diff --git a/admin/app/controllers/settings/shopfloor/shopfloor.controller.js b/admin/app/controllers/settings/shopfloor/shopfloor.controller.js index 8ae47618..f67d9e64 100644 --- a/admin/app/controllers/settings/shopfloor/shopfloor.controller.js +++ b/admin/app/controllers/settings/shopfloor/shopfloor.controller.js @@ -1,7 +1,7 @@ 'use strict'; -app.controller('ShopfloorController', function ($scope, $translate, $uibModal, CostCenterService, ContactService, ShopfloorService, toaster, SweetAlert) { - +app.controller('ShopfloorController', function ($scope, $window, $translate, $uibModal, CostCenterService, ContactService, ShopfloorService, toaster, SweetAlert) { + $scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user")); $scope.getAllCostCenters = function () { CostCenterService.getAllCostCenters(function (response) { if (angular.isDefined(response.status) && response.status === 200) { @@ -53,7 +53,8 @@ app.controller('ShopfloorController', function ($scope, $translate, $uibModal, C if (angular.isDefined(shopfloor.is_input_counted) == false) { shopfloor.is_input_counted = false; } - ShopfloorService.addShopfloor(shopfloor, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + ShopfloorService.addShopfloor(shopfloor, headers, function (response) { if (angular.isDefined(response.status) && response.status === 201) { toaster.pop({ type: "success", @@ -99,7 +100,8 @@ app.controller('ShopfloorController', function ($scope, $translate, $uibModal, C if (angular.isDefined(shopfloor.is_input_counted) == false) { shopfloor.is_input_counted = false; } - ShopfloorService.editShopfloor(modifiedShopfloor, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + ShopfloorService.editShopfloor(modifiedShopfloor, headers, function (response) { if (angular.isDefined(response.status) && response.status === 200) { toaster.pop({ type: "success", @@ -136,7 +138,8 @@ app.controller('ShopfloorController', function ($scope, $translate, $uibModal, C }, function (isConfirm) { if (isConfirm) { - ShopfloorService.deleteShopfloor(shopfloor, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + ShopfloorService.deleteShopfloor(shopfloor, headers, function (response) { if (angular.isDefined(response.status) && response.status === 204) { toaster.pop({ type: "success", diff --git a/admin/app/controllers/settings/shopfloor/shopfloorequipment.controller.js b/admin/app/controllers/settings/shopfloor/shopfloorequipment.controller.js index b160c772..b49e6007 100644 --- a/admin/app/controllers/settings/shopfloor/shopfloorequipment.controller.js +++ b/admin/app/controllers/settings/shopfloor/shopfloorequipment.controller.js @@ -1,8 +1,8 @@ 'use strict'; -app.controller('ShopfloorEquipmentController', function ($scope, $translate, ShopfloorService, EquipmentService, ShopfloorEquipmentService, toaster, SweetAlert) { +app.controller('ShopfloorEquipmentController', function ($scope, $window, $translate, ShopfloorService, EquipmentService, ShopfloorEquipmentService, toaster, SweetAlert) { $scope.currentShopfloor = {selected:undefined}; - + $scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user")); $scope.getAllEquipments = function () { EquipmentService.getAllEquipments(function (response) { if (angular.isDefined(response.status) && response.status === 200) { @@ -42,7 +42,8 @@ app.controller('ShopfloorEquipmentController', function ($scope, $translate, Sho $scope.pairEquipment = function (dragEl, dropEl) { var equipmentid = angular.element('#' + dragEl).scope().equipment.id; var shopfloorid = $scope.currentShopfloor.id; - ShopfloorEquipmentService.addPair(shopfloorid, equipmentid, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + ShopfloorEquipmentService.addPair(shopfloorid, equipmentid, headers, function (response) { if (angular.isDefined(response.status) && response.status === 201) { toaster.pop({ type: "success", @@ -68,7 +69,8 @@ app.controller('ShopfloorEquipmentController', function ($scope, $translate, Sho } var shopfloorequipmentid = angular.element('#' + dragEl).scope().shopfloorequipment.id; var shopfloorid = $scope.currentShopfloor.id; - ShopfloorEquipmentService.deletePair(shopfloorid, shopfloorequipmentid, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + ShopfloorEquipmentService.deletePair(shopfloorid, shopfloorequipmentid, headers, function (response) { if (angular.isDefined(response.status) && response.status === 204) { toaster.pop({ type: "success", diff --git a/admin/app/controllers/settings/shopfloor/shopfloormeter.controller.js b/admin/app/controllers/settings/shopfloor/shopfloormeter.controller.js index cb3a7d25..dea19d21 100644 --- a/admin/app/controllers/settings/shopfloor/shopfloormeter.controller.js +++ b/admin/app/controllers/settings/shopfloor/shopfloormeter.controller.js @@ -1,6 +1,6 @@ 'use strict'; -app.controller('ShopfloorMeterController', function($scope,$timeout, $translate, +app.controller('ShopfloorMeterController', function($scope, $window, $timeout, $translate, MeterService, VirtualMeterService, OfflineMeterService, @@ -8,7 +8,7 @@ app.controller('ShopfloorMeterController', function($scope,$timeout, $translate, ShopfloorService, toaster) { $scope.currentShopfloor = {selected:undefined}; - + $scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user")); $scope.getAllShopfloors = function(id) { ShopfloorService.getAllShopfloors(function (response) { if (angular.isDefined(response.status) && response.status === 200) { @@ -106,7 +106,8 @@ app.controller('ShopfloorMeterController', function($scope,$timeout, $translate, $scope.pairMeter=function(dragEl,dropEl){ var meterid=angular.element('#'+dragEl).scope().meter.id; var shopfloorid=$scope.currentShopfloor.id; - ShopfloorMeterService.addPair(shopfloorid, meterid, $scope.currentMeterType, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + ShopfloorMeterService.addPair(shopfloorid, meterid, $scope.currentMeterType, headers, function (response) { if (angular.isDefined(response.status) && response.status === 201) { toaster.pop({ type: "success", @@ -133,7 +134,8 @@ app.controller('ShopfloorMeterController', function($scope,$timeout, $translate, var shopfloormeterid = angular.element('#' + dragEl).scope().shopfloormeter.id; var shopfloorid = $scope.currentShopfloor.id; var metertype = angular.element('#' + dragEl).scope().shopfloormeter.metertype; - ShopfloorMeterService.deletePair(shopfloorid, shopfloormeterid, metertype, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + ShopfloorMeterService.deletePair(shopfloorid, shopfloormeterid, metertype, headers, function (response) { if (angular.isDefined(response.status) && response.status === 204) { toaster.pop({ type: "success", diff --git a/admin/app/controllers/settings/shopfloor/shopfloorpoint.controller.js b/admin/app/controllers/settings/shopfloor/shopfloorpoint.controller.js index 09eb88a0..2b67d9c7 100644 --- a/admin/app/controllers/settings/shopfloor/shopfloorpoint.controller.js +++ b/admin/app/controllers/settings/shopfloor/shopfloorpoint.controller.js @@ -74,7 +74,8 @@ app.controller('ShopfloorPointController', function ( $scope.pairPoint = function (dragEl, dropEl) { var pointid = angular.element('#' + dragEl).scope().point.id; var shopfloorid = $scope.currentShopfloor.id; - ShopfloorPointService.addPair(shopfloorid, pointid, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + ShopfloorPointService.addPair(shopfloorid, pointid, headers, function (response) { if (angular.isDefined(response.status) && response.status === 201) { toaster.pop({ type: "success", @@ -100,7 +101,8 @@ app.controller('ShopfloorPointController', function ( } var shopfloorpointid = angular.element('#' + dragEl).scope().shopfloorpoint.id; var shopfloorid = $scope.currentShopfloor.id; - ShopfloorPointService.deletePair(shopfloorid, shopfloorpointid, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + ShopfloorPointService.deletePair(shopfloorid, shopfloorpointid, headers, function (response) { if (angular.isDefined(response.status) && response.status === 204) { toaster.pop({ type: "error", diff --git a/admin/app/controllers/settings/shopfloor/shopfloorsensor.controller.js b/admin/app/controllers/settings/shopfloor/shopfloorsensor.controller.js index c2740c93..e95404b4 100644 --- a/admin/app/controllers/settings/shopfloor/shopfloorsensor.controller.js +++ b/admin/app/controllers/settings/shopfloor/shopfloorsensor.controller.js @@ -1,8 +1,8 @@ 'use strict'; -app.controller('ShopfloorSensorController', function ($scope, $translate, ShopfloorService, SensorService, ShopfloorSensorService, toaster, SweetAlert) { +app.controller('ShopfloorSensorController', function ($scope, $window, $translate, ShopfloorService, SensorService, ShopfloorSensorService, toaster, SweetAlert) { $scope.currentShopfloor = {selected:undefined}; - + $scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user")); $scope.getAllSensors = function () { SensorService.getAllSensors(function (response) { if (angular.isDefined(response.status) && response.status === 200) { @@ -42,7 +42,8 @@ app.controller('ShopfloorSensorController', function ($scope, $translate, Shopfl $scope.pairSensor = function (dragEl, dropEl) { var sensorid = angular.element('#' + dragEl).scope().sensor.id; var shopfloorid = $scope.currentShopfloor.id; - ShopfloorSensorService.addPair(shopfloorid, sensorid, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + ShopfloorSensorService.addPair(shopfloorid, sensorid, headers, function (response) { if (angular.isDefined(response.status) && response.status === 201) { toaster.pop({ type: "success", @@ -68,7 +69,8 @@ app.controller('ShopfloorSensorController', function ($scope, $translate, Shopfl } var shopfloorsensorid = angular.element('#' + dragEl).scope().shopfloorsensor.id; var shopfloorid = $scope.currentShopfloor.id; - ShopfloorSensorService.deletePair(shopfloorid, shopfloorsensorid, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + ShopfloorSensorService.deletePair(shopfloorid, shopfloorsensorid, headers, function (response) { if (angular.isDefined(response.status) && response.status === 204) { toaster.pop({ type: "success", diff --git a/admin/app/controllers/settings/store/store.controller.js b/admin/app/controllers/settings/store/store.controller.js index 23bda2b5..8010bb9e 100644 --- a/admin/app/controllers/settings/store/store.controller.js +++ b/admin/app/controllers/settings/store/store.controller.js @@ -1,7 +1,7 @@ 'use strict'; -app.controller('StoreController', function($scope,$translate,$uibModal, CostCenterService, ContactService, StoreService, StoreTypeService, toaster,SweetAlert) { - +app.controller('StoreController', function($scope, $window, $translate,$uibModal, CostCenterService, ContactService, StoreService, StoreTypeService, toaster,SweetAlert) { + $scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user")); $scope.getAllCostCenters = function() { CostCenterService.getAllCostCenters(function (response) { if (angular.isDefined(response.status) && response.status === 200) { @@ -64,7 +64,8 @@ $scope.getAllStoreTypes = function() { if (angular.isDefined(store.is_input_counted) == false) { store.is_input_counted = false; } - StoreService.addStore(store, function(response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + StoreService.addStore(store, headers, function(response) { if (angular.isDefined(response.status) && response.status === 201) { toaster.pop({ type: "success", @@ -111,7 +112,8 @@ $scope.getAllStoreTypes = function() { if (angular.isDefined(store.is_input_counted) == false) { store.is_input_counted = false; } - StoreService.editStore(modifiedStore, function(response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + StoreService.editStore(modifiedStore, headers, function(response) { if (angular.isDefined(response.status) && response.status === 200) { toaster.pop({ type: "success", @@ -147,7 +149,8 @@ $scope.getAllStoreTypes = function() { closeOnCancel: true }, function (isConfirm) { if (isConfirm) { - StoreService.deleteStore(store, function(response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + StoreService.deleteStore(store, headers, function(response) { if (angular.isDefined(response.status) && response.status === 204) { toaster.pop({ type: "success", diff --git a/admin/app/controllers/settings/store/storemeter.controller.js b/admin/app/controllers/settings/store/storemeter.controller.js index 8a9240b8..4ea7539b 100644 --- a/admin/app/controllers/settings/store/storemeter.controller.js +++ b/admin/app/controllers/settings/store/storemeter.controller.js @@ -1,6 +1,6 @@ 'use strict'; -app.controller('StoreMeterController', function($scope,$timeout, $translate, +app.controller('StoreMeterController', function($scope, $window, $timeout, $translate, MeterService, VirtualMeterService, OfflineMeterService, @@ -8,7 +8,7 @@ app.controller('StoreMeterController', function($scope,$timeout, $translate, StoreService, toaster) { $scope.currentStore = {selected:undefined}; - + $scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user")); $scope.getAllStores = function(id) { StoreService.getAllStores(function (response) { if (angular.isDefined(response.status) && response.status === 200) { @@ -106,7 +106,8 @@ app.controller('StoreMeterController', function($scope,$timeout, $translate, $scope.pairMeter=function(dragEl,dropEl){ var meterid=angular.element('#'+dragEl).scope().meter.id; var storeid=$scope.currentStore.id; - StoreMeterService.addPair(storeid, meterid, $scope.currentMeterType, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + StoreMeterService.addPair(storeid, meterid, $scope.currentMeterType, headers, function (response) { if (angular.isDefined(response.status) && response.status === 201) { toaster.pop({ type: "success", @@ -133,7 +134,8 @@ app.controller('StoreMeterController', function($scope,$timeout, $translate, var storemeterid = angular.element('#' + dragEl).scope().storemeter.id; var storeid = $scope.currentStore.id; var metertype = angular.element('#' + dragEl).scope().storemeter.metertype; - StoreMeterService.deletePair(storeid, storemeterid, metertype, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + StoreMeterService.deletePair(storeid, storemeterid, metertype, headers, function (response) { if (angular.isDefined(response.status) && response.status === 204) { toaster.pop({ type: "success", diff --git a/admin/app/controllers/settings/store/storepoint.controller.js b/admin/app/controllers/settings/store/storepoint.controller.js index d239d6c5..4569dda0 100644 --- a/admin/app/controllers/settings/store/storepoint.controller.js +++ b/admin/app/controllers/settings/store/storepoint.controller.js @@ -74,7 +74,8 @@ app.controller('StorePointController', function ( $scope.pairPoint = function (dragEl, dropEl) { var pointid = angular.element('#' + dragEl).scope().point.id; var storeid = $scope.currentStore.id; - StorePointService.addPair(storeid, pointid, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + StorePointService.addPair(storeid, pointid, headers, function (response) { if (angular.isDefined(response.status) && response.status === 201) { toaster.pop({ type: "success", @@ -100,7 +101,8 @@ app.controller('StorePointController', function ( } var storepointid = angular.element('#' + dragEl).scope().storepoint.id; var storeid = $scope.currentStore.id; - StorePointService.deletePair(storeid, storepointid, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + StorePointService.deletePair(storeid, storepointid, headers, function (response) { if (angular.isDefined(response.status) && response.status === 204) { toaster.pop({ type: "success", diff --git a/admin/app/controllers/settings/store/storesensor.controller.js b/admin/app/controllers/settings/store/storesensor.controller.js index 64366d51..2d4c00a5 100644 --- a/admin/app/controllers/settings/store/storesensor.controller.js +++ b/admin/app/controllers/settings/store/storesensor.controller.js @@ -1,8 +1,8 @@ 'use strict'; -app.controller('StoreSensorController', function ($scope, $translate, StoreService, SensorService, StoreSensorService, toaster, SweetAlert) { +app.controller('StoreSensorController', function ($scope, $window, $translate, StoreService, SensorService, StoreSensorService, toaster, SweetAlert) { $scope.currentStore = {selected:undefined}; - + $scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user")); $scope.getAllSensors = function () { SensorService.getAllSensors(function (response) { if (angular.isDefined(response.status) && response.status === 200) { @@ -42,7 +42,8 @@ app.controller('StoreSensorController', function ($scope, $translate, StoreServi $scope.pairSensor = function (dragEl, dropEl) { var sensorid = angular.element('#' + dragEl).scope().sensor.id; var storeid = $scope.currentStore.id; - StoreSensorService.addPair(storeid, sensorid, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + StoreSensorService.addPair(storeid, sensorid, headers, function (response) { if (angular.isDefined(response.status) && response.status === 201) { toaster.pop({ type: "success", @@ -68,7 +69,8 @@ app.controller('StoreSensorController', function ($scope, $translate, StoreServi } var storesensorid = angular.element('#' + dragEl).scope().storesensor.id; var storeid = $scope.currentStore.id; - StoreSensorService.deletePair(storeid, storesensorid, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + StoreSensorService.deletePair(storeid, storesensorid, headers, function (response) { if (angular.isDefined(response.status) && response.status === 204) { toaster.pop({ type: "success", diff --git a/admin/app/controllers/settings/tenant/tenant.controller.js b/admin/app/controllers/settings/tenant/tenant.controller.js index 8427ddef..35970dcc 100644 --- a/admin/app/controllers/settings/tenant/tenant.controller.js +++ b/admin/app/controllers/settings/tenant/tenant.controller.js @@ -1,7 +1,7 @@ 'use strict'; -app.controller('TenantController', function ($scope, $translate, $uibModal, CostCenterService, ContactService, TenantService, TenantTypeService, toaster, SweetAlert) { - +app.controller('TenantController', function ($scope, $window, $translate, $uibModal, CostCenterService, ContactService, TenantService, TenantTypeService, toaster, SweetAlert) { + $scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user")); $scope.getAllCostCenters = function () { CostCenterService.getAllCostCenters(function (response) { if (angular.isDefined(response.status) && response.status === 200) { @@ -70,7 +70,8 @@ app.controller('TenantController', function ($scope, $translate, $uibModal, Cost if (angular.isDefined(tenant.is_in_lease) == false) { tenant.is_in_lease = false; } - TenantService.addTenant(tenant, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + TenantService.addTenant(tenant, headers, function (response) { if (angular.isDefined(response.status) && response.status === 201) { toaster.pop({ type: "success", @@ -123,7 +124,8 @@ app.controller('TenantController', function ($scope, $translate, $uibModal, Cost if (angular.isDefined(tenant.is_in_lease) == false) { tenant.is_in_lease = false; } - TenantService.editTenant(modifiedTenant, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + TenantService.editTenant(modifiedTenant, headers, function (response) { if (angular.isDefined(response.status) && response.status === 200) { toaster.pop({ type: "success", @@ -160,7 +162,8 @@ app.controller('TenantController', function ($scope, $translate, $uibModal, Cost }, function (isConfirm) { if (isConfirm) { - TenantService.deleteTenant(tenant, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + TenantService.deleteTenant(tenant, headers, function (response) { if (angular.isDefined(response.status) && response.status === 204) { toaster.pop({ type: "success", diff --git a/admin/app/controllers/settings/tenant/tenantmeter.controller.js b/admin/app/controllers/settings/tenant/tenantmeter.controller.js index 53983229..6f7c9cbf 100644 --- a/admin/app/controllers/settings/tenant/tenantmeter.controller.js +++ b/admin/app/controllers/settings/tenant/tenantmeter.controller.js @@ -1,6 +1,6 @@ 'use strict'; -app.controller('TenantMeterController', function($scope,$timeout, $translate, +app.controller('TenantMeterController', function($scope, $window, $timeout, $translate, MeterService, VirtualMeterService, OfflineMeterService, @@ -8,7 +8,7 @@ app.controller('TenantMeterController', function($scope,$timeout, $translate, TenantService, toaster) { $scope.currentTenant = {selected:undefined}; - + $scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user")); $scope.getAllTenants = function(id) { TenantService.getAllTenants(function (response) { if (angular.isDefined(response.status) && response.status === 200) { @@ -106,7 +106,8 @@ app.controller('TenantMeterController', function($scope,$timeout, $translate, $scope.pairMeter=function(dragEl,dropEl){ var meterid=angular.element('#'+dragEl).scope().meter.id; var tenantid=$scope.currentTenant.id; - TenantMeterService.addPair(tenantid, meterid, $scope.currentMeterType, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + TenantMeterService.addPair(tenantid, meterid, $scope.currentMeterType, headers, function (response) { if (angular.isDefined(response.status) && response.status === 201) { toaster.pop({ type: "success", @@ -133,7 +134,8 @@ app.controller('TenantMeterController', function($scope,$timeout, $translate, var tenantmeterid = angular.element('#' + dragEl).scope().tenantmeter.id; var tenantid = $scope.currentTenant.id; var metertype = angular.element('#' + dragEl).scope().tenantmeter.metertype; - TenantMeterService.deletePair(tenantid, tenantmeterid, metertype, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + TenantMeterService.deletePair(tenantid, tenantmeterid, metertype, headers, function (response) { if (angular.isDefined(response.status) && response.status === 204) { toaster.pop({ type: "success", diff --git a/admin/app/controllers/settings/tenant/tenantpoint.controller.js b/admin/app/controllers/settings/tenant/tenantpoint.controller.js index d8c687e2..b88e83fb 100644 --- a/admin/app/controllers/settings/tenant/tenantpoint.controller.js +++ b/admin/app/controllers/settings/tenant/tenantpoint.controller.js @@ -74,7 +74,8 @@ app.controller('TenantPointController', function ( $scope.pairPoint = function (dragEl, dropEl) { var pointid = angular.element('#' + dragEl).scope().point.id; var tenantid = $scope.currentTenant.id; - TenantPointService.addPair(tenantid, pointid, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + TenantPointService.addPair(tenantid, pointid, headers, function (response) { if (angular.isDefined(response.status) && response.status === 201) { toaster.pop({ type: "success", @@ -100,7 +101,8 @@ app.controller('TenantPointController', function ( } var tenantpointid = angular.element('#' + dragEl).scope().tenantpoint.id; var tenantid = $scope.currentTenant.id; - TenantPointService.deletePair(tenantid, tenantpointid, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + TenantPointService.deletePair(tenantid, tenantpointid, headers, function (response) { if (angular.isDefined(response.status) && response.status === 204) { toaster.pop({ type: "success", diff --git a/admin/app/controllers/settings/tenant/tenantsensor.controller.js b/admin/app/controllers/settings/tenant/tenantsensor.controller.js index ffff1f1f..c37d7d3c 100644 --- a/admin/app/controllers/settings/tenant/tenantsensor.controller.js +++ b/admin/app/controllers/settings/tenant/tenantsensor.controller.js @@ -1,8 +1,8 @@ 'use strict'; -app.controller('TenantSensorController', function ($scope, $translate, TenantService, SensorService, TenantSensorService, toaster, SweetAlert) { +app.controller('TenantSensorController', function ($scope, $window, $translate, TenantService, SensorService, TenantSensorService, toaster, SweetAlert) { $scope.currentTenant = {selected:undefined}; - + $scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user")); $scope.getAllSensors = function () { SensorService.getAllSensors(function (response) { if (angular.isDefined(response.status) && response.status === 200) { @@ -42,7 +42,8 @@ app.controller('TenantSensorController', function ($scope, $translate, TenantSer $scope.pairSensor = function (dragEl, dropEl) { var sensorid = angular.element('#' + dragEl).scope().sensor.id; var tenantid = $scope.currentTenant.id; - TenantSensorService.addPair(tenantid, sensorid, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + TenantSensorService.addPair(tenantid, sensorid, headers, function (response) { if (angular.isDefined(response.status) && response.status === 201) { toaster.pop({ type: "success", @@ -68,7 +69,8 @@ app.controller('TenantSensorController', function ($scope, $translate, TenantSer } var tenantsensorid = angular.element('#' + dragEl).scope().tenantsensor.id; var tenantid = $scope.currentTenant.id; - TenantSensorService.deletePair(tenantid, tenantsensorid, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + TenantSensorService.deletePair(tenantid, tenantsensorid, headers, function (response) { if (angular.isDefined(response.status) && response.status === 204) { toaster.pop({ type: "success", diff --git a/admin/app/services/settings/shopfloor/shopfloor.service.js b/admin/app/services/settings/shopfloor/shopfloor.service.js index 7abe289a..2680a8ae 100644 --- a/admin/app/services/settings/shopfloor/shopfloor.service.js +++ b/admin/app/services/settings/shopfloor/shopfloor.service.js @@ -25,24 +25,24 @@ app.factory('ShopfloorService', function($http) { callback(response); }); }, - addShopfloor: function(shopfloor, callback) { - $http.post(getAPI()+'shopfloors',{data:shopfloor}) + addShopfloor: function(shopfloor, headers, callback) { + $http.post(getAPI()+'shopfloors',{data:shopfloor}, {headers}) .then(function (response) { callback(response); }, function (response) { callback(response); }); }, - editShopfloor: function(shopfloor, callback) { - $http.put(getAPI()+'shopfloors/'+shopfloor.id,{data:shopfloor}) + editShopfloor: function(shopfloor, headers, callback) { + $http.put(getAPI()+'shopfloors/'+shopfloor.id,{data:shopfloor}, {headers}) .then(function (response) { callback(response); }, function (response) { callback(response); }); }, - deleteShopfloor: function(shopfloor, callback) { - $http.delete(getAPI()+'shopfloors/'+shopfloor.id) + deleteShopfloor: function(shopfloor, headers, callback) { + $http.delete(getAPI()+'shopfloors/'+shopfloor.id, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/admin/app/services/settings/shopfloor/shopfloorequipment.service.js b/admin/app/services/settings/shopfloor/shopfloorequipment.service.js index 8f576bab..b2c18f22 100644 --- a/admin/app/services/settings/shopfloor/shopfloorequipment.service.js +++ b/admin/app/services/settings/shopfloor/shopfloorequipment.service.js @@ -1,8 +1,8 @@ 'use strict'; app.factory('ShopfloorEquipmentService', function($http) { return { - addPair: function(shopfloorID,equipmentID,callback) { - $http.post(getAPI()+'shopfloors/'+shopfloorID+'/equipments',{data:{'equipment_id':equipmentID}}) + addPair: function(shopfloorID,equipmentID, headers, callback) { + $http.post(getAPI()+'shopfloors/'+shopfloorID+'/equipments',{data:{'equipment_id':equipmentID}}, {headers}) .then(function (response) { callback(response); }, function (response) { @@ -10,8 +10,8 @@ app.factory('ShopfloorEquipmentService', function($http) { }); }, - deletePair: function(shopfloorID, equipmentID, callback) { - $http.delete(getAPI()+'shopfloors/'+shopfloorID+'/equipments/'+equipmentID) + deletePair: function(shopfloorID, equipmentID, headers, callback) { + $http.delete(getAPI()+'shopfloors/'+shopfloorID+'/equipments/'+equipmentID, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/admin/app/services/settings/shopfloor/shopfloormeter.service.js b/admin/app/services/settings/shopfloor/shopfloormeter.service.js index 9b0823af..509a751f 100644 --- a/admin/app/services/settings/shopfloor/shopfloormeter.service.js +++ b/admin/app/services/settings/shopfloor/shopfloormeter.service.js @@ -1,7 +1,7 @@ 'use strict'; app.factory('ShopfloorMeterService', function($http) { return { - addPair: function(shopfloorID,meterID, metertype,callback) { + addPair: function(shopfloorID,meterID, metertype, headers, callback) { var meter={}; if(metertype=='meters'){ meter={'meter_id':meterID}; @@ -11,7 +11,7 @@ app.factory('ShopfloorMeterService', function($http) { meter={'offline_meter_id':meterID}; } - $http.post(getAPI()+'shopfloors/'+shopfloorID+'/'+metertype,{data:meter}) + $http.post(getAPI()+'shopfloors/'+shopfloorID+'/'+metertype,{data:meter}, {headers}) .then(function (response) { callback(response); }, function (response) { @@ -19,8 +19,8 @@ app.factory('ShopfloorMeterService', function($http) { }); }, - deletePair: function(shopfloorID,meterID, metertype, callback) { - $http.delete(getAPI()+'shopfloors/'+shopfloorID+'/'+metertype+'/'+meterID) + deletePair: function(shopfloorID,meterID, metertype, headers, callback) { + $http.delete(getAPI()+'shopfloors/'+shopfloorID+'/'+metertype+'/'+meterID, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/admin/app/services/settings/shopfloor/shopfloorpoint.service.js b/admin/app/services/settings/shopfloor/shopfloorpoint.service.js index e9cfe09a..6834be32 100644 --- a/admin/app/services/settings/shopfloor/shopfloorpoint.service.js +++ b/admin/app/services/settings/shopfloor/shopfloorpoint.service.js @@ -1,8 +1,8 @@ 'use strict'; app.factory('ShopfloorPointService', function($http) { return { - addPair: function(shopfloorID,pointID,callback) { - $http.post(getAPI()+'shopfloors/'+shopfloorID+'/points',{data:{'point_id':pointID}}) + addPair: function(shopfloorID,pointID, headers, callback) { + $http.post(getAPI()+'shopfloors/'+shopfloorID+'/points',{data:{'point_id':pointID}}, {headers}) .then(function (response) { callback(response); }, function (response) { @@ -10,8 +10,8 @@ app.factory('ShopfloorPointService', function($http) { }); }, - deletePair: function(shopfloorID,pointID, callback) { - $http.delete(getAPI()+'shopfloors/'+shopfloorID+'/points/'+pointID) + deletePair: function(shopfloorID,pointID, headers, callback) { + $http.delete(getAPI()+'shopfloors/'+shopfloorID+'/points/'+pointID, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/admin/app/services/settings/shopfloor/shopfloorsensor.service.js b/admin/app/services/settings/shopfloor/shopfloorsensor.service.js index eb6956c1..4d9aa532 100644 --- a/admin/app/services/settings/shopfloor/shopfloorsensor.service.js +++ b/admin/app/services/settings/shopfloor/shopfloorsensor.service.js @@ -1,8 +1,8 @@ 'use strict'; app.factory('ShopfloorSensorService', function($http) { return { - addPair: function(shopfloorID,sensorID,callback) { - $http.post(getAPI()+'shopfloors/'+shopfloorID+'/sensors',{data:{'sensor_id':sensorID}}) + addPair: function(shopfloorID,sensorID, headers, callback) { + $http.post(getAPI()+'shopfloors/'+shopfloorID+'/sensors',{data:{'sensor_id':sensorID}}, {headers}) .then(function (response) { callback(response); }, function (response) { @@ -10,8 +10,8 @@ app.factory('ShopfloorSensorService', function($http) { }); }, - deletePair: function(shopfloorID,sensorID, callback) { - $http.delete(getAPI()+'shopfloors/'+shopfloorID+'/sensors/'+sensorID) + deletePair: function(shopfloorID,sensorID, headers, callback) { + $http.delete(getAPI()+'shopfloors/'+shopfloorID+'/sensors/'+sensorID, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/admin/app/services/settings/store/store.service.js b/admin/app/services/settings/store/store.service.js index 4fea0042..e4844665 100644 --- a/admin/app/services/settings/store/store.service.js +++ b/admin/app/services/settings/store/store.service.js @@ -17,24 +17,24 @@ app.factory('StoreService', function($http) { callback(response); }); }, - addStore: function(store, callback) { - $http.post(getAPI()+'stores',{data:store}) + addStore: function(store, headers, callback) { + $http.post(getAPI()+'stores',{data:store}, {headers}) .then(function (response) { callback(response); }, function (response) { callback(response); }); }, - editStore: function(store, callback) { - $http.put(getAPI()+'stores/'+store.id,{data:store}) + editStore: function(store, headers, callback) { + $http.put(getAPI()+'stores/'+store.id,{data:store}, {headers}) .then(function (response) { callback(response); }, function (response) { callback(response); }); }, - deleteStore: function(store, callback) { - $http.delete(getAPI()+'stores/'+store.id) + deleteStore: function(store, headers, callback) { + $http.delete(getAPI()+'stores/'+store.id, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/admin/app/services/settings/store/storemeter.service.js b/admin/app/services/settings/store/storemeter.service.js index 860ee1e5..a36b3349 100644 --- a/admin/app/services/settings/store/storemeter.service.js +++ b/admin/app/services/settings/store/storemeter.service.js @@ -1,7 +1,7 @@ 'use strict'; app.factory('StoreMeterService', function($http) { return { - addPair: function(storeID, meterID, metertype,callback) { + addPair: function(storeID, meterID, metertype, headers, callback) { var meter={}; if(metertype=='meters'){ meter={'meter_id':meterID}; @@ -11,7 +11,7 @@ app.factory('StoreMeterService', function($http) { meter={'offline_meter_id':meterID}; } - $http.post(getAPI()+'stores/'+storeID+'/'+metertype,{data:meter}) + $http.post(getAPI()+'stores/'+storeID+'/'+metertype,{data:meter}, {headers}) .then(function (response) { callback(response); }, function (response) { @@ -19,8 +19,8 @@ app.factory('StoreMeterService', function($http) { }); }, - deletePair: function(storeID, meterID, metertype, callback) { - $http.delete(getAPI()+'stores/'+storeID+'/'+metertype+'/'+meterID) + deletePair: function(storeID, meterID, metertype, headers, callback) { + $http.delete(getAPI()+'stores/'+storeID+'/'+metertype+'/'+meterID, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/admin/app/services/settings/store/storepoint.service.js b/admin/app/services/settings/store/storepoint.service.js index 182f3393..bf046bab 100644 --- a/admin/app/services/settings/store/storepoint.service.js +++ b/admin/app/services/settings/store/storepoint.service.js @@ -1,8 +1,8 @@ 'use strict'; app.factory('StorePointService', function($http) { return { - addPair: function(storeID,pointID,callback) { - $http.post(getAPI()+'stores/'+storeID+'/points',{data:{'point_id':pointID}}) + addPair: function(storeID,pointID, headers, callback) { + $http.post(getAPI()+'stores/'+storeID+'/points',{data:{'point_id':pointID}}, {headers}) .then(function (response) { callback(response); }, function (response) { @@ -10,8 +10,8 @@ app.factory('StorePointService', function($http) { }); }, - deletePair: function(storeID,pointID, callback) { - $http.delete(getAPI()+'stores/'+storeID+'/points/'+pointID) + deletePair: function(storeID,pointID, headers, callback) { + $http.delete(getAPI()+'stores/'+storeID+'/points/'+pointID, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/admin/app/services/settings/store/storesensor.service.js b/admin/app/services/settings/store/storesensor.service.js index 988aa3f2..8d15bef9 100644 --- a/admin/app/services/settings/store/storesensor.service.js +++ b/admin/app/services/settings/store/storesensor.service.js @@ -1,8 +1,8 @@ 'use strict'; app.factory('StoreSensorService', function($http) { return { - addPair: function(storeID,sensorID,callback) { - $http.post(getAPI()+'stores/'+storeID+'/sensors',{data:{'sensor_id':sensorID}}) + addPair: function(storeID,sensorID, headers, callback) { + $http.post(getAPI()+'stores/'+storeID+'/sensors',{data:{'sensor_id':sensorID}}, {headers}) .then(function (response) { callback(response); }, function (response) { @@ -10,8 +10,8 @@ app.factory('StoreSensorService', function($http) { }); }, - deletePair: function(storeID,sensorID, callback) { - $http.delete(getAPI()+'stores/'+storeID+'/sensors/'+sensorID) + deletePair: function(storeID,sensorID, headers, callback) { + $http.delete(getAPI()+'stores/'+storeID+'/sensors/'+sensorID, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/admin/app/services/settings/store/storetype.service.js b/admin/app/services/settings/store/storetype.service.js index 50060d1e..9055b6a0 100644 --- a/admin/app/services/settings/store/storetype.service.js +++ b/admin/app/services/settings/store/storetype.service.js @@ -17,24 +17,24 @@ app.factory('StoreTypeService', function($http) { callback(response); }); }, - addStoreType: function(store_type, callback) { - $http.post(getAPI()+'storetypes',{data:store}) + addStoreType: function(store_type, headers, callback) { + $http.post(getAPI()+'storetypes',{data:store}, {headers}) .then(function (response) { callback(response); }, function (response) { callback(response); }); }, - editStoreType: function(store_type, callback) { - $http.put(getAPI()+'storetypes/'+store_type.id,{data:store_type}) + editStoreType: function(store_type, headers, callback) { + $http.put(getAPI()+'storetypes/'+store_type.id,{data:store_type}, {headers}) .then(function (response) { callback(response); }, function (response) { callback(response); }); }, - deleteStoreType: function(store_type, callback) { - $http.delete(getAPI()+'storetypes/'+store_type.id) + deleteStoreType: function(store_type, headers, callback) { + $http.delete(getAPI()+'storetypes/'+store_type.id, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/admin/app/services/settings/tenant/tenant.service.js b/admin/app/services/settings/tenant/tenant.service.js index 547cfaaf..5584813a 100644 --- a/admin/app/services/settings/tenant/tenant.service.js +++ b/admin/app/services/settings/tenant/tenant.service.js @@ -17,24 +17,24 @@ app.factory('TenantService', function($http) { callback(response); }); }, - addTenant: function(tenant, callback) { - $http.post(getAPI()+'tenants',{data:tenant}) + addTenant: function(tenant, headers, callback) { + $http.post(getAPI()+'tenants',{data:tenant}, {headers}) .then(function (response) { callback(response); }, function (response) { callback(response); }); }, - editTenant: function(tenant, callback) { - $http.put(getAPI()+'tenants/'+tenant.id,{data:tenant}) + editTenant: function(tenant, headers, callback) { + $http.put(getAPI()+'tenants/'+tenant.id,{data:tenant}, {headers}) .then(function (response) { callback(response); }, function (response) { callback(response); }); }, - deleteTenant: function(tenant, callback) { - $http.delete(getAPI()+'tenants/'+tenant.id) + deleteTenant: function(tenant, headers, callback) { + $http.delete(getAPI()+'tenants/'+tenant.id, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/admin/app/services/settings/tenant/tenantmeter.service.js b/admin/app/services/settings/tenant/tenantmeter.service.js index 6a4b6394..e4e05b22 100644 --- a/admin/app/services/settings/tenant/tenantmeter.service.js +++ b/admin/app/services/settings/tenant/tenantmeter.service.js @@ -1,7 +1,7 @@ 'use strict'; app.factory('TenantMeterService', function($http) { return { - addPair: function(tenantID, meterID, metertype,callback) { + addPair: function(tenantID, meterID, metertype, headers, callback) { var meter={}; if(metertype=='meters'){ meter={'meter_id':meterID}; @@ -11,7 +11,7 @@ app.factory('TenantMeterService', function($http) { meter={'offline_meter_id':meterID}; } - $http.post(getAPI()+'tenants/'+tenantID+'/'+metertype,{data:meter}) + $http.post(getAPI()+'tenants/'+tenantID+'/'+metertype,{data:meter}, {headers}) .then(function (response) { callback(response); }, function (response) { @@ -19,8 +19,8 @@ app.factory('TenantMeterService', function($http) { }); }, - deletePair: function(tenantID, meterID, metertype, callback) { - $http.delete(getAPI()+'tenants/'+tenantID+'/'+metertype+'/'+meterID) + deletePair: function(tenantID, meterID, metertype, headers, callback) { + $http.delete(getAPI()+'tenants/'+tenantID+'/'+metertype+'/'+meterID, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/admin/app/services/settings/tenant/tenantpoint.service.js b/admin/app/services/settings/tenant/tenantpoint.service.js index b5146f91..3cadc625 100644 --- a/admin/app/services/settings/tenant/tenantpoint.service.js +++ b/admin/app/services/settings/tenant/tenantpoint.service.js @@ -1,8 +1,8 @@ 'use strict'; app.factory('TenantPointService', function($http) { return { - addPair: function(tenantID,pointID,callback) { - $http.post(getAPI()+'tenants/'+tenantID+'/points',{data:{'point_id':pointID}}) + addPair: function(tenantID,pointID, headers, callback) { + $http.post(getAPI()+'tenants/'+tenantID+'/points',{data:{'point_id':pointID}}, {headers}) .then(function (response) { callback(response); }, function (response) { @@ -10,8 +10,8 @@ app.factory('TenantPointService', function($http) { }); }, - deletePair: function(tenantID,pointID, callback) { - $http.delete(getAPI()+'tenants/'+tenantID+'/points/'+pointID) + deletePair: function(tenantID,pointID, headers, callback) { + $http.delete(getAPI()+'tenants/'+tenantID+'/points/'+pointID, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/admin/app/services/settings/tenant/tenantsensor.service.js b/admin/app/services/settings/tenant/tenantsensor.service.js index f7e66686..98cdd71b 100644 --- a/admin/app/services/settings/tenant/tenantsensor.service.js +++ b/admin/app/services/settings/tenant/tenantsensor.service.js @@ -1,8 +1,8 @@ 'use strict'; app.factory('TenantSensorService', function($http) { return { - addPair: function(tenantID,sensorID,callback) { - $http.post(getAPI()+'tenants/'+tenantID+'/sensors',{data:{'sensor_id':sensorID}}) + addPair: function(tenantID,sensorID, headers, callback) { + $http.post(getAPI()+'tenants/'+tenantID+'/sensors',{data:{'sensor_id':sensorID}}, {headers}) .then(function (response) { callback(response); }, function (response) { @@ -10,8 +10,8 @@ app.factory('TenantSensorService', function($http) { }); }, - deletePair: function(tenantID,sensorID, callback) { - $http.delete(getAPI()+'tenants/'+tenantID+'/sensors/'+sensorID) + deletePair: function(tenantID,sensorID, headers, callback) { + $http.delete(getAPI()+'tenants/'+tenantID+'/sensors/'+sensorID, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/admin/app/services/settings/tenant/tenanttype.service.js b/admin/app/services/settings/tenant/tenanttype.service.js index 17e87880..60e83195 100644 --- a/admin/app/services/settings/tenant/tenanttype.service.js +++ b/admin/app/services/settings/tenant/tenanttype.service.js @@ -17,24 +17,24 @@ app.factory('TenantTypeService', function($http) { callback(response); }); }, - addTenantType: function(tenant_type, callback) { - $http.post(getAPI()+'tenanttypes',{data:tenant}) + addTenantType: function(tenant_type, headers, callback) { + $http.post(getAPI()+'tenanttypes',{data:tenant}, {headers}) .then(function (response) { callback(response); }, function (response) { callback(response); }); }, - editTenantType: function(tenant_type, callback) { - $http.put(getAPI()+'tenanttypes/'+tenant_type.id,{data:tenant_type}) + editTenantType: function(tenant_type, headers, callback) { + $http.put(getAPI()+'tenanttypes/'+tenant_type.id,{data:tenant_type}, {headers}) .then(function (response) { callback(response); }, function (response) { callback(response); }); }, - deleteTenantType: function(tenant_type, callback) { - $http.delete(getAPI()+'tenanttypes/'+tenant_type.id) + deleteTenantType: function(tenant_type, headers, callback) { + $http.delete(getAPI()+'tenanttypes/'+tenant_type.id, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/myems-api/core/shopfloor.py b/myems-api/core/shopfloor.py index 2a547307..71cc7dab 100644 --- a/myems-api/core/shopfloor.py +++ b/myems-api/core/shopfloor.py @@ -3,7 +3,7 @@ import simplejson as json import mysql.connector import config import uuid -from core.useractivity import user_logger +from core.useractivity import user_logger, access_control class ShopfloorCollection: @@ -88,6 +88,7 @@ class ShopfloorCollection: @user_logger def on_post(req, resp): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -279,6 +280,7 @@ class ShopfloorItem: @staticmethod @user_logger def on_delete(req, resp, id_): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_SHOPFLOOR_ID') @@ -400,6 +402,7 @@ class ShopfloorItem: @user_logger def on_put(req, resp, id_): """Handles PUT requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -566,6 +569,7 @@ class ShopfloorEquipmentCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -640,6 +644,7 @@ class ShopfloorEquipmentItem: @staticmethod @user_logger def on_delete(req, resp, id_, eid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_SHOPFLOOR_ID') @@ -749,6 +754,7 @@ class ShopfloorMeterCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -823,6 +829,7 @@ class ShopfloorMeterItem: @staticmethod @user_logger def on_delete(req, resp, id_, mid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_SHOPFLOOR_ID') @@ -931,6 +938,7 @@ class ShopfloorOfflineMeterCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -1005,6 +1013,7 @@ class ShopfloorOfflineMeterItem: @staticmethod @user_logger def on_delete(req, resp, id_, mid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_SHOPFLOOR_ID') @@ -1113,6 +1122,7 @@ class ShopfloorPointCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -1187,6 +1197,7 @@ class ShopfloorPointItem: @staticmethod @user_logger def on_delete(req, resp, id_, pid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_SHOPFLOOR_ID') @@ -1282,6 +1293,7 @@ class ShopfloorSensorCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -1356,6 +1368,7 @@ class ShopfloorSensorItem: @staticmethod @user_logger def on_delete(req, resp, id_, sid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_SHOPFLOOR_ID') @@ -1464,6 +1477,7 @@ class ShopfloorVirtualMeterCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -1538,6 +1552,7 @@ class ShopfloorVirtualMeterItem: @staticmethod @user_logger def on_delete(req, resp, id_, mid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_SHOPFLOOR_ID') diff --git a/myems-api/core/store.py b/myems-api/core/store.py index 1ecc9825..fe614f28 100644 --- a/myems-api/core/store.py +++ b/myems-api/core/store.py @@ -3,7 +3,7 @@ import simplejson as json import mysql.connector import config import uuid -from core.useractivity import user_logger +from core.useractivity import user_logger, access_control class StoreCollection: @@ -94,6 +94,7 @@ class StoreCollection: @user_logger def on_post(req, resp): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -335,6 +336,7 @@ class StoreItem: @staticmethod @user_logger def on_delete(req, resp, id_): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_STORE_ID') @@ -440,6 +442,7 @@ class StoreItem: @user_logger def on_put(req, resp, id_): """Handles PUT requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -664,6 +667,7 @@ class StoreMeterCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -738,6 +742,7 @@ class StoreMeterItem: @staticmethod @user_logger def on_delete(req, resp, id_, mid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_STORE_ID') @@ -846,6 +851,7 @@ class StoreOfflineMeterCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -920,6 +926,7 @@ class StoreOfflineMeterItem: @staticmethod @user_logger def on_delete(req, resp, id_, mid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_STORE_ID') @@ -1028,6 +1035,7 @@ class StorePointCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -1102,6 +1110,7 @@ class StorePointItem: @staticmethod @user_logger def on_delete(req, resp, id_, pid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_STORE_ID') @@ -1197,6 +1206,7 @@ class StoreSensorCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -1271,6 +1281,7 @@ class StoreSensorItem: @staticmethod @user_logger def on_delete(req, resp, id_, sid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_STORE_ID') @@ -1379,6 +1390,7 @@ class StoreVirtualMeterCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -1453,6 +1465,7 @@ class StoreVirtualMeterItem: @staticmethod @user_logger def on_delete(req, resp, id_, mid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_STORE_ID') diff --git a/myems-api/core/tenant.py b/myems-api/core/tenant.py index b84d5881..493327df 100644 --- a/myems-api/core/tenant.py +++ b/myems-api/core/tenant.py @@ -4,7 +4,7 @@ import mysql.connector import config import uuid from datetime import datetime, timedelta, timezone -from core.useractivity import user_logger +from core.useractivity import user_logger, access_control class TenantCollection: @@ -111,6 +111,7 @@ class TenantCollection: @user_logger def on_post(req, resp): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -402,6 +403,7 @@ class TenantItem: @staticmethod @user_logger def on_delete(req, resp, id_): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_TENANT_ID') @@ -507,6 +509,7 @@ class TenantItem: @user_logger def on_put(req, resp, id_): """Handles PUT requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -767,6 +770,7 @@ class TenantMeterCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -841,6 +845,7 @@ class TenantMeterItem: @staticmethod @user_logger def on_delete(req, resp, id_, mid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_TENANT_ID') @@ -949,6 +954,7 @@ class TenantOfflineMeterCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -1023,6 +1029,7 @@ class TenantOfflineMeterItem: @staticmethod @user_logger def on_delete(req, resp, id_, mid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_TENANT_ID') @@ -1131,6 +1138,7 @@ class TenantPointCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -1205,6 +1213,7 @@ class TenantPointItem: @staticmethod @user_logger def on_delete(req, resp, id_, pid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_TENANT_ID') @@ -1300,6 +1309,7 @@ class TenantSensorCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -1374,6 +1384,7 @@ class TenantSensorItem: @staticmethod @user_logger def on_delete(req, resp, id_, sid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_TENANT_ID') @@ -1482,6 +1493,7 @@ class TenantVirtualMeterCollection: @user_logger def on_post(req, resp, id_): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -1556,6 +1568,7 @@ class TenantVirtualMeterItem: @staticmethod @user_logger def on_delete(req, resp, id_, mid): + access_control(req) if not id_.isdigit() or int(id_) <= 0: raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', description='API.INVALID_TENANT_ID')