Projekt

Obecné

Profil

« Předchozí | Další » 

Revize 5dc6d077

Přidáno uživatelem Matěj Zeman před asi 2 roky(ů)

security fix for all endpoints. Added view for Licenses and html template on "/" with information about server endpoints.

Zobrazit rozdíly:

server/sql_app/api/teams_web.py
45 45 

  		




  46
  46
  
    

  		




  47
  47
  
    
@teams_web.get("/team-create", response_class=HTMLResponse)


  		




  48
  
  
    
async def team_create_web(request: Request):


  		




  
  48
  
    
async def team_create_web(request: Request, Authorize: AuthJWT = Depends()):


  		




  49
  49
  
    
    """


  		




  50
  50
  
    
    Returns template with form for creating new team


  		




  51
  51
  
    
    """


  		




  
  52
  
    
    Authorize.jwt_optional()


  		




  
  53
  
    
    current_user = Authorize.get_jwt_subject()


  		




  
  54
  
    
    if current_user != "admin":


  		




  
  55
  
    
        return RedirectResponse(url=f"/logs-web", status_code=303)


  		




  52
  56
  
    
    return templates.TemplateResponse("team_create.html", {"request": request})


  		




  53
  57
  
    

  		




  54
  58
  
    

  		




  55
  59
  
    
@teams_web.post("/teams-web-con")


  		




  56
  
  
    
def create_team(name: str = Form(...), db: Session = Depends(get_db)):


  		




  
  60
  
    
def create_team(name: str = Form(...), db: Session = Depends(get_db), Authorize: AuthJWT = Depends()):


  		




  57
  61
  
    
    """


  		




  58
  62
  
    
    Endpoint called from within form for creating new team. Creates new team and returns all teams in database


  		




  59
  63
  
    
    """


  		




  60
  
  
    
    team = crud.create_team(db, name)


  		




  61
  
  
    
    if team is None:


  		




  62
  
  
    
        print("something went wrong")


  		




  
  64
  
    
    Authorize.jwt_optional()


  		




  
  65
  
    
    current_user = Authorize.get_jwt_subject()


  		




  
  66
  
    
    if current_user != "admin":


  		




  
  67
  
    
        return RedirectResponse(url=f"/logs-web", status_code=303)


  		




  
  68
  
    
    teams = crud.get_teams(db, 0, 100)


  		




  
  69
  
    
    teams_names = []


  		




  
  70
  
    
    for t in teams:


  		




  
  71
  
    
        teams_names.append(t.name)


  		




  
  72
  
    
    if name not in teams_names:


  		




  
  73
  
    
        team = crud.create_team(db, name)


  		




  
  74
  
    
        if team is None:


  		




  
  75
  
    
            print("something went wrong")


  		




  63
  76
  
    
    return RedirectResponse(url=f"/teams-web", status_code=303)


  		












Také k dispozici:  Unified diff