|
|
@@ -297,19 +297,13 @@ class AppNameApi(Resource):
|
|
|
@account_initialization_required
|
|
|
@marshal_with(app_detail_fields)
|
|
|
def post(self, app_id):
|
|
|
-
|
|
|
- # The role of the current user in the ta table must be admin or owner
|
|
|
- if current_user.current_tenant.current_role not in ['admin', 'owner']:
|
|
|
- raise Forbidden()
|
|
|
+ app_id = str(app_id)
|
|
|
+ app = _get_app(app_id, current_user.current_tenant_id)
|
|
|
|
|
|
parser = reqparse.RequestParser()
|
|
|
parser.add_argument('name', type=str, required=True, location='json')
|
|
|
args = parser.parse_args()
|
|
|
|
|
|
- app = db.get_or_404(App, str(app_id))
|
|
|
- if app.tenant_id != flask.session.get('tenant_id'):
|
|
|
- raise Unauthorized()
|
|
|
-
|
|
|
app.name = args.get('name')
|
|
|
app.updated_at = datetime.utcnow()
|
|
|
db.session.commit()
|
|
|
@@ -322,20 +316,14 @@ class AppIconApi(Resource):
|
|
|
@account_initialization_required
|
|
|
@marshal_with(app_detail_fields)
|
|
|
def post(self, app_id):
|
|
|
-
|
|
|
- # The role of the current user in the ta table must be admin or owner
|
|
|
- if current_user.current_tenant.current_role not in ['admin', 'owner']:
|
|
|
- raise Forbidden()
|
|
|
+ app_id = str(app_id)
|
|
|
+ app = _get_app(app_id, current_user.current_tenant_id)
|
|
|
|
|
|
parser = reqparse.RequestParser()
|
|
|
parser.add_argument('icon', type=str, location='json')
|
|
|
parser.add_argument('icon_background', type=str, location='json')
|
|
|
args = parser.parse_args()
|
|
|
|
|
|
- app = db.get_or_404(App, str(app_id))
|
|
|
- if app.tenant_id != flask.session.get('tenant_id'):
|
|
|
- raise Unauthorized()
|
|
|
-
|
|
|
app.icon = args.get('icon')
|
|
|
app.icon_background = args.get('icon_background')
|
|
|
app.updated_at = datetime.utcnow()
|
takatost