energyflowdiagram of access_control

2021-12-01 14:21:38 +08:00 · 2021-12-01 14:21:38 +08:00 · c7fe4dea79
parent 637f8ce481
commit c7fe4dea79
5 changed files with 70 additions and 19 deletions
--- a/admin/app/controllers/settings/energyflowdiagram/energyflowdiagram.controller.js
+++ b/admin/app/controllers/settings/energyflowdiagram/energyflowdiagram.controller.js
@ -1,7 +1,13 @@
 'use strict';
-app.controller('EnergyFlowDiagramController', function($scope, $translate, $uibModal, EnergyFlowDiagramService, toaster,SweetAlert) {
+app.controller('EnergyFlowDiagramController', function($scope,
-
+	$window,
 	$translate,
 	$uibModal,
 	EnergyFlowDiagramService,
 	toaster,
 	SweetAlert) {
 	$scope.cur_user = JSON.parse($window.localStorage.getItem("myems_admin_ui_current_user"));
 	$scope.getAllEnergyFlowDiagrams = function() {
 		EnergyFlowDiagramService.getAllEnergyFlowDiagrams(function (response) {
 			if (angular.isDefined(response.status) && response.status === 200) {
@ -19,7 +25,8 @@ app.controller('EnergyFlowDiagramController', function($scope, $translate, $uibM
 			windowClass: "animated fadeIn",
 		});
 		modalInstance.result.then(function(energyflowdiagram) {
-			EnergyFlowDiagramService.addEnergyFlowDiagram(energyflowdiagram, function (response) {
+			let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
 			EnergyFlowDiagramService.addEnergyFlowDiagram(energyflowdiagram, headers, function (response) {
 				if (angular.isDefined(response.status) && response.status === 201) {
 					toaster.pop({
 						type: "success",
@ -58,7 +65,8 @@ app.controller('EnergyFlowDiagramController', function($scope, $translate, $uibM
 		});
 		modalInstance.result.then(function(modifiedEnergyFlowDiagram) {
-			EnergyFlowDiagramService.editEnergyFlowDiagram(modifiedEnergyFlowDiagram, function (response) {
+			let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
 			EnergyFlowDiagramService.editEnergyFlowDiagram(modifiedEnergyFlowDiagram, headers, function (response) {
 				if (angular.isDefined(response.status) && response.status === 200) {
 					toaster.pop({
 						type: "success",
@ -95,7 +103,8 @@ app.controller('EnergyFlowDiagramController', function($scope, $translate, $uibM
 		        closeOnCancel: true },
 		    function (isConfirm) {
 		        if (isConfirm) {
-		            EnergyFlowDiagramService.deleteEnergyFlowDiagram(energyflowdiagram, function (response) {
+					let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
 		            EnergyFlowDiagramService.deleteEnergyFlowDiagram(energyflowdiagram, headers, function (response) {
 		            	if (angular.isDefined(response.status) && response.status === 204) {
 							toaster.pop({
 								type: "success",
--- a/admin/app/services/settings/energyflowdiagram/energyflowdiagram.service.js
+++ b/admin/app/services/settings/energyflowdiagram/energyflowdiagram.service.js
@ -17,24 +17,24 @@ app.factory('EnergyFlowDiagramService', function($http) {
                callback(response);
            });
        },
-        addEnergyFlowDiagram: function(energyflowdiagram, callback) {
+        addEnergyFlowDiagram: function(energyflowdiagram, headers, callback) {
-            $http.post(getAPI()+'energyflowdiagrams',{data:energyflowdiagram})
+            $http.post(getAPI()+'energyflowdiagrams',{data:energyflowdiagram}, {headers})
            .then(function (response) {
                callback(response);
            }, function (response) {
                callback(response);
            });
        },
-        editEnergyFlowDiagram: function(energyflowdiagram, callback) {
+        editEnergyFlowDiagram: function(energyflowdiagram, headers, callback) {
-            $http.put(getAPI()+'energyflowdiagrams/'+energyflowdiagram.id,{data:energyflowdiagram})
+            $http.put(getAPI()+'energyflowdiagrams/'+energyflowdiagram.id,{data:energyflowdiagram}, {headers})
            .then(function (response) {
                callback(response);
            }, function (response) {
                callback(response);
            });
        },
-        deleteEnergyFlowDiagram: function(energyflowdiagram, callback) {
+        deleteEnergyFlowDiagram: function(energyflowdiagram, headers, callback) {
-            $http.delete(getAPI()+'energyflowdiagrams/'+energyflowdiagram.id)
+            $http.delete(getAPI()+'energyflowdiagrams/'+energyflowdiagram.id, {headers})
            .then(function (response) {
                callback(response);
            }, function (response) {
--- a/myems-api/MyEMS.postman_collection.json
+++ b/myems-api/MyEMS.postman_collection.json
@ -1,6 +1,6 @@
 {
 	"info": {
-		"_postman_id": "98580f5c-106c-4b86-8262-ec3c918608e1",
+		"_postman_id": "ab4b1f3e-3892-4a0e-801b-4ec90d4592fe",
 		"name": "MyEMS",
 		"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
 	},
@ -2030,7 +2030,20 @@
 							"name": "POST Create an Energy Flow Diagram",
 							"request": {
 								"method": "POST",
-								"header": [],
+								"header": [
 									{
 										"key": "User-UUID",
 										"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
 										"description": "Any admin users' UUID",
 										"type": "text"
 									},
 									{
 										"key": "Token",
 										"value": "073b43c05dadd89b833c0595b81c49cb9c1a54ca52b024b301a001720e52c5bf3b95951d5c54766de1028d20301cbd2bb6ec3fb62f9e14d7254cbf3811fe6c93",
 										"description": "Login to get a valid token",
 										"type": "text"
 									}
 								],
 								"body": {
 									"mode": "raw",
 									"raw": "{\"data\":{\"name\":\"MyEMS Energy Flow\"}}"
@ -2051,7 +2064,20 @@
 							"name": "PUT Update an Energy Flow Diagram",
 							"request": {
 								"method": "PUT",
-								"header": [],
+								"header": [
 									{
 										"key": "User-UUID",
 										"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
 										"description": "Any admin users' UUID",
 										"type": "text"
 									},
 									{
 										"key": "Token",
 										"value": "073b43c05dadd89b833c0595b81c49cb9c1a54ca52b024b301a001720e52c5bf3b95951d5c54766de1028d20301cbd2bb6ec3fb62f9e14d7254cbf3811fe6c93",
 										"description": "Login to get a valid token",
 										"type": "text"
 									}
 								],
 								"body": {
 									"mode": "raw",
 									"raw": "{\"data\":{\"name\":\"MyEMS Energy Flow Diagram\"}}"
@ -2073,7 +2099,20 @@
 							"name": "DELETE an Energy Flow Diagram",
 							"request": {
 								"method": "DELETE",
-								"header": [],
+								"header": [
 									{
 										"key": "User-UUID",
 										"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
 										"description": "Any admin users' UUID",
 										"type": "text"
 									},
 									{
 										"key": "Token",
 										"value": "073b43c05dadd89b833c0595b81c49cb9c1a54ca52b024b301a001720e52c5bf3b95951d5c54766de1028d20301cbd2bb6ec3fb62f9e14d7254cbf3811fe6c93",
 										"description": "Login to get a valid token",
 										"type": "text"
 									}
 								],
 								"url": {
 									"raw": "{{base_url}}/energyflowdiagrams/2",
 									"host": [
--- a/myems-api/README.md
+++ b/myems-api/README.md
@ -604,15 +604,15 @@ curl -i -X GET {{base_url}}/energyflowdiagrams
 ```
 *   DELETE an Energy Flow Diagram by ID
 ```bash
-curl -i -X DELETE {{base_url}}/energyflowdiagrams/{id}
+curl -i -H "User-UUID: dcdb67d1-6116-4987-916f-6fc6cf2bc0e4" -H "Token: GET-TOKEN-AFTER-LOGIN" -X DELETE {{base_url}}/energyflowdiagrams/{id}
 ```
 *   POST Create an Energy Flow Diagram
 ```bash
-curl -i -H "Content-Type: application/json" -X POST -d '{"data":{"name":"MyEMS Energy Flow"}}' {{base_url}}/energyflowdiagrams
+curl -i -H "Content-Type: application/json" -H "User-UUID: dcdb67d1-6116-4987-916f-6fc6cf2bc0e4" -H "Token: GET-TOKEN-AFTER-LOGIN" -X POST -d '{"data":{"name":"MyEMS Energy Flow"}}' {{base_url}}/energyflowdiagrams
 ```
 *   PUT Update an Energy Flow Diagram
 ```bash
-curl -i -H "Content-Type: application/json" -X PUT -d '{"data":{"name":"MyEMS Energy Flow Diagram"}}' {{base_url}}/energyflowdiagrams/{id}
+curl -i -H "Content-Type: application/json" -H "User-UUID: dcdb67d1-6116-4987-916f-6fc6cf2bc0e4" -H "Token: GET-TOKEN-AFTER-LOGIN" -X PUT -d '{"data":{"name":"MyEMS Energy Flow Diagram"}}' {{base_url}}/energyflowdiagrams/{id}
 ```
 *   GET All Nodes of an Energy Flow Diagram by ID
 ```bash
--- a/myems-api/core/energyflowdiagram.py
+++ b/myems-api/core/energyflowdiagram.py
@ -3,7 +3,7 @@ import simplejson as json
 import mysql.connector
 import config
 import uuid
-from core.useractivity import user_logger
+from core.useractivity import user_logger, access_control
 class EnergyFlowDiagramCollection:
@ -124,6 +124,7 @@ class EnergyFlowDiagramCollection:
    @user_logger
    def on_post(req, resp):
        """Handles POST requests"""
        access_control(req)
        try:
            raw_json = req.stream.read().decode('utf-8')
        except Exception as ex:
@ -285,6 +286,7 @@ class EnergyFlowDiagramItem:
    @staticmethod
    @user_logger
    def on_delete(req, resp, id_):
        access_control(req)
        if not id_.isdigit() or int(id_) <= 0:
            raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
                                   description='API.INVALID_ENERGY_FLOW_DIAGRAM_ID')
@ -315,6 +317,7 @@ class EnergyFlowDiagramItem:
    @user_logger
    def on_put(req, resp, id_):
        """Handles PUT requests"""
        access_control(req)
        if not id_.isdigit() or int(id_) <= 0:
            raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
                                   description='API.INVALID_ENERGY_FLOW_DIAGRAM_ID')