salix/back/models/account.js

/* eslint max-len: ["error", { "code": 150 }]*/
const md5 = require('md5');
const LoopBackContext = require('loopback-context');
const {Email} = require('vn-print');

module.exports = Self => {
    require('../methods/account/login')(Self);
    require('../methods/account/logout')(Self);
    require('../methods/account/acl')(Self);
    require('../methods/account/change-password')(Self);
    require('../methods/account/set-password')(Self);
    require('../methods/account/recover-password')(Self);
    require('../methods/account/validate-token')(Self);
    require('../methods/account/privileges')(Self);

    // Validations

    Self.validatesFormatOf('email', {
        message: 'Invalid email',
        allowNull: true,
        allowBlank: true,
        with: /^[\w|.|-]+@[\w|-]+(\.[\w|-]+)*(,[\w|.|-]+@[\w|-]+(\.[\w|-]+)*)*$/
    });

    Self.validatesUniquenessOf('name', {
        message: `A client with that Web User name already exists`
    });

    Self.observe('before save', async function(ctx) {
        if (ctx.currentInstance && ctx.currentInstance.id && ctx.data && ctx.data.password)
            ctx.data.password = md5(ctx.data.password);
    });

    Self.afterRemote('prototype.patchAttributes', async(ctx, instance) => {
        if (!ctx.args || !ctx.args.data.email) return;
        const models = Self.app.models;

        const loopBackContext = LoopBackContext.getCurrentContext();
        const httpCtx = {req: loopBackContext.active};
        const httpRequest = httpCtx.req.http.req;
        const headers = httpRequest.headers;
        const origin = headers.origin;
        const url = origin.split(':');

        const userId = ctx.instance.id;
        const user = await models.user.findById(userId);

        class Mailer {
            async send(verifyOptions, cb) {
                const params = {
                    url: verifyOptions.verifyHref,
                    recipient: verifyOptions.to,
                    lang: ctx.req.getLocale()
                };

                const email = new Email('email-verify', params);
                email.send();

                cb(null, verifyOptions.to);
            }
        }

        const options = {
            type: 'email',
            to: instance.email,
            from: {},
            redirect: `${origin}/#!/account/${instance.id}/basic-data?emailConfirmed`,
            template: false,
            mailer: new Mailer,
            host: url[1].split('/')[2],
            port: url[2],
            protocol: url[0],
            user: Self
        };

        await user.verify(options);
    });

    Self.remoteMethod('getCurrentUserData', {
        description: 'Gets the current user data',
        accepts: [
            {
                arg: 'ctx',
                type: 'object',
                http: {source: 'context'}
            }
        ],
        returns: {
            type: 'object',
            root: true
        },
        http: {
            verb: 'GET',
            path: '/getCurrentUserData'
        }
    });

    Self.getCurrentUserData = async function(ctx) {
        let userId = ctx.req.accessToken.userId;
        return await Self.findById(userId, {
            fields: ['id', 'name', 'nickname']
        });
    };

    /**
     * Checks if user has a role.
     *
     * @param {Integer} userId The user id
     * @param {String} name The role name
     * @param {object} options Options
     * @return {Boolean} %true if user has the role, %false otherwise
     */
    Self.hasRole = async function(userId, name, options) {
        let roles = await Self.getRoles(userId, options);
        return roles.some(role => role == name);
    };

    /**
     * Get all user roles.
     *
     * @param {Integer} userId The user id
     * @param {object} options Options
     * @return {object} User role list
     */
    Self.getRoles = async(userId, options) => {
        let result = await Self.rawSql(
            `SELECT r.name
                FROM account.user u
                    JOIN account.roleRole rr ON rr.role = u.role
                    JOIN account.role r ON r.id = rr.inheritsFrom
                WHERE u.id = ?`, [userId], options);

        let roles = [];
        for (const role of result)
            roles.push(role.name);

        return roles;
    };
};
feat(account): send verifyEmail when change email and tests 2022-09-26 06:21:58 +00:00			`/* eslint max-len: ["error", { "code": 150 }]*/`
MD5 in password web access 2018-02-15 13:35:04 +00:00			`const md5 = require('md5');`
feat(account): send verifyEmail when change email and tests 2022-09-26 06:21:58 +00:00			`const LoopBackContext = require('loopback-context');`
feat(account): email-verify refs #4077 2022-10-26 11:28:26 +00:00			`const {Email} = require('vn-print');`
MD5 in password web access 2018-02-15 13:35:04 +00:00
back-end refactor & item search fix. #260 2018-05-04 09:46:03 +00:00			`module.exports = Self => {`
#814 Docker & test 2019-01-04 12:32:04 +00:00			`require('../methods/account/login')(Self);`
			`require('../methods/account/logout')(Self);`
#981 Login unified without passing tests 2019-01-23 12:11:44 +00:00			`require('../methods/account/acl')(Self);`
2177 account module LDAP test RC1 SQL version changed Tests fixes Back & front tests fixed All tests passed Front and back tests plus some fixes 2020-03-09 08:00:03 +00:00			`require('../methods/account/change-password')(Self);`
			`require('../methods/account/set-password')(Self);`
feat(account): recover-password 2022-09-20 13:21:01 +00:00			`require('../methods/account/recover-password')(Self);`
#981 Login unified without passing tests 2019-01-23 12:11:44 +00:00			`require('../methods/account/validate-token')(Self);`
feat(user): add section privileges and remove changeRole in descriptor test(user):back and e2e 2022-10-03 13:11:29 +00:00			`require('../methods/account/privileges')(Self);`
#814 Docker & test 2019-01-04 12:32:04 +00:00
Eliminando código redundante v2 2017-10-13 14:22:45 +00:00			`// Validations`

e2e partially working for account module 2021-05-03 06:01:29 +00:00			`Self.validatesFormatOf('email', {`
			`message: 'Invalid email',`
			`allowNull: true,`
			`allowBlank: true,`
			`with: /^[\w\|.\|-]+@[\w\|-]+(\.[\w\|-]+)(,[\w\|.\|-]+@[\w\|-]+(\.[\w\|-]+))*$/`
			`});`

Eliminando código redundante v2 2017-10-13 14:22:45 +00:00			`Self.validatesUniquenessOf('name', {`
Bug #353 El error de usuario web repetido es confuso 2018-07-06 06:18:55 +00:00			message: `A client with that Web User name already exists`
Eliminando código redundante v2 2017-10-13 14:22:45 +00:00			`});`
MD5 in password web access 2018-02-15 13:35:04 +00:00
create hook in account 2020-06-08 10:18:33 +00:00			`Self.observe('before save', async function(ctx) {`
#779 ticket.ticketRequester 2018-11-12 10:17:47 +00:00			`if (ctx.currentInstance && ctx.currentInstance.id && ctx.data && ctx.data.password)`
MD5 in password web access 2018-02-15 13:35:04 +00:00			`ctx.data.password = md5(ctx.data.password);`
			`});`
#114 mostrar current user en la top bar 2018-03-06 10:13:05 +00:00
feat(account): email-verify refs #4077 2022-10-26 11:28:26 +00:00			`Self.afterRemote('prototype.patchAttributes', async(ctx, instance) => {`
			`if (!ctx.args \|\| !ctx.args.data.email) return;`
feat(account): send verifyEmail when change email and tests 2022-09-26 06:21:58 +00:00			`const models = Self.app.models;`
feat(verify): use user.verify 2022-10-17 05:22:22 +00:00
feat(account): send verifyEmail when change email and tests 2022-09-26 06:21:58 +00:00			`const loopBackContext = LoopBackContext.getCurrentContext();`
use ejs template 2022-10-11 12:56:33 +00:00			`const httpCtx = {req: loopBackContext.active};`
			`const httpRequest = httpCtx.req.http.req;`
			`const headers = httpRequest.headers;`
			`const origin = headers.origin;`
feat(account): email-verify refs #4077 2022-10-26 11:28:26 +00:00			`const url = origin.split(':');`
use ejs template 2022-10-11 12:56:33 +00:00
feat(verify): use user.verify 2022-10-17 05:22:22 +00:00			`const userId = ctx.instance.id;`
			`const user = await models.user.findById(userId);`
use ejs template 2022-10-11 12:56:33 +00:00
feat(account): email-verify refs #4077 2022-10-26 11:28:26 +00:00			`class Mailer {`
			`async send(verifyOptions, cb) {`
			`const params = {`
			`url: verifyOptions.verifyHref,`
			`recipient: verifyOptions.to,`
			`lang: ctx.req.getLocale()`
			`};`
feat(verify): use user.verify 2022-10-17 05:22:22 +00:00
feat(account): email-verify refs #4077 2022-10-26 11:28:26 +00:00			`const email = new Email('email-verify', params);`
			`email.send();`
use ejs template 2022-10-11 12:56:33 +00:00
feat(account): email-verify refs #4077 2022-10-26 11:28:26 +00:00			`cb(null, verifyOptions.to);`
			`}`
			`}`
try 2022-10-21 11:46:53 +00:00
use ejs template 2022-10-11 12:56:33 +00:00			`const options = {`
			`type: 'email',`
feat(verify): use user.verify 2022-10-17 05:22:22 +00:00			`to: instance.email,`
feat(account): email-verify refs #4077 2022-10-26 11:28:26 +00:00			`from: {},`
feat(verify): use user.verify 2022-10-17 05:22:22 +00:00			redirect: `${origin}/#!/account/${instance.id}/basic-data?emailConfirmed`,
feat(account): email-verify refs #4077 2022-10-26 11:28:26 +00:00			`template: false,`
			`mailer: new Mailer,`
			`host: url[1].split('/')[2],`
			`port: url[2],`
			`protocol: url[0],`
use ejs template 2022-10-11 12:56:33 +00:00			`user: Self`
			`};`
feat(verify): use user.verify 2022-10-17 05:22:22 +00:00
feat(account): email-verify refs #4077 2022-10-26 11:28:26 +00:00			`await user.verify(options);`
feat(account): send verifyEmail when change email and tests 2022-09-26 06:21:58 +00:00			`});`

Refactor #1630 state.js 2019-08-19 05:56:20 +00:00			`Self.remoteMethod('getCurrentUserData', {`
			`description: 'Gets the current user data',`
#114 mostrar current user en la top bar 2018-03-06 10:13:05 +00:00			`accepts: [`
			`{`
#1752 Fixes & CSS refactor 2019-10-04 14:55:54 +00:00			`arg: 'ctx',`
use ejs template 2022-10-11 12:56:33 +00:00			`type: 'object',`
#1752 Fixes & CSS refactor 2019-10-04 14:55:54 +00:00			`http: {source: 'context'}`
#114 mostrar current user en la top bar 2018-03-06 10:13:05 +00:00			`}`
			`],`
			`returns: {`
use ejs template 2022-10-11 12:56:33 +00:00			`type: 'object',`
#114 mostrar current user en la top bar 2018-03-06 10:13:05 +00:00			`root: true`
			`},`
			`http: {`
			`verb: 'GET',`
Refactor #1630 state.js 2019-08-19 05:56:20 +00:00			`path: '/getCurrentUserData'`
#114 mostrar current user en la top bar 2018-03-06 10:13:05 +00:00			`}`
			`});`

Refactor #1630 state.js 2019-08-19 05:56:20 +00:00			`Self.getCurrentUserData = async function(ctx) {`
#114 mostrar current user en la top bar 2018-03-06 10:13:05 +00:00			`let userId = ctx.req.accessToken.userId;`
Test fixes 2020-09-21 14:09:34 +00:00			`return await Self.findById(userId, {`
#1752 Fixes & CSS refactor 2019-10-04 14:55:54 +00:00			`fields: ['id', 'name', 'nickname']`
			`});`
#114 mostrar current user en la top bar 2018-03-06 10:13:05 +00:00			`};`
ACL para Tarea #265 2018-05-08 07:32:30 +00:00
			`/**`
			`* Checks if user has a role.`
			`*`
			`* @param {Integer} userId The user id`
Field ACL part one #689 (vn-model) beforeRemote() wrapper 2018-10-23 09:25:51 +00:00			`* @param {String} name The role name`
use ejs template 2022-10-11 12:56:33 +00:00			`* @param {object} options Options`
ACL para Tarea #265 2018-05-08 07:32:30 +00:00			`* @return {Boolean} %true if user has the role, %false otherwise`
			`*/`
transaction changes 2019-11-22 12:46:38 +00:00			`Self.hasRole = async function(userId, name, options) {`
			`let roles = await Self.getRoles(userId, options);`
#1852 worker.time-control 2019-11-18 10:00:09 +00:00			`return roles.some(role => role == name);`
Field ACL part one #689 (vn-model) beforeRemote() wrapper 2018-10-23 09:25:51 +00:00			`};`

			`/**`
			`* Get all user roles.`
			`*`
			`* @param {Integer} userId The user id`
use ejs template 2022-10-11 12:56:33 +00:00			`* @param {object} options Options`
			`* @return {object} User role list`
Field ACL part one #689 (vn-model) beforeRemote() wrapper 2018-10-23 09:25:51 +00:00			`*/`
transaction changes 2019-11-22 12:46:38 +00:00			`Self.getRoles = async(userId, options) => {`
ACL para Tarea #265 2018-05-08 07:32:30 +00:00			`let result = await Self.rawSql(`
Field ACL part one #689 (vn-model) beforeRemote() wrapper 2018-10-23 09:25:51 +00:00			`SELECT r.name
ACL para Tarea #265 2018-05-08 07:32:30 +00:00			`FROM account.user u`
			`JOIN account.roleRole rr ON rr.role = u.role`
feat(account): recover-password 2022-09-20 13:21:01 +00:00			`JOIN account.role r ON r.id = rr.inheritsFrom`
transaction changes 2019-11-22 12:46:38 +00:00			WHERE u.id = ?`, [userId], options);
Field ACL part one #689 (vn-model) beforeRemote() wrapper 2018-10-23 09:25:51 +00:00
			`let roles = [];`
fix: add transaction 2023-03-09 06:58:39 +00:00			`for (const role of result)`
Field ACL part one #689 (vn-model) beforeRemote() wrapper 2018-10-23 09:25:51 +00:00			`roles.push(role.name);`
#779 ticket.ticketRequester 2018-11-12 10:17:47 +00:00
Field ACL part one #689 (vn-model) beforeRemote() wrapper 2018-10-23 09:25:51 +00:00			`return roles;`
ACL para Tarea #265 2018-05-08 07:32:30 +00:00			`};`
Eliminando código redundante v2 2017-10-13 14:22:45 +00:00			`};`