diff --git a/admin/app/controllers/settings/energyflowdiagram/energyflowdiagramlink.controller.js b/admin/app/controllers/settings/energyflowdiagram/energyflowdiagramlink.controller.js index 2849bd9d..330aadfa 100644 --- a/admin/app/controllers/settings/energyflowdiagram/energyflowdiagramlink.controller.js +++ b/admin/app/controllers/settings/energyflowdiagram/energyflowdiagramlink.controller.js @@ -1,6 +1,18 @@ 'use strict'; -app.controller('EnergyFlowDiagramLinkController', function($scope,$uibModal, $translate, MeterService, VirtualMeterService, OfflineMeterService, EnergyFlowDiagramLinkService, EnergyFlowDiagramService, EnergyFlowDiagramNodeService, toaster,SweetAlert) { +app.controller('EnergyFlowDiagramLinkController', function( + $scope, + $window, + $uibModal, + $translate, + MeterService, + VirtualMeterService, + OfflineMeterService, + EnergyFlowDiagramLinkService, + EnergyFlowDiagramService, + EnergyFlowDiagramNodeService, + toaster, + SweetAlert) { $scope.currentEnergyFlowDiagram = {selected:undefined}; $scope.is_show_add_link = false; $scope.energyflowdiagrams = []; @@ -10,7 +22,7 @@ app.controller('EnergyFlowDiagramLinkController', function($scope,$uibModal, $tr $scope.offlinemeters = []; $scope.virtualmeters = []; $scope.mergedMeters = []; - + $scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user")); $scope.getAllEnergyFlowDiagrams = function() { EnergyFlowDiagramService.getAllEnergyFlowDiagrams(function (response) { if (angular.isDefined(response.status) && response.status === 200) { @@ -77,8 +89,8 @@ app.controller('EnergyFlowDiagramLinkController', function($scope,$uibModal, $tr if (energyflowdiagramlink.meter != null) { energyflowdiagramlink.meter_uuid = energyflowdiagramlink.meter.uuid; } - - EnergyFlowDiagramLinkService.addEnergyFlowDiagramLink(energyflowdiagramid, energyflowdiagramlink, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + EnergyFlowDiagramLinkService.addEnergyFlowDiagramLink(energyflowdiagramid, energyflowdiagramlink, headers, function (response) { if (angular.isDefined(response.status) && response.status === 201) { toaster.pop({ type: "success", @@ -128,7 +140,8 @@ app.controller('EnergyFlowDiagramLinkController', function($scope,$uibModal, $tr if (modifiedEnergyFlowDiagramLink.meter != null) { modifiedEnergyFlowDiagramLink.meter_uuid = modifiedEnergyFlowDiagramLink.meter.uuid; } - EnergyFlowDiagramLinkService.editEnergyFlowDiagramLink($scope.currentEnergyFlowDiagram.id, modifiedEnergyFlowDiagramLink, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + EnergyFlowDiagramLinkService.editEnergyFlowDiagramLink($scope.currentEnergyFlowDiagram.id, modifiedEnergyFlowDiagramLink, headers, function (response) { if (angular.isDefined(response.status) && response.status === 200) { toaster.pop({ type: "success", @@ -166,7 +179,8 @@ app.controller('EnergyFlowDiagramLinkController', function($scope,$uibModal, $tr }, function(isConfirm) { if (isConfirm) { - EnergyFlowDiagramLinkService.deleteEnergyFlowDiagramLink($scope.currentEnergyFlowDiagram.id, energyflowdiagramlink.id, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + EnergyFlowDiagramLinkService.deleteEnergyFlowDiagramLink($scope.currentEnergyFlowDiagram.id, energyflowdiagramlink.id, headers, function (response) { if (angular.isDefined(response.status) && response.status === 204) { toaster.pop({ type: "success", diff --git a/admin/app/controllers/settings/energyflowdiagram/energyflowdiagramnode.controller.js b/admin/app/controllers/settings/energyflowdiagram/energyflowdiagramnode.controller.js index fae5cfe7..bae48548 100644 --- a/admin/app/controllers/settings/energyflowdiagram/energyflowdiagramnode.controller.js +++ b/admin/app/controllers/settings/energyflowdiagram/energyflowdiagramnode.controller.js @@ -1,10 +1,18 @@ 'use strict'; -app.controller('EnergyFlowDiagramNodeController', function($scope, $translate, $uibModal, EnergyFlowDiagramService, EnergyFlowDiagramNodeService, toaster,SweetAlert) { +app.controller('EnergyFlowDiagramNodeController', function( + $scope, + $window, + $translate, + $uibModal, + EnergyFlowDiagramService, + EnergyFlowDiagramNodeService, + toaster, + SweetAlert) { $scope.energyflowdiagrams = []; $scope.energyflowdiagramnodes = []; $scope.currentEnergyFlowDiagram = null; - + $scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user")); $scope.getAllEnergyFlowDiagrams = function() { EnergyFlowDiagramService.getAllEnergyFlowDiagrams(function (response) { if (angular.isDefined(response.status) && response.status === 200) { @@ -48,8 +56,8 @@ app.controller('EnergyFlowDiagramNodeController', function($scope, $translate, $ }); modalInstance.result.then(function(energyflowdiagramnode) { var energyflowdiagramid = $scope.currentEnergyFlowDiagram.id; - - EnergyFlowDiagramNodeService.addEnergyFlowDiagramNode(energyflowdiagramid, energyflowdiagramnode, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + EnergyFlowDiagramNodeService.addEnergyFlowDiagramNode(energyflowdiagramid, energyflowdiagramnode, headers, function (response) { if (angular.isDefined(response.status) && response.status === 201) { toaster.pop({ type: "success", @@ -88,7 +96,8 @@ app.controller('EnergyFlowDiagramNodeController', function($scope, $translate, $ }); modalInstance.result.then(function(modifiedEnergyFlowDiagramNode) { - EnergyFlowDiagramNodeService.editEnergyFlowDiagramNode($scope.currentEnergyFlowDiagram.id, modifiedEnergyFlowDiagramNode, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + EnergyFlowDiagramNodeService.editEnergyFlowDiagramNode($scope.currentEnergyFlowDiagram.id, modifiedEnergyFlowDiagramNode, headers, function (response) { if (angular.isDefined(response.status) && response.status === 200) { toaster.pop({ type: "success", @@ -126,7 +135,8 @@ app.controller('EnergyFlowDiagramNodeController', function($scope, $translate, $ }, function(isConfirm) { if (isConfirm) { - EnergyFlowDiagramNodeService.deleteEnergyFlowDiagramNode($scope.currentEnergyFlowDiagram.id, energyflowdiagramnode.id, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + EnergyFlowDiagramNodeService.deleteEnergyFlowDiagramNode($scope.currentEnergyFlowDiagram.id, energyflowdiagramnode.id, headers, function (response) { if (angular.isDefined(response.status) && response.status === 204) { toaster.pop({ type: "success", diff --git a/admin/app/services/settings/energyflowdiagram/energyflowdiagramlink.service.js b/admin/app/services/settings/energyflowdiagram/energyflowdiagramlink.service.js index 511fb04a..0709c60b 100644 --- a/admin/app/services/settings/energyflowdiagram/energyflowdiagramlink.service.js +++ b/admin/app/services/settings/energyflowdiagram/energyflowdiagramlink.service.js @@ -10,16 +10,16 @@ app.factory('EnergyFlowDiagramLinkService', function($http) { callback(response); }); }, - addEnergyFlowDiagramLink: function(energyflowdiagramID, energyflowdiagramlink, callback) { - $http.post(getAPI()+'energyflowdiagrams/'+energyflowdiagramID+'/links',{data:energyflowdiagramlink}) + addEnergyFlowDiagramLink: function(energyflowdiagramID, energyflowdiagramlink, headers, callback) { + $http.post(getAPI()+'energyflowdiagrams/'+energyflowdiagramID+'/links',{data:energyflowdiagramlink}, {headers}) .then(function (response) { callback(response); }, function (response) { callback(response); }); }, - editEnergyFlowDiagramLink: function(energyflowdiagramID,energyflowdiagramlink,callback) { - $http.put(getAPI()+'energyflowdiagrams/'+energyflowdiagramID+'/links/'+energyflowdiagramlink.id,{data:energyflowdiagramlink}) + editEnergyFlowDiagramLink: function(energyflowdiagramID, energyflowdiagramlink, headers, callback) { + $http.put(getAPI()+'energyflowdiagrams/'+energyflowdiagramID+'/links/'+energyflowdiagramlink.id,{data:energyflowdiagramlink}, {headers}) .then(function (response) { callback(response); }, function (response) { @@ -27,8 +27,8 @@ app.factory('EnergyFlowDiagramLinkService', function($http) { }); }, - deleteEnergyFlowDiagramLink: function(energyflowdiagramID, linkID, callback) { - $http.delete(getAPI()+'energyflowdiagrams/'+energyflowdiagramID+'/links/'+linkID) + deleteEnergyFlowDiagramLink: function(energyflowdiagramID, linkID, headers, callback) { + $http.delete(getAPI()+'energyflowdiagrams/'+energyflowdiagramID+'/links/'+linkID, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/admin/app/services/settings/energyflowdiagram/energyflowdiagramnode.service.js b/admin/app/services/settings/energyflowdiagram/energyflowdiagramnode.service.js index b9d69a7f..4786ec09 100644 --- a/admin/app/services/settings/energyflowdiagram/energyflowdiagramnode.service.js +++ b/admin/app/services/settings/energyflowdiagram/energyflowdiagramnode.service.js @@ -9,16 +9,16 @@ app.factory('EnergyFlowDiagramNodeService', function($http) { callback(response); }); }, - addEnergyFlowDiagramNode: function(energyflowdiagramID, energyflowdiagramnode,callback) { - $http.post(getAPI()+'energyflowdiagrams/'+energyflowdiagramID+'/nodes',{data:energyflowdiagramnode}) + addEnergyFlowDiagramNode: function(energyflowdiagramID, energyflowdiagramnode, headers, callback) { + $http.post(getAPI()+'energyflowdiagrams/'+energyflowdiagramID+'/nodes',{data:energyflowdiagramnode}, {headers}) .then(function (response) { callback(response); }, function (response) { callback(response); }); }, - editEnergyFlowDiagramNode: function(energyflowdiagramID,energyflowdiagramnode,callback) { - $http.put(getAPI()+'energyflowdiagrams/'+energyflowdiagramID+'/nodes/'+energyflowdiagramnode.id,{data:energyflowdiagramnode}) + editEnergyFlowDiagramNode: function(energyflowdiagramID, energyflowdiagramnode, headers, callback) { + $http.put(getAPI()+'energyflowdiagrams/'+energyflowdiagramID+'/nodes/'+energyflowdiagramnode.id,{data:energyflowdiagramnode}, {headers}) .then(function (response) { callback(response); }, function (response) { @@ -26,8 +26,8 @@ app.factory('EnergyFlowDiagramNodeService', function($http) { }); }, - deleteEnergyFlowDiagramNode: function(energyflowdiagramID, nodeID, callback) { - $http.delete(getAPI()+'energyflowdiagrams/'+energyflowdiagramID+'/nodes/'+nodeID) + deleteEnergyFlowDiagramNode: function(energyflowdiagramID, nodeID, headers, callback) { + $http.delete(getAPI()+'energyflowdiagrams/'+energyflowdiagramID+'/nodes/'+nodeID, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/myems-api/README.md b/myems-api/README.md index 1832f4d0..262bdef5 100644 --- a/myems-api/README.md +++ b/myems-api/README.md @@ -620,15 +620,15 @@ curl -i -X GET {{base_url}}/energyflowdiagrams/{id}/nodes ``` * POST Create a Node of an Energy Flow Diagram ```bash -curl -i -H "Content-Type: application/json" -X POST -d '{"data":{"name":"10KV#1"}}' {{base_url}}/energyflowdiagrams/{id}/nodes +curl -i -H "Content-Type: application/json" -H "User-UUID: dcdb67d1-6116-4987-916f-6fc6cf2bc0e4" -H "Token: GET-TOKEN-AFTER-LOGIN" -X POST -d '{"data":{"name":"10KV#1"}}' {{base_url}}/energyflowdiagrams/{id}/nodes ``` * PUT Update a Node of an Energy Flow Diagram ```bash -curl -i -H "Content-Type: application/json" -X POST -d '{"data":{"name":"10KV#2"}}' {{base_url}}/energyflowdiagrams/{id}/nodes/{nid} +curl -i -H "Content-Type: application/json" -H "User-UUID: dcdb67d1-6116-4987-916f-6fc6cf2bc0e4" -H "Token: GET-TOKEN-AFTER-LOGIN" -X POST -d '{"data":{"name":"10KV#2"}}' {{base_url}}/energyflowdiagrams/{id}/nodes/{nid} ``` * DELETE a Node of an Energy Flow Diagram ```bash -curl -i -X DELETE {{base_url}}/energyflowdiagrams/{id}/nodes/{nid} +curl -i -H "User-UUID: dcdb67d1-6116-4987-916f-6fc6cf2bc0e4" -H "Token: GET-TOKEN-AFTER-LOGIN" -X DELETE {{base_url}}/energyflowdiagrams/{id}/nodes/{nid} ``` * GET All Links of an Energy Flow Diagram by ID ```bash @@ -636,15 +636,15 @@ curl -i -X GET {{base_url}}/energyflowdiagrams/{id}/links ``` * POST Create a Link of an Energy Flow Diagram ```bash -curl -i -H "Content-Type: application/json" -X POST -d '{"data":{"source_node_id":1, "target_node_id":3, "meter_uuid":"d806a78d-a31e-4833-b5c8-81261cfeb1f2"}}' {{base_url}}/energyflowdiagrams/{id}/links +curl -i -H "Content-Type: application/json" -H "User-UUID: dcdb67d1-6116-4987-916f-6fc6cf2bc0e4" -H "Token: GET-TOKEN-AFTER-LOGIN" -X POST -d '{"data":{"source_node_id":1, "target_node_id":3, "meter_uuid":"d806a78d-a31e-4833-b5c8-81261cfeb1f2"}}' {{base_url}}/energyflowdiagrams/{id}/links ``` * PUT Update a Link of an Energy Flow Diagram ```bash -curl -i -H "Content-Type: application/json" -X POST -d '{"data":{"source_node_id":1, "target_node_id":4, "meter_uuid":"d806a78d-a31e-4833-b5c8-81261cfeb1f2"}}' {{base_url}}/energyflowdiagrams/{id}/links/{lid} +curl -i -H "Content-Type: application/json" -H "User-UUID: dcdb67d1-6116-4987-916f-6fc6cf2bc0e4" -H "Token: GET-TOKEN-AFTER-LOGIN" -X POST -d '{"data":{"source_node_id":1, "target_node_id":4, "meter_uuid":"d806a78d-a31e-4833-b5c8-81261cfeb1f2"}}' {{base_url}}/energyflowdiagrams/{id}/links/{lid} ``` * DELETE a Link of an Energy Flow Diagram ```bash -curl -i -X DELETE {{base_url}}/energyflowdiagrams/{id}/links/{lid} +curl -i -H "User-UUID: dcdb67d1-6116-4987-916f-6fc6cf2bc0e4" -H "Token: GET-TOKEN-AFTER-LOGIN" -X DELETE {{base_url}}/energyflowdiagrams/{id}/links/{lid} ``` ### Energy Item diff --git a/myems-api/core/energyflowdiagram.py b/myems-api/core/energyflowdiagram.py index fa4f9304..6eaa9b79 100644 --- a/myems-api/core/energyflowdiagram.py +++ b/myems-api/core/energyflowdiagram.py @@ -480,6 +480,7 @@ class EnergyFlowDiagramLinkCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_ENERGY_FLOW_DIAGRAM_ID') @@ -723,6 +724,7 @@ class EnergyFlowDiagramLinkItem: @staticmethod @user_logger def on_delete(req, resp, id_, lid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_ENERGY_FLOW_DIAGRAM_ID') @@ -771,6 +773,7 @@ class EnergyFlowDiagramLinkItem: @user_logger def on_put(req, resp, id_, lid): """Handles PUT requests""" + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_ENERGY_FLOW_DIAGRAM_ID') @@ -977,6 +980,7 @@ class EnergyFlowDiagramNodeCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_ENERGY_FLOW_DIAGRAM_ID') @@ -1072,6 +1076,7 @@ class EnergyFlowDiagramNodeItem: @staticmethod @user_logger def on_delete(req, resp, id_, nid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_ENERGY_FLOW_DIAGRAM_ID') @@ -1120,6 +1125,7 @@ class EnergyFlowDiagramNodeItem: @user_logger def on_put(req, resp, id_, nid): """Handles PUT requests""" + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_ENERGY_FLOW_DIAGRAM_ID')