added access control to knowledge file
13621160019@163.com
parent
2245dee31e
commit
d15fef3b52
|
|
@ -26,8 +26,7 @@ app.controller('CostFileController', function (
|
|||
url: getAPI() + 'costfiles',
|
||||
acceptedFiles: '.xlsx',
|
||||
dictDefaultMessage: 'Click(or Drop) to add files',
|
||||
maxFilesize: '100',
|
||||
headers: { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token }
|
||||
maxFilesize: '100'
|
||||
};
|
||||
|
||||
$scope.dzCallbacks = {
|
||||
|
|
@ -47,7 +46,7 @@ app.controller('CostFileController', function (
|
|||
toaster.pop({
|
||||
type: "error",
|
||||
title: $translate.instant("TOASTER.ERROR_ADD_BODY", {template: file.name}),
|
||||
body: $translate.instant(response.data.description),
|
||||
body: $translate.instant(xhr),
|
||||
showCloseButton: true,
|
||||
});
|
||||
}
|
||||
|
|
|
|||
|
|
@ -46,13 +46,14 @@ app.controller('KnowledgeFileController', function (
|
|||
toaster.pop({
|
||||
type: "error",
|
||||
title: $translate.instant("TOASTER.ERROR_ADD_BODY", {template: file.name}),
|
||||
body: $translate.instant(response.data.description),
|
||||
body: $translate.instant(xhr),
|
||||
showCloseButton: true,
|
||||
});
|
||||
}
|
||||
};
|
||||
$scope.restoreKnowledgeFile = function (knowledgefile) {
|
||||
KnowledgeFileService.restoreKnowledgeFile(knowledgefile, function (response) {
|
||||
let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
|
||||
KnowledgeFileService.restoreKnowledgeFile(knowledgefile, headers, function (response) {
|
||||
if (angular.isDefined(response.status) && response.status === 200) {
|
||||
toaster.pop({
|
||||
type: "success",
|
||||
|
|
@ -86,7 +87,8 @@ app.controller('KnowledgeFileController', function (
|
|||
},
|
||||
function (isConfirm) {
|
||||
if (isConfirm) {
|
||||
KnowledgeFileService.deleteKnowledgeFile(knowledgefile, function (response) {
|
||||
let headers = { "User-UUID": $scope.cur_user.uuid, "Token": $scope.cur_user.token };
|
||||
KnowledgeFileService.deleteKnowledgeFile(knowledgefile, headers, function (response) {
|
||||
if (angular.isDefined(response.status) && response.status === 204) {
|
||||
toaster.pop({
|
||||
type: "success",
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ app.controller('OfflineMeterFileController', function(
|
|||
toaster.pop({
|
||||
type: "error",
|
||||
title: $translate.instant("TOASTER.ERROR_ADD_BODY", {template: file.name}),
|
||||
body: $translate.instant(response.data.description),
|
||||
body: $translate.instant(xhr),
|
||||
showCloseButton: true,
|
||||
});
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,8 +10,8 @@ app.factory('KnowledgeFileService', function ($http) {
|
|||
});
|
||||
},
|
||||
|
||||
addKnowledgeFile: function (knowledgefile, callback) {
|
||||
$http.post(getAPI() + 'knowledgefiles', { data: knowledgefile })
|
||||
addKnowledgeFile: function (knowledgefile, headers, callback) {
|
||||
$http.post(getAPI() + 'knowledgefiles', {data: knowledgefile}, {headers})
|
||||
.then(function (response) {
|
||||
callback(response);
|
||||
}, function (response) {
|
||||
|
|
@ -19,8 +19,8 @@ app.factory('KnowledgeFileService', function ($http) {
|
|||
});
|
||||
},
|
||||
|
||||
restoreKnowledgeFile: function (knowledgefile, callback) {
|
||||
$http.get(getAPI() + 'knowledgefiles/' + knowledgefile.id + '/restore')
|
||||
restoreKnowledgeFile: function (knowledgefile, headers, callback) {
|
||||
$http.get(getAPI() + 'knowledgefiles/' + knowledgefile.id + '/restore', {headers})
|
||||
.then(function (response) {
|
||||
callback(response);
|
||||
}, function (response) {
|
||||
|
|
@ -28,8 +28,8 @@ app.factory('KnowledgeFileService', function ($http) {
|
|||
});
|
||||
},
|
||||
|
||||
deleteKnowledgeFile: function (knowledgefile, callback) {
|
||||
$http.delete(getAPI() + 'knowledgefiles/' + knowledgefile.id)
|
||||
deleteKnowledgeFile: function (knowledgefile, headers, callback) {
|
||||
$http.delete(getAPI() + 'knowledgefiles/' + knowledgefile.id, {headers})
|
||||
.then(function (response) {
|
||||
callback(response);
|
||||
}, function (response) {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"info": {
|
||||
"_postman_id": "6678a44a-20bd-4ef2-9a9f-3c47421936c2",
|
||||
"_postman_id": "188bbc28-1018-45ae-bdc8-c0b465102f5f",
|
||||
"name": "MyEMS",
|
||||
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
|
||||
},
|
||||
|
|
@ -588,7 +588,9 @@
|
|||
"request": {
|
||||
"method": "GET",
|
||||
"header": [],
|
||||
"url": null
|
||||
"url": {
|
||||
"raw": ""
|
||||
}
|
||||
},
|
||||
"response": []
|
||||
}
|
||||
|
|
@ -2882,7 +2884,7 @@
|
|||
},
|
||||
{
|
||||
"key": "Token",
|
||||
"value": "7b0f565da5320ad3f641145923a12ab22d94835b",
|
||||
"value": "d2506282920bd7f1fb5db68605324bd7b8c6c305d84dcd43d43edfba6908136c4e468eca553c72f0211b2ad44fedb71c2f5c901816e5de828fa21cfb88a2552e",
|
||||
"type": "text"
|
||||
}
|
||||
],
|
||||
|
|
@ -2912,14 +2914,27 @@
|
|||
"name": "DELETE a Knowledge File by ID",
|
||||
"request": {
|
||||
"method": "DELETE",
|
||||
"header": [],
|
||||
"header": [
|
||||
{
|
||||
"key": "User-UUID",
|
||||
"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
|
||||
"description": "Any admin users' UUID",
|
||||
"type": "text"
|
||||
},
|
||||
{
|
||||
"key": "Token",
|
||||
"value": "d2506282920bd7f1fb5db68605324bd7b8c6c305d84dcd43d43edfba6908136c4e468eca553c72f0211b2ad44fedb71c2f5c901816e5de828fa21cfb88a2552e",
|
||||
"description": "Login to get a valid token",
|
||||
"type": "text"
|
||||
}
|
||||
],
|
||||
"url": {
|
||||
"raw": "{{base_url}}/helpfiles/1",
|
||||
"raw": "{{base_url}}/knowledgefiles/1",
|
||||
"host": [
|
||||
"{{base_url}}"
|
||||
],
|
||||
"path": [
|
||||
"helpfiles",
|
||||
"knowledgefiles",
|
||||
"1"
|
||||
]
|
||||
}
|
||||
|
|
@ -2930,7 +2945,20 @@
|
|||
"name": "Rstore a Knowledge File by ID",
|
||||
"request": {
|
||||
"method": "GET",
|
||||
"header": [],
|
||||
"header": [
|
||||
{
|
||||
"key": "User-UUID",
|
||||
"value": "dcdb67d1-6116-4987-916f-6fc6cf2bc0e4",
|
||||
"description": "Any admin users' UUID",
|
||||
"type": "text"
|
||||
},
|
||||
{
|
||||
"key": "Token",
|
||||
"value": "d2506282920bd7f1fb5db68605324bd7b8c6c305d84dcd43d43edfba6908136c4e468eca553c72f0211b2ad44fedb71c2f5c901816e5de828fa21cfb88a2552e",
|
||||
"description": "Login to get a valid token",
|
||||
"type": "text"
|
||||
}
|
||||
],
|
||||
"url": {
|
||||
"raw": "{{base_url}}/knowledgefiles/1/restore",
|
||||
"host": [
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ from datetime import datetime, timezone, timedelta
|
|||
import os
|
||||
import base64
|
||||
import sys
|
||||
from core.useractivity import user_logger
|
||||
from core.useractivity import user_logger, access_control
|
||||
|
||||
|
||||
class KnowledgeFileCollection:
|
||||
|
|
@ -76,7 +76,7 @@ class KnowledgeFileCollection:
|
|||
@user_logger
|
||||
def on_post(req, resp):
|
||||
"""Handles POST requests"""
|
||||
|
||||
access_control(req)
|
||||
try:
|
||||
upload = req.get_param('file')
|
||||
# Read upload file as binary
|
||||
|
|
@ -234,6 +234,8 @@ class KnowledgeFileItem:
|
|||
@staticmethod
|
||||
@user_logger
|
||||
def on_delete(req, resp, id_):
|
||||
"""Handles DELETE requests"""
|
||||
access_control(req)
|
||||
if not id_.isdigit() or int(id_) <= 0:
|
||||
raise falcon.HTTPError(falcon.HTTP_400,
|
||||
title='API.BAD_REQUEST',
|
||||
|
|
@ -284,6 +286,7 @@ class KnowledgeFileRestore:
|
|||
|
||||
@staticmethod
|
||||
def on_get(req, resp, id_):
|
||||
access_control(req)
|
||||
if not id_.isdigit() or int(id_) <= 0:
|
||||
raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
|
||||
description='API.INVALID_KNOWLEDGE_FILE_ID')
|
||||
|
|
|
|||
Loading…
Reference in New Issue