Revize 5dc6d077
Přidáno uživatelem Matěj Zeman před asi 2 roky(ů)
| server/sql_app/api/pcs_web.py | ||
|---|---|---|
| 44 | 44 |
|
| 45 | 45 |
|
| 46 | 46 |
@pcs_web.get("/pc-team/{pc_id}", response_class=HTMLResponse)
|
| 47 |
async def connect_pc_team(request: Request, pc_id: int, db: Session = Depends(get_db)): |
|
| 47 |
async def connect_pc_team(request: Request, pc_id: int, db: Session = Depends(get_db), |
|
| 48 |
Authorize: AuthJWT = Depends()): |
|
| 48 | 49 |
""" |
| 49 | 50 |
Returns template with Form for connecting pc with team |
| 50 | 51 |
""" |
| 52 |
Authorize.jwt_optional() |
|
| 53 |
current_user = Authorize.get_jwt_subject() |
|
| 54 |
if current_user != "admin": |
|
| 55 |
return RedirectResponse(url=f"/logs-web", status_code=303) |
|
| 51 | 56 |
pc = crud.get_pc(db, pc_id) |
| 52 | 57 |
teams = crud.get_teams(db, 0, 100) |
| 53 | 58 |
return templates.TemplateResponse("pcteam.html",
|
| ... | ... | |
| 55 | 60 |
|
| 56 | 61 |
|
| 57 | 62 |
@pcs_web.post("/pcs-web/{pc_id}")
|
| 58 |
async def connect_post(pc_id: int, team: str = Form(...), db: Session = Depends(get_db)): |
|
| 63 |
async def connect_post(pc_id: int, team: str = Form(...), db: Session = Depends(get_db), |
|
| 64 |
Authorize: AuthJWT = Depends()): |
|
| 59 | 65 |
""" |
| 60 | 66 |
Endpoint called from within form for connecting pc with team. Updates certain pc with new team. |
| 61 | 67 |
""" |
| 68 |
Authorize.jwt_optional() |
|
| 69 |
current_user = Authorize.get_jwt_subject() |
|
| 70 |
if current_user != "admin": |
|
| 71 |
return RedirectResponse(url=f"/logs-web", status_code=303) |
|
| 62 | 72 |
old_pc = crud.update_pc(db, pc_id, team) |
| 63 | 73 |
return RedirectResponse(url=f"/pcs-web", status_code=303) |
Také k dispozici: Unified diff
security fix for all endpoints. Added view for Licenses and html template on "/" with information about server endpoints.