diff --git a/back/models/notificationSubscription.js b/back/models/notificationSubscription.js index 83f52047b..811914634 100644 --- a/back/models/notificationSubscription.js +++ b/back/models/notificationSubscription.js @@ -2,14 +2,10 @@ const UserError = require('vn-loopback/util/user-error'); module.exports = Self => { Self.observe('before save', async function(ctx) { - let models = Self.app.models; - let userId = ctx.options.accessToken.userId; - let modifiedUser = await models.Worker.findOne({ - fields: ['id', 'bossFk'], - where: { - id: ctx.instance.userFk - } - }); + const models = Self.app.models; + const userId = ctx.options.accessToken.userId; + const user = await ctx.instance.userFk; + const modifiedUser = await getUserToModify(user, models); if (userId == modifiedUser.id || userId == modifiedUser.bossFk) return; @@ -49,16 +45,11 @@ module.exports = Self => { }); Self.deleteNotification = async function(ctx) { - let models = Self.app.models; - let user = await ctx.args.authorId; - let notificationId = await ctx.args.notificationId; - let userId = await ctx.args.userId; - let modifiedUser = await models.Worker.findOne({ - fields: ['id', 'bossFk'], - where: { - id: ctx.args.userId - } - }); + const models = Self.app.models; + const user = await ctx.args.authorId; + const notificationId = await ctx.args.notificationId; + const userId = await ctx.args.userId; + const modifiedUser = await getUserToModify(userId, models); if (user == modifiedUser.id || modifiedUser.bossFk == user) { const query = `DELETE FROM util.notificationSubscription @@ -70,4 +61,13 @@ module.exports = Self => { } else throw new UserError('You dont have permission to modify this user'); }; + + async function getUserToModify(user, models) { + return await models.Worker.findOne({ + fields: ['id', 'bossFk'], + where: { + id: user + } + }); + } };