salix/back/models/vn-user.js

176 lines
5.4 KiB
JavaScript
Raw Normal View History

2023-01-24 08:04:43 +00:00
const vnModel = require('vn-loopback/common/models/vn-model');
2023-01-31 13:57:24 +00:00
const {Email} = require('vn-print');
module.exports = function(Self) {
2023-01-24 08:04:43 +00:00
vnModel(Self);
2023-04-18 11:15:04 +00:00
require('../methods/vn-user/sign-in')(Self);
require('../methods/vn-user/acl')(Self);
2023-01-24 09:35:21 +00:00
require('../methods/vn-user/recover-password')(Self);
require('../methods/vn-user/validate-token')(Self);
require('../methods/vn-user/privileges')(Self);
2023-04-18 11:15:04 +00:00
require('../methods/vn-user/validate-auth')(Self);
require('../methods/vn-user/renew-token')(Self);
Self.definition.settings.acls = Self.definition.settings.acls.filter(acl => acl.property !== 'create');
// Validations
Self.validatesFormatOf('email', {
message: 'Invalid email',
allowNull: true,
2023-07-21 10:33:14 +00:00
allowBlank: false,
with: /^[\w|.|-]+@[\w|-]+(\.[\w|-]+)*(,[\w|.|-]+@[\w|-]+(\.[\w|-]+)*)*$/
});
Self.validatesUniquenessOf('name', {
message: `A client with that Web User name already exists`
});
Self.remoteMethod('getCurrentUserData', {
description: 'Gets the current user data',
accepts: [
{
arg: 'ctx',
type: 'Object',
http: {source: 'context'}
}
],
returns: {
type: 'Object',
root: true
},
http: {
verb: 'GET',
path: '/getCurrentUserData'
}
});
Self.getCurrentUserData = async function(ctx) {
let userId = ctx.req.accessToken.userId;
return await Self.findById(userId, {
fields: ['id', 'name', 'nickname']
});
};
/**
* Checks if user has a role.
*
* @param {Integer} userId The user id
* @param {String} name The role name
* @param {Object} options Options
* @return {Boolean} %true if user has the role, %false otherwise
*/
Self.hasRole = async function(userId, name, options) {
const roles = await Self.getRoles(userId, options);
return roles.some(role => role == name);
};
/**
* Get all user roles.
*
* @param {Integer} userId The user id
* @param {Object} options Options
* @return {Object} User role list
*/
Self.getRoles = async(userId, options) => {
const result = await Self.rawSql(
`SELECT r.name
FROM account.user u
JOIN account.roleRole rr ON rr.role = u.role
JOIN account.role r ON r.id = rr.inheritsFrom
WHERE u.id = ?`, [userId], options);
const roles = [];
for (const role of result)
roles.push(role.name);
return roles;
};
2023-01-31 13:57:24 +00:00
Self.on('resetPasswordRequest', async function(info) {
const url = await Self.app.models.Url.getUrl();
2023-01-31 13:57:24 +00:00
const defaultHash = '/reset-password?access_token=$token$';
const recoverHashes = {
hedera: 'verificationToken=$token$'
};
const app = info.options?.app;
let recoverHash = app ? recoverHashes[app] : defaultHash;
recoverHash = recoverHash.replace('$token$', info.accessToken.id);
2023-01-31 13:57:24 +00:00
const user = await Self.app.models.VnUser.findById(info.user.id);
2023-01-31 13:57:24 +00:00
const params = {
recipient: info.email,
lang: user.lang,
2023-10-16 16:24:58 +00:00
url: url.slice(0, -1) + recoverHash
2023-01-31 13:57:24 +00:00
};
const options = Object.assign({}, info.options);
for (const param in options)
params[param] = options[param];
const email = new Email(options.emailTemplate, params);
return email.send();
});
2023-04-18 11:15:04 +00:00
Self.validateLogin = async function(user, password) {
let loginInfo = Object.assign({password}, Self.userUses(user));
token = await Self.login(loginInfo, 'user');
2023-07-25 13:00:08 +00:00
const userToken = await token.user.get();
try {
await Self.app.models.Account.sync(userToken.name, password);
} catch (err) {
console.warn(err);
}
return {token: token.id, ttl: token.ttl};
};
2023-04-18 11:15:04 +00:00
Self.userUses = function(user) {
return user.indexOf('@') !== -1
2023-04-18 11:15:04 +00:00
? {email: user}
: {username: user};
};
2023-06-02 13:07:02 +00:00
const _setPassword = Self.prototype.setPassword;
Self.prototype.setPassword = async function(newPassword, options, cb) {
if (cb === undefined && typeof options === 'function') {
cb = options;
options = undefined;
2023-06-02 13:07:02 +00:00
}
const myOptions = {};
let tx;
if (typeof options == 'object')
Object.assign(myOptions, options);
if (!myOptions.transaction) {
tx = await Self.beginTransaction({});
myOptions.transaction = tx;
}
options = myOptions;
try {
2023-06-02 13:07:02 +00:00
await Self.rawSql(`CALL account.user_checkPassword(?)`, [newPassword], options);
await _setPassword.call(this, newPassword, options);
await this.updateAttribute('passExpired', null, options);
await Self.app.models.Account.sync(this.name, newPassword, null, options);
tx && await tx.commit();
cb && cb();
} catch (err) {
2023-06-02 13:07:02 +00:00
tx && await tx.rollback();
if (cb) cb(err); else throw err;
}
};
2023-07-17 12:41:15 +00:00
Self.sharedClass._methods.find(method => method.name == 'changePassword').ctor.settings.acls =
Self.sharedClass._methods.find(method => method.name == 'changePassword').ctor.settings.acls
.filter(acl => acl.property != 'changePassword');
};