Revize 5dc6d077
Přidáno uživatelem Matěj Zeman před asi 2 roky(ů)
server/sql_app/api/devices_web.py | ||
---|---|---|
87 | 87 |
|
88 | 88 |
|
89 | 89 |
@device_web.get("/device-license/{device_id}", response_class=HTMLResponse) |
90 |
async def connect_dev_lic(request: Request, device_id: int, db: Session = Depends(get_db)): |
|
90 |
async def connect_dev_lic(request: Request, device_id: int, db: Session = Depends(get_db), |
|
91 |
Authorize: AuthJWT = Depends()): |
|
91 | 92 |
""" |
92 | 93 |
Returns template with one device and all available licenses that can be assigned to it. |
93 | 94 |
""" |
95 |
Authorize.jwt_optional() |
|
96 |
current_user = Authorize.get_jwt_subject() |
|
97 |
if current_user != "admin": |
|
98 |
return RedirectResponse(url=f"/logs-web", status_code=303) |
|
94 | 99 |
device = crud.get_device(db, device_id) |
95 | 100 |
dev_licenses = crud.get_device_licenses(db, device_id) |
96 | 101 |
lic_names = [] |
... | ... | |
109 | 114 |
|
110 | 115 |
|
111 | 116 |
@device_web.post("/devices-web/{device_id}") |
112 |
async def connect_post(device_id: int, lic: str = Form(...), db: Session = Depends(get_db)): |
|
117 |
async def connect_post(device_id: int, lic: str = Form(...), db: Session = Depends(get_db), |
|
118 |
Authorize: AuthJWT = Depends()): |
|
113 | 119 |
""" |
114 | 120 |
Endpoint called from template for connecting device with license. Adds entry to devices_licenses |
115 | 121 |
table and redirects to devices-web endpoint |
116 | 122 |
""" |
123 |
Authorize.jwt_optional() |
|
124 |
current_user = Authorize.get_jwt_subject() |
|
125 |
if current_user != "admin": |
|
126 |
return RedirectResponse(url=f"/logs-web", status_code=303) |
|
117 | 127 |
crud.create_device_license(db, device_id, int(lic), datetime.now()) |
118 | 128 |
return RedirectResponse(url=f"/devices-web", status_code=303) |
119 | 129 |
|
120 | 130 |
|
121 | 131 |
@device_web.post("/devices-web-del/{device_id}") |
122 |
async def delete_post(device_id: int, lic_del: str = Form(...), db: Session = Depends(get_db)): |
|
132 |
async def delete_post(device_id: int, lic_del: str = Form(...), db: Session = Depends(get_db), |
|
133 |
Authorize: AuthJWT = Depends()): |
|
123 | 134 |
""" |
124 | 135 |
Endpoint called from template for deleting device-license connection. Adds entry to bodydevices_licenses |
125 | 136 |
table and redirects to devices-web endpoint |
126 | 137 |
""" |
138 |
Authorize.jwt_optional() |
|
139 |
current_user = Authorize.get_jwt_subject() |
|
140 |
if current_user != "admin": |
|
141 |
return RedirectResponse(url=f"/logs-web", status_code=303) |
|
127 | 142 |
crud.delete_device_license(db, device_id, int(lic_del)) |
128 | 143 |
return RedirectResponse(url=f"/devices-web", status_code=303) |
Také k dispozici: Unified diff
security fix for all endpoints. Added view for Licenses and html template on "/" with information about server endpoints.