From 05474f2d77a2bfb9a3ec941021a88b619ac22010 Mon Sep 17 00:00:00 2001
From: Usman Nasir <usman@cyberpersons.com>
Date: Wed, 8 Apr 2020 17:24:31 +0500
Subject: [PATCH] add remove access

---
 cloudAPI/urls.py  |  1 +
 cloudAPI/views.py | 27 +++++++++++++++++++++++++++
 2 files changed, 28 insertions(+)

diff --git a/cloudAPI/urls.py b/cloudAPI/urls.py
index 2c9619e7b..f87e369b5 100755
--- a/cloudAPI/urls.py
+++ b/cloudAPI/urls.py
@@ -3,4 +3,5 @@ from . import views
 
 urlpatterns = [
     url(r'^$', views.router, name='router'),
+    url(r'^access$', views.access, name='access'),
 ]
\ No newline at end of file
diff --git a/cloudAPI/views.py b/cloudAPI/views.py
index c8b98dcfe..41cd78308 100755
--- a/cloudAPI/views.py
+++ b/cloudAPI/views.py
@@ -310,3 +310,30 @@ def router(request):
     except BaseException as msg:
         cm = CloudManager(None)
         return cm.ajaxPre(0, str(msg))
+
+@csrf_exempt
+def access(request):
+    try:
+        data = json.loads(request.body)
+
+        serverUserName = request.GET.get('serverUserName')
+        token = request.GET.get('token')
+
+        admin = Administrator.objects.get(userName=serverUserName)
+
+        cm = CloudManager(data, admin)
+
+        if admin.api == 0:
+            return cm.ajaxPre(0, 'API Access Disabled.')
+
+        if token == admin.token:
+            request.session['userID'] = admin.pk
+            from django.shortcuts import redirect
+            from baseTemplate.views import renderBase
+            return redirect(renderBase)
+        else:
+            return cm.ajaxPre(0, 'Unauthorized access.')
+
+    except BaseException as msg:
+        cm = CloudManager(None)
+        return cm.ajaxPre(0, str(msg))