From a8fec3a7dd1de562a979ae0f78d870fc60b52aab Mon Sep 17 00:00:00 2001 From: tianlinzhong <673359306@qq.com> Date: Tue, 23 Nov 2021 11:19:38 +0800 Subject: [PATCH] added access control to energycategory --- .../category/energycategory.controller.js | 9 +++++--- .../settings/category/category.service.js | 22 +++++++++---------- myems-api/core/energycategory.py | 4 ++-- 3 files changed, 19 insertions(+), 16 deletions(-) diff --git a/admin/app/controllers/settings/category/energycategory.controller.js b/admin/app/controllers/settings/category/energycategory.controller.js index ddaf3aa3..fcc0db00 100644 --- a/admin/app/controllers/settings/category/energycategory.controller.js +++ b/admin/app/controllers/settings/category/energycategory.controller.js @@ -27,7 +27,8 @@ app.controller('EnergyCategoryController', function($scope, $translate,$uibModal } }); modalInstance.result.then(function(category) { - CategoryService.addCategory(category, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + CategoryService.addCategory(category, headers, function (response) { if (angular.isDefined(response.status) && response.status === 201) { toaster.pop({ type: "success", @@ -68,7 +69,8 @@ app.controller('EnergyCategoryController', function($scope, $translate,$uibModal }); modalInstance.result.then(function (modifiedCategory) { - CategoryService.editCategory(modifiedCategory, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + CategoryService.editCategory(modifiedCategory, headers, function (response) { if(angular.isDefined(response.status) && response.status === 200){ toaster.pop({ type: "success", @@ -106,7 +108,8 @@ app.controller('EnergyCategoryController', function($scope, $translate,$uibModal closeOnCancel: true }, function (isConfirm) { if (isConfirm) { - CategoryService.deleteCategory(category, function (response) { + let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }; + CategoryService.deleteCategory(category, headers, function (response) { if (angular.isDefined(response.status) && response.status === 204) { toaster.pop({ type: "success", diff --git a/admin/app/services/settings/category/category.service.js b/admin/app/services/settings/category/category.service.js index 10a4569f..ea59e326 100644 --- a/admin/app/services/settings/category/category.service.js +++ b/admin/app/services/settings/category/category.service.js @@ -2,47 +2,47 @@ app.factory('CategoryService', function($http) { return { getAllCategories:function(callback){ - $http.get(getAPI()+'energycategories') + $http.get(getAPI()+'energycategories') .then(function (response) { callback(response); }, function (response) { callback(response); }); }, - searchCategories: function(query, callback) { - $http.get(getAPI()+'energycategories', { params: { q: query } }) + searchCategories: function(query, headers, callback) { + $http.get(getAPI()+'energycategories', { params: { q: query } }, {headers}) .then(function (response) { callback(response); }, function (response) { callback(response); }); }, - addCategory: function(category, callback) { - $http.post(getAPI()+'energycategories',{data:category}) + addCategory: function(category, headers, callback) { + $http.post(getAPI()+'energycategories',{data:category}, {headers}) .then(function (response) { callback(response); }, function (response) { callback(response); }); }, - editCategory: function(category, callback) { - $http.put(getAPI()+'energycategories/'+category.id,{data:category}) + editCategory: function(category, headers, callback) { + $http.put(getAPI()+'energycategories/'+category.id,{data:category}, {headers}) .then(function (response) { callback(response); }, function (response) { callback(response); }); }, - deleteCategory: function(category, callback) { - $http.delete(getAPI()+'energycategories/'+category.id) + deleteCategory: function(category, headers, callback) { + $http.delete(getAPI()+'energycategories/'+category.id, {headers}) .then(function (response) { callback(response); }, function (response) { callback(response); }); }, - getCategory: function(id, callback) { - $http.get(getAPI()+'energycategories/'+id) + getCategory: function(id, headers, callback) { + $http.get(getAPI()+'energycategories/'+id, {headers}) .then(function (response) { callback(response); }, function (response) { diff --git a/myems-api/core/energycategory.py b/myems-api/core/energycategory.py index 3f06c110..039bd95c 100644 --- a/myems-api/core/energycategory.py +++ b/myems-api/core/energycategory.py @@ -3,7 +3,7 @@ import simplejson as json import mysql.connector import config import uuid -from core.useractivity import user_logger +from core.useractivity import user_logger, access_control class EnergyCategoryCollection: @@ -42,6 +42,7 @@ class EnergyCategoryCollection: @user_logger def on_post(req, resp): """Handles POST requests""" + access_control(req) try: raw_json = req.stream.read().decode('utf-8') except Exception as ex: @@ -304,4 +305,3 @@ class EnergyCategoryItem: cursor.close() cnx.disconnect() resp.status = falcon.HTTP_200 -