added access control to tenanttype POST/PUT/DELETE actions in api
13621160019@163.com
parent
aac085d160
commit
9d17baff1c
|
|
@ -6259,7 +6259,20 @@
|
||||||
"name": "POST Create New Tenant Type",
|
"name": "POST Create New Tenant Type",
|
||||||
"request": {
|
"request": {
|
||||||
"method": "POST",
|
"method": "POST",
|
||||||
"header": [],
|
"header": [
|
||||||
|
{
|
||||||
|
"key": "User-UUID",
|
||||||
|
"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
|
||||||
|
"description": "Any admin users' UUID",
|
||||||
|
"type": "text"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"key": "Token",
|
||||||
|
"value": "361834d2ebe57d4e87c6aeb10dc502e70a970c6703f6e125ad91d59a1870df1add3622c0da57a567e0681664cf8c9ba6c8406483f493dbd9d05011ed8310f6fd",
|
||||||
|
"description": "Login to get a valid token",
|
||||||
|
"type": "text"
|
||||||
|
}
|
||||||
|
],
|
||||||
"body": {
|
"body": {
|
||||||
"mode": "raw",
|
"mode": "raw",
|
||||||
"raw": "{\"data\":{\"name\": \"Office1\", \"description\":\"办公\", \"simplified_code\":\"OF1\"}}"
|
"raw": "{\"data\":{\"name\": \"Office1\", \"description\":\"办公\", \"simplified_code\":\"OF1\"}}"
|
||||||
|
|
@ -6280,19 +6293,32 @@
|
||||||
"name": "PUT Update a Tenant Type",
|
"name": "PUT Update a Tenant Type",
|
||||||
"request": {
|
"request": {
|
||||||
"method": "PUT",
|
"method": "PUT",
|
||||||
"header": [],
|
"header": [
|
||||||
|
{
|
||||||
|
"key": "User-UUID",
|
||||||
|
"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
|
||||||
|
"description": "Any admin users' UUID",
|
||||||
|
"type": "text"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"key": "Token",
|
||||||
|
"value": "361834d2ebe57d4e87c6aeb10dc502e70a970c6703f6e125ad91d59a1870df1add3622c0da57a567e0681664cf8c9ba6c8406483f493dbd9d05011ed8310f6fd",
|
||||||
|
"description": "Login to get a valid token",
|
||||||
|
"type": "text"
|
||||||
|
}
|
||||||
|
],
|
||||||
"body": {
|
"body": {
|
||||||
"mode": "raw",
|
"mode": "raw",
|
||||||
"raw": "{\"data\":{\"name\": \"Office1\", \"description\":\"办公\", \"simplified_code\":\"OF1\"}}"
|
"raw": "{\"data\":{\"name\": \"Office1\", \"description\":\"办公\", \"simplified_code\":\"OF1\"}}"
|
||||||
},
|
},
|
||||||
"url": {
|
"url": {
|
||||||
"raw": "{{base_url}}/tenanttypes/1",
|
"raw": "{{base_url}}/tenanttypes/10",
|
||||||
"host": [
|
"host": [
|
||||||
"{{base_url}}"
|
"{{base_url}}"
|
||||||
],
|
],
|
||||||
"path": [
|
"path": [
|
||||||
"tenanttypes",
|
"tenanttypes",
|
||||||
"1"
|
"10"
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
@ -6302,15 +6328,28 @@
|
||||||
"name": "DELETE a Tenant Type by ID",
|
"name": "DELETE a Tenant Type by ID",
|
||||||
"request": {
|
"request": {
|
||||||
"method": "DELETE",
|
"method": "DELETE",
|
||||||
"header": [],
|
"header": [
|
||||||
|
{
|
||||||
|
"key": "User-UUID",
|
||||||
|
"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
|
||||||
|
"description": "Any admin users' UUID",
|
||||||
|
"type": "text"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"key": "Token",
|
||||||
|
"value": "361834d2ebe57d4e87c6aeb10dc502e70a970c6703f6e125ad91d59a1870df1add3622c0da57a567e0681664cf8c9ba6c8406483f493dbd9d05011ed8310f6fd",
|
||||||
|
"description": "Login to get a valid token",
|
||||||
|
"type": "text"
|
||||||
|
}
|
||||||
|
],
|
||||||
"url": {
|
"url": {
|
||||||
"raw": "{{base_url}}/tenanttypes/1",
|
"raw": "{{base_url}}/tenanttypes/10",
|
||||||
"host": [
|
"host": [
|
||||||
"{{base_url}}"
|
"{{base_url}}"
|
||||||
],
|
],
|
||||||
"path": [
|
"path": [
|
||||||
"tenanttypes",
|
"tenanttypes",
|
||||||
"1"
|
"10"
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,7 @@ import simplejson as json
|
||||||
import mysql.connector
|
import mysql.connector
|
||||||
import config
|
import config
|
||||||
import uuid
|
import uuid
|
||||||
from core.useractivity import user_logger
|
from core.useractivity import user_logger, access_control
|
||||||
|
|
||||||
|
|
||||||
class TenantTypeCollection:
|
class TenantTypeCollection:
|
||||||
|
|
@ -42,6 +42,7 @@ class TenantTypeCollection:
|
||||||
@user_logger
|
@user_logger
|
||||||
def on_post(req, resp):
|
def on_post(req, resp):
|
||||||
"""Handles POST requests"""
|
"""Handles POST requests"""
|
||||||
|
access_control(req)
|
||||||
try:
|
try:
|
||||||
raw_json = req.stream.read().decode('utf-8')
|
raw_json = req.stream.read().decode('utf-8')
|
||||||
except Exception as ex:
|
except Exception as ex:
|
||||||
|
|
@ -150,6 +151,8 @@ class TenantTypeItem:
|
||||||
@staticmethod
|
@staticmethod
|
||||||
@user_logger
|
@user_logger
|
||||||
def on_delete(req, resp, id_):
|
def on_delete(req, resp, id_):
|
||||||
|
"""Handles DELETE requests"""
|
||||||
|
access_control(req)
|
||||||
if not id_.isdigit() or int(id_) <= 0:
|
if not id_.isdigit() or int(id_) <= 0:
|
||||||
raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
|
raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
|
||||||
description='API.INVALID_TENANT_TYPE_ID')
|
description='API.INVALID_TENANT_TYPE_ID')
|
||||||
|
|
@ -188,6 +191,7 @@ class TenantTypeItem:
|
||||||
@user_logger
|
@user_logger
|
||||||
def on_put(req, resp, id_):
|
def on_put(req, resp, id_):
|
||||||
"""Handles PUT requests"""
|
"""Handles PUT requests"""
|
||||||
|
access_control(req)
|
||||||
try:
|
try:
|
||||||
raw_json = req.stream.read().decode('utf-8')
|
raw_json = req.stream.read().decode('utf-8')
|
||||||
except Exception as ex:
|
except Exception as ex:
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue