2022-09-26 06:21:58 +00:00
|
|
|
/* eslint max-len: ["error", { "code": 150 }]*/
|
2018-02-15 13:35:04 +00:00
|
|
|
const md5 = require('md5');
|
2022-09-26 06:21:58 +00:00
|
|
|
const LoopBackContext = require('loopback-context');
|
2018-02-15 13:35:04 +00:00
|
|
|
|
2018-05-04 09:46:03 +00:00
|
|
|
module.exports = Self => {
|
2019-01-04 12:32:04 +00:00
|
|
|
require('../methods/account/login')(Self);
|
|
|
|
require('../methods/account/logout')(Self);
|
2019-01-23 12:11:44 +00:00
|
|
|
require('../methods/account/acl')(Self);
|
2020-03-09 08:00:03 +00:00
|
|
|
require('../methods/account/change-password')(Self);
|
|
|
|
require('../methods/account/set-password')(Self);
|
2022-09-20 13:21:01 +00:00
|
|
|
require('../methods/account/recover-password')(Self);
|
2019-01-23 12:11:44 +00:00
|
|
|
require('../methods/account/validate-token')(Self);
|
2019-01-04 12:32:04 +00:00
|
|
|
|
2017-10-13 14:22:45 +00:00
|
|
|
// Validations
|
|
|
|
|
2021-05-03 06:01:29 +00:00
|
|
|
Self.validatesFormatOf('email', {
|
|
|
|
message: 'Invalid email',
|
|
|
|
allowNull: true,
|
|
|
|
allowBlank: true,
|
|
|
|
with: /^[\w|.|-]+@[\w|-]+(\.[\w|-]+)*(,[\w|.|-]+@[\w|-]+(\.[\w|-]+)*)*$/
|
|
|
|
});
|
|
|
|
|
2017-10-13 14:22:45 +00:00
|
|
|
Self.validatesUniquenessOf('name', {
|
2018-07-06 06:18:55 +00:00
|
|
|
message: `A client with that Web User name already exists`
|
2017-10-13 14:22:45 +00:00
|
|
|
});
|
2018-02-15 13:35:04 +00:00
|
|
|
|
2020-06-08 10:18:33 +00:00
|
|
|
Self.observe('before save', async function(ctx) {
|
2018-11-12 10:17:47 +00:00
|
|
|
if (ctx.currentInstance && ctx.currentInstance.id && ctx.data && ctx.data.password)
|
2018-02-15 13:35:04 +00:00
|
|
|
ctx.data.password = md5(ctx.data.password);
|
|
|
|
});
|
2018-03-06 10:13:05 +00:00
|
|
|
|
2022-09-26 06:21:58 +00:00
|
|
|
Self.observe('before save', async ctx => {
|
|
|
|
const models = Self.app.models;
|
|
|
|
const loopBackContext = LoopBackContext.getCurrentContext();
|
|
|
|
const changes = ctx.data || ctx.instance;
|
|
|
|
if (ctx.isNewInstance || !changes.email) return;
|
|
|
|
|
|
|
|
const userId = ctx.currentInstance.id;
|
|
|
|
const user = await models.Account.findById(userId);
|
|
|
|
if (user.email == changes.email) return;
|
|
|
|
|
|
|
|
const httpCtx = {req: loopBackContext.active};
|
|
|
|
const httpRequest = httpCtx.req.http.req;
|
|
|
|
const headers = httpRequest.headers;
|
|
|
|
const origin = headers.origin;
|
|
|
|
const $t = httpRequest.__;
|
|
|
|
|
|
|
|
const title = $t('Verify email');
|
|
|
|
const body = `
|
|
|
|
<p>
|
|
|
|
${$t(`Click on the following link to verify this email. If you haven't requested this email, just ignore it`)}:
|
|
|
|
</p>
|
|
|
|
</b>
|
|
|
|
<a href="${origin}/#!/account/${userId}/basic-data?emailVerified">
|
|
|
|
${title}
|
|
|
|
</a>`;
|
|
|
|
|
|
|
|
result = await Self.rawSql(`CALL vn.mail_insert(?,?,?,?)`, [
|
|
|
|
changes.email,
|
|
|
|
null,
|
|
|
|
title,
|
|
|
|
body
|
|
|
|
], ctx.options);
|
|
|
|
});
|
|
|
|
|
2019-08-19 05:56:20 +00:00
|
|
|
Self.remoteMethod('getCurrentUserData', {
|
|
|
|
description: 'Gets the current user data',
|
2018-03-06 10:13:05 +00:00
|
|
|
accepts: [
|
|
|
|
{
|
2019-10-04 14:55:54 +00:00
|
|
|
arg: 'ctx',
|
|
|
|
type: 'Object',
|
|
|
|
http: {source: 'context'}
|
2018-03-06 10:13:05 +00:00
|
|
|
}
|
|
|
|
],
|
|
|
|
returns: {
|
2019-10-04 14:55:54 +00:00
|
|
|
type: 'Object',
|
2018-03-06 10:13:05 +00:00
|
|
|
root: true
|
|
|
|
},
|
|
|
|
http: {
|
|
|
|
verb: 'GET',
|
2019-08-19 05:56:20 +00:00
|
|
|
path: '/getCurrentUserData'
|
2018-03-06 10:13:05 +00:00
|
|
|
}
|
|
|
|
});
|
|
|
|
|
2019-08-19 05:56:20 +00:00
|
|
|
Self.getCurrentUserData = async function(ctx) {
|
2018-03-06 10:13:05 +00:00
|
|
|
let userId = ctx.req.accessToken.userId;
|
2020-09-21 14:09:34 +00:00
|
|
|
return await Self.findById(userId, {
|
2019-10-04 14:55:54 +00:00
|
|
|
fields: ['id', 'name', 'nickname']
|
|
|
|
});
|
2018-03-06 10:13:05 +00:00
|
|
|
};
|
2018-05-08 07:32:30 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Checks if user has a role.
|
|
|
|
*
|
|
|
|
* @param {Integer} userId The user id
|
2018-10-23 09:25:51 +00:00
|
|
|
* @param {String} name The role name
|
2019-12-08 10:45:53 +00:00
|
|
|
* @param {Object} options Options
|
2018-05-08 07:32:30 +00:00
|
|
|
* @return {Boolean} %true if user has the role, %false otherwise
|
|
|
|
*/
|
2019-11-22 12:46:38 +00:00
|
|
|
Self.hasRole = async function(userId, name, options) {
|
|
|
|
let roles = await Self.getRoles(userId, options);
|
2019-11-18 10:00:09 +00:00
|
|
|
return roles.some(role => role == name);
|
2018-10-23 09:25:51 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get all user roles.
|
|
|
|
*
|
|
|
|
* @param {Integer} userId The user id
|
2019-12-08 10:45:53 +00:00
|
|
|
* @param {Object} options Options
|
2018-10-23 09:25:51 +00:00
|
|
|
* @return {Object} User role list
|
|
|
|
*/
|
2019-11-22 12:46:38 +00:00
|
|
|
Self.getRoles = async(userId, options) => {
|
2018-05-08 07:32:30 +00:00
|
|
|
let result = await Self.rawSql(
|
2018-10-23 09:25:51 +00:00
|
|
|
`SELECT r.name
|
2018-05-08 07:32:30 +00:00
|
|
|
FROM account.user u
|
|
|
|
JOIN account.roleRole rr ON rr.role = u.role
|
2022-09-20 13:21:01 +00:00
|
|
|
JOIN account.role r ON r.id = rr.inheritsFrom
|
2019-11-22 12:46:38 +00:00
|
|
|
WHERE u.id = ?`, [userId], options);
|
2018-10-23 09:25:51 +00:00
|
|
|
|
|
|
|
let roles = [];
|
2018-11-12 10:17:47 +00:00
|
|
|
for (role of result)
|
2018-10-23 09:25:51 +00:00
|
|
|
roles.push(role.name);
|
2018-11-12 10:17:47 +00:00
|
|
|
|
2018-10-23 09:25:51 +00:00
|
|
|
return roles;
|
2018-05-08 07:32:30 +00:00
|
|
|
};
|
2017-10-13 14:22:45 +00:00
|
|
|
};
|