fix: refs #6744 create setUnverifiedPassword
gitea/salix/pipeline/pr-dev This commit looks good
Details
gitea/salix/pipeline/pr-dev This commit looks good
Details
This commit is contained in:
parent
a26dfd8a40
commit
744dd61561
|
|
@ -209,5 +209,6 @@
|
|||
"You cannot update these fields": "You cannot update these fields",
|
||||
"CountryFK cannot be empty": "Country cannot be empty",
|
||||
"You are not allowed to modify the alias": "You are not allowed to modify the alias",
|
||||
"You already have the mailAlias": "You already have the mailAlias"
|
||||
"You already have the mailAlias": "You already have the mailAlias",
|
||||
"The email has been already verified": "The email has been already verified"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -344,5 +344,6 @@
|
|||
"CountryFK cannot be empty": "El país no puede estar vacío",
|
||||
"Cmr file does not exist": "El archivo del cmr no existe",
|
||||
"You are not allowed to modify the alias": "No estás autorizado a modificar el alias",
|
||||
"No tickets to invoice": "No hay tickets para facturar"
|
||||
"No tickets to invoice": "No hay tickets para facturar",
|
||||
"The email has been already verified": "El correo ya ha sido verificado"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,4 +1,7 @@
|
|||
|
||||
const ForbiddenError = require('vn-loopback/util/forbiddenError');
|
||||
const {models} = require('vn-loopback/server/server');
|
||||
|
||||
module.exports = Self => {
|
||||
require('../methods/account/sync')(Self);
|
||||
require('../methods/account/sync-by-id')(Self);
|
||||
|
|
@ -7,4 +10,12 @@ module.exports = Self => {
|
|||
require('../methods/account/logout')(Self);
|
||||
require('../methods/account/change-password')(Self);
|
||||
require('../methods/account/set-password')(Self);
|
||||
|
||||
Self.setUnverifiedPassword = async(id, pass, options) => {
|
||||
const user = await models.VnUser.findById(id, null, options);
|
||||
if (user.emailVerified) throw new ForbiddenError('The email has been already verified');
|
||||
|
||||
await models.VnUser.setPassword(id, pass, options);
|
||||
await user.updateAttribute('emailVerified', true, options);
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -19,8 +19,7 @@ module.exports = Self => {
|
|||
verb: 'PATCH'
|
||||
}
|
||||
});
|
||||
Self.setPassword = async(ctx, workerId, newPass, options) => {
|
||||
const userId = ctx.req.accessToken.userId;
|
||||
Self.setPassword = async(ctx, id, newPass, options) => {
|
||||
const models = Self.app.models;
|
||||
const myOptions = {};
|
||||
let tx;
|
||||
|
|
@ -31,17 +30,11 @@ module.exports = Self => {
|
|||
tx = await Self.beginTransaction({});
|
||||
myOptions.transaction = tx;
|
||||
}
|
||||
|
||||
try {
|
||||
const isHimself = userId === workerId;
|
||||
const isSubordinate = await Self.isSubordinate(ctx, workerId, myOptions);
|
||||
const {emailVerified} = await models.VnUser.findById(workerId, {fields: ['emailVerified']}, myOptions);
|
||||
const isSubordinate = await Self.isSubordinate(ctx, id, myOptions);
|
||||
if (!isSubordinate) throw new UserError('You don\'t have enough privileges.');
|
||||
|
||||
if (isHimself || (isSubordinate && !emailVerified)) {
|
||||
await models.VnUser.setPassword(workerId, newPass, myOptions);
|
||||
await models.VnUser.updateAll({id: workerId}, {emailVerified: true}, myOptions);
|
||||
} else
|
||||
throw new UserError('You don\'t have enough privileges.');
|
||||
await models.Account.setUnverifiedPassword(id, newPass, myOptions);
|
||||
|
||||
if (tx) await tx.commit();
|
||||
} catch (e) {
|
||||
|
|
|
|||
|
|
@ -42,23 +42,7 @@ describe('worker setPassword()', () => {
|
|||
|
||||
await tx.rollback();
|
||||
} catch (e) {
|
||||
expect(e.message).toEqual(`You don't have enough privileges.`);
|
||||
await tx.rollback();
|
||||
}
|
||||
});
|
||||
|
||||
it('should change the password if it is himself', async() => {
|
||||
const tx = await models.Worker.beginTransaction({});
|
||||
|
||||
try {
|
||||
const options = {transaction: tx};
|
||||
await models.VnUser.updateAll({id: managerId}, {emailVerified: true}, options);
|
||||
await models.Worker.setPassword(ctx, managerId, newPass, options);
|
||||
const isNewPass = await passHasBeenChanged(managerId, newPass, options);
|
||||
|
||||
expect(isNewPass).toBeTrue();
|
||||
await tx.rollback();
|
||||
} catch (e) {
|
||||
expect(e.message).toEqual(`The email has been already verified`);
|
||||
await tx.rollback();
|
||||
}
|
||||
});
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@
|
|||
? 'Click to allow the user to be disabled'
|
||||
: 'Click to exclude the user from getting disabled'}}
|
||||
</vn-item>
|
||||
<vn-item ng-if="!$ctrl.worker.user.emailVerified || $ctrl.id == $ctrl.userFk" ng-click="setPassword.show()" translate>
|
||||
<vn-item ng-if="!$ctrl.worker.user.emailVerified && $ctrl.vnConfig.storage.currentUserWorkerId !=$ctrl.worker.id" ng-click="setPassword.show()" translate>
|
||||
Change password
|
||||
</vn-item>
|
||||
</slot-menu>
|
||||
|
|
|
|||
|
|
@ -5,9 +5,6 @@ class Controller extends Descriptor {
|
|||
constructor($element, $, $rootScope) {
|
||||
super($element, $);
|
||||
this.$rootScope = $rootScope;
|
||||
|
||||
this.$http.get(`UserConfigs/getUserConfig`)
|
||||
.then(res => this.userFk = res.data.userFk);
|
||||
}
|
||||
|
||||
get worker() {
|
||||
|
|
@ -93,11 +90,11 @@ class Controller extends Descriptor {
|
|||
`Workers/${this.entity.id}/setPassword`, {newPass: this.newPassword}
|
||||
) .then(() => {
|
||||
this.vnApp.showSuccess(this.$translate.instant('Password changed!'));
|
||||
});
|
||||
}).then(() => this.loadData());
|
||||
}
|
||||
}
|
||||
|
||||
Controller.$inject = ['$element', '$scope', '$rootScope'];
|
||||
Controller.$inject = ['$element', '$scope', '$rootScope', 'vnConfig'];
|
||||
|
||||
ngModule.vnComponent('vnWorkerDescriptor', {
|
||||
template: require('./index.html'),
|
||||
|
|
|
|||
Loading…
Reference in New Issue