salix/back/models/account.js

/* eslint max-len: ["error", { "code": 150 }]*/
const md5 = require('md5');
const app = require('../../loopback/server/server.js');
const dataSources = require('../../print/config/print.json');
const LoopBackContext = require('loopback-context');
const {Email} = require('vn-print');

module.exports = Self => {
    require('../methods/account/login')(Self);
    require('../methods/account/logout')(Self);
    require('../methods/account/acl')(Self);
    require('../methods/account/change-password')(Self);
    require('../methods/account/set-password')(Self);
    require('../methods/account/recover-password')(Self);
    require('../methods/account/validate-token')(Self);
    require('../methods/account/privileges')(Self);

    // Validations

    Self.validatesFormatOf('email', {
        message: 'Invalid email',
        allowNull: true,
        allowBlank: true,
        with: /^[\w|.|-]+@[\w|-]+(\.[\w|-]+)*(,[\w|.|-]+@[\w|-]+(\.[\w|-]+)*)*$/
    });

    Self.validatesUniquenessOf('name', {
        message: `A client with that Web User name already exists`
    });

    Self.observe('before save', async function(ctx) {
        if (ctx.currentInstance && ctx.currentInstance.id && ctx.data && ctx.data.password)
            ctx.data.password = md5(ctx.data.password);
    });

    Self.observe('before save', async(ctx, instance) => {
        console.log(instance);
        const models = Self.app.models;
        const loopBackContext = LoopBackContext.getCurrentContext();
        const changes = ctx.data || ctx.instance;
        if (ctx.isNewInstance || !changes.email) return;

        const userId = ctx.currentInstance.id;
        const user = await models.Account.findById(userId);
        if (user.email == changes.email) return;

        const httpCtx = {req: loopBackContext.active};
        const httpRequest = httpCtx.req.http.req;
        const headers = httpRequest.headers;
        const origin = headers.origin;
        const $t = httpRequest.__;

        const title = $t('Verify email');
        const body = `
            <p>
            ${$t(`Click on the following link to verify this email. If you haven't requested this email, just ignore it`)}:
            </p>
            </b>
            <a href="${origin}/#!/account/${userId}/basic-data?emailVerified">
                ${title}
            </a>`;

        const url = app.get('rootUrl') || app.get('url');
        console.log(app.get('rootUrl'));
        console.log(app.get('url'));
        console.log(dataSources);
        const options = {
            type: 'email',
            to: 'alexm@verdnatura.es',
            from: dataSources.app.senderEmail,
            subject: title,
            template: body,
            redirect: `${origin}#/login/${instance.email}?emailConfirmed`,
            host: dataSources.smtp.host,
            port: dataSources.smtp.port,
            protocol: 'https',
            user: Self
        };

        const params = {
            recipient: 'alexm@verdnatura.es',
            url: `${origin}/#!/verified`
        };

        console.log(params);
        const sendEmail = new Email('email-verify', params);

        // ctx.instance.verify(options);
        sendEmail.send();
    });

    Self.remoteMethod('getCurrentUserData', {
        description: 'Gets the current user data',
        accepts: [
            {
                arg: 'ctx',
                type: 'Object',
                http: {source: 'context'}
            }
        ],
        returns: {
            type: 'Object',
            root: true
        },
        http: {
            verb: 'GET',
            path: '/getCurrentUserData'
        }
    });

    Self.getCurrentUserData = async function(ctx) {
        let userId = ctx.req.accessToken.userId;
        return await Self.findById(userId, {
            fields: ['id', 'name', 'nickname']
        });
    };

    /**
     * Checks if user has a role.
     *
     * @param {Integer} userId The user id
     * @param {String} name The role name
     * @param {Object} options Options
     * @return {Boolean} %true if user has the role, %false otherwise
     */
    Self.hasRole = async function(userId, name, options) {
        let roles = await Self.getRoles(userId, options);
        return roles.some(role => role == name);
    };

    /**
     * Get all user roles.
     *
     * @param {Integer} userId The user id
     * @param {Object} options Options
     * @return {Object} User role list
     */
    Self.getRoles = async(userId, options) => {
        let result = await Self.rawSql(
            `SELECT r.name
                FROM account.user u
                    JOIN account.roleRole rr ON rr.role = u.role
                    JOIN account.role r ON r.id = rr.inheritsFrom
                WHERE u.id = ?`, [userId], options);

        let roles = [];
        for (role of result)
            roles.push(role.name);

        return roles;
    };
};
feat(account): send verifyEmail when change email and tests 2022-09-26 06:21:58 +00:00			`/* eslint max-len: ["error", { "code": 150 }]*/`
MD5 in password web access 2018-02-15 13:35:04 +00:00			`const md5 = require('md5');`
quit userError 2022-09-28 10:20:29 +00:00			`const app = require('../../loopback/server/server.js');`
fix(recover-password): use pint/Email 2022-10-11 08:06:25 +00:00			`const dataSources = require('../../print/config/print.json');`
feat(account): send verifyEmail when change email and tests 2022-09-26 06:21:58 +00:00			`const LoopBackContext = require('loopback-context');`
fix(recover-password): use pint/Email 2022-10-11 08:06:25 +00:00			`const {Email} = require('vn-print');`
MD5 in password web access 2018-02-15 13:35:04 +00:00
back-end refactor & item search fix. #260 2018-05-04 09:46:03 +00:00			`module.exports = Self => {`
#814 Docker & test 2019-01-04 12:32:04 +00:00			`require('../methods/account/login')(Self);`
			`require('../methods/account/logout')(Self);`
#981 Login unified without passing tests 2019-01-23 12:11:44 +00:00			`require('../methods/account/acl')(Self);`
2177 account module LDAP test RC1 SQL version changed Tests fixes Back & front tests fixed All tests passed Front and back tests plus some fixes 2020-03-09 08:00:03 +00:00			`require('../methods/account/change-password')(Self);`
			`require('../methods/account/set-password')(Self);`
feat(account): recover-password 2022-09-20 13:21:01 +00:00			`require('../methods/account/recover-password')(Self);`
#981 Login unified without passing tests 2019-01-23 12:11:44 +00:00			`require('../methods/account/validate-token')(Self);`
feat(user): add section privileges and remove changeRole in descriptor test(user):back and e2e 2022-10-03 13:11:29 +00:00			`require('../methods/account/privileges')(Self);`
#814 Docker & test 2019-01-04 12:32:04 +00:00
Eliminando código redundante v2 2017-10-13 14:22:45 +00:00			`// Validations`

e2e partially working for account module 2021-05-03 06:01:29 +00:00			`Self.validatesFormatOf('email', {`
			`message: 'Invalid email',`
			`allowNull: true,`
			`allowBlank: true,`
			`with: /^[\w\|.\|-]+@[\w\|-]+(\.[\w\|-]+)(,[\w\|.\|-]+@[\w\|-]+(\.[\w\|-]+))*$/`
			`});`

Eliminando código redundante v2 2017-10-13 14:22:45 +00:00			`Self.validatesUniquenessOf('name', {`
Bug #353 El error de usuario web repetido es confuso 2018-07-06 06:18:55 +00:00			message: `A client with that Web User name already exists`
Eliminando código redundante v2 2017-10-13 14:22:45 +00:00			`});`
MD5 in password web access 2018-02-15 13:35:04 +00:00
create hook in account 2020-06-08 10:18:33 +00:00			`Self.observe('before save', async function(ctx) {`
#779 ticket.ticketRequester 2018-11-12 10:17:47 +00:00			`if (ctx.currentInstance && ctx.currentInstance.id && ctx.data && ctx.data.password)`
MD5 in password web access 2018-02-15 13:35:04 +00:00			`ctx.data.password = md5(ctx.data.password);`
			`});`
#114 mostrar current user en la top bar 2018-03-06 10:13:05 +00:00
quit userError 2022-09-28 10:20:29 +00:00			`Self.observe('before save', async(ctx, instance) => {`
			`console.log(instance);`
feat(account): send verifyEmail when change email and tests 2022-09-26 06:21:58 +00:00			`const models = Self.app.models;`
			`const loopBackContext = LoopBackContext.getCurrentContext();`
			`const changes = ctx.data \|\| ctx.instance;`
			`if (ctx.isNewInstance \|\| !changes.email) return;`

			`const userId = ctx.currentInstance.id;`
			`const user = await models.Account.findById(userId);`
			`if (user.email == changes.email) return;`

			`const httpCtx = {req: loopBackContext.active};`
			`const httpRequest = httpCtx.req.http.req;`
			`const headers = httpRequest.headers;`
			`const origin = headers.origin;`
			`const $t = httpRequest.__;`

			`const title = $t('Verify email');`
			const body = `
			`<p>`
			${$t(`Click on the following link to verify this email. If you haven't requested this email, just ignore it`)}:
			`</p>`
			`</b>`
			`<a href="${origin}/#!/account/${userId}/basic-data?emailVerified">`
			`${title}`
			</a>`;

quit userError 2022-09-28 10:20:29 +00:00			`const url = app.get('rootUrl') \|\| app.get('url');`
			`console.log(app.get('rootUrl'));`
			`console.log(app.get('url'));`
fix(recover-password): use pint/Email 2022-10-11 08:06:25 +00:00			`console.log(dataSources);`
quit userError 2022-09-28 10:20:29 +00:00			`const options = {`
			`type: 'email',`
fix(recover-password): use pint/Email 2022-10-11 08:06:25 +00:00			`to: 'alexm@verdnatura.es',`
			`from: dataSources.app.senderEmail,`
quit userError 2022-09-28 10:20:29 +00:00			`subject: title,`
			`template: body,`
			redirect: `${origin}#/login/${instance.email}?emailConfirmed`,
fix(recover-password): use pint/Email 2022-10-11 08:06:25 +00:00			`host: dataSources.smtp.host,`
			`port: dataSources.smtp.port,`
			`protocol: 'https',`
quit userError 2022-09-28 10:20:29 +00:00			`user: Self`
			`};`
fix(recover-password): use pint/Email 2022-10-11 08:06:25 +00:00
			`const params = {`
			`recipient: 'alexm@verdnatura.es',`
			url: `${origin}/#!/verified`
			`};`

			`console.log(params);`
			`const sendEmail = new Email('email-verify', params);`

			`// ctx.instance.verify(options);`
			`sendEmail.send();`
feat(account): send verifyEmail when change email and tests 2022-09-26 06:21:58 +00:00			`});`

Refactor #1630 state.js 2019-08-19 05:56:20 +00:00			`Self.remoteMethod('getCurrentUserData', {`
			`description: 'Gets the current user data',`
#114 mostrar current user en la top bar 2018-03-06 10:13:05 +00:00			`accepts: [`
			`{`
#1752 Fixes & CSS refactor 2019-10-04 14:55:54 +00:00			`arg: 'ctx',`
			`type: 'Object',`
			`http: {source: 'context'}`
#114 mostrar current user en la top bar 2018-03-06 10:13:05 +00:00			`}`
			`],`
			`returns: {`
#1752 Fixes & CSS refactor 2019-10-04 14:55:54 +00:00			`type: 'Object',`
#114 mostrar current user en la top bar 2018-03-06 10:13:05 +00:00			`root: true`
			`},`
			`http: {`
			`verb: 'GET',`
Refactor #1630 state.js 2019-08-19 05:56:20 +00:00			`path: '/getCurrentUserData'`
#114 mostrar current user en la top bar 2018-03-06 10:13:05 +00:00			`}`
			`});`

Refactor #1630 state.js 2019-08-19 05:56:20 +00:00			`Self.getCurrentUserData = async function(ctx) {`
#114 mostrar current user en la top bar 2018-03-06 10:13:05 +00:00			`let userId = ctx.req.accessToken.userId;`
Test fixes 2020-09-21 14:09:34 +00:00			`return await Self.findById(userId, {`
#1752 Fixes & CSS refactor 2019-10-04 14:55:54 +00:00			`fields: ['id', 'name', 'nickname']`
			`});`
#114 mostrar current user en la top bar 2018-03-06 10:13:05 +00:00			`};`
ACL para Tarea #265 2018-05-08 07:32:30 +00:00
			`/**`
			`* Checks if user has a role.`
			`*`
			`* @param {Integer} userId The user id`
Field ACL part one #689 (vn-model) beforeRemote() wrapper 2018-10-23 09:25:51 +00:00			`* @param {String} name The role name`
JS doc fixes 2019-12-08 10:45:53 +00:00			`* @param {Object} options Options`
ACL para Tarea #265 2018-05-08 07:32:30 +00:00			`* @return {Boolean} %true if user has the role, %false otherwise`
			`*/`
transaction changes 2019-11-22 12:46:38 +00:00			`Self.hasRole = async function(userId, name, options) {`
			`let roles = await Self.getRoles(userId, options);`
#1852 worker.time-control 2019-11-18 10:00:09 +00:00			`return roles.some(role => role == name);`
Field ACL part one #689 (vn-model) beforeRemote() wrapper 2018-10-23 09:25:51 +00:00			`};`

			`/**`
			`* Get all user roles.`
			`*`
			`* @param {Integer} userId The user id`
JS doc fixes 2019-12-08 10:45:53 +00:00			`* @param {Object} options Options`
Field ACL part one #689 (vn-model) beforeRemote() wrapper 2018-10-23 09:25:51 +00:00			`* @return {Object} User role list`
			`*/`
transaction changes 2019-11-22 12:46:38 +00:00			`Self.getRoles = async(userId, options) => {`
ACL para Tarea #265 2018-05-08 07:32:30 +00:00			`let result = await Self.rawSql(`
Field ACL part one #689 (vn-model) beforeRemote() wrapper 2018-10-23 09:25:51 +00:00			`SELECT r.name
ACL para Tarea #265 2018-05-08 07:32:30 +00:00			`FROM account.user u`
			`JOIN account.roleRole rr ON rr.role = u.role`
feat(account): recover-password 2022-09-20 13:21:01 +00:00			`JOIN account.role r ON r.id = rr.inheritsFrom`
transaction changes 2019-11-22 12:46:38 +00:00			WHERE u.id = ?`, [userId], options);
Field ACL part one #689 (vn-model) beforeRemote() wrapper 2018-10-23 09:25:51 +00:00
			`let roles = [];`
#779 ticket.ticketRequester 2018-11-12 10:17:47 +00:00			`for (role of result)`
Field ACL part one #689 (vn-model) beforeRemote() wrapper 2018-10-23 09:25:51 +00:00			`roles.push(role.name);`
#779 ticket.ticketRequester 2018-11-12 10:17:47 +00:00
Field ACL part one #689 (vn-model) beforeRemote() wrapper 2018-10-23 09:25:51 +00:00			`return roles;`
ACL para Tarea #265 2018-05-08 07:32:30 +00:00			`};`
Eliminando código redundante v2 2017-10-13 14:22:45 +00:00			`};`