salix/back/models/notificationSubscription.js

const UserError = require('vn-loopback/util/user-error');

module.exports = Self => {
    Self.observe('before save', async function(ctx) {
        const models = Self.app.models;
        const userId = ctx.options.accessToken.userId;
        const user = await ctx.instance.userFk;
        const modifiedUser = await getUserToModify(user, models);

        if (userId == modifiedUser.id || userId == modifiedUser.bossFk)
            return;
        else
            throw new UserError('You dont have permission to modify this user');
    });

    Self.remoteMethod('deleteNotification', {
        description: 'Gets the current user data',
        accepts: [
            {
                arg: 'ctx',
                type: 'object',
                http: {source: 'context'}
            },
            {
                arg: 'userId',
                type: 'string'
            },
            {
                arg: 'notificationId',
                type: 'number'
            },
            {
                arg: 'authorId',
                type: 'number'
            }
        ],
        returns: {
            type: 'object',
            root: true
        },
        http: {
            verb: 'POST',
            path: '/deleteNotification'
        }
    });

    Self.deleteNotification = async function(ctx) {
        const models = Self.app.models;
        const user = await ctx.args.authorId;
        const notificationId = await ctx.args.notificationId;
        const userId = await ctx.args.userId;
        const modifiedUser = await getUserToModify(userId, models);

        if (user == modifiedUser.id || modifiedUser.bossFk == user) {
            const query = `DELETE FROM util.notificationSubscription 
            WHERE notificationFk = ? AND userFk = ?`;

            await Self.rawSql(query, [notificationId, userId]);

            return;
        } else
            throw new UserError('You dont have permission to modify this user');
    };

    async function getUserToModify(user, models) {
        return await models.Worker.findOne({
            fields: ['id', 'bossFk'],
            where: {
                id: user
            }
        });
    }
};
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00			`const UserError = require('vn-loopback/util/user-error');`

changes needed for the worker Notification manager to work 2022-11-24 08:36:05 +00:00			`module.exports = Self => {`
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00			`Self.observe('before save', async function(ctx) {`
changed let to const and removed duplicate code 2022-12-27 13:59:23 +00:00			`const models = Self.app.models;`
			`const userId = ctx.options.accessToken.userId;`
			`const user = await ctx.instance.userFk;`
			`const modifiedUser = await getUserToModify(user, models);`
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00
			`if (userId == modifiedUser.id \|\| userId == modifiedUser.bossFk)`
			`return;`
			`else`
			`throw new UserError('You dont have permission to modify this user');`
			`});`

			`Self.remoteMethod('deleteNotification', {`
			`description: 'Gets the current user data',`
			`accepts: [`
			`{`
			`arg: 'ctx',`
			`type: 'object',`
			`http: {source: 'context'}`
			`},`
			`{`
			`arg: 'userId',`
			`type: 'string'`
			`},`
			`{`
			`arg: 'notificationId',`
			`type: 'number'`
			`},`
			`{`
			`arg: 'authorId',`
			`type: 'number'`
			`}`
			`],`
			`returns: {`
			`type: 'object',`
			`root: true`
			`},`
			`http: {`
			`verb: 'POST',`
			`path: '/deleteNotification'`
			`}`
			`});`

			`Self.deleteNotification = async function(ctx) {`
changed let to const and removed duplicate code 2022-12-27 13:59:23 +00:00			`const models = Self.app.models;`
			`const user = await ctx.args.authorId;`
			`const notificationId = await ctx.args.notificationId;`
			`const userId = await ctx.args.userId;`
			`const modifiedUser = await getUserToModify(userId, models);`
requested changes refs #4797 @2h 2022-12-27 13:32:19 +00:00
			`if (user == modifiedUser.id \|\| modifiedUser.bossFk == user) {`
			const query = `DELETE FROM util.notificationSubscription
			WHERE notificationFk = ? AND userFk = ?`;

			`await Self.rawSql(query, [notificationId, userId]);`

			`return;`
			`} else`
			`throw new UserError('You dont have permission to modify this user');`
			`};`
changed let to const and removed duplicate code 2022-12-27 13:59:23 +00:00
			`async function getUserToModify(user, models) {`
			`return await models.Worker.findOne({`
			`fields: ['id', 'bossFk'],`
			`where: {`
			`id: user`
			`}`
			`});`
			`}`
changes needed for the worker Notification manager to work 2022-11-24 08:36:05 +00:00			`};`