salix/back/models/account.js

140 lines
4.2 KiB
JavaScript
Raw Normal View History

/* eslint max-len: ["error", { "code": 150 }]*/
2018-02-15 13:35:04 +00:00
const md5 = require('md5');
const LoopBackContext = require('loopback-context');
2022-10-26 11:28:26 +00:00
const {Email} = require('vn-print');
2018-02-15 13:35:04 +00:00
module.exports = Self => {
2019-01-04 12:32:04 +00:00
require('../methods/account/login')(Self);
require('../methods/account/logout')(Self);
require('../methods/account/acl')(Self);
require('../methods/account/change-password')(Self);
require('../methods/account/set-password')(Self);
2022-09-20 13:21:01 +00:00
require('../methods/account/recover-password')(Self);
require('../methods/account/validate-token')(Self);
require('../methods/account/privileges')(Self);
2019-01-04 12:32:04 +00:00
2017-10-13 14:22:45 +00:00
// Validations
Self.validatesFormatOf('email', {
message: 'Invalid email',
allowNull: true,
allowBlank: true,
with: /^[\w|.|-]+@[\w|-]+(\.[\w|-]+)*(,[\w|.|-]+@[\w|-]+(\.[\w|-]+)*)*$/
});
2017-10-13 14:22:45 +00:00
Self.validatesUniquenessOf('name', {
message: `A client with that Web User name already exists`
2017-10-13 14:22:45 +00:00
});
2018-02-15 13:35:04 +00:00
2020-06-08 10:18:33 +00:00
Self.observe('before save', async function(ctx) {
2018-11-12 10:17:47 +00:00
if (ctx.currentInstance && ctx.currentInstance.id && ctx.data && ctx.data.password)
2018-02-15 13:35:04 +00:00
ctx.data.password = md5(ctx.data.password);
});
2022-10-26 11:28:26 +00:00
Self.afterRemote('prototype.patchAttributes', async(ctx, instance) => {
if (!ctx.args || !ctx.args.data.email) return;
const models = Self.app.models;
2022-10-17 05:22:22 +00:00
const loopBackContext = LoopBackContext.getCurrentContext();
2022-10-11 12:56:33 +00:00
const httpCtx = {req: loopBackContext.active};
const httpRequest = httpCtx.req.http.req;
const headers = httpRequest.headers;
const origin = headers.origin;
2022-10-26 11:28:26 +00:00
const url = origin.split(':');
2022-10-11 12:56:33 +00:00
2022-10-17 05:22:22 +00:00
const userId = ctx.instance.id;
const user = await models.user.findById(userId);
2022-10-11 12:56:33 +00:00
2022-10-26 11:28:26 +00:00
class Mailer {
async send(verifyOptions, cb) {
const params = {
url: verifyOptions.verifyHref,
recipient: verifyOptions.to,
lang: ctx.req.getLocale()
};
2022-10-17 05:22:22 +00:00
2022-10-26 11:28:26 +00:00
const email = new Email('email-verify', params);
email.send();
2022-10-11 12:56:33 +00:00
2022-10-26 11:28:26 +00:00
cb(null, verifyOptions.to);
}
}
2022-10-21 11:46:53 +00:00
2022-10-11 12:56:33 +00:00
const options = {
type: 'email',
2022-10-17 05:22:22 +00:00
to: instance.email,
2022-10-26 11:28:26 +00:00
from: {},
2022-10-17 05:22:22 +00:00
redirect: `${origin}/#!/account/${instance.id}/basic-data?emailConfirmed`,
2022-10-26 11:28:26 +00:00
template: false,
mailer: new Mailer,
host: url[1].split('/')[2],
port: url[2],
protocol: url[0],
2022-10-11 12:56:33 +00:00
user: Self
};
2022-10-17 05:22:22 +00:00
2022-10-26 11:28:26 +00:00
await user.verify(options);
});
2019-08-19 05:56:20 +00:00
Self.remoteMethod('getCurrentUserData', {
description: 'Gets the current user data',
accepts: [
{
2019-10-04 14:55:54 +00:00
arg: 'ctx',
2022-10-11 12:56:33 +00:00
type: 'object',
2019-10-04 14:55:54 +00:00
http: {source: 'context'}
}
],
returns: {
2022-10-11 12:56:33 +00:00
type: 'object',
root: true
},
http: {
verb: 'GET',
2019-08-19 05:56:20 +00:00
path: '/getCurrentUserData'
}
});
2019-08-19 05:56:20 +00:00
Self.getCurrentUserData = async function(ctx) {
let userId = ctx.req.accessToken.userId;
2020-09-21 14:09:34 +00:00
return await Self.findById(userId, {
2019-10-04 14:55:54 +00:00
fields: ['id', 'name', 'nickname']
});
};
2018-05-08 07:32:30 +00:00
/**
* Checks if user has a role.
*
* @param {Integer} userId The user id
* @param {String} name The role name
2022-10-11 12:56:33 +00:00
* @param {object} options Options
2018-05-08 07:32:30 +00:00
* @return {Boolean} %true if user has the role, %false otherwise
*/
2019-11-22 12:46:38 +00:00
Self.hasRole = async function(userId, name, options) {
let roles = await Self.getRoles(userId, options);
2019-11-18 10:00:09 +00:00
return roles.some(role => role == name);
};
/**
* Get all user roles.
*
* @param {Integer} userId The user id
2022-10-11 12:56:33 +00:00
* @param {object} options Options
* @return {object} User role list
*/
2019-11-22 12:46:38 +00:00
Self.getRoles = async(userId, options) => {
2018-05-08 07:32:30 +00:00
let result = await Self.rawSql(
`SELECT r.name
2018-05-08 07:32:30 +00:00
FROM account.user u
JOIN account.roleRole rr ON rr.role = u.role
2022-09-20 13:21:01 +00:00
JOIN account.role r ON r.id = rr.inheritsFrom
2019-11-22 12:46:38 +00:00
WHERE u.id = ?`, [userId], options);
let roles = [];
2018-11-12 10:17:47 +00:00
for (role of result)
roles.push(role.name);
2018-11-12 10:17:47 +00:00
return roles;
2018-05-08 07:32:30 +00:00
};
2017-10-13 14:22:45 +00:00
};