2023-01-24 08:04:43 +00:00
|
|
|
const vnModel = require('vn-loopback/common/models/vn-model');
|
2023-01-31 13:57:24 +00:00
|
|
|
const LoopBackContext = require('loopback-context');
|
|
|
|
const {Email} = require('vn-print');
|
|
|
|
|
2023-01-23 14:24:00 +00:00
|
|
|
module.exports = function(Self) {
|
2023-01-24 08:04:43 +00:00
|
|
|
vnModel(Self);
|
2023-01-23 14:24:00 +00:00
|
|
|
|
2023-04-18 11:15:04 +00:00
|
|
|
require('../methods/vn-user/sign-in')(Self);
|
2023-01-23 14:24:00 +00:00
|
|
|
require('../methods/vn-user/acl')(Self);
|
2023-01-24 09:35:21 +00:00
|
|
|
require('../methods/vn-user/recover-password')(Self);
|
2023-01-23 14:24:00 +00:00
|
|
|
require('../methods/vn-user/validate-token')(Self);
|
|
|
|
require('../methods/vn-user/privileges')(Self);
|
2023-04-18 11:15:04 +00:00
|
|
|
require('../methods/vn-user/validate-auth')(Self);
|
2023-05-24 13:01:59 +00:00
|
|
|
require('../methods/vn-user/renew-token')(Self);
|
2023-07-11 10:33:44 +00:00
|
|
|
require('../methods/vn-user/addAlias')(Self);
|
|
|
|
require('../methods/vn-user/removeAlias')(Self);
|
2023-05-23 06:45:03 +00:00
|
|
|
|
2023-05-30 08:07:17 +00:00
|
|
|
Self.definition.settings.acls = Self.definition.settings.acls.filter(acl => acl.property !== 'create');
|
2023-01-23 14:24:00 +00:00
|
|
|
|
|
|
|
// Validations
|
|
|
|
|
|
|
|
Self.validatesFormatOf('email', {
|
|
|
|
message: 'Invalid email',
|
|
|
|
allowNull: true,
|
|
|
|
allowBlank: true,
|
|
|
|
with: /^[\w|.|-]+@[\w|-]+(\.[\w|-]+)*(,[\w|.|-]+@[\w|-]+(\.[\w|-]+)*)*$/
|
|
|
|
});
|
|
|
|
|
|
|
|
Self.validatesUniquenessOf('name', {
|
|
|
|
message: `A client with that Web User name already exists`
|
|
|
|
});
|
|
|
|
|
|
|
|
Self.remoteMethod('getCurrentUserData', {
|
|
|
|
description: 'Gets the current user data',
|
|
|
|
accepts: [
|
|
|
|
{
|
|
|
|
arg: 'ctx',
|
|
|
|
type: 'Object',
|
|
|
|
http: {source: 'context'}
|
|
|
|
}
|
|
|
|
],
|
|
|
|
returns: {
|
|
|
|
type: 'Object',
|
|
|
|
root: true
|
|
|
|
},
|
|
|
|
http: {
|
|
|
|
verb: 'GET',
|
|
|
|
path: '/getCurrentUserData'
|
|
|
|
}
|
|
|
|
});
|
|
|
|
|
|
|
|
Self.getCurrentUserData = async function(ctx) {
|
|
|
|
let userId = ctx.req.accessToken.userId;
|
|
|
|
return await Self.findById(userId, {
|
|
|
|
fields: ['id', 'name', 'nickname']
|
|
|
|
});
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Checks if user has a role.
|
|
|
|
*
|
|
|
|
* @param {Integer} userId The user id
|
|
|
|
* @param {String} name The role name
|
|
|
|
* @param {Object} options Options
|
|
|
|
* @return {Boolean} %true if user has the role, %false otherwise
|
|
|
|
*/
|
|
|
|
Self.hasRole = async function(userId, name, options) {
|
|
|
|
const roles = await Self.getRoles(userId, options);
|
|
|
|
return roles.some(role => role == name);
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get all user roles.
|
|
|
|
*
|
|
|
|
* @param {Integer} userId The user id
|
|
|
|
* @param {Object} options Options
|
|
|
|
* @return {Object} User role list
|
|
|
|
*/
|
|
|
|
Self.getRoles = async(userId, options) => {
|
|
|
|
const result = await Self.rawSql(
|
|
|
|
`SELECT r.name
|
|
|
|
FROM account.user u
|
|
|
|
JOIN account.roleRole rr ON rr.role = u.role
|
|
|
|
JOIN account.role r ON r.id = rr.inheritsFrom
|
|
|
|
WHERE u.id = ?`, [userId], options);
|
|
|
|
|
|
|
|
const roles = [];
|
|
|
|
for (const role of result)
|
|
|
|
roles.push(role.name);
|
|
|
|
|
|
|
|
return roles;
|
|
|
|
};
|
2023-01-31 13:57:24 +00:00
|
|
|
|
|
|
|
Self.on('resetPasswordRequest', async function(info) {
|
|
|
|
const loopBackContext = LoopBackContext.getCurrentContext();
|
|
|
|
const httpCtx = {req: loopBackContext.active};
|
|
|
|
const httpRequest = httpCtx.req.http.req;
|
|
|
|
const headers = httpRequest.headers;
|
|
|
|
const origin = headers.origin;
|
|
|
|
|
|
|
|
const user = await Self.app.models.VnUser.findById(info.user.id);
|
|
|
|
const params = {
|
|
|
|
recipient: info.email,
|
|
|
|
lang: user.lang,
|
|
|
|
url: `${origin}/#!/reset-password?access_token=${info.accessToken.id}`
|
|
|
|
};
|
|
|
|
|
|
|
|
const options = Object.assign({}, info.options);
|
|
|
|
for (const param in options)
|
|
|
|
params[param] = options[param];
|
|
|
|
|
|
|
|
const email = new Email(options.emailTemplate, params);
|
|
|
|
|
|
|
|
return email.send();
|
|
|
|
});
|
2023-04-18 11:15:04 +00:00
|
|
|
|
|
|
|
Self.validateLogin = async function(user, password) {
|
2023-07-03 11:33:48 +00:00
|
|
|
let loginInfo = Object.assign({password}, Self.userUses(user));
|
|
|
|
token = await Self.login(loginInfo, 'user');
|
|
|
|
return {token: token.id, ttl: token.ttl};
|
|
|
|
};
|
2023-04-18 11:15:04 +00:00
|
|
|
|
2023-07-03 11:33:48 +00:00
|
|
|
Self.userUses = function(user) {
|
|
|
|
return user.indexOf('@') !== -1
|
2023-04-18 11:15:04 +00:00
|
|
|
? {email: user}
|
|
|
|
: {username: user};
|
|
|
|
};
|
2023-06-13 09:49:42 +00:00
|
|
|
|
2023-06-02 13:07:02 +00:00
|
|
|
const _setPassword = Self.prototype.setPassword;
|
|
|
|
Self.prototype.setPassword = async function(newPassword, options, cb) {
|
|
|
|
if (cb === undefined && typeof options === 'function') {
|
|
|
|
cb = options;
|
2023-06-01 13:29:46 +00:00
|
|
|
options = undefined;
|
2023-06-02 13:07:02 +00:00
|
|
|
}
|
2023-05-03 13:19:19 +00:00
|
|
|
|
2023-05-22 07:17:40 +00:00
|
|
|
const myOptions = {};
|
|
|
|
let tx;
|
|
|
|
|
|
|
|
if (typeof options == 'object')
|
|
|
|
Object.assign(myOptions, options);
|
|
|
|
|
|
|
|
if (!myOptions.transaction) {
|
|
|
|
tx = await Self.beginTransaction({});
|
|
|
|
myOptions.transaction = tx;
|
|
|
|
}
|
|
|
|
options = myOptions;
|
|
|
|
|
|
|
|
try {
|
2023-06-02 13:07:02 +00:00
|
|
|
await Self.rawSql(`CALL account.user_checkPassword(?)`, [newPassword], options);
|
|
|
|
await _setPassword.call(this, newPassword, options);
|
|
|
|
await this.updateAttribute('passExpired', null, options);
|
|
|
|
await Self.app.models.Account.sync(this.name, newPassword, null, options);
|
|
|
|
tx && await tx.commit();
|
|
|
|
cb && cb();
|
2023-06-01 13:29:46 +00:00
|
|
|
} catch (err) {
|
2023-06-02 13:07:02 +00:00
|
|
|
tx && await tx.rollback();
|
|
|
|
if (cb) cb(err); else throw err;
|
2023-05-22 07:17:40 +00:00
|
|
|
}
|
2023-05-04 13:01:29 +00:00
|
|
|
};
|
|
|
|
|
2023-06-16 07:35:20 +00:00
|
|
|
Self.sharedClass._methods.find(method => method.name == 'changePassword').ctor.settings.acls =
|
|
|
|
Self.sharedClass._methods.find(method => method.name == 'changePassword').ctor.settings.acls
|
|
|
|
.filter(acl => acl.property != 'changePassword');
|
|
|
|
|
2023-06-01 13:29:46 +00:00
|
|
|
// FIXME: https://redmine.verdnatura.es/issues/5761
|
|
|
|
// Self.afterRemote('prototype.patchAttributes', async(ctx, instance) => {
|
|
|
|
// if (!ctx.args || !ctx.args.data.email) return;
|
|
|
|
|
|
|
|
// const loopBackContext = LoopBackContext.getCurrentContext();
|
|
|
|
// const httpCtx = {req: loopBackContext.active};
|
|
|
|
// const httpRequest = httpCtx.req.http.req;
|
|
|
|
// const headers = httpRequest.headers;
|
|
|
|
// const origin = headers.origin;
|
|
|
|
// const url = origin.split(':');
|
|
|
|
|
|
|
|
// class Mailer {
|
|
|
|
// async send(verifyOptions, cb) {
|
|
|
|
// const params = {
|
|
|
|
// url: verifyOptions.verifyHref,
|
|
|
|
// recipient: verifyOptions.to,
|
|
|
|
// lang: ctx.req.getLocale()
|
|
|
|
// };
|
|
|
|
|
|
|
|
// const email = new Email('email-verify', params);
|
|
|
|
// email.send();
|
|
|
|
|
|
|
|
// cb(null, verifyOptions.to);
|
|
|
|
// }
|
|
|
|
// }
|
|
|
|
|
|
|
|
// const options = {
|
|
|
|
// type: 'email',
|
|
|
|
// to: instance.email,
|
|
|
|
// from: {},
|
|
|
|
// redirect: `${origin}/#!/account/${instance.id}/basic-data?emailConfirmed`,
|
|
|
|
// template: false,
|
|
|
|
// mailer: new Mailer,
|
|
|
|
// host: url[1].split('/')[2],
|
|
|
|
// port: url[2],
|
|
|
|
// protocol: url[0],
|
|
|
|
// user: Self
|
|
|
|
// };
|
|
|
|
|
|
|
|
// await instance.verify(options);
|
|
|
|
// });
|
2023-01-23 14:24:00 +00:00
|
|
|
};
|