salix/back/models/notificationSubscription.js

const UserError = require('vn-loopback/util/user-error');

module.exports = Self => {
    Self.observe('before save', async function(ctx) {
        const models = Self.app.models;
        const userId = ctx.options.accessToken.userId;
        const user = await ctx.instance.userFk;
        const modifiedUser = await getUserToModify(user, models);

        if (userId == modifiedUser.id || userId == modifiedUser.bossFk)
            return;
        else
            throw new UserError('You dont have permission to modify this user');
    });

    Self.remoteMethod('deleteNotification', {
        description: 'Deletes a notification subscription',
        accepts: [
            {
                arg: 'ctx',
                type: 'object',
                http: {source: 'context'}
            },
            {
                arg: 'notificationId',
                type: 'number',
                required: true
            },
        ],
        returns: {
            type: 'object',
            root: true
        },
        http: {
            verb: 'POST',
            path: '/deleteNotification'
        }
    });

    Self.deleteNotification = async function(ctx, notificationId) {
        const models = Self.app.models;
        const user = ctx.req.accessToken.userId;
        const modifiedUser = await getUserToModify(notificationId, models);

        if (user == modifiedUser.id || modifiedUser.bossFk == user) {
            await models.NotificationSubscription.destroyById(notificationId);
            return;
        } else
            throw new UserError('You dont have permission to modify this user');
    };

    async function getUserToModify(notificationId = null, userFk = null, models) {
        if (notificationId != null) {
            const subscription = await models.NotificationSubscription.findById(notificationId);
            const user = await subscription.userFk;
            return await models.Worker.findOne({
                fields: ['id', 'bossFk'],
                where: {
                    id: user
                }
            });
        } else {
            return await models.Worker.findOne({
                fields: ['id', 'bossFk'],
                where: {
                    id: userFk
                }
            });
        }
    }
};
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00			`const UserError = require('vn-loopback/util/user-error');`

changes needed for the worker Notification manager to work 2022-11-24 08:36:05 +00:00			`module.exports = Self => {`
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00			`Self.observe('before save', async function(ctx) {`
changed let to const and removed duplicate code 2022-12-27 13:59:23 +00:00			`const models = Self.app.models;`
			`const userId = ctx.options.accessToken.userId;`
			`const user = await ctx.instance.userFk;`
			`const modifiedUser = await getUserToModify(user, models);`
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00
			`if (userId == modifiedUser.id \|\| userId == modifiedUser.bossFk)`
			`return;`
			`else`
			`throw new UserError('You dont have permission to modify this user');`
			`});`

			`Self.remoteMethod('deleteNotification', {`
requested changes 2023-01-03 07:12:46 +00:00			`description: 'Deletes a notification subscription',`
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00			`accepts: [`
			`{`
			`arg: 'ctx',`
			`type: 'object',`
			`http: {source: 'context'}`
			`},`
			`{`
use notification id 2023-01-05 13:13:42 +00:00			`arg: 'notificationId',`
			`type: 'number',`
			`required: true`
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00			`},`
			`],`
			`returns: {`
			`type: 'object',`
			`root: true`
			`},`
			`http: {`
			`verb: 'POST',`
			`path: '/deleteNotification'`
			`}`
			`});`

use notification id 2023-01-05 13:13:42 +00:00			`Self.deleteNotification = async function(ctx, notificationId) {`
changed let to const and removed duplicate code 2022-12-27 13:59:23 +00:00			`const models = Self.app.models;`
requested changes 2023-01-03 07:12:46 +00:00			`const user = ctx.req.accessToken.userId;`
use notification id 2023-01-05 13:13:42 +00:00			`const modifiedUser = await getUserToModify(notificationId, models);`
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00
			`if (user == modifiedUser.id \|\| modifiedUser.bossFk == user) {`
use notification id 2023-01-05 13:13:42 +00:00			`await models.NotificationSubscription.destroyById(notificationId);`
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00			`return;`
			`} else`
			`throw new UserError('You dont have permission to modify this user');`
			`};`
changed let to const and removed duplicate code 2022-12-27 13:59:23 +00:00
use notification id 2023-01-05 13:13:42 +00:00			`async function getUserToModify(notificationId = null, userFk = null, models) {`
			`if (notificationId != null) {`
			`const subscription = await models.NotificationSubscription.findById(notificationId);`
			`const user = await subscription.userFk;`
			`return await models.Worker.findOne({`
			`fields: ['id', 'bossFk'],`
			`where: {`
			`id: user`
			`}`
			`});`
			`} else {`
			`return await models.Worker.findOne({`
			`fields: ['id', 'bossFk'],`
			`where: {`
			`id: userFk`
			`}`
			`});`
			`}`
changed let to const and removed duplicate code 2022-12-27 13:59:23 +00:00			`}`
changes needed for the worker Notification manager to work 2022-11-24 08:36:05 +00:00			`};`