verdnatura-mirror
/
loopback
mirror of https://github.com/strongloop/loopback.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,368 Commits 62 Branches 176 Tags 11 MiB
Commit Graph

240 Commits

Author SHA1 Message Date
Miroslav Bajtoš 5fd79b14f4 Merge pull request #3146 from strongloop/feature/promisify-role 
Promise-ify built-in Role model
 2017-01-30 11:32:28 +01:00
Miroslav Bajtoš 8f80aecc1f Preserve sessions on User.save() making no changes 2017-01-30 11:30:05 +01:00
Ritchie Martori d45c1ae7bb Fix logout to handle no or missing accessToken 
Return 401 when the request does not provide any accessToken argument
or the token was not found.

Also simplify the implementation of the `logout` method to make only
a single database call (`deleteById`) instead of `findById` + `delete`.
 2017-01-30 08:56:18 +01:00
Miroslav Bajtoš 0fd8f8af72 Promise-ify built-in Role model 2017-01-27 17:16:59 +01:00
Miroslav Bajtoš dfa1f6035b Merge pull request #3107 from benkroeger/master 
Role model: resolve related models by name
 2017-01-25 10:48:15 +01:00
Aris Kemper efd8237dc6 Fix User methods to use correct Primary Key 
Do not use hard-coded "id" property name, call `idName()` to get the
name of the PK property.
 2017-01-20 16:24:59 +01:00
João Ribeiro e63fea83f7 Fix User.resetPassword to call createAccessToken() 
This allows User subclasses to override the algorithm used for building
one-time access tokens for password recovery.
 2017-01-19 16:27:22 +01:00
Benjamin Kroeger a6d511d8b4 Role model: resolves related models by name 
Resolve models related to the `Role` model by name instead of class.
 2017-01-16 15:48:24 +01:00
Miroslav Bajtoš e17cc3d23a Preserve current session when invalidating tokens 
Fix User model to preserve the current session (provided via
"options.accessToken") when invalidating access tokens after a change
of email or password property.
 2017-01-16 10:08:30 +01:00
Miroslav Bajtoš 70eecfab70 Upgrade eslint-config to 7.x 2017-01-06 12:12:35 +01:00
Bram Borggreve cddfb9c77d
Allow password reset request for users in realms 2017-01-05 09:47:18 -05:00
Miroslav Bajtoš 298635dad1 Merge pull request #2992 from DA-14/feature/resetPasswordRequest 
Emit resetPasswordRequest event with options
 2017-01-05 15:33:22 +01:00
박대선 697614dd45 Applied as reviewed by @flowersinthesand 2016-12-23 14:47:08 +09:00
박대선 d9ae32429b Fix false emailVerified on user model update 
Yesterday, the loopback we are using in our system was upgraded
via npm, and since the upgrade, we noticed that every time
the user model updates, the emailVerified column would change to false.

I took a look and realized there might be an error in
https://github.com/strongloop/loopback/commit/eb640d8

The intent of the commit just mention is to make emailVerified false
when the email gets changed, but notice that ctx.data.email is null
on updates, so the condition is always met and emailVerified always
becomes false.

This commit fixes the issue just mentioned.
 2016-12-23 14:04:44 +09:00
Miroslav Bajtoš 29a17f39d5 Invalidate AccessTokens on password change 
Invalidate all existing sessions (delete all access tokens)
after user's password was changed.
 2016-12-12 13:30:53 +01:00
Sergey Reus fa8bca8d6e Emit resetPasswordRequest event with options 2016-12-09 18:14:32 +02:00
Miroslav Bajtoš f476613ab1 Fix registration of operation hooks in User model 
Follow-up for 4edce47 which moved only two out of three hooks.
 2016-12-09 14:29:30 +01:00
Miroslav Bajtoš 4edce47b24 Fix registration of operation hooks in User model 
Operation hooks are inherited by subclassed models, therefore they must
be registered outside of `Model.setup()` function.

This commit fixes this problem in the built-in User model.

There are not tests verifying this change, as writing a test would be
too cumbersome and not worth the cost IMO.
 2016-12-09 13:16:42 +01:00
Miroslav Bajtoš 63beaa21fe Merge pull request #3004 from strongloop/fix/email-template-in-transport 
Remove "options.template" from Email payload
 2016-12-07 10:53:04 +01:00
Miroslav Bajtoš 5016703f21 Remove "options.template" from Email payload 
Fix User.confirm to exclude "options.template" when sending the
confirmation email. Certain nodemailer transport plugins are rejecting
such requests.
 2016-12-06 16:18:19 +01:00
Miroslav Bajtoš acdfb432d0 Upgrade eslint config and grunt-eslint to latest 
- disable ES6 because PhantomJS does not support it yet
 - fix linter errors reported after the upgrade.
 2016-12-06 16:05:13 +01:00
Eric b0d6c4a7d2 Add "returnOnlyRoleNames" option to Role.getRoles 
Currently the return type of Role.getRoles() method is inconsistent:
role names are returned for smart roles and role ids are returned for
static roles (configured through user-role mapping).

This commit adds a new option to Role.getRoles() allowing the caller
to request role names to be returned for all types of roles.
 2016-11-30 16:46:59 +01:00
Loay f72a29671f Remove workaround for default value 2016-11-22 20:58:27 -05:00
Loay 06cb481c3f Update eslint to loopback config v5 
Notable side-effects:
 - loopback no longer exports "caller" and "arguments" properties
 - kv-memory connector is now properly added to the connector registry
 - the file "test/support.js" was finally removed
 2016-11-22 14:08:02 +01:00
codyolsen 3f5e49c3d6 Fix context within listByPrincipalType role method 
- Fix for current implimentation that returned all models that had any
  assigned roles. Context was not carried into listByPrincipalType,
  setting roleId as null.
 2016-11-15 14:51:05 +01:00
Adrien Kiren 85da50cbc8 Add templateFn option to User#verify() 2016-11-14 16:22:10 +01:00
Loay eb640d8da0 Require verification after email change 
When the User model is configured to require email verification,
then any change of the email address should trigger re-verification.
 2016-11-09 13:06:25 +01:00
Candy 8f08398c30 Update doc links 2016-11-04 16:47:12 -04:00
Dhaval Trivedi 4922f425fc adding check of string for case insensitive emails 2016-11-01 18:13:56 -04:00
Simon Ho dcc58a9d50 Need index on principalId for performance. (#2883) 2016-10-21 16:13:16 -07:00
Miroslav Bajtoš 6808159427 Allow tokens with eternal TTL (value -1) 
- Add a new User setting 'allowEternalTokens'
 - Enhance 'AccessToken.validate' to support eternal tokens with ttl
   value -1 when the user model allows it.
 2016-10-10 13:27:22 +02:00
Loay 5f5e874564 Validate non-email property partial update 2016-10-03 15:45:52 -04:00
Candy 640f3a8ca7 Update globalization structure 2016-09-22 11:58:00 +02:00
David Cheung d544ae1bf8 Support uniqueness for realm users 2016-09-20 11:26:56 -04:00
Simon Ho c3ba632aa3 Merge pull request #2743 from strongloop/docs-for-kv-model 
Add docs for KeyValue model
 2016-09-19 15:29:47 -07:00
Loay bcc2d99a95 Invalidate sessions after email change 2016-09-19 10:24:30 -04:00
Simon Ho 845b73d4eb Add docs for KeyValue model 2016-09-18 19:45:13 -07:00
Miroslav Bajtoš 21ff383eb3 Fix double-slash in confirmation URL 
Fix the code building the URL used in the email-verification email
to prevent double-slash in the URL when e.g. restApiRoot is '/'.

Before:

  http://example.com//users/confirm?...

Now:

  http://example.com/users/confirm?...
 2016-09-13 08:52:49 +02:00
Miroslav Bajtoš 9a75ee6f30 Rework email validation to use isemail 
Drop hand-crafted RegExp in favour of a 3rd-party module that supports
RFC5321, RFC5322 and other relevant standards.
 2016-09-06 14:09:00 +02:00
Simon Ho 9db0682b07 Add remoting for KeyValue model TTL feature 2016-08-29 14:46:41 -07:00
Setogit 0f5136d072 Apply g.f to literal strings 2016-08-27 22:42:21 -07:00
Loay 5567917c12 Allow resetPassword if emailVerified 2016-08-26 13:11:42 -04:00
Benjamin Kroeger 4ff9a4c2ef streamline use if `self` 2016-08-25 12:51:51 +02:00
Benjamin Kroeger 01c1656fc2 resolve related models from correct registry 
Also modify setup of test servers when ACL was used, force the app
to `loadBuiltinModels` with localRegistry.
 2016-08-25 12:51:29 +02:00
Miroslav Bajtoš 88e4de5341 KeyValueModel: add API for listing keys 
- Expose "keys()" at "GET /keys"
 - Add a dummy implementation for "iterateKeys" to serve a useful error
   message when the model is not attached correctly.
 2016-08-18 10:50:45 +02:00
Rand McKinney 01a9fa2ab2 Update acl.js 
Fix typo in JS doc.
 2016-08-16 10:14:17 -07:00
Miroslav Bajtoš eec326dc80 Revert globalization of Swagger descriptions 2016-08-15 11:06:05 +02:00
Loay 7aebf0d132 Add bcrypt validation 2016-08-12 21:34:50 -04:00
Miroslav Bajtoš a259e59afc common: add KeyValueModel 2016-08-10 14:15:22 +02:00
Candy bb9a1b5b24 Update globalization string 2016-08-05 15:49:43 -04:00
Candy b52a7217a9 Add globalization 2016-08-04 15:08:16 -04:00
Miroslav Bajtoš 98816217c9 test: use local registry in test fixtures 
Use local registry in test fixtures to prevent collision in globally
shared models.

Fix issues discoverd in auth implementation where the global registry
was used instead of the correct local one.
 2016-07-27 10:07:49 +02:00
Loay 8f7e032a01 Update user.js 2016-07-25 00:55:55 -04:00
Loay b53a22bfb3 Fix security issue 580 2016-07-22 17:48:57 -04:00
Loay ec51e833b6 Fix verificationToken bug 2016-06-17 10:21:59 -04:00
Amir Jafarian 6502309e34 Expose `Replace*` methods 
*Re-mapping `updateAttributes` endpoint to use
`PATCH` and `PUT`(configurable) verb
*Exposing `replaceById` and `replaceOrCreate` via
`POST` and `PUT`(configurable) verb
 2016-06-10 14:56:44 -04:00
David Cheung 817e76e424 Remove unused UserModel properties 
- credentials
- challenges
- status
- created
- lastUpdated
 2016-05-10 14:29:08 -04:00
Simon Ho 363bc4d6c1 Merge pull request #2310 from ambrt/ambrt-patch-1 
Update user.js
 2016-05-09 12:30:17 -07:00
Candy 8ab6fccdea Remove Change.handleError 2016-05-09 11:45:27 -04:00
Rik 341390a74e Update user.js 
allow to change all {href} instances in user.verify() mail into generated url instead of just one
 2016-05-08 13:10:56 +02:00
Simon Ho 1559db2ca3 Merge pull request #2269 from supasate/feature/do-not-allow-duplicate-role-name 
Add feature to not allow duplicate role name
 2016-05-04 20:42:13 -07:00
Supasate Choochaisri d4a869bddf Add feature to not allow duplicate role name 
Signed-off-by: Supasate Choochaisri <supasate.c@gmail.com>
 2016-05-05 08:18:17 +07:00
Ryan Graham 6964914bab
update copyright statements 2016-05-03 15:50:21 -07:00
Miroslav Bajtoš 35d9fa4b54 Fix role.isOwner to support app-local registry 2016-05-03 14:01:39 +02:00
juehou dcf88baf68 Resolver support return promise 2016-05-02 17:47:14 -04:00
Miroslav Bajtoš f9702b0ace Use eslint with loopback config 
Drop jshint and jscs in favour of eslint.

Fix style violations.

While we are at this, reduce the max line length from 150 to 100.
 2016-04-06 10:45:30 +02:00
Jue Hou eb09681f21 promise docs 
Add promise jsdoc in loopback
 2016-04-04 12:35:35 -04:00
Candy 0e637962d5 Use new strong-remoting API 2016-02-05 11:11:38 -05:00
Jue Hou d26d6ff3ed Promisify Model Change 
* Change.diff
* Change.findOrCreateChange
* Change.rectifyModelChanges
* Change.prototype.currentRevision
* Change.prototype.rectify
 2016-02-04 11:05:23 -05:00
Miroslav Bajtoš 0ad150cb6e Merge pull request #1851 from gausie/patch-4 
Hide verificationToken from JSON output
 2016-01-25 14:23:52 +01:00
Amir-61 c9be67e4d3 Merge pull request #1908 from strongloop/checkpoint_speedup 
Checkpoint speedup
 2016-01-19 10:25:15 -05:00
Samuel Gaus 2741d50342 Hide verificationToken 
We should never be showing this publically.

Adds unit test for hiding verification token.
 2016-01-12 15:48:03 +00:00
Jue Hou 865789017d Fix description for User.prototype.hasPassword 2016-01-11 14:28:10 -05:00
Amir Jafarian 08a2786b04 Checkpoint speedup 2016-01-09 01:56:13 -05:00
Miroslav Bajtoš 1b765922c9 Merge pull request #1860 from strongloop/fix/replication-performance 
Fix replication performance
 2015-12-08 19:32:57 +01:00
Miroslav Bajtoš 62d2b0bf0d change: skip cp lookup on no change 
Modify `Change.rectify` to look up the current checkpoint only when
there was actually some change made.

This should improve the performance of `rectifyAll` when called from a
regular timer and there were no changes made since the last call.
Before this commit, `rectifyAll` would perform N calls of
`Checkpoint.current` where N is the number of model instances. With
this commit in place, no call is made.
 2015-12-08 17:54:26 +01:00
Miroslav Bajtoš 6d040a98ae Merge pull request #1804 from richardpringle/master 
Add case-sensitive email option for User model
 2015-12-08 12:47:58 +01:00
Miroslav Bajtoš d2aaca7460 Change: correctly rectify no-change 
Modify `Change.rectify()` to not make any changes to the Change instance
(most notably to not modify the `checkpoint` field) when the tracked
model instance was not changed.

This should improve the performance of change replication as it reduces
the number of unnecessary replications.

For example, before this commit, every run of `rectifyAll` would
trigger a full sync of all clients, because all change instances would
be moved to the current checkpoint.
 2015-12-07 14:13:25 +01:00
David Cheung c4917819af Adding properties description for User Model 
- Added description for `realm` `created` `lastUpdated` `status`
- End of line for descriptions to be peroid
 2015-12-04 14:55:01 -05:00
Richard Pringle 2cca83c4ff Add case-sensitve email option for User model. 2015-12-03 13:18:49 -05:00
Simo Moujami 403e677155 Fix user.resetPassword to fail on email not found 2015-11-02 12:55:24 +01:00
Samuel Gaus 351b8026a0 Do not include redundant ports in verify links 
If the protocol and port match we can ignore the port for a more
visually appealing link.
 2015-10-12 16:24:30 +02:00
wusuopu ce48521efb Set application's id property only if it's empty. 
Fix `Application.resetKeys()` to reset instance id only if it is not
already set. This fixes a bug where each call of resetKeys created
a new instance.
 2015-10-12 11:23:33 +02:00
Felipe Oliveira Carvalho 355ff8ee41 Update comment about user ACL to reflect implementation 2015-09-11 21:57:55 -03:00
Farid Nouri Neshat 1cc25923a7 Fix options.to assertion message in user.verify 2015-08-27 00:25:09 +08:00
Raymond Feng 06cece038e Merge pull request #1584 from strongloop/feature/add-more-acl-utils 
Enhance the ACL related models
 2015-08-13 09:00:32 -07:00
Raymond Feng 3eb8dd55f6 Add util methods to ACL and clean up related model resolutions 2015-08-13 08:58:41 -07:00
Pradnya Baviskar 2ee7c94a4e Promisify 'Application' model 2015-08-12 09:15:24 +02:00
Miroslav Bajtoš 004baad44c Merge pull request #1501 from digitalsadhu/master 
Add missing . to user model property descriptions
 2015-08-06 09:40:22 +02:00
Miroslav Bajtoš aa5c9e3628 Merge pull request #1493 from PradnyaBaviskar/issue418-userModel 
Promisify User model
 2015-08-04 10:32:44 +02:00
Raymond Feng 66d5cc07e0 Merge pull request #1465 from FreeCodeCamp/fix/no-password 
fix: exit early when password is non-string
 2015-07-29 15:12:43 -07:00
Berkeley Martinez 68fd106510 fix exit early when password is non-string 
closes #1437
 2015-07-29 13:14:06 -07:00
Pradnya Baviskar dc987a59a9 Promisify User model 2015-07-14 13:01:46 +05:30
Miroslav Bajtoš 5ec7fd51e2 Merge pull request #1416 from strongloop/feature/searchDefaultTokenKeys 
Config option: (do not) search default token keys
 2015-07-09 18:03:41 +02:00
Richard Walker 83dca3e838 Add missing . to user model property descriptions 2015-07-04 22:30:45 +02:00
Raymond Feng 77bcc09107 Merge branch 'master' of https://github.com/esco/loopback into esco-master 2015-05-29 16:44:18 -07:00
Owen Brotherwood 86ed4721a5 access-token: add option "searchDefaultTokenKeys" 
Set this option to false to prevent AccessToken from checking default
places like "access_token" in query.
 2015-05-29 12:06:31 +02:00
Alexandru Savin f70c209526 Pass the full options object to the email send method in user verification process. 2015-05-06 15:52:07 +02:00
Miroslav Bajtoš da50d6ffb0 Merge pull request #1332 from strongloop/fix/user-login-include 
Fix remoting metadata for User.login#include
 2015-04-28 08:08:25 +02:00
Miroslav Bajtoš 03d9f64c82 Fix remoting metadata for User.login#include 
Change the type of the "include" argument to "string array".

The type used to be "string" before and thus requests sending multiple
include items were technically incorrect.
 2015-04-24 08:58:30 +02:00