diff options
| author | Jules Laplace <julescarbon@gmail.com> | 2021-03-05 23:39:43 +0100 |
|---|---|---|
| committer | Jules Laplace <julescarbon@gmail.com> | 2021-03-05 23:39:43 +0100 |
| commit | 2167b0d496544f2ce904cd0036fdb8dd809ff7a0 (patch) | |
| tree | ee3e4cf0ce14b7305f1b163aa26b8f735aedeee6 /animism-align/cli/app | |
| parent | ed7d80ba92cce20baf662c292be43fa75398b89b (diff) | |
fix longstanding bug in my crud controller
Diffstat (limited to 'animism-align/cli/app')
| -rw-r--r-- | animism-align/cli/app/controllers/crud_controller.py | 4 | ||||
| -rw-r--r-- | animism-align/cli/app/controllers/user_controller.py | 2 | ||||
| -rw-r--r-- | animism-align/cli/app/server/web.py | 1 |
3 files changed, 4 insertions, 3 deletions
diff --git a/animism-align/cli/app/controllers/crud_controller.py b/animism-align/cli/app/controllers/crud_controller.py index 78bff2d..29a570a 100644 --- a/animism-align/cli/app/controllers/crud_controller.py +++ b/animism-align/cli/app/controllers/crud_controller.py @@ -114,8 +114,8 @@ class CrudView(FlaskView): item = session.query(self.model).get(id) if item: raw_form = MultiDict(request.json) if request.json is not None else request.form - form = self.form(obj=item) - print(item.toJSON()) + form = self.form(raw_form, obj=item) + # print(item.toJSON()) form.populate_obj(item) if form.validate(): self.on_update(session, raw_form, item) diff --git a/animism-align/cli/app/controllers/user_controller.py b/animism-align/cli/app/controllers/user_controller.py index 26aa656..8fdc1f0 100644 --- a/animism-align/cli/app/controllers/user_controller.py +++ b/animism-align/cli/app/controllers/user_controller.py @@ -25,6 +25,7 @@ class UserView(CrudView): item.settings = form['settings'] def on_update(self, session, form, item): + current_user = get_jwt_identity() if not current_user['is_admin']: if item.id != current_user['id']: raise ValueError("Unauthorized") @@ -36,6 +37,7 @@ class UserView(CrudView): item.settings = form['settings'] def on_destroy(self, session, item): + current_user = get_jwt_identity() if not current_user['is_admin']: raise ValueError("Unauthorized") if item.id == current_user['id']: diff --git a/animism-align/cli/app/server/web.py b/animism-align/cli/app/server/web.py index cf63c3d..cb86af0 100644 --- a/animism-align/cli/app/server/web.py +++ b/animism-align/cli/app/server/web.py @@ -39,7 +39,6 @@ def create_app(script_info=None): app.config['SERVER_NAME'] = app_cfg.SERVER_NAME app.config['JWT_SECRET_KEY'] = app_cfg.TOKEN_SECRET app.config['JWT_AUTH_URL_RULE'] = '/api/v1/auth/login' - # app.config['JWT_VERIFY_EXPIRATION'] = False app.config['JWT_ACCESS_TOKEN_EXPIRES'] = timedelta(days=365 * 10) app.url_map.strict_slashes = False |