salix/back/models/notificationSubscription.js

const UserError = require('vn-loopback/util/user-error');

module.exports = Self => {
    Self.observe('before save', async function(ctx) {
        const models = Self.app.models;
        const userId = ctx.options.accessToken.userId;
        const user = await ctx.instance.userFk;
        const modifiedUser = await getUserToModify(null, user, models);

        if (userId != modifiedUser.id && userId != modifiedUser.bossFk)
            throw new UserError('You dont have permission to modify this user');
    });

    Self.remoteMethod('deleteNotification', {
        description: 'Deletes a notification subscription',
        accepts: [
            {
                arg: 'ctx',
                type: 'object',
                http: {source: 'context'}
            },
            {
                arg: 'notificationId',
                type: 'number',
                required: true
            },
        ],
        returns: {
            type: 'object',
            root: true
        },
        http: {
            verb: 'POST',
            path: '/deleteNotification'
        }
    });

    Self.deleteNotification = async function(ctx, notificationId) {
        const models = Self.app.models;
        const user = ctx.req.accessToken.userId;
        const modifiedUser = await getUserToModify(notificationId, null, models);

        if (user != modifiedUser.id && user != modifiedUser.bossFk)
            throw new UserError('You dont have permission to modify this user');

        await models.NotificationSubscription.destroyById(notificationId);
    };

    async function getUserToModify(notificationId, userFk, models) {
        let userToModify = userFk;
        if (notificationId) {
            const subscription = await models.NotificationSubscription.findById(notificationId);
            userToModify = subscription.userFk;
        }
        return await models.Worker.findOne({
            fields: ['id', 'bossFk'],
            where: {
                id: userToModify
            }
        });
    }
};
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00			`const UserError = require('vn-loopback/util/user-error');`

changes needed for the worker Notification manager to work 2022-11-24 08:36:05 +00:00			`module.exports = Self => {`
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00			`Self.observe('before save', async function(ctx) {`
changed let to const and removed duplicate code 2022-12-27 13:59:23 +00:00			`const models = Self.app.models;`
			`const userId = ctx.options.accessToken.userId;`
			`const user = await ctx.instance.userFk;`
fix error preventing subscriptions 2023-01-09 07:43:11 +00:00			`const modifiedUser = await getUserToModify(null, user, models);`
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00
requested changes 2023-01-18 06:41:10 +00:00			`if (userId != modifiedUser.id && userId != modifiedUser.bossFk)`
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00			`throw new UserError('You dont have permission to modify this user');`
			`});`

			`Self.remoteMethod('deleteNotification', {`
requested changes 2023-01-03 07:12:46 +00:00			`description: 'Deletes a notification subscription',`
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00			`accepts: [`
			`{`
			`arg: 'ctx',`
			`type: 'object',`
			`http: {source: 'context'}`
			`},`
			`{`
use notification id 2023-01-05 13:13:42 +00:00			`arg: 'notificationId',`
			`type: 'number',`
			`required: true`
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00			`},`
			`],`
			`returns: {`
			`type: 'object',`
			`root: true`
			`},`
			`http: {`
			`verb: 'POST',`
			`path: '/deleteNotification'`
			`}`
			`});`

use notification id 2023-01-05 13:13:42 +00:00			`Self.deleteNotification = async function(ctx, notificationId) {`
changed let to const and removed duplicate code 2022-12-27 13:59:23 +00:00			`const models = Self.app.models;`
requested changes 2023-01-03 07:12:46 +00:00			`const user = ctx.req.accessToken.userId;`
fix error preventing subscriptions 2023-01-09 07:43:11 +00:00			`const modifiedUser = await getUserToModify(notificationId, null, models);`
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00
requested changes 2023-01-18 06:41:10 +00:00			`if (user != modifiedUser.id && user != modifiedUser.bossFk)`
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00			`throw new UserError('You dont have permission to modify this user');`
requested changes 2023-01-18 06:41:10 +00:00
			`await models.NotificationSubscription.destroyById(notificationId);`
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00			`};`
changed let to const and removed duplicate code 2022-12-27 13:59:23 +00:00
requested changes 2023-01-18 06:41:10 +00:00			`async function getUserToModify(notificationId, userFk, models) {`
requested changes 2023-01-18 08:06:17 +00:00			`let userToModify = userFk;`
			`if (notificationId) {`
use notification id 2023-01-05 13:13:42 +00:00			`const subscription = await models.NotificationSubscription.findById(notificationId);`
requested changes 2023-01-18 08:06:17 +00:00			`userToModify = subscription.userFk;`
use notification id 2023-01-05 13:13:42 +00:00			`}`
requested changes 2023-01-18 08:06:17 +00:00			`return await models.Worker.findOne({`
			`fields: ['id', 'bossFk'],`
			`where: {`
			`id: userToModify`
			`}`
			`});`
changed let to const and removed duplicate code 2022-12-27 13:59:23 +00:00			`}`
changes needed for the worker Notification manager to work 2022-11-24 08:36:05 +00:00			`};`