From d7cad1d6e0a1abd696dbc8ea08815266d72dd279 Mon Sep 17 00:00:00 2001
From: tianlinzhong <673359306@qq.com>
Date: Tue, 23 Nov 2021 11:29:36 +0800
Subject: [PATCH] added access control to energycategory

---
 myems-api/core/energycategory.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/myems-api/core/energycategory.py b/myems-api/core/energycategory.py
index 039bd95c..29abdcb6 100644
--- a/myems-api/core/energycategory.py
+++ b/myems-api/core/energycategory.py
@@ -150,6 +150,7 @@ class EnergyCategoryItem:
     @staticmethod
     @user_logger
     def on_delete(req, resp, id_):
+        access_control(req)
         if not id_.isdigit() or int(id_) <= 0:
             raise falcon.HTTPError(falcon.HTTP_400, title='API.BAD_REQUEST',
                                    description='API.INVALID_ENERGY_CATEGORY_ID')
@@ -232,6 +233,7 @@ class EnergyCategoryItem:
     @user_logger
     def on_put(req, resp, id_):
         """Handles PUT requests"""
+        access_control(req)
         try:
             raw_json = req.stream.read().decode('utf-8')
         except Exception as ex: