seg_yinzy
/
myems
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added access control to point in api and admin

pull/93/MERGE
13621160019@163.com 2021-12-07 19:50:37 +08:00
parent 043416500a
commit 9c9e316efc
4 changed files with 15 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
admin/nginx.conf vendored
View File

@ -46,7 +46,7 @@ http {
} }
location /api { location /api {
proxy_pass http://192.168.1.6:8000/; proxy_pass http://127.0.0.1:8000/;
proxy_connect_timeout 75; proxy_connect_timeout 75;
proxy_read_timeout 600; proxy_read_timeout 600;
send_timeout 600; send_timeout 600;

18
myems-api/MyEMS.postman_collection.json
View File

@ -1315,7 +1315,7 @@
}, },
{ {
"key": "Token", "key": "Token",
"value": "ce8adcab80f37322487df375c3e3923e6febbcfb26d2b654a5814db6874f2b072fb40a85199efa725af7f3aa4f490f9cc833422b793fa85266237dc5278dff9f", "value": "44e05939a3c8a545fef506ca42d51c13fc934af45b57346247697ac0b4797ca30d3d950f54d5e16d51876abc0f48b8b5db4894841b56dbfdb2ac9b8162c4e6d1",
"type": "text", "type": "text",
"description": "Login to get a valid token" "description": "Login to get a valid token"
} }
@ -1476,7 +1476,7 @@
}, },
{ {
"key": "Token", "key": "Token",
"value": "ce8adcab80f37322487df375c3e3923e6febbcfb26d2b654a5814db6874f2b072fb40a85199efa725af7f3aa4f490f9cc833422b793fa85266237dc5278dff9f", "value": "44e05939a3c8a545fef506ca42d51c13fc934af45b57346247697ac0b4797ca30d3d950f54d5e16d51876abc0f48b8b5db4894841b56dbfdb2ac9b8162c4e6d1",
"type": "text", "type": "text",
"description": "Login to get a valid token" "description": "Login to get a valid token"
} }
@ -4758,7 +4758,7 @@
}, },
{ {
"key": "Token", "key": "Token",
"value": "ce8adcab80f37322487df375c3e3923e6febbcfb26d2b654a5814db6874f2b072fb40a85199efa725af7f3aa4f490f9cc833422b793fa85266237dc5278dff9f", "value": "44e05939a3c8a545fef506ca42d51c13fc934af45b57346247697ac0b4797ca30d3d950f54d5e16d51876abc0f48b8b5db4894841b56dbfdb2ac9b8162c4e6d1",
"type": "text", "type": "text",
"description": "Login to get a valid token" "description": "Login to get a valid token"
} }
@ -4788,7 +4788,7 @@
}, },
{ {
"key": "Token", "key": "Token",
"value": "ce8adcab80f37322487df375c3e3923e6febbcfb26d2b654a5814db6874f2b072fb40a85199efa725af7f3aa4f490f9cc833422b793fa85266237dc5278dff9f", "value": "44e05939a3c8a545fef506ca42d51c13fc934af45b57346247697ac0b4797ca30d3d950f54d5e16d51876abc0f48b8b5db4894841b56dbfdb2ac9b8162c4e6d1",
"type": "text", "type": "text",
"description": "Login to get a valid token" "description": "Login to get a valid token"
} }
@ -4819,7 +4819,7 @@
}, },
{ {
"key": "Token", "key": "Token",
"value": "ce8adcab80f37322487df375c3e3923e6febbcfb26d2b654a5814db6874f2b072fb40a85199efa725af7f3aa4f490f9cc833422b793fa85266237dc5278dff9f", "value": "44e05939a3c8a545fef506ca42d51c13fc934af45b57346247697ac0b4797ca30d3d950f54d5e16d51876abc0f48b8b5db4894841b56dbfdb2ac9b8162c4e6d1",
"type": "text", "type": "text",
"description": "Login to get a valid token" "description": "Login to get a valid token"
} }
@ -4853,19 +4853,19 @@
}, },
{ {
"key": "Token", "key": "Token",
"value": "ce8adcab80f37322487df375c3e3923e6febbcfb26d2b654a5814db6874f2b072fb40a85199efa725af7f3aa4f490f9cc833422b793fa85266237dc5278dff9f", "value": "44e05939a3c8a545fef506ca42d51c13fc934af45b57346247697ac0b4797ca30d3d950f54d5e16d51876abc0f48b8b5db4894841b56dbfdb2ac9b8162c4e6d1",
"type": "text", "type": "text",
"description": "Login to get a valid token" "description": "Login to get a valid token"
} }
], ],
"url": { "url": {
"raw": "{{base_url}}/points/2", "raw": "{{base_url}}/points/11",
"host": [ "host": [
"{{base_url}}" "{{base_url}}"
], ],
"path": [ "path": [
"points", "points",
"2" "11"
] ]
} }
}, },
@ -4884,7 +4884,7 @@
}, },
{ {
"key": "Token", "key": "Token",
"value": "ce8adcab80f37322487df375c3e3923e6febbcfb26d2b654a5814db6874f2b072fb40a85199efa725af7f3aa4f490f9cc833422b793fa85266237dc5278dff9f", "value": "44e05939a3c8a545fef506ca42d51c13fc934af45b57346247697ac0b4797ca30d3d950f54d5e16d51876abc0f48b8b5db4894841b56dbfdb2ac9b8162c4e6d1",
"type": "text", "type": "text",
"description": "Login to get a valid token" "description": "Login to get a valid token"
} }

4
myems-api/core/point.py
View File

@ -17,6 +17,8 @@ class PointCollection:
@staticmethod @staticmethod
def on_get(req, resp): def on_get(req, resp):
"""Handles GET requests"""
access_control(req)
cnx = mysql.connector.connect(**config.myems_system_db) cnx = mysql.connector.connect(**config.myems_system_db)
cursor = cnx.cursor(dictionary=True) cursor = cnx.cursor(dictionary=True)
@ -207,6 +209,8 @@ class PointItem:
@staticmethod @staticmethod
def on_get(req, resp, id_): def on_get(req, resp, id_):
"""Handles GET requests"""
access_control(req)
if not id_.isdigit() or int(id_) <= 0: if not id_.isdigit() or int(id_) <= 0:
raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST', raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
description='API.INVALID_POINT_ID') description='API.INVALID_POINT_ID')

2
web/nginx.conf vendored
View File

@ -47,7 +47,7 @@ http {
} }
location /api { location /api {
proxy_pass http://192.168.1.6:8000/; proxy_pass http://127.0.0.1:8000/;
proxy_connect_timeout 75; proxy_connect_timeout 75;
proxy_read_timeout 600; proxy_read_timeout 600;
send_timeout 600; send_timeout 600;