAIL_MESSAGE_ID')
@ -149,6 +151,7 @@ class EmailMessageItem:
@staticmethod
@user_logger
def on_delete(req, resp, id_):
access_control(req)
if not id_.isdigit() or int(id_) <= 0:
raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
description='API.INVALID_EMAIL_MESSAGE_ID')