From 7a2d2a3f1de92bbafa63664d4388921e01c1511d Mon Sep 17 00:00:00 2001
From: tianlinzhong <673359306@qq.com>
Date: Mon, 29 Nov 2021 16:07:31 +0800
Subject: [PATCH] menu of access_control

---
 .../settings/menu/menu.controller.js          |  7 +--
 .../services/settings/menu/menu.service.js    |  4 +-
 myems-api/MyEMS.postman_collection.json       | 43 +++++++++++++++++--
 myems-api/core/menu.py                        |  3 +-
 4 files changed, 48 insertions(+), 9 deletions(-)

diff --git a/admin/app/controllers/settings/menu/menu.controller.js b/admin/app/controllers/settings/menu/menu.controller.js
index 13ada957..31689cdd 100644
--- a/admin/app/controllers/settings/menu/menu.controller.js
+++ b/admin/app/controllers/settings/menu/menu.controller.js
@@ -1,10 +1,10 @@
 'use strict';
 
-app.controller('MenuController', function ($scope, $uibModal, MenuService, toaster, $translate) {
+app.controller('MenuController', function ($scope, $window, $uibModal, MenuService, toaster, $translate) {
 	$scope.menus = [];
 	$scope.currentMenu = {};
 	$scope.currentMenuChildren = [];
-
+	$scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user"));
 	$scope.getAllMenus = function () {
 		MenuService.getAllMenus(function (response) {
 			if (angular.isDefined(response.status) && response.status === 200) {
@@ -104,7 +104,8 @@ app.controller('MenuController', function ($scope, $uibModal, MenuService, toast
 		});
 
 		modalInstance.result.then(function (modifiedMenu) {
-			MenuService.editMenu(modifiedMenu, function (response) {
+			let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
+			MenuService.editMenu(modifiedMenu, headers, function (response) {
 				if (angular.isDefined(response.status) && response.status === 200) {
 					toaster.pop({
 						type: "success",
diff --git a/admin/app/services/settings/menu/menu.service.js b/admin/app/services/settings/menu/menu.service.js
index fc0c6505..7d2080bb 100644
--- a/admin/app/services/settings/menu/menu.service.js
+++ b/admin/app/services/settings/menu/menu.service.js
@@ -17,8 +17,8 @@ app.factory('MenuService', function($http) {
                 callback(response);
             });
         },
-        editMenu: function(menu, callback) {
-            $http.put(getAPI()+'menus/'+menu.id,{data:menu})
+        editMenu: function(menu, headers, callback) {
+            $http.put(getAPI()+'menus/'+menu.id, {data:menu}, {headers})
             .then(function (response) {
                 callback(response);
             }, function (response) {
diff --git a/myems-api/MyEMS.postman_collection.json b/myems-api/MyEMS.postman_collection.json
index af45e87a..623bddec 100644
--- a/myems-api/MyEMS.postman_collection.json
+++ b/myems-api/MyEMS.postman_collection.json
@@ -1,6 +1,6 @@
 {
 	"info": {
-		"_postman_id": "edda43bf-7618-4cef-a9dc-b5eb90fde85a",
+		"_postman_id": "27f47263-6e8e-4d74-93a9-0ee9b56eccfc",
 		"name": "MyEMS",
 		"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
 	},
@@ -3214,7 +3214,18 @@
 							"name": "PUT Update a Menu",
 							"request": {
 								"method": "PUT",
-								"header": [],
+								"header": [
+									{
+										"key": "User-UUID",
+										"value": "816be1f0-cf59-4aa4-bf81-a0e90577d416",
+										"type": "text"
+									},
+									{
+										"key": "Token",
+										"value": "fc037979da169499d2c84d9ff838ae2599f1934b2e43872a8dc9da033f4d5811a0ca711595a576dcd6b340ffc3d8a8824630cf04b4e67331a6a82e8ec2dfd155",
+										"type": "text"
+									}
+								],
 								"body": {
 									"mode": "raw",
 									"raw": "{\"data\":{\"is_hidden\":true}}"
@@ -7414,7 +7425,7 @@
 								"header": [],
 								"body": {
 									"mode": "raw",
-									"raw": "{\"data\":{\"email\":\"administrator@myems.io\", \"password\":\"!MyEMS1\"}}"
+									"raw": "{\"data\":{\"email\":\"admin1130@kwh-w.com\", \"password\":\"c2c77a39ab28\"}}"
 								},
 								"url": {
 									"raw": "{{base_url}}/users/login",
@@ -10631,5 +10642,31 @@
 			},
 			"response": []
 		}
+	],
+	"event": [
+		{
+			"listen": "prerequest",
+			"script": {
+				"type": "text/javascript",
+				"exec": [
+					""
+				]
+			}
+		},
+		{
+			"listen": "test",
+			"script": {
+				"type": "text/javascript",
+				"exec": [
+					""
+				]
+			}
+		}
+	],
+	"variable": [
+		{
+			"key": "base_url",
+			"value": "127.0.0.1:8000"
+		}
 	]
 }
\ No newline at end of file
diff --git a/myems-api/core/menu.py b/myems-api/core/menu.py
index 2f620d75..8845ca6b 100644
--- a/myems-api/core/menu.py
+++ b/myems-api/core/menu.py
@@ -2,7 +2,7 @@ import falcon
 import simplejson as json
 import mysql.connector
 import config
-from core.useractivity import user_logger
+from core.useractivity import user_logger, access_control
 
 
 class MenuCollection:
@@ -83,6 +83,7 @@ class MenuItem:
     @user_logger
     def on_put(req, resp, id_):
         """Handles PUT requests"""
+        access_control(req)
         try:
             raw_json = req.stream.read().decode('utf-8')
         except Exception as ex: