Revize 5dc6d077
Přidáno uživatelem Matěj Zeman před asi 2 roky(ů)
server/sql_app/api/bodydevices_web.py | ||
---|---|---|
87 | 87 |
|
88 | 88 |
|
89 | 89 |
@body_device_web.get("/body-device-license/{device_id}", response_class=HTMLResponse) |
90 |
async def connect_dev_lic(request: Request, device_id: int, db: Session = Depends(get_db)): |
|
90 |
async def connect_dev_lic(request: Request, device_id: int, db: Session = Depends(get_db), |
|
91 |
Authorize: AuthJWT = Depends()): |
|
91 | 92 |
""" |
92 | 93 |
Returns template with one body device and all available licenses that can be assigned to it. |
93 | 94 |
""" |
95 |
Authorize.jwt_optional() |
|
96 |
current_user = Authorize.get_jwt_subject() |
|
97 |
if current_user != "admin": |
|
98 |
return RedirectResponse(url=f"/logs-web", status_code=303) |
|
94 | 99 |
device = crud.get_body_device(db, device_id) |
95 | 100 |
dev_licenses = crud.get_bodydevice_license(db, device_id) |
96 | 101 |
lic_names = [] |
... | ... | |
109 | 114 |
|
110 | 115 |
|
111 | 116 |
@body_device_web.post("/body-devices-web/{device_id}") |
112 |
async def connect_post(device_id: int, lic: str = Form(...), db: Session = Depends(get_db)): |
|
117 |
async def connect_post(device_id: int, lic: str = Form(...), db: Session = Depends(get_db), |
|
118 |
Authorize: AuthJWT = Depends()): |
|
113 | 119 |
""" |
114 | 120 |
Endpoint called from template for connecting body device with license. Adds entry to bodydevices_licenses |
115 | 121 |
table and redirects to body-devices-web endpoint |
116 | 122 |
""" |
123 |
Authorize.jwt_optional() |
|
124 |
current_user = Authorize.get_jwt_subject() |
|
125 |
if current_user != "admin": |
|
126 |
return RedirectResponse(url=f"/logs-web", status_code=303) |
|
117 | 127 |
crud.create_body_device_license(db, device_id, int(lic), datetime.now()) |
118 | 128 |
return RedirectResponse(url=f"/body-devices-web", status_code=303) |
119 | 129 |
|
120 | 130 |
|
121 | 131 |
@body_device_web.post("/body-devices-web-del/{device_id}") |
122 |
async def delete_post(device_id: int, b_lic: str = Form(...), db: Session = Depends(get_db)): |
|
132 |
async def delete_post(device_id: int, b_lic: str = Form(...), db: Session = Depends(get_db), |
|
133 |
Authorize: AuthJWT = Depends()): |
|
123 | 134 |
""" |
124 | 135 |
Endpoint called from template for connecting body device with license. Adds entry to devices_licenses |
125 | 136 |
table and redirects to body-devices-web endpoint |
126 | 137 |
""" |
138 |
Authorize.jwt_optional() |
|
139 |
current_user = Authorize.get_jwt_subject() |
|
140 |
if current_user != "admin": |
|
141 |
return RedirectResponse(url=f"/logs-web", status_code=303) |
|
127 | 142 |
crud.delete_bodydevice_license(db, device_id, int(b_lic)) |
128 | 143 |
return RedirectResponse(url=f"/body-devices-web", status_code=303) |
Také k dispozici: Unified diff
security fix for all endpoints. Added view for Licenses and html template on "/" with information about server endpoints.