salix/modules/account/back/models/mail-alias-account.js


const ForbiddenError = require('vn-loopback/util/forbiddenError');

module.exports = Self => {
    Self.rewriteDbError(function(err) {
        if (err.code === 'ER_DUP_ENTRY')
            return new UserError(`You already have the mailAlias`);
        return err;
    });

    Self.beforeRemote('create', async function(ctx) {
        const mailAlias = ctx.args.data?.mailAlias;
        if (!mailAlias) return;
        await checkModifyPermission(ctx, mailAlias);
    });
    Self.beforeRemote('deleteById', async function(ctx) {
        const instance = await Self.findById(ctx.args.id,
            {fields: ['mailAlias']}
        );
        await checkModifyPermission(ctx, instance.mailAlias);
    });

    async function checkModifyPermission(ctx, mailAliasFk) {
        const models = Self.app.models;
        const userId = ctx.req.accessToken.userId;

        const canEditAlias = await models.ACL.checkAccessAcl(ctx,
            'MailAliasAccount', 'canEditAlias', 'WRITE');
        if (canEditAlias) return;

        const allowedRoles = await models.MailAliasAcl.find({
            fields: ['roleFk'],
            where: {mailAliasFk}
        });
        const nRoles = allowedRoles.length &&
            await models.RoleMapping.count({
                principalId: userId,
                principalType: 'USER',
                roleId: {inq: allowedRoles.map(x => x.roleFk)}
            });

        if (!nRoles)
            throw new ForbiddenError('You are not allowed to modify the alias');
    }
};
refs #5887 para eliminar sigue las mismas reglas que para añadir 2023-07-12 11:55:57 +00:00
fix: refs #6085 ACL canEditAlias checked, migrated to remote hooks 2024-01-29 12:48:02 +00:00			`const ForbiddenError = require('vn-loopback/util/forbiddenError');`
refs #5887 para eliminar sigue las mismas reglas que para añadir 2023-07-12 11:55:57 +00:00
			`module.exports = Self => {`
refs #6085 trad, remove front, back test 2023-12-01 12:58:45 +00:00			`Self.rewriteDbError(function(err) {`
			`if (err.code === 'ER_DUP_ENTRY')`
			return new UserError(`You already have the mailAlias`);
			`return err;`
			`});`

fix: refs #6085 ACL canEditAlias checked, migrated to remote hooks 2024-01-29 12:48:02 +00:00			`Self.beforeRemote('create', async function(ctx) {`
			`const mailAlias = ctx.args.data?.mailAlias;`
			`if (!mailAlias) return;`
			`await checkModifyPermission(ctx, mailAlias);`
refs #5887 refacotr: move code to hook 2023-07-12 13:07:06 +00:00			`});`
fix: refs #6085 ACL canEditAlias checked, migrated to remote hooks 2024-01-29 12:48:02 +00:00			`Self.beforeRemote('deleteById', async function(ctx) {`
			`const instance = await Self.findById(ctx.args.id,`
			`{fields: ['mailAlias']}`
			`);`
			`await checkModifyPermission(ctx, instance.mailAlias);`
refs #5887 refacotr: move code to hook 2023-07-12 13:07:06 +00:00			`});`
refs #5887 para eliminar sigue las mismas reglas que para añadir 2023-07-12 11:55:57 +00:00
refs #6085 trad, remove front, back test 2023-12-01 12:58:45 +00:00			`async function checkModifyPermission(ctx, mailAliasFk) {`
refs #5887 para eliminar sigue las mismas reglas que para añadir 2023-07-12 11:55:57 +00:00			`const models = Self.app.models;`
fix: refs #6085 ACL canEditAlias checked, migrated to remote hooks 2024-01-29 12:48:02 +00:00			`const userId = ctx.req.accessToken.userId;`
refs #5887 para eliminar sigue las mismas reglas que para añadir 2023-07-12 11:55:57 +00:00
fix: refs #6085 ACL canEditAlias checked, migrated to remote hooks 2024-01-29 12:48:02 +00:00			`const canEditAlias = await models.ACL.checkAccessAcl(ctx,`
			`'MailAliasAccount', 'canEditAlias', 'WRITE');`
			`if (canEditAlias) return;`
refs #5887 para eliminar sigue las mismas reglas que para añadir 2023-07-12 11:55:57 +00:00
fix: refs #6085 ACL canEditAlias checked, migrated to remote hooks 2024-01-29 12:48:02 +00:00			`const allowedRoles = await models.MailAliasAcl.find({`
			`fields: ['roleFk'],`
			`where: {mailAliasFk}`
refs #6085 remove myOptions 2023-12-11 09:16:46 +00:00			`});`
fix: refs #6085 ACL canEditAlias checked, migrated to remote hooks 2024-01-29 12:48:02 +00:00			`const nRoles = allowedRoles.length &&`
			`await models.RoleMapping.count({`
			`principalId: userId,`
			`principalType: 'USER',`
			`roleId: {inq: allowedRoles.map(x => x.roleFk)}`
			`});`

			`if (!nRoles)`
			`throw new ForbiddenError('You are not allowed to modify the alias');`
refs #6085 refactor sql trad 2023-12-11 07:54:58 +00:00			`}`
refs #5887 para eliminar sigue las mismas reglas que para añadir 2023-07-12 11:55:57 +00:00			`};`