From 42fc0b62d83f49bb6e2569a32a140d650a79409f Mon Sep 17 00:00:00 2001 From: alexm Date: Thu, 27 Apr 2023 15:18:27 +0200 Subject: [PATCH 01/19] refs #5472 feat(user): add passExpired --- back/methods/vn-user/signIn.js | 21 +++++++++----- back/models/vn-user.js | 29 +++++++++++++++++++ back/models/vn-user.json | 5 +++- db/changes/231601/00-userPassExpired.sql | 1 + .../salix/components/reset-password/index.js | 2 +- loopback/locale/en.json | 5 ++-- loopback/locale/es.json | 23 ++++++++------- 7 files changed, 63 insertions(+), 23 deletions(-) create mode 100644 db/changes/231601/00-userPassExpired.sql diff --git a/back/methods/vn-user/signIn.js b/back/methods/vn-user/signIn.js index da3172ae41..5750beaefb 100644 --- a/back/methods/vn-user/signIn.js +++ b/back/methods/vn-user/signIn.js @@ -27,33 +27,38 @@ module.exports = Self => { }); Self.signIn = async function(user, password) { - let models = Self.app.models; + const models = Self.app.models; + const usesEmail = user.indexOf('@') !== -1; let token; - let usesEmail = user.indexOf('@') !== -1; - let userInfo = usesEmail + const userInfo = usesEmail ? {email: user} : {username: user}; - let instance = await Self.findOne({ + const instance = await Self.findOne({ fields: ['username', 'password'], where: userInfo }); - let where = usesEmail + const where = usesEmail ? {email: user} : {name: user}; - let vnUser = await Self.findOne({ - fields: ['active'], + const vnUser = await Self.findOne({ + fields: ['active', 'passExpired'], where }); - let validCredentials = instance + const validCredentials = instance && await instance.hasPassword(password); + const today = Date.vnNew(); + today.setHours(0, 0, 0, 0); if (validCredentials) { if (!vnUser.active) throw new UserError('User disabled'); + if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime()) + throw new UserError('Pass expired'); + try { await models.Account.sync(instance.username, password); } catch (err) { diff --git a/back/models/vn-user.js b/back/models/vn-user.js index 84ba117942..de3b0e0baf 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -107,4 +107,33 @@ module.exports = function(Self) { return email.send(); }); + + Self.remoteMethod('setPassword', { + description: 'Reset user\'s password via a password-reset token.', + accepts: [ + {arg: 'id', type: 'any', http: getUserIdFromRequestContext}, + {arg: 'newPassword', type: 'string', required: true, http: {source: 'form'}}, + {arg: 'options', type: 'object', http: 'optionsFromRequest'}, + ], + accessScopes: setPasswordScopes, + http: {verb: 'POST', path: '/reset-password'}, + }, + ); + + function getUserIdFromRequestContext(ctx) { + const token = ctx.req.accessToken; + if (!token) return; + + const hasPrincipalType = 'principalType' in token; + if (hasPrincipalType && token.principalType !== UserModel.modelName) { + // We have multiple user models related to the same access token model + // and the token used to authorize reset-password request was created + // for a different user model. + const err = new Error(g.f('Access Denied')); + err.statusCode = 403; + throw err; + } + + return token.userId; + } }; diff --git a/back/models/vn-user.json b/back/models/vn-user.json index 17efc8ce6a..ce78b09a82 100644 --- a/back/models/vn-user.json +++ b/back/models/vn-user.json @@ -62,7 +62,10 @@ }, "hasGrant": { "type": "boolean" - } + }, + "passExpired": { + "type": "date" + } }, "relations": { "role": { diff --git a/db/changes/231601/00-userPassExpired.sql b/db/changes/231601/00-userPassExpired.sql new file mode 100644 index 0000000000..3cf9c4b6f4 --- /dev/null +++ b/db/changes/231601/00-userPassExpired.sql @@ -0,0 +1 @@ +ALTER TABLE `account`.`user` ADD passExpired DATE DEFAULT NULL; diff --git a/front/salix/components/reset-password/index.js b/front/salix/components/reset-password/index.js index 20c6c34fe7..a3ca032372 100644 --- a/front/salix/components/reset-password/index.js +++ b/front/salix/components/reset-password/index.js @@ -33,7 +33,7 @@ export default class Controller { const newPassword = this.newPassword; - this.$http.post('users/reset-password', {newPassword}, {headers}) + this.$http.post('VnUsers/reset-password', {newPassword}, {headers}) .then(() => { this.vnApp.showSuccess(this.$translate.instant('Password changed!')); this.$state.go('login'); diff --git a/loopback/locale/en.json b/loopback/locale/en.json index ae0da8170c..a9ac8aeaad 100644 --- a/loopback/locale/en.json +++ b/loopback/locale/en.json @@ -170,5 +170,6 @@ "comercialName": "Comercial", "Added observation": "Added observation", "Comment added to client": "Comment added to client", - "This ticket is already a refund": "This ticket is already a refund" -} \ No newline at end of file + "This ticket is already a refund": "This ticket is already a refund", + "Pass expired": "The password has expired, change it from Salix" +} diff --git a/loopback/locale/es.json b/loopback/locale/es.json index 3ef3c4a227..6c5d903990 100644 --- a/loopback/locale/es.json +++ b/loopback/locale/es.json @@ -279,15 +279,16 @@ "Comment added to client": "Observación añadida al cliente {{clientFk}}", "Cannot create a new claimBeginning from a different ticket": "No se puede crear una línea de reclamación de un ticket diferente al origen", "company": "Compañía", - "country": "País", - "clientId": "Id cliente", - "clientSocialName": "Cliente", - "amount": "Importe", - "taxableBase": "Base", - "ticketFk": "Id ticket", - "isActive": "Activo", - "hasToInvoice": "Facturar", - "isTaxDataChecked": "Datos comprobados", - "comercialId": "Id comercial", - "comercialName": "Comercial" + "country": "País", + "clientId": "Id cliente", + "clientSocialName": "Cliente", + "amount": "Importe", + "taxableBase": "Base", + "ticketFk": "Id ticket", + "isActive": "Activo", + "hasToInvoice": "Facturar", + "isTaxDataChecked": "Datos comprobados", + "comercialId": "Id comercial", + "comercialName": "Comercial", + "Pass expired": "La contraseña ha caducado, cambiela desde Salix" } From 79e7e7c604944b8ab6ed1ba7b2e4e7ead5337114 Mon Sep 17 00:00:00 2001 From: alexm Date: Tue, 2 May 2023 15:16:13 +0200 Subject: [PATCH 02/19] refs #5472 feat: add change-password section --- back/methods/vn-user/signIn.js | 10 +-- back/models/vn-user.js | 65 ++++++++++++------- .../components/change-password/index.html | 33 ++++++++++ .../salix/components/change-password/index.js | 49 ++++++++++++++ .../components/change-password/locale/en.yml | 4 ++ .../components/change-password/locale/es.yml | 8 +++ .../components/change-password/style.scss | 24 +++++++ front/salix/components/index.js | 1 + front/salix/components/login/index.js | 3 + .../salix/components/reset-password/index.js | 1 + loopback/locale/es.json | 1 - loopback/server/boot/set-password.js | 7 ++ 12 files changed, 176 insertions(+), 30 deletions(-) create mode 100644 front/salix/components/change-password/index.html create mode 100644 front/salix/components/change-password/index.js create mode 100644 front/salix/components/change-password/locale/en.yml create mode 100644 front/salix/components/change-password/locale/es.yml create mode 100644 front/salix/components/change-password/style.scss create mode 100644 loopback/server/boot/set-password.js diff --git a/back/methods/vn-user/signIn.js b/back/methods/vn-user/signIn.js index 5750beaefb..36a2fb8706 100644 --- a/back/methods/vn-user/signIn.js +++ b/back/methods/vn-user/signIn.js @@ -47,18 +47,18 @@ module.exports = Self => { where }); - const validCredentials = instance - && await instance.hasPassword(password); const today = Date.vnNew(); today.setHours(0, 0, 0, 0); + if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime()) + throw new UserError('Pass expired'); + + const validCredentials = instance + && await instance.hasPassword(password); if (validCredentials) { if (!vnUser.active) throw new UserError('User disabled'); - if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime()) - throw new UserError('Pass expired'); - try { await models.Account.sync(instance.username, password); } catch (err) { diff --git a/back/models/vn-user.js b/back/models/vn-user.js index de3b0e0baf..05102478c6 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -108,32 +108,49 @@ module.exports = function(Self) { return email.send(); }); - Self.remoteMethod('setPassword', { - description: 'Reset user\'s password via a password-reset token.', - accepts: [ - {arg: 'id', type: 'any', http: getUserIdFromRequestContext}, - {arg: 'newPassword', type: 'string', required: true, http: {source: 'form'}}, - {arg: 'options', type: 'object', http: 'optionsFromRequest'}, - ], - accessScopes: setPasswordScopes, - http: {verb: 'POST', path: '/reset-password'}, - }, - ); + // FIX THIS + Self.afterRemote('prototype.patchAttributes', async(ctx, instance) => { + if (!ctx.args || !ctx.args.data.email) return; + const models = Self.app.models; - function getUserIdFromRequestContext(ctx) { - const token = ctx.req.accessToken; - if (!token) return; + const loopBackContext = LoopBackContext.getCurrentContext(); + const httpCtx = {req: loopBackContext.active}; + const httpRequest = httpCtx.req.http.req; + const headers = httpRequest.headers; + const origin = headers.origin; + const url = origin.split(':'); - const hasPrincipalType = 'principalType' in token; - if (hasPrincipalType && token.principalType !== UserModel.modelName) { - // We have multiple user models related to the same access token model - // and the token used to authorize reset-password request was created - // for a different user model. - const err = new Error(g.f('Access Denied')); - err.statusCode = 403; - throw err; + const userId = ctx.instance.id; + const user = await models.VnUser.findById(userId); + + class Mailer { + async send(verifyOptions, cb) { + const params = { + url: verifyOptions.verifyHref, + recipient: verifyOptions.to, + lang: ctx.req.getLocale() + }; + + const email = new Email('email-verify', params); + email.send(); + + cb(null, verifyOptions.to); + } } - return token.userId; - } + const options = { + type: 'email', + to: instance.email, + from: {}, + redirect: `${origin}/#!/account/${instance.id}/basic-data?emailConfirmed`, + template: false, + mailer: new Mailer, + host: url[1].split('/')[2], + port: url[2], + protocol: url[0], + user: Self + }; + + await user.verify(options); + }); }; diff --git a/front/salix/components/change-password/index.html b/front/salix/components/change-password/index.html new file mode 100644 index 0000000000..8d2726d3d4 --- /dev/null +++ b/front/salix/components/change-password/index.html @@ -0,0 +1,33 @@ +
Change password
+ + + + + + + + +
+ + +
diff --git a/front/salix/components/change-password/index.js b/front/salix/components/change-password/index.js new file mode 100644 index 0000000000..4462b92211 --- /dev/null +++ b/front/salix/components/change-password/index.js @@ -0,0 +1,49 @@ +import ngModule from '../../module'; +import './style.scss'; +const UserError = require('vn-loopback/util/user-error'); + +export default class Controller { + constructor($scope, $element, $http, vnApp, $translate, $state, $location) { + Object.assign(this, { + $scope, + $element, + $http, + vnApp, + $translate, + $state, + $location + }); + } + + $onInit() { + this.$http.get('UserPasswords/findOne') + .then(res => { + this.passRequirements = res.data; + }); + } + + submit() { + if (!this.newPassword) + throw new UserError(`You must enter a new password`); + if (this.newPassword != this.repeatPassword) + throw new UserError(`Passwords don't match`); + + const headers = { + Authorization: this.$location.$$search.access_token + }; + + const newPassword = this.newPassword; + + this.$http.post('VnUsers/reset-password', {newPassword}, {headers}) + .then(() => { + this.vnApp.showSuccess(this.$translate.instant('Password changed!')); + this.$state.go('login'); + }); + } +} +Controller.$inject = ['$scope', '$element', '$http', 'vnApp', '$translate', '$state', '$location']; + +ngModule.vnComponent('vnResetPassword', { + template: require('./index.html'), + controller: Controller +}); diff --git a/front/salix/components/change-password/locale/en.yml b/front/salix/components/change-password/locale/en.yml new file mode 100644 index 0000000000..e5419e1c8d --- /dev/null +++ b/front/salix/components/change-password/locale/en.yml @@ -0,0 +1,4 @@ +Password requirements: > + The password must have at least {{ length }} length characters, + {{nAlpha}} alphabetic characters, {{nUpper}} capital letters, {{nDigits}} + digits and {{nPunct}} symbols (Ex: $%&.) diff --git a/front/salix/components/change-password/locale/es.yml b/front/salix/components/change-password/locale/es.yml new file mode 100644 index 0000000000..30893a1524 --- /dev/null +++ b/front/salix/components/change-password/locale/es.yml @@ -0,0 +1,8 @@ +Reset password: Restrablecer contraseña +New password: Nueva contraseña +Repeat password: Repetir contraseña +Password changed!: ¡Contraseña cambiada! +Password requirements: > + La contraseña debe tener al menos {{ length }} caracteres de longitud, + {{nAlpha}} caracteres alfabéticos, {{nUpper}} letras mayúsculas, {{nDigits}} + dígitos y {{nPunct}} símbolos (Ej: $%&.) diff --git a/front/salix/components/change-password/style.scss b/front/salix/components/change-password/style.scss new file mode 100644 index 0000000000..87e4adc8c9 --- /dev/null +++ b/front/salix/components/change-password/style.scss @@ -0,0 +1,24 @@ +@import "variables"; + +vn-reset-password{ + .footer { + margin-top: 32px; + text-align: center; + position: relative; + & > .vn-submit { + display: block; + + & > input { + display: block; + width: 100%; + } + } + & > .spinner-wrapper { + position: absolute; + width: 0; + top: 3px; + right: -8px; + overflow: visible; + } + } +} diff --git a/front/salix/components/index.js b/front/salix/components/index.js index 8f57248626..0999d9aca6 100644 --- a/front/salix/components/index.js +++ b/front/salix/components/index.js @@ -9,6 +9,7 @@ import './login'; import './outLayout'; import './recover-password'; import './reset-password'; +import './change-password'; import './module-card'; import './module-main'; import './side-menu/side-menu'; diff --git a/front/salix/components/login/index.js b/front/salix/components/login/index.js index 150e896a10..d248f56a37 100644 --- a/front/salix/components/login/index.js +++ b/front/salix/components/login/index.js @@ -26,6 +26,9 @@ export default class Controller { this.loading = false; this.password = ''; this.focusUser(); + console.log('hola'); + console.log(err); + console.log(err.error); throw err; }); } diff --git a/front/salix/components/reset-password/index.js b/front/salix/components/reset-password/index.js index a3ca032372..4462b92211 100644 --- a/front/salix/components/reset-password/index.js +++ b/front/salix/components/reset-password/index.js @@ -1,5 +1,6 @@ import ngModule from '../../module'; import './style.scss'; +const UserError = require('vn-loopback/util/user-error'); export default class Controller { constructor($scope, $element, $http, vnApp, $translate, $state, $location) { diff --git a/loopback/locale/es.json b/loopback/locale/es.json index 6c5d903990..f38678811c 100644 --- a/loopback/locale/es.json +++ b/loopback/locale/es.json @@ -77,7 +77,6 @@ "This ticket can not be modified": "Este ticket no puede ser modificado", "The introduced hour already exists": "Esta hora ya ha sido introducida", "INFINITE_LOOP": "Existe una dependencia entre dos Jefes", - "The sales of the current ticket can't be modified": "Las lineas de este ticket no pueden ser modificadas", "The sales of the receiver ticket can't be modified": "Las lineas del ticket al que envias no pueden ser modificadas", "NO_AGENCY_AVAILABLE": "No hay una zona de reparto disponible con estos parámetros", "ERROR_PAST_SHIPMENT": "No puedes seleccionar una fecha de envío en pasado", diff --git a/loopback/server/boot/set-password.js b/loopback/server/boot/set-password.js new file mode 100644 index 0000000000..ae4dc30ea5 --- /dev/null +++ b/loopback/server/boot/set-password.js @@ -0,0 +1,7 @@ +// SET IN VN_USER +module.exports = async function(app) { + const _setPassword = app.models.VnUser.setPassword; + app.models.VnUser.setPassword = function(newPassword, options, cb) { + return _setPassword.call(this, newPassword, options, cb); + }; +}; From 5eca583c626c3ea92248882b209dd2e3e8ca8057 Mon Sep 17 00:00:00 2001 From: alexm Date: Wed, 3 May 2023 15:19:19 +0200 Subject: [PATCH 03/19] refs #5472 feat(vnUser): override setPassword --- back/models/vn-user.js | 9 +++++++++ front/core/services/auth.js | 6 +++--- front/salix/components/change-password/index.js | 2 +- front/salix/components/login/index.js | 3 ++- front/salix/routes.js | 6 ++++++ loopback/server/boot/set-password.js | 7 ------- 6 files changed, 21 insertions(+), 12 deletions(-) delete mode 100644 loopback/server/boot/set-password.js diff --git a/back/models/vn-user.js b/back/models/vn-user.js index 05102478c6..710710e4e6 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -108,6 +108,15 @@ module.exports = function(Self) { return email.send(); }); + const _setPassword = Self.setPassword; + Self.setPassword = async function(id, newPassword, options, cb) { + // await Self.rawSql(`CALL account.user_checkPassword(?)`, [newPassword]); + await _setPassword.call(this, id, newPassword, options, cb); + const user = await Self.findById(id); + await user.updateAttribute('passExpired', null); + return; + }; + // FIX THIS Self.afterRemote('prototype.patchAttributes', async(ctx, instance) => { if (!ctx.args || !ctx.args.data.email) return; diff --git a/front/core/services/auth.js b/front/core/services/auth.js index 0b89a8e889..41cd27f030 100644 --- a/front/core/services/auth.js +++ b/front/core/services/auth.js @@ -24,7 +24,7 @@ export default class Auth { initialize() { let criteria = { to: state => { - const outLayout = ['login', 'recover-password', 'reset-password']; + const outLayout = ['login', 'recover-password', 'reset-password', 'change-password']; return !outLayout.some(ol => ol == state.name); } }; @@ -59,8 +59,8 @@ export default class Auth { password: password || undefined }; - return this.$http.post('VnUsers/signIn', params).then( - json => this.onLoginOk(json, remember)); + return this.$http.post('VnUsers/signIn', params) + .then(json => this.onLoginOk(json, remember)); } onLoginOk(json, remember) { diff --git a/front/salix/components/change-password/index.js b/front/salix/components/change-password/index.js index 4462b92211..9b1f748b75 100644 --- a/front/salix/components/change-password/index.js +++ b/front/salix/components/change-password/index.js @@ -43,7 +43,7 @@ export default class Controller { } Controller.$inject = ['$scope', '$element', '$http', 'vnApp', '$translate', '$state', '$location']; -ngModule.vnComponent('vnResetPassword', { +ngModule.vnComponent('vnChangePassword', { template: require('./index.html'), controller: Controller }); diff --git a/front/salix/components/login/index.js b/front/salix/components/login/index.js index d248f56a37..74828dd9b3 100644 --- a/front/salix/components/login/index.js +++ b/front/salix/components/login/index.js @@ -28,7 +28,8 @@ export default class Controller { this.focusUser(); console.log('hola'); console.log(err); - console.log(err.error); + console.log(err.message); + console.log(err.stack); throw err; }); } diff --git a/front/salix/routes.js b/front/salix/routes.js index f32c143ef7..c649236a38 100644 --- a/front/salix/routes.js +++ b/front/salix/routes.js @@ -33,6 +33,12 @@ function config($stateProvider, $urlRouterProvider) { description: 'Reset password', template: '' }) + .state('change-password', { + parent: 'outLayout', + url: '/change-password', + description: 'Change password', + template: '' + }) .state('home', { parent: 'layout', url: '/', diff --git a/loopback/server/boot/set-password.js b/loopback/server/boot/set-password.js deleted file mode 100644 index ae4dc30ea5..0000000000 --- a/loopback/server/boot/set-password.js +++ /dev/null @@ -1,7 +0,0 @@ -// SET IN VN_USER -module.exports = async function(app) { - const _setPassword = app.models.VnUser.setPassword; - app.models.VnUser.setPassword = function(newPassword, options, cb) { - return _setPassword.call(this, newPassword, options, cb); - }; -}; From 2da42896954da4aa35432ae7d4bcabffa40d2a46 Mon Sep 17 00:00:00 2001 From: alexm Date: Thu, 4 May 2023 15:01:29 +0200 Subject: [PATCH 04/19] refs #5472 feat(vn-user): override change-password & set-password --- back/methods/vn-user/signIn.js | 4 ++-- back/models/vn-user.js | 14 ++++++++++- .../components/change-password/index.html | 15 ++++-------- .../salix/components/change-password/index.js | 11 ++++----- .../components/change-password/locale/es.yml | 5 ++-- .../components/change-password/style.scss | 24 ------------------- front/salix/components/login/index.js | 17 ++++++------- front/salix/components/outLayout/style.scss | 21 ++++++++++++++++ .../components/recover-password/index.js | 1 - .../components/recover-password/style.scss | 24 ------------------- .../salix/components/reset-password/index.js | 1 - .../components/reset-password/style.scss | 24 ------------------- .../back/methods/account/change-password.js | 4 +--- .../back/methods/account/set-password.js | 4 +--- modules/account/back/methods/account/sync.js | 2 +- 15 files changed, 60 insertions(+), 111 deletions(-) delete mode 100644 front/salix/components/change-password/style.scss delete mode 100644 front/salix/components/recover-password/style.scss delete mode 100644 front/salix/components/reset-password/style.scss diff --git a/back/methods/vn-user/signIn.js b/back/methods/vn-user/signIn.js index 36a2fb8706..8b14bd12df 100644 --- a/back/methods/vn-user/signIn.js +++ b/back/methods/vn-user/signIn.js @@ -43,14 +43,14 @@ module.exports = Self => { ? {email: user} : {name: user}; const vnUser = await Self.findOne({ - fields: ['active', 'passExpired'], + fields: ['id', 'active', 'passExpired'], where }); const today = Date.vnNew(); today.setHours(0, 0, 0, 0); if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime()) - throw new UserError('Pass expired'); + throw new UserError('Pass expired', 'passExpired', {'id': vnUser.id}); const validCredentials = instance && await instance.hasPassword(password); diff --git a/back/models/vn-user.js b/back/models/vn-user.js index 710710e4e6..47c7fd82de 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -110,13 +110,25 @@ module.exports = function(Self) { const _setPassword = Self.setPassword; Self.setPassword = async function(id, newPassword, options, cb) { - // await Self.rawSql(`CALL account.user_checkPassword(?)`, [newPassword]); + // await Self.rawSql(`CALL account.user_setPassword(?, ?)`, + // [id, newPassword]); + await Self.app.models.Account.syncById(id, newPassword); await _setPassword.call(this, id, newPassword, options, cb); + const user = await Self.findById(id); await user.updateAttribute('passExpired', null); return; }; + const _changePassword = Self.changePassword; + Self.changePassword = async function(id, oldPassword, newPassword, options, cb) { + // await Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`, + // [id, oldPassword, newPassword]); + await Self.app.models.Account.syncById(id, newPassword); + await _changePassword.call(this, id, oldPassword, newPassword, options, cb); + return; + }; + // FIX THIS Self.afterRemote('prototype.patchAttributes', async(ctx, instance) => { if (!ctx.args || !ctx.args.data.email) return; diff --git a/front/salix/components/change-password/index.html b/front/salix/components/change-password/index.html index 8d2726d3d4..5ea5ced971 100644 --- a/front/salix/components/change-password/index.html +++ b/front/salix/components/change-password/index.html @@ -3,7 +3,6 @@ label="Old password" ng-model="$ctrl.oldPassword" type="password" - info="{{'Password requirements' | translate:$ctrl.passRequirements}}" vn-focus> - - + autocomplete="false"> + type="password" + autocomplete="false">
- + diff --git a/front/salix/components/change-password/index.js b/front/salix/components/change-password/index.js index 9b1f748b75..1ab9a8a628 100644 --- a/front/salix/components/change-password/index.js +++ b/front/salix/components/change-password/index.js @@ -1,5 +1,4 @@ import ngModule from '../../module'; -import './style.scss'; const UserError = require('vn-loopback/util/user-error'); export default class Controller { @@ -23,18 +22,18 @@ export default class Controller { } submit() { - if (!this.newPassword) + const newPassword = this.newPassword; + + if (!newPassword) throw new UserError(`You must enter a new password`); - if (this.newPassword != this.repeatPassword) + if (newPassword != this.repeatPassword) throw new UserError(`Passwords don't match`); const headers = { Authorization: this.$location.$$search.access_token }; - const newPassword = this.newPassword; - - this.$http.post('VnUsers/reset-password', {newPassword}, {headers}) + this.$http.post('VnUsers/change-password', {newPassword}, {headers}) .then(() => { this.vnApp.showSuccess(this.$translate.instant('Password changed!')); this.$state.go('login'); diff --git a/front/salix/components/change-password/locale/es.yml b/front/salix/components/change-password/locale/es.yml index 30893a1524..5a855e5573 100644 --- a/front/salix/components/change-password/locale/es.yml +++ b/front/salix/components/change-password/locale/es.yml @@ -1,7 +1,8 @@ -Reset password: Restrablecer contraseña +Change password: Cambiar contraseña +Old password: Antigua contraseña New password: Nueva contraseña Repeat password: Repetir contraseña -Password changed!: ¡Contraseña cambiada! +Password changed!: ¡Contraseña actualizada! Password requirements: > La contraseña debe tener al menos {{ length }} caracteres de longitud, {{nAlpha}} caracteres alfabéticos, {{nUpper}} letras mayúsculas, {{nDigits}} diff --git a/front/salix/components/change-password/style.scss b/front/salix/components/change-password/style.scss deleted file mode 100644 index 87e4adc8c9..0000000000 --- a/front/salix/components/change-password/style.scss +++ /dev/null @@ -1,24 +0,0 @@ -@import "variables"; - -vn-reset-password{ - .footer { - margin-top: 32px; - text-align: center; - position: relative; - & > .vn-submit { - display: block; - - & > input { - display: block; - width: 100%; - } - } - & > .spinner-wrapper { - position: absolute; - width: 0; - top: 3px; - right: -8px; - overflow: visible; - } - } -} diff --git a/front/salix/components/login/index.js b/front/salix/components/login/index.js index 74828dd9b3..d944983b7e 100644 --- a/front/salix/components/login/index.js +++ b/front/salix/components/login/index.js @@ -5,10 +5,11 @@ import './style.scss'; * A simple login form. */ export default class Controller { - constructor($, $element, vnAuth) { + constructor($, $element, $state, vnAuth) { Object.assign(this, { $, $element, + $state, vnAuth, user: localStorage.getItem('lastUser'), remember: true @@ -22,15 +23,15 @@ export default class Controller { localStorage.setItem('lastUser', this.user); this.loading = false; }) - .catch(err => { + .catch(req => { this.loading = false; this.password = ''; this.focusUser(); - console.log('hola'); - console.log(err); - console.log(err.message); - console.log(err.stack); - throw err; + console.log(req.data.error); + console.log(req.data.error.code); + throw req; + if (req.data.error.code = 'passExpired') + this.$state.go('change-password'); }); } @@ -39,7 +40,7 @@ export default class Controller { this.$.userField.focus(); } } -Controller.$inject = ['$scope', '$element', 'vnAuth']; +Controller.$inject = ['$scope', '$element', '$state', 'vnAuth']; ngModule.vnComponent('vnLogin', { template: require('./index.html'), diff --git a/front/salix/components/outLayout/style.scss b/front/salix/components/outLayout/style.scss index aa94fefb36..a95b758358 100644 --- a/front/salix/components/outLayout/style.scss +++ b/front/salix/components/outLayout/style.scss @@ -64,4 +64,25 @@ vn-out-layout{ a{ color: $color-primary; } + + .footer { + margin-top: 32px; + text-align: center; + position: relative; + & > .vn-submit { + display: block; + + & > input { + display: block; + width: 100%; + } + } + & > .spinner-wrapper { + position: absolute; + width: 0; + top: 3px; + right: -8px; + overflow: visible; + } + } } diff --git a/front/salix/components/recover-password/index.js b/front/salix/components/recover-password/index.js index e91169588a..5ffc305f91 100644 --- a/front/salix/components/recover-password/index.js +++ b/front/salix/components/recover-password/index.js @@ -1,5 +1,4 @@ import ngModule from '../../module'; -import './style.scss'; export default class Controller { constructor($scope, $element, $http, vnApp, $translate, $state) { diff --git a/front/salix/components/recover-password/style.scss b/front/salix/components/recover-password/style.scss deleted file mode 100644 index d3c6f594ed..0000000000 --- a/front/salix/components/recover-password/style.scss +++ /dev/null @@ -1,24 +0,0 @@ -@import "variables"; - -vn-recover-password{ - .footer { - margin-top: 32px; - text-align: center; - position: relative; - & > .vn-submit { - display: block; - - & > input { - display: block; - width: 100%; - } - } - & > .spinner-wrapper { - position: absolute; - width: 0; - top: 3px; - right: -8px; - overflow: visible; - } - } -} diff --git a/front/salix/components/reset-password/index.js b/front/salix/components/reset-password/index.js index 4462b92211..c0a10cc527 100644 --- a/front/salix/components/reset-password/index.js +++ b/front/salix/components/reset-password/index.js @@ -1,5 +1,4 @@ import ngModule from '../../module'; -import './style.scss'; const UserError = require('vn-loopback/util/user-error'); export default class Controller { diff --git a/front/salix/components/reset-password/style.scss b/front/salix/components/reset-password/style.scss deleted file mode 100644 index 87e4adc8c9..0000000000 --- a/front/salix/components/reset-password/style.scss +++ /dev/null @@ -1,24 +0,0 @@ -@import "variables"; - -vn-reset-password{ - .footer { - margin-top: 32px; - text-align: center; - position: relative; - & > .vn-submit { - display: block; - - & > input { - display: block; - width: 100%; - } - } - & > .spinner-wrapper { - position: absolute; - width: 0; - top: 3px; - right: -8px; - overflow: visible; - } - } -} diff --git a/modules/account/back/methods/account/change-password.js b/modules/account/back/methods/account/change-password.js index 549508ffaf..c6f08a232a 100644 --- a/modules/account/back/methods/account/change-password.js +++ b/modules/account/back/methods/account/change-password.js @@ -28,8 +28,6 @@ module.exports = Self => { }); Self.changePassword = async function(id, oldPassword, newPassword) { - await Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`, - [id, oldPassword, newPassword]); - await Self.app.models.Account.syncById(id, newPassword); + await Self.app.models.VnUser.changePassword(id, oldPassword, newPassword); }; }; diff --git a/modules/account/back/methods/account/set-password.js b/modules/account/back/methods/account/set-password.js index b4204d1035..010197e0d3 100644 --- a/modules/account/back/methods/account/set-password.js +++ b/modules/account/back/methods/account/set-password.js @@ -22,8 +22,6 @@ module.exports = Self => { }); Self.setPassword = async function(id, newPassword) { - await Self.rawSql(`CALL account.user_setPassword(?, ?)`, - [id, newPassword]); - await Self.app.models.Account.syncById(id, newPassword); + await Self.app.models.VnUser.setPassword(id, newPassword); }; }; diff --git a/modules/account/back/methods/account/sync.js b/modules/account/back/methods/account/sync.js index 8668be3435..63eff38bf5 100644 --- a/modules/account/back/methods/account/sync.js +++ b/modules/account/back/methods/account/sync.js @@ -33,7 +33,7 @@ module.exports = Self => { const isSync = !await models.UserSync.exists(userName); if (!force && isSync && user) return; - await models.AccountConfig.syncUser(userName, password); + // await models.AccountConfig.syncUser(userName, password); await models.UserSync.destroyById(userName); }; }; From 728ef965c4952e83650840f47c3dc12c0475256a Mon Sep 17 00:00:00 2001 From: alexm Date: Fri, 5 May 2023 14:50:20 +0200 Subject: [PATCH 05/19] refs #5472 feat(out_login): change-password --- back/models/vn-user.js | 14 ++++++++------ back/models/vn-user.json | 7 +++++++ front/salix/components/change-password/index.js | 7 ++++--- .../salix/components/change-password/locale/es.yml | 2 +- front/salix/components/login/index.js | 11 +++++++---- 5 files changed, 27 insertions(+), 14 deletions(-) diff --git a/back/models/vn-user.js b/back/models/vn-user.js index 47c7fd82de..45b70fc772 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -110,8 +110,9 @@ module.exports = function(Self) { const _setPassword = Self.setPassword; Self.setPassword = async function(id, newPassword, options, cb) { - // await Self.rawSql(`CALL account.user_setPassword(?, ?)`, - // [id, newPassword]); + await Self.rawSql(`CALL account.user_setPassword(?, ?)`, + [id, newPassword]); + console.log('Entry in override SET_PASSWORD'); await Self.app.models.Account.syncById(id, newPassword); await _setPassword.call(this, id, newPassword, options, cb); @@ -121,10 +122,11 @@ module.exports = function(Self) { }; const _changePassword = Self.changePassword; - Self.changePassword = async function(id, oldPassword, newPassword, options, cb) { - // await Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`, - // [id, oldPassword, newPassword]); - await Self.app.models.Account.syncById(id, newPassword); + Self.changePassword = async function(id = 9, oldPassword, newPassword, options, cb) { + console.log(id, oldPassword, newPassword); + await Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`, + [id, oldPassword, newPassword]); + console.log('Entry in override CHANGE_PASSWORD'); await _changePassword.call(this, id, oldPassword, newPassword, options, cb); return; }; diff --git a/back/models/vn-user.json b/back/models/vn-user.json index ce78b09a82..e23b7daa97 100644 --- a/back/models/vn-user.json +++ b/back/models/vn-user.json @@ -109,6 +109,13 @@ "principalType": "ROLE", "principalId": "$everyone", "permission": "ALLOW" + }, + { + "property": "changePassword", + "accessType": "EXECUTE", + "principalType": "ROLE", + "principalId": "$everyone", + "permission": "ALLOW" }, { "property": "validateToken", diff --git a/front/salix/components/change-password/index.js b/front/salix/components/change-password/index.js index 1ab9a8a628..a79e7a8a9c 100644 --- a/front/salix/components/change-password/index.js +++ b/front/salix/components/change-password/index.js @@ -23,6 +23,7 @@ export default class Controller { submit() { const newPassword = this.newPassword; + const oldPassword = this.oldPassword; if (!newPassword) throw new UserError(`You must enter a new password`); @@ -30,12 +31,12 @@ export default class Controller { throw new UserError(`Passwords don't match`); const headers = { - Authorization: this.$location.$$search.access_token + Authorization: {principalType: 'VnUser'} }; - this.$http.post('VnUsers/change-password', {newPassword}, {headers}) + this.$http.post('VnUsers/change-password', {oldPassword, newPassword}, {headers}) .then(() => { - this.vnApp.showSuccess(this.$translate.instant('Password changed!')); + this.vnApp.showSuccess(this.$translate.instant('Password updated!')); this.$state.go('login'); }); } diff --git a/front/salix/components/change-password/locale/es.yml b/front/salix/components/change-password/locale/es.yml index 5a855e5573..9898df702d 100644 --- a/front/salix/components/change-password/locale/es.yml +++ b/front/salix/components/change-password/locale/es.yml @@ -2,7 +2,7 @@ Change password: Cambiar contraseña Old password: Antigua contraseña New password: Nueva contraseña Repeat password: Repetir contraseña -Password changed!: ¡Contraseña actualizada! +Password updated!: ¡Contraseña actualizada! Password requirements: > La contraseña debe tener al menos {{ length }} caracteres de longitud, {{nAlpha}} caracteres alfabéticos, {{nUpper}} letras mayúsculas, {{nDigits}} diff --git a/front/salix/components/login/index.js b/front/salix/components/login/index.js index d944983b7e..c7edb23397 100644 --- a/front/salix/components/login/index.js +++ b/front/salix/components/login/index.js @@ -1,5 +1,6 @@ import ngModule from '../../module'; import './style.scss'; +import UserError from 'core/lib/user-error'; /** * A simple login form. @@ -27,11 +28,13 @@ export default class Controller { this.loading = false; this.password = ''; this.focusUser(); - console.log(req.data.error); - console.log(req.data.error.code); - throw req; - if (req.data.error.code = 'passExpired') + // console.log(req.data.error); + // console.log(req.data.error.code); + + if (req.data.error.code == 'passExpired') this.$state.go('change-password'); + + throw req; }); } From 73fb940c6329203df9c1c1dde0b39699d9555a04 Mon Sep 17 00:00:00 2001 From: alexm Date: Mon, 8 May 2023 10:55:16 +0200 Subject: [PATCH 06/19] refs #5472 try change-password --- back/models/vn-user.js | 13 +++++---- db/changes/231601/00-userPassExpired.sql | 20 ++++++++++++++ db/dump/fixtures.sql | 4 +-- .../salix/components/change-password/index.js | 27 ++++++++++++++++--- front/salix/components/login/index.js | 9 +++---- front/salix/routes.js | 2 +- .../account/specs/change-password.spec.js | 10 ++++++- 7 files changed, 68 insertions(+), 17 deletions(-) diff --git a/back/models/vn-user.js b/back/models/vn-user.js index 45b70fc772..f20ca91521 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -110,25 +110,28 @@ module.exports = function(Self) { const _setPassword = Self.setPassword; Self.setPassword = async function(id, newPassword, options, cb) { + console.log('Entry in override SET_PASSWORD'); await Self.rawSql(`CALL account.user_setPassword(?, ?)`, [id, newPassword]); - console.log('Entry in override SET_PASSWORD'); await Self.app.models.Account.syncById(id, newPassword); await _setPassword.call(this, id, newPassword, options, cb); - const user = await Self.findById(id); await user.updateAttribute('passExpired', null); return; }; const _changePassword = Self.changePassword; - Self.changePassword = async function(id = 9, oldPassword, newPassword, options, cb) { - console.log(id, oldPassword, newPassword); + Self.changePassword = async function(id, oldPassword, newPassword, options, cb) { + if (options && options.id) id = options.id; + console.log(id, oldPassword, newPassword, options); + await Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`, [id, oldPassword, newPassword]); console.log('Entry in override CHANGE_PASSWORD'); await _changePassword.call(this, id, oldPassword, newPassword, options, cb); - return; + + const user = await Self.findById(id); + await user.updateAttribute('passExpired', null); }; // FIX THIS diff --git a/db/changes/231601/00-userPassExpired.sql b/db/changes/231601/00-userPassExpired.sql index 3cf9c4b6f4..c076369cad 100644 --- a/db/changes/231601/00-userPassExpired.sql +++ b/db/changes/231601/00-userPassExpired.sql @@ -1 +1,21 @@ ALTER TABLE `account`.`user` ADD passExpired DATE DEFAULT NULL; + +DROP TRIGGER IF EXISTS `account`.`user_beforeUpdate`; +USE account; + +DELIMITER $$ +$$ +CREATE DEFINER=`root`@`localhost` TRIGGER `account`.`user_beforeUpdate` + BEFORE UPDATE ON `user` + FOR EACH ROW +BEGIN + IF !(NEW.`name` <=> OLD.`name`) THEN + CALL user_checkName (NEW.`name`); + END IF; + + IF !(NEW.`password` <=> OLD.`password`) THEN + SET NEW.lastPassChange = util.VN_NOW(); + END IF; +END$$ +DELIMITER ; +USE vn; diff --git a/db/dump/fixtures.sql b/db/dump/fixtures.sql index e69974d082..9e904efbb4 100644 --- a/db/dump/fixtures.sql +++ b/db/dump/fixtures.sql @@ -71,8 +71,8 @@ INSERT INTO `account`.`roleConfig`(`id`, `mysqlPassword`, `rolePrefix`, `userPre CALL `account`.`role_sync`; -INSERT INTO `account`.`user`(`id`,`name`, `nickname`, `password`,`role`,`active`,`email`, `lang`, `image`, `bcryptPassword`) - SELECT id, name, CONCAT(name, 'Nick'),MD5('nightmare'), id, 1, CONCAT(name, '@mydomain.com'), 'en', '4fa3ada0-3ac4-11eb-9ab8-27f6fc3b85fd', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2' +INSERT INTO `account`.`user`(`id`,`name`, `nickname`, `password`,`role`,`active`,`email`, `lang`, `image`, `bcryptPassword`, `passExpired`) + SELECT id, name, CONCAT(name, 'Nick'),MD5('nightmare'), id, 1, CONCAT(name, '@mydomain.com'), 'en', '4fa3ada0-3ac4-11eb-9ab8-27f6fc3b85fd', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', '1999-01-01' FROM `account`.`role` WHERE id <> 20 ORDER BY id; diff --git a/front/salix/components/change-password/index.js b/front/salix/components/change-password/index.js index a79e7a8a9c..9178540a0f 100644 --- a/front/salix/components/change-password/index.js +++ b/front/salix/components/change-password/index.js @@ -15,6 +15,9 @@ export default class Controller { } $onInit() { + if (!this.$state.params || !this.$state.params.id) + this.$state.go('login'); + this.$http.get('UserPasswords/findOne') .then(res => { this.passRequirements = res.data; @@ -31,10 +34,25 @@ export default class Controller { throw new UserError(`Passwords don't match`); const headers = { - Authorization: {principalType: 'VnUser'} + Authorization: {id: 9}, + id: 9 }; - this.$http.post('VnUsers/change-password', {oldPassword, newPassword}, {headers}) + console.log(this.$state.params.id); + const id = this.$state.params.id; + this.$http.post('VnUsers/change-password', + { + id: 9, + oldPassword, + newPassword, + accessToken: 'hola5', + options: { + id: 9, + accessToken: {id: 9} + } + }, + {headers, id: 9}, + {id: 9}) .then(() => { this.vnApp.showSuccess(this.$translate.instant('Password updated!')); this.$state.go('login'); @@ -45,5 +63,8 @@ Controller.$inject = ['$scope', '$element', '$http', 'vnApp', '$translate', '$st ngModule.vnComponent('vnChangePassword', { template: require('./index.html'), - controller: Controller + controller: Controller, + bindings: { + id: '<' + } }); diff --git a/front/salix/components/login/index.js b/front/salix/components/login/index.js index c7edb23397..554697daf7 100644 --- a/front/salix/components/login/index.js +++ b/front/salix/components/login/index.js @@ -1,6 +1,5 @@ import ngModule from '../../module'; import './style.scss'; -import UserError from 'core/lib/user-error'; /** * A simple login form. @@ -28,11 +27,11 @@ export default class Controller { this.loading = false; this.password = ''; this.focusUser(); - // console.log(req.data.error); - // console.log(req.data.error.code); - if (req.data.error.code == 'passExpired') - this.$state.go('change-password'); + if (req.data.error.code == 'passExpired') { + const [args] = req.data.error.translateArgs; + this.$state.go('change-password', args); + } throw req; }); diff --git a/front/salix/routes.js b/front/salix/routes.js index c649236a38..58b8667312 100644 --- a/front/salix/routes.js +++ b/front/salix/routes.js @@ -35,7 +35,7 @@ function config($stateProvider, $urlRouterProvider) { }) .state('change-password', { parent: 'outLayout', - url: '/change-password', + url: '/change-password?id', description: 'Change password', template: '' }) diff --git a/modules/account/back/methods/account/specs/change-password.spec.js b/modules/account/back/methods/account/specs/change-password.spec.js index 17fadb3c69..1eff5de67d 100644 --- a/modules/account/back/methods/account/specs/change-password.spec.js +++ b/modules/account/back/methods/account/specs/change-password.spec.js @@ -1,6 +1,6 @@ const {models} = require('vn-loopback/server/server'); -describe('account changePassword()', () => { +fdescribe('account changePassword()', () => { it('should throw an error when old password is wrong', async() => { let err; await models.Account.changePassword(1, 'wrongPassword', 'nightmare.9999') @@ -9,4 +9,12 @@ describe('account changePassword()', () => { expect(err).toBeDefined(); expect(err).toEqual('Invalid password'); }); + + it('should change password', async() => { + try { + await models.Account.changePassword(70, 'nightmare', 'nightmare.9999'); + } catch (e) { + expect(e).toBeUndefined(); + } + }); }); From c6c15d7c69ed4f9ee8b60f0d6deadaf4a1d817cf Mon Sep 17 00:00:00 2001 From: alexm Date: Fri, 19 May 2023 14:44:19 +0200 Subject: [PATCH 07/19] refs #5472 feat: changePassword with passExpired --- back/methods/vn-user/signIn.js | 13 ++++++-- back/models/vn-user.js | 30 +++++++------------ db/dump/fixtures.sql | 4 +-- .../salix/components/change-password/index.js | 29 +++++++----------- front/salix/routes.js | 2 +- 5 files changed, 35 insertions(+), 43 deletions(-) diff --git a/back/methods/vn-user/signIn.js b/back/methods/vn-user/signIn.js index 8b14bd12df..a9abfe6930 100644 --- a/back/methods/vn-user/signIn.js +++ b/back/methods/vn-user/signIn.js @@ -49,8 +49,17 @@ module.exports = Self => { const today = Date.vnNew(); today.setHours(0, 0, 0, 0); - if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime()) - throw new UserError('Pass expired', 'passExpired', {'id': vnUser.id}); + + if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime()) { + const changePasswordToken = await models.AccessToken.create({ + scopes: ['change-password'], + userId: vnUser.id + }); + throw new UserError('Pass expired', 'passExpired', { + id: vnUser.id, + token: changePasswordToken.id + }); + } const validCredentials = instance && await instance.hasPassword(password); diff --git a/back/models/vn-user.js b/back/models/vn-user.js index f20ca91521..ba02d72fbd 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -109,29 +109,19 @@ module.exports = function(Self) { }); const _setPassword = Self.setPassword; - Self.setPassword = async function(id, newPassword, options, cb) { - console.log('Entry in override SET_PASSWORD'); - await Self.rawSql(`CALL account.user_setPassword(?, ?)`, - [id, newPassword]); - await Self.app.models.Account.syncById(id, newPassword); - await _setPassword.call(this, id, newPassword, options, cb); - const user = await Self.findById(id); - await user.updateAttribute('passExpired', null); - return; + Self.setPassword = function(id, newPassword, options, cb) { + Self.rawSql(`CALL account.user_setPassword(?, ?)`, [id, newPassword]) + .then(() => _setPassword.call(this, id, newPassword, options, cb) + .then(() => Self.findById(id).updateAttribute('passExpired', null)) + ); }; const _changePassword = Self.changePassword; - Self.changePassword = async function(id, oldPassword, newPassword, options, cb) { - if (options && options.id) id = options.id; - console.log(id, oldPassword, newPassword, options); - - await Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`, - [id, oldPassword, newPassword]); - console.log('Entry in override CHANGE_PASSWORD'); - await _changePassword.call(this, id, oldPassword, newPassword, options, cb); - - const user = await Self.findById(id); - await user.updateAttribute('passExpired', null); + Self.sharedClass._methods.find(method => method.name == 'changePassword').accessScopes = ['change-password']; + Self.changePassword = function(id, oldPassword, newPassword, options, cb) { + Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`, [id, oldPassword, newPassword]) + .then(() => _changePassword.call(this, id, oldPassword, newPassword, options, cb) + .then(() => Self.findById(id).updateAttribute('passExpired', null))); }; // FIX THIS diff --git a/db/dump/fixtures.sql b/db/dump/fixtures.sql index 40c33fc13b..1dc608e053 100644 --- a/db/dump/fixtures.sql +++ b/db/dump/fixtures.sql @@ -71,8 +71,8 @@ INSERT INTO `account`.`roleConfig`(`id`, `mysqlPassword`, `rolePrefix`, `userPre CALL `account`.`role_sync`; -INSERT INTO `account`.`user`(`id`,`name`, `nickname`, `password`,`role`,`active`,`email`, `lang`, `image`, `bcryptPassword`, `passExpired`) - SELECT id, name, CONCAT(name, 'Nick'),MD5('nightmare'), id, 1, CONCAT(name, '@mydomain.com'), 'en', '4fa3ada0-3ac4-11eb-9ab8-27f6fc3b85fd', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', '1999-01-01' +INSERT INTO `account`.`user`(`id`,`name`, `nickname`, `password`,`role`,`active`,`email`, `lang`, `image`, `bcryptPassword`) + SELECT id, name, CONCAT(name, 'Nick'),MD5('nightmare'), id, 1, CONCAT(name, '@mydomain.com'), 'en', '4fa3ada0-3ac4-11eb-9ab8-27f6fc3b85fd', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2' FROM `account`.`role` WHERE id <> 20 ORDER BY id; diff --git a/front/salix/components/change-password/index.js b/front/salix/components/change-password/index.js index 9178540a0f..3d660e894c 100644 --- a/front/salix/components/change-password/index.js +++ b/front/salix/components/change-password/index.js @@ -15,7 +15,7 @@ export default class Controller { } $onInit() { - if (!this.$state.params || !this.$state.params.id) + if (!this.$state.params || !this.$state.params.id || !this.$state.params.token) this.$state.go('login'); this.$http.get('UserPasswords/findOne') @@ -25,6 +25,7 @@ export default class Controller { } submit() { + const id = this.$state.params.id; const newPassword = this.newPassword; const oldPassword = this.oldPassword; @@ -34,29 +35,20 @@ export default class Controller { throw new UserError(`Passwords don't match`); const headers = { - Authorization: {id: 9}, - id: 9 + Authorization: this.$state.params.token }; - console.log(this.$state.params.id); - const id = this.$state.params.id; this.$http.post('VnUsers/change-password', { - id: 9, + id, oldPassword, - newPassword, - accessToken: 'hola5', - options: { - id: 9, - accessToken: {id: 9} - } + newPassword }, - {headers, id: 9}, - {id: 9}) - .then(() => { - this.vnApp.showSuccess(this.$translate.instant('Password updated!')); - this.$state.go('login'); - }); + {headers} + ).then(() => { + this.vnApp.showSuccess(this.$translate.instant('Password updated!')); + this.$state.go('login'); + }); } } Controller.$inject = ['$scope', '$element', '$http', 'vnApp', '$translate', '$state', '$location']; @@ -68,3 +60,4 @@ ngModule.vnComponent('vnChangePassword', { id: '<' } }); + diff --git a/front/salix/routes.js b/front/salix/routes.js index 58b8667312..1419f359c5 100644 --- a/front/salix/routes.js +++ b/front/salix/routes.js @@ -35,7 +35,7 @@ function config($stateProvider, $urlRouterProvider) { }) .state('change-password', { parent: 'outLayout', - url: '/change-password?id', + url: '/change-password?id&token', description: 'Change password', template: '' }) From ddab59a10cf68f4745f5709851c51691ac573bcd Mon Sep 17 00:00:00 2001 From: alexm Date: Mon, 22 May 2023 09:17:40 +0200 Subject: [PATCH 08/19] refs #5472 refactor(changePassword): convert in async --- back/methods/vn-user/signIn.js | 22 +++---- back/models/vn-user.js | 61 ++++++++++++++++--- back/models/vn-user.json | 7 --- .../back/methods/account/change-password.js | 3 +- .../account/specs/change-password.spec.js | 9 +-- 5 files changed, 69 insertions(+), 33 deletions(-) diff --git a/back/methods/vn-user/signIn.js b/back/methods/vn-user/signIn.js index a9abfe6930..d7db90a21e 100644 --- a/back/methods/vn-user/signIn.js +++ b/back/methods/vn-user/signIn.js @@ -50,17 +50,6 @@ module.exports = Self => { const today = Date.vnNew(); today.setHours(0, 0, 0, 0); - if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime()) { - const changePasswordToken = await models.AccessToken.create({ - scopes: ['change-password'], - userId: vnUser.id - }); - throw new UserError('Pass expired', 'passExpired', { - id: vnUser.id, - token: changePasswordToken.id - }); - } - const validCredentials = instance && await instance.hasPassword(password); @@ -68,6 +57,17 @@ module.exports = Self => { if (!vnUser.active) throw new UserError('User disabled'); + if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime()) { + const changePasswordToken = await models.AccessToken.create({ + scopes: ['change-password'], + userId: vnUser.id + }); + throw new UserError('Pass expired', 'passExpired', { + id: vnUser.id, + token: changePasswordToken.id + }); + } + try { await models.Account.sync(instance.username, password); } catch (err) { diff --git a/back/models/vn-user.js b/back/models/vn-user.js index ba02d72fbd..d90b758828 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -1,6 +1,7 @@ const vnModel = require('vn-loopback/common/models/vn-model'); const LoopBackContext = require('loopback-context'); const {Email} = require('vn-print'); +const UserError = require('vn-loopback/util/user-error'); module.exports = function(Self) { vnModel(Self); @@ -109,22 +110,62 @@ module.exports = function(Self) { }); const _setPassword = Self.setPassword; - Self.setPassword = function(id, newPassword, options, cb) { - Self.rawSql(`CALL account.user_setPassword(?, ?)`, [id, newPassword]) - .then(() => _setPassword.call(this, id, newPassword, options, cb) - .then(() => Self.findById(id).updateAttribute('passExpired', null)) - ); + Self.setPassword = async function(id, newPassword, options, cb) { + const myOptions = {}; + let tx; + + if (typeof options == 'object') + Object.assign(myOptions, options); + + if (!myOptions.transaction) { + tx = await Self.beginTransaction({}); + myOptions.transaction = tx; + } + options = myOptions; + + try { + await Self.rawSql(`CALL account.user_setPassword(?, ?)`, [id, newPassword], options); + await _setPassword.call(this, id, newPassword, options, options); + const user = await Self.findById(id, null, options); + await user.updateAttribute('passExpired', null, options); + if (tx) await tx.commit(); + return; + } catch (e) { + if (tx) await tx.rollback(); + console.error('Error changing password, contact with informatica', e); + throw new UserError(e); + } }; const _changePassword = Self.changePassword; Self.sharedClass._methods.find(method => method.name == 'changePassword').accessScopes = ['change-password']; - Self.changePassword = function(id, oldPassword, newPassword, options, cb) { - Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`, [id, oldPassword, newPassword]) - .then(() => _changePassword.call(this, id, oldPassword, newPassword, options, cb) - .then(() => Self.findById(id).updateAttribute('passExpired', null))); + Self.changePassword = async function(id, oldPassword, newPassword, options, cb) { + const myOptions = {}; + let tx; + + if (typeof options == 'object') + Object.assign(myOptions, options); + + if (!myOptions.transaction) { + tx = await Self.beginTransaction({}); + myOptions.transaction = tx; + } + options = myOptions; + + try { + await Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`, [id, oldPassword, newPassword], options); + await _changePassword.call(this, id, oldPassword, newPassword, options); + const user = await Self.findById(id, null, options); + await user.updateAttribute('passExpired', null, options); + if (tx) await tx.commit(); + return; + } catch (error) { + if (tx) await tx.rollback(); + console.error('Error changing password, contact with informatica', error); + throw new UserError(error.sqlMessage || 'Error changing password, contact with informatica'); + } }; - // FIX THIS Self.afterRemote('prototype.patchAttributes', async(ctx, instance) => { if (!ctx.args || !ctx.args.data.email) return; const models = Self.app.models; diff --git a/back/models/vn-user.json b/back/models/vn-user.json index e23b7daa97..d9668903a9 100644 --- a/back/models/vn-user.json +++ b/back/models/vn-user.json @@ -13,10 +13,6 @@ "type": "number", "id": true }, - "name": { - "type": "string", - "required": true - }, "username": { "type": "string", "mysql": { @@ -42,9 +38,6 @@ "lang": { "type": "string" }, - "bcryptPassword": { - "type": "string" - }, "active": { "type": "boolean" }, diff --git a/modules/account/back/methods/account/change-password.js b/modules/account/back/methods/account/change-password.js index c6f08a232a..ee1b2fd3a1 100644 --- a/modules/account/back/methods/account/change-password.js +++ b/modules/account/back/methods/account/change-password.js @@ -28,6 +28,7 @@ module.exports = Self => { }); Self.changePassword = async function(id, oldPassword, newPassword) { - await Self.app.models.VnUser.changePassword(id, oldPassword, newPassword); + const response = await Self.app.models.VnUser.changePassword(id, oldPassword, newPassword); + console.log(response); }; }; diff --git a/modules/account/back/methods/account/specs/change-password.spec.js b/modules/account/back/methods/account/specs/change-password.spec.js index 1eff5de67d..1b599f4309 100644 --- a/modules/account/back/methods/account/specs/change-password.spec.js +++ b/modules/account/back/methods/account/specs/change-password.spec.js @@ -1,12 +1,13 @@ const {models} = require('vn-loopback/server/server'); fdescribe('account changePassword()', () => { - it('should throw an error when old password is wrong', async() => { + fit('should throw an error when old password is wrong', async() => { let err; - await models.Account.changePassword(1, 'wrongPassword', 'nightmare.9999') - .catch(error => err = error.sqlMessage); + await models.Account.changePassword(1, 'wrongPassword2', 'nightmare.9999') + .catch(error => { + err = error.sqlMessage; + }); - expect(err).toBeDefined(); expect(err).toEqual('Invalid password'); }); From c35e2e155fc01cfee887c25b35f03ce6c2469f1d Mon Sep 17 00:00:00 2001 From: alexm Date: Tue, 23 May 2023 15:12:28 +0200 Subject: [PATCH 09/19] refs #5472 test(changePassword): back --- back/models/vn-user.js | 8 ++++---- back/models/vn-user.json | 7 +++++++ .../back/methods/account/change-password.js | 3 +-- .../account/specs/change-password.spec.js | 17 +++++++++-------- 4 files changed, 21 insertions(+), 14 deletions(-) diff --git a/back/models/vn-user.js b/back/models/vn-user.js index d90b758828..867dce31bd 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -125,14 +125,14 @@ module.exports = function(Self) { try { await Self.rawSql(`CALL account.user_setPassword(?, ?)`, [id, newPassword], options); - await _setPassword.call(this, id, newPassword, options, options); + await _setPassword.call(this, id, newPassword, options, cb); const user = await Self.findById(id, null, options); await user.updateAttribute('passExpired', null, options); if (tx) await tx.commit(); return; } catch (e) { if (tx) await tx.rollback(); - console.error('Error changing password, contact with informatica', e); + // console.error('Error changing password, contact with informatica', e); throw new UserError(e); } }; @@ -154,14 +154,14 @@ module.exports = function(Self) { try { await Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`, [id, oldPassword, newPassword], options); - await _changePassword.call(this, id, oldPassword, newPassword, options); + await _changePassword.call(this, id, oldPassword, newPassword, options, cb); const user = await Self.findById(id, null, options); await user.updateAttribute('passExpired', null, options); if (tx) await tx.commit(); return; } catch (error) { if (tx) await tx.rollback(); - console.error('Error changing password, contact with informatica', error); + // console.error('Error changing password, contact with informatica', error); throw new UserError(error.sqlMessage || 'Error changing password, contact with informatica'); } }; diff --git a/back/models/vn-user.json b/back/models/vn-user.json index d9668903a9..e23b7daa97 100644 --- a/back/models/vn-user.json +++ b/back/models/vn-user.json @@ -13,6 +13,10 @@ "type": "number", "id": true }, + "name": { + "type": "string", + "required": true + }, "username": { "type": "string", "mysql": { @@ -38,6 +42,9 @@ "lang": { "type": "string" }, + "bcryptPassword": { + "type": "string" + }, "active": { "type": "boolean" }, diff --git a/modules/account/back/methods/account/change-password.js b/modules/account/back/methods/account/change-password.js index ee1b2fd3a1..c6f08a232a 100644 --- a/modules/account/back/methods/account/change-password.js +++ b/modules/account/back/methods/account/change-password.js @@ -28,7 +28,6 @@ module.exports = Self => { }); Self.changePassword = async function(id, oldPassword, newPassword) { - const response = await Self.app.models.VnUser.changePassword(id, oldPassword, newPassword); - console.log(response); + await Self.app.models.VnUser.changePassword(id, oldPassword, newPassword); }; }; diff --git a/modules/account/back/methods/account/specs/change-password.spec.js b/modules/account/back/methods/account/specs/change-password.spec.js index 1b599f4309..0667336f32 100644 --- a/modules/account/back/methods/account/specs/change-password.spec.js +++ b/modules/account/back/methods/account/specs/change-password.spec.js @@ -1,14 +1,15 @@ const {models} = require('vn-loopback/server/server'); -fdescribe('account changePassword()', () => { - fit('should throw an error when old password is wrong', async() => { - let err; - await models.Account.changePassword(1, 'wrongPassword2', 'nightmare.9999') - .catch(error => { - err = error.sqlMessage; - }); +describe('account changePassword()', () => { + it('should throw an error when old password is wrong', async() => { + let error; + try { + await models.Account.changePassword(1, 'wrongPassword', 'nightmare.9999'); + } catch (e) { + error = e.message; + } - expect(err).toEqual('Invalid password'); + expect(error).toContain('Invalid password'); }); it('should change password', async() => { From 9462ca90a70f726109eaca5d79ec54561c843965 Mon Sep 17 00:00:00 2001 From: alexm Date: Thu, 1 Jun 2023 15:29:46 +0200 Subject: [PATCH 10/19] refs #5472 refactor setPassword & changePassword, fix sync --- back/models/vn-user.js | 119 +++++++----------- back/models/vn-user.json | 7 -- db/changes/232201/00-userPassExpired.sql | 20 --- db/changes/232401/00-userPassExpired.sql | 22 ++++ db/dump/mockDate.sql | 19 +-- loopback/locale/es.json | 2 +- modules/account/back/methods/account/sync.js | 2 +- modules/account/back/models/account-config.js | 24 ---- .../account/back/models/account-config.json | 3 - 9 files changed, 74 insertions(+), 144 deletions(-) delete mode 100644 db/changes/232201/00-userPassExpired.sql create mode 100644 db/changes/232401/00-userPassExpired.sql diff --git a/back/models/vn-user.js b/back/models/vn-user.js index 867dce31bd..3b869907e0 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -110,7 +110,10 @@ module.exports = function(Self) { }); const _setPassword = Self.setPassword; - Self.setPassword = async function(id, newPassword, options, cb) { + Self.setPassword = async function(id, newPassword, options) { + if (typeof options === 'function') + options = undefined; + const myOptions = {}; let tx; @@ -125,89 +128,59 @@ module.exports = function(Self) { try { await Self.rawSql(`CALL account.user_setPassword(?, ?)`, [id, newPassword], options); - await _setPassword.call(this, id, newPassword, options, cb); - const user = await Self.findById(id, null, options); + await _setPassword.call(this, id, newPassword, options); + const user = await Self.findById(id, {fields: ['id', 'name']}, options); await user.updateAttribute('passExpired', null, options); + await models.Account.sync(user.name, newPassword); if (tx) await tx.commit(); - return; - } catch (e) { + } catch (err) { if (tx) await tx.rollback(); - // console.error('Error changing password, contact with informatica', e); - throw new UserError(e); + throw err; } }; - const _changePassword = Self.changePassword; - Self.sharedClass._methods.find(method => method.name == 'changePassword').accessScopes = ['change-password']; - Self.changePassword = async function(id, oldPassword, newPassword, options, cb) { - const myOptions = {}; - let tx; + Self.sharedClass._methods.find(method => method.name == 'changePassword') + .accessScopes = ['change-password']; - if (typeof options == 'object') - Object.assign(myOptions, options); + // FIXME: https://redmine.verdnatura.es/issues/5761 + // Self.afterRemote('prototype.patchAttributes', async(ctx, instance) => { + // if (!ctx.args || !ctx.args.data.email) return; - if (!myOptions.transaction) { - tx = await Self.beginTransaction({}); - myOptions.transaction = tx; - } - options = myOptions; + // const loopBackContext = LoopBackContext.getCurrentContext(); + // const httpCtx = {req: loopBackContext.active}; + // const httpRequest = httpCtx.req.http.req; + // const headers = httpRequest.headers; + // const origin = headers.origin; + // const url = origin.split(':'); - try { - await Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`, [id, oldPassword, newPassword], options); - await _changePassword.call(this, id, oldPassword, newPassword, options, cb); - const user = await Self.findById(id, null, options); - await user.updateAttribute('passExpired', null, options); - if (tx) await tx.commit(); - return; - } catch (error) { - if (tx) await tx.rollback(); - // console.error('Error changing password, contact with informatica', error); - throw new UserError(error.sqlMessage || 'Error changing password, contact with informatica'); - } - }; + // class Mailer { + // async send(verifyOptions, cb) { + // const params = { + // url: verifyOptions.verifyHref, + // recipient: verifyOptions.to, + // lang: ctx.req.getLocale() + // }; - Self.afterRemote('prototype.patchAttributes', async(ctx, instance) => { - if (!ctx.args || !ctx.args.data.email) return; - const models = Self.app.models; + // const email = new Email('email-verify', params); + // email.send(); - const loopBackContext = LoopBackContext.getCurrentContext(); - const httpCtx = {req: loopBackContext.active}; - const httpRequest = httpCtx.req.http.req; - const headers = httpRequest.headers; - const origin = headers.origin; - const url = origin.split(':'); + // cb(null, verifyOptions.to); + // } + // } - const userId = ctx.instance.id; - const user = await models.VnUser.findById(userId); + // const options = { + // type: 'email', + // to: instance.email, + // from: {}, + // redirect: `${origin}/#!/account/${instance.id}/basic-data?emailConfirmed`, + // template: false, + // mailer: new Mailer, + // host: url[1].split('/')[2], + // port: url[2], + // protocol: url[0], + // user: Self + // }; - class Mailer { - async send(verifyOptions, cb) { - const params = { - url: verifyOptions.verifyHref, - recipient: verifyOptions.to, - lang: ctx.req.getLocale() - }; - - const email = new Email('email-verify', params); - email.send(); - - cb(null, verifyOptions.to); - } - } - - const options = { - type: 'email', - to: instance.email, - from: {}, - redirect: `${origin}/#!/account/${instance.id}/basic-data?emailConfirmed`, - template: false, - mailer: new Mailer, - host: url[1].split('/')[2], - port: url[2], - protocol: url[0], - user: Self - }; - - await user.verify(options); - }); + // await instance.verify(options); + // }); }; diff --git a/back/models/vn-user.json b/back/models/vn-user.json index e23b7daa97..ce78b09a82 100644 --- a/back/models/vn-user.json +++ b/back/models/vn-user.json @@ -109,13 +109,6 @@ "principalType": "ROLE", "principalId": "$everyone", "permission": "ALLOW" - }, - { - "property": "changePassword", - "accessType": "EXECUTE", - "principalType": "ROLE", - "principalId": "$everyone", - "permission": "ALLOW" }, { "property": "validateToken", diff --git a/db/changes/232201/00-userPassExpired.sql b/db/changes/232201/00-userPassExpired.sql deleted file mode 100644 index 3f748e88e3..0000000000 --- a/db/changes/232201/00-userPassExpired.sql +++ /dev/null @@ -1,20 +0,0 @@ -ALTER TABLE `account`.`user` ADD passExpired DATE DEFAULT NULL; - -DROP TRIGGER IF EXISTS `account`.`user_beforeUpdate`; -USE account; - -DELIMITER $$ -$$ -CREATE DEFINER=`root`@`localhost` TRIGGER `account`.`user_beforeUpdate` - BEFORE UPDATE ON `user` - FOR EACH ROW -BEGIN - IF !(NEW.`name` <=> OLD.`name`) THEN - CALL user_checkName (NEW.`name`); - END IF; - - IF !(NEW.`password` <=> OLD.`password`) THEN - SET NEW.lastPassChange = util.VN_NOW(); - END IF; -END$$ -DELIMITER ; diff --git a/db/changes/232401/00-userPassExpired.sql b/db/changes/232401/00-userPassExpired.sql new file mode 100644 index 0000000000..316496a508 --- /dev/null +++ b/db/changes/232401/00-userPassExpired.sql @@ -0,0 +1,22 @@ +ALTER TABLE `account`.`user` ADD passExpired DATE DEFAULT NULL; + +-- DROP TRIGGER IF EXISTS `account`.`user_beforeUpdate`; +-- USE account; + +-- DELIMITER $$ +-- $$ +-- CREATE DEFINER=`root`@`localhost` TRIGGER `account`.`user_beforeUpdate` +-- BEFORE UPDATE ON `user` +-- FOR EACH ROW +-- BEGIN +-- SET NEW.editorFk = account.myUser_getId(); + +-- IF !(NEW.`name` <=> OLD.`name`) THEN +-- CALL user_checkName (NEW.`name`); +-- END IF; + +-- IF !(NEW.`password` <=> OLD.`password`) THEN +-- SET NEW.lastPassChange = util.VN_NOW(); +-- END IF; +-- END$$ +-- DELIMITER ; diff --git a/db/dump/mockDate.sql b/db/dump/mockDate.sql index 2b4c33d74e..5d4d0c351b 100644 --- a/db/dump/mockDate.sql +++ b/db/dump/mockDate.sql @@ -1,30 +1,19 @@ -DROP FUNCTION IF EXISTS `util`.`mockTime`; DELIMITER $$ -$$ -CREATE DEFINER=`root`@`localhost` FUNCTION `util`.`mockTime`() RETURNS datetime + +CREATE OR REPLACE DEFINER=`root`@`localhost` FUNCTION `util`.`mockTime`() RETURNS datetime DETERMINISTIC BEGIN RETURN CONVERT_TZ('@mockDate', 'utc', 'Europe/Madrid'); END$$ -DELIMITER ; -DROP FUNCTION IF EXISTS `util`.`mockUtcTime`; - -DELIMITER $$ -$$ -CREATE DEFINER=`root`@`localhost` FUNCTION `util`.`mockUtcTime`() RETURNS datetime +CREATE OR REPLACE DEFINER=`root`@`localhost` FUNCTION `util`.`mockUtcTime`() RETURNS datetime DETERMINISTIC BEGIN RETURN CONVERT_TZ('@mockDate', 'utc', 'Europe/Madrid'); END$$ -DELIMITER ; -DROP FUNCTION IF EXISTS `util`.`mockTimeBase`; - -DELIMITER $$ -$$ -CREATE DEFINER=`root`@`localhost` FUNCTION `util`.`mockTimeBase`(vIsUtc BOOL) RETURNS datetime +CREATE OR REPLACE DEFINER=`root`@`localhost` FUNCTION `util`.`mockTimeBase`(vIsUtc BOOL) RETURNS datetime DETERMINISTIC BEGIN RETURN CONVERT_TZ('@mockDate', 'utc', 'Europe/Madrid'); diff --git a/loopback/locale/es.json b/loopback/locale/es.json index 5477732337..5dcfab3641 100644 --- a/loopback/locale/es.json +++ b/loopback/locale/es.json @@ -83,7 +83,7 @@ "The current ticket can't be modified": "El ticket actual no puede ser modificado", "The current claim can't be modified": "La reclamación actual no puede ser modificada", "The sales of this ticket can't be modified": "Las lineas de este ticket no pueden ser modificadas", - "The sales do not exists": "La(s) línea(s) seleccionada(s) no existe(n)", + "The sales do not exists": "La(s) línea(s) seleccionada(s) no existe(n)", "Please select at least one sale": "Por favor selecciona al menos una linea", "All sales must belong to the same ticket": "Todas las lineas deben pertenecer al mismo ticket", "NO_ZONE_FOR_THIS_PARAMETERS": "Para este día no hay ninguna zona configurada", diff --git a/modules/account/back/methods/account/sync.js b/modules/account/back/methods/account/sync.js index 63eff38bf5..8668be3435 100644 --- a/modules/account/back/methods/account/sync.js +++ b/modules/account/back/methods/account/sync.js @@ -33,7 +33,7 @@ module.exports = Self => { const isSync = !await models.UserSync.exists(userName); if (!force && isSync && user) return; - // await models.AccountConfig.syncUser(userName, password); + await models.AccountConfig.syncUser(userName, password); await models.UserSync.destroyById(userName); }; }; diff --git a/modules/account/back/models/account-config.js b/modules/account/back/models/account-config.js index 5c9d92f1e0..265f34275a 100644 --- a/modules/account/back/models/account-config.js +++ b/modules/account/back/models/account-config.js @@ -173,30 +173,6 @@ module.exports = Self => { async synchronizerSyncRoles() { for (let synchronizer of this.synchronizers) await synchronizer.syncRoles(); - }, - - async syncUser(userName, info, password) { - if (info.user && password) - await app.models.VnUser.setPassword(info.user.id, password); - }, - - async getUsers(usersToSync) { - let accounts = await app.models.Account.find({ - fields: ['id'], - include: { - relation: 'user', - scope: { - fields: ['name'], - where: {active: true} - } - } - }); - - for (let account of accounts) { - let user = account.user(); - if (!user) continue; - usersToSync.add(user.name); - } } }); }; diff --git a/modules/account/back/models/account-config.json b/modules/account/back/models/account-config.json index 1c643ac38b..a2a4056103 100644 --- a/modules/account/back/models/account-config.json +++ b/modules/account/back/models/account-config.json @@ -6,9 +6,6 @@ "table": "account.accountConfig" } }, - "mixins": { - "AccountSynchronizer": {} - }, "properties": { "id": { "type": "number", From 86cd5f52375188286ce8d5ab8bdaeb8e3a2a656d Mon Sep 17 00:00:00 2001 From: alexm Date: Fri, 2 Jun 2023 15:07:02 +0200 Subject: [PATCH 11/19] refs #5472 fix sync --- back/models/vn-user.js | 25 ++++++++++--------- .../back/methods/account/sync-by-id.js | 6 ++--- modules/account/back/methods/account/sync.js | 8 +++--- 3 files changed, 20 insertions(+), 19 deletions(-) diff --git a/back/models/vn-user.js b/back/models/vn-user.js index 3b869907e0..fb32793539 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -1,7 +1,6 @@ const vnModel = require('vn-loopback/common/models/vn-model'); const LoopBackContext = require('loopback-context'); const {Email} = require('vn-print'); -const UserError = require('vn-loopback/util/user-error'); module.exports = function(Self) { vnModel(Self); @@ -109,10 +108,12 @@ module.exports = function(Self) { return email.send(); }); - const _setPassword = Self.setPassword; - Self.setPassword = async function(id, newPassword, options) { - if (typeof options === 'function') + const _setPassword = Self.prototype.setPassword; + Self.prototype.setPassword = async function(newPassword, options, cb) { + if (cb === undefined && typeof options === 'function') { + cb = options; options = undefined; + } const myOptions = {}; let tx; @@ -127,15 +128,15 @@ module.exports = function(Self) { options = myOptions; try { - await Self.rawSql(`CALL account.user_setPassword(?, ?)`, [id, newPassword], options); - await _setPassword.call(this, id, newPassword, options); - const user = await Self.findById(id, {fields: ['id', 'name']}, options); - await user.updateAttribute('passExpired', null, options); - await models.Account.sync(user.name, newPassword); - if (tx) await tx.commit(); + await Self.rawSql(`CALL account.user_checkPassword(?)`, [newPassword], options); + await _setPassword.call(this, newPassword, options); + await this.updateAttribute('passExpired', null, options); + await Self.app.models.Account.sync(this.name, newPassword, null, options); + tx && await tx.commit(); + cb && cb(); } catch (err) { - if (tx) await tx.rollback(); - throw err; + tx && await tx.rollback(); + if (cb) cb(err); else throw err; } }; diff --git a/modules/account/back/methods/account/sync-by-id.js b/modules/account/back/methods/account/sync-by-id.js index 538bc09bd3..e1c631395e 100644 --- a/modules/account/back/methods/account/sync-by-id.js +++ b/modules/account/back/methods/account/sync-by-id.js @@ -24,8 +24,8 @@ module.exports = Self => { } }); - Self.syncById = async function(id, password, force) { - let user = await Self.app.models.VnUser.findById(id, {fields: ['name']}); - await Self.sync(user.name, password, force); + Self.syncById = async function(id, password, force, options) { + let user = await Self.app.models.VnUser.findById(id, {fields: ['name']}, options); + await Self.sync(user.name, password, force, options); }; }; diff --git a/modules/account/back/methods/account/sync.js b/modules/account/back/methods/account/sync.js index 8668be3435..95454a6006 100644 --- a/modules/account/back/methods/account/sync.js +++ b/modules/account/back/methods/account/sync.js @@ -24,17 +24,17 @@ module.exports = Self => { } }); - Self.sync = async function(userName, password, force) { + Self.sync = async function(userName, password, force, options) { const models = Self.app.models; const user = await models.VnUser.findOne({ fields: ['id'], where: {name: userName} - }); - const isSync = !await models.UserSync.exists(userName); + }, options); + const isSync = !await models.UserSync.exists(userName, options); if (!force && isSync && user) return; await models.AccountConfig.syncUser(userName, password); - await models.UserSync.destroyById(userName); + await models.UserSync.destroyById(userName, options); }; }; From 64abf4bf140d79ded0de2dd739aa641edc37587a Mon Sep 17 00:00:00 2001 From: alexm Date: Mon, 5 Jun 2023 13:21:52 +0200 Subject: [PATCH 12/19] refs #5472 fix req.data.error.code --- .eslintrc.yml | 4 ++-- front/salix/components/login/index.js | 3 +-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.eslintrc.yml b/.eslintrc.yml index 13fc2b1402..ee20324ff3 100644 --- a/.eslintrc.yml +++ b/.eslintrc.yml @@ -1,6 +1,6 @@ extends: [eslint:recommended, google, plugin:jasmine/recommended] parserOptions: - ecmaVersion: 2018 + ecmaVersion: 2020 sourceType: "module" plugins: - jasmine @@ -35,4 +35,4 @@ rules: space-in-parens: ["error", "never"] jasmine/no-focused-tests: 0 jasmine/prefer-toHaveBeenCalledWith: 0 - arrow-spacing: ["error", { "before": true, "after": true }] \ No newline at end of file + arrow-spacing: ["error", { "before": true, "after": true }] diff --git a/front/salix/components/login/index.js b/front/salix/components/login/index.js index 554697daf7..0412f3b742 100644 --- a/front/salix/components/login/index.js +++ b/front/salix/components/login/index.js @@ -27,8 +27,7 @@ export default class Controller { this.loading = false; this.password = ''; this.focusUser(); - - if (req.data.error.code == 'passExpired') { + if (req?.data?.error?.code == 'passExpired') { const [args] = req.data.error.translateArgs; this.$state.go('change-password', args); } From 5d6eaca6b847cd0c7f73ca7907957835bc71244c Mon Sep 17 00:00:00 2001 From: alexm Date: Mon, 5 Jun 2023 15:20:07 +0200 Subject: [PATCH 13/19] refs #5472 test(changePassword): e2e --- db/dump/fixtures.sql | 4 + e2e/paths/01-salix/05_changePassword.spec.js | 80 +++++++++++++++++++ e2e/paths/06-claim/05_summary.spec.js | 6 +- .../components/change-password/index.html | 3 + loopback/locale/en.json | 2 +- 5 files changed, 93 insertions(+), 2 deletions(-) create mode 100644 e2e/paths/01-salix/05_changePassword.spec.js diff --git a/db/dump/fixtures.sql b/db/dump/fixtures.sql index 15fa96a792..67b8b718ac 100644 --- a/db/dump/fixtures.sql +++ b/db/dump/fixtures.sql @@ -113,6 +113,10 @@ INSERT INTO `account`.`user`(`id`,`name`,`nickname`, `bcryptPassword`, `password (1111, 'Missing', 'Missing', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 2, 0, NULL, 'en', NULL), (1112, 'Trash', 'Trash', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 2, 0, NULL, 'en', NULL); +UPDATE account.`user` + SET passExpired = DATE_SUB(util.VN_CURDATE(), INTERVAL 1 YEAR) + WHERE name = 'maintenance'; + INSERT INTO `account`.`mailAlias`(`id`, `alias`, `description`, `isPublic`) VALUES (1, 'general', 'General mailing list', FALSE), diff --git a/e2e/paths/01-salix/05_changePassword.spec.js b/e2e/paths/01-salix/05_changePassword.spec.js new file mode 100644 index 0000000000..969360cc4d --- /dev/null +++ b/e2e/paths/01-salix/05_changePassword.spec.js @@ -0,0 +1,80 @@ +import getBrowser from '../../helpers/puppeteer'; + +const $ = { + form: 'vn-out-layout form' +}; + +fdescribe('ChangePassword path', async() => { + let browser; + let page; + beforeAll(async() => { + browser = await getBrowser(); + page = browser.page; + }); + + afterAll(async() => { + await browser.close(); + }); + + const toExpects = []; + async function saveExpets(message, expectMessage, expectState) { + console.log(message); + if (!message) message = await page.waitForSnackbar(); + if (expectState) + toExpects.push({value: await page.getState(), expected: toExpects.length + expectState}); + if (expectMessage) + toExpects.push({value: message.text, expected: toExpects.length + expectMessage}); + } + + function expects() { + for (let toExpect of toExpects) + expect(toExpect.expected).toContain(toExpect.value); // eslint-disable-line + } + + const oldPassword = 'nightmare'; + const newPassword = 'newPass.1234'; + describe('Bad login', async() => { + it('should receive an error when the password is expired', async() => { + // 0 Expired login + await saveExpets(await page.doLogin( + 'maintenance', + oldPassword + ), 'The password has expired, change it from Salix', 'change-password'); + + // 1 Bad attempt: incorrect current password + await saveExpets(await page.sendForm($.form, { + oldPassword: newPassword, + newPassword: oldPassword, + repeatPassword: oldPassword + }), 'Invalid current password'); + + // 2 Bad attempt: password not meet requirements + await saveExpets(await page.sendForm($.form, { + oldPassword: oldPassword, + newPassword: oldPassword, + repeatPassword: oldPassword + }), 'Password does not meet requirements'); + + // 3 Correct attempt: change password + await saveExpets(await page.sendForm($.form, { + oldPassword: oldPassword, + newPassword: newPassword, + repeatPassword: newPassword + }), 'Password updated!', 'login'); + + // 4 Bad login, old password + await saveExpets(await page.doLogin( + 'maintenance', + oldPassword + ), 'The password has expired, change it from Salix'); + + // 5 Correct login, new password + await saveExpets(await page.doLogin( + 'maintenance', + newPassword + ), null, 'change-password'); + + expects(); + }); + }); +}); diff --git a/e2e/paths/06-claim/05_summary.spec.js b/e2e/paths/06-claim/05_summary.spec.js index 9656ea656d..46c208723b 100644 --- a/e2e/paths/06-claim/05_summary.spec.js +++ b/e2e/paths/06-claim/05_summary.spec.js @@ -49,7 +49,11 @@ describe('Claim summary path', () => { }); it(`should click on the first sale ID making the item descriptor visible`, async() => { - await page.waitToClick(selectors.claimSummary.firstSaleItemId); + const firstItem = selectors.claimSummary.firstSaleItemId; + await page.evaluate(selectors => { + document.querySelector(selectors).scrollIntoView(); + }, firstItem); + await page.waitToClick(firstItem, true); await page.waitImgLoad(selectors.claimSummary.firstSaleDescriptorImage); const visible = await page.isVisible(selectors.claimSummary.itemDescriptorPopover); diff --git a/front/salix/components/change-password/index.html b/front/salix/components/change-password/index.html index 5ea5ced971..8d338d4118 100644 --- a/front/salix/components/change-password/index.html +++ b/front/salix/components/change-password/index.html @@ -2,12 +2,14 @@ @@ -15,6 +17,7 @@ diff --git a/loopback/locale/en.json b/loopback/locale/en.json index d8cbee3962..8bc9d40563 100644 --- a/loopback/locale/en.json +++ b/loopback/locale/en.json @@ -172,7 +172,7 @@ "Comment added to client": "Comment added to client", "This ticket is already a refund": "This ticket is already a refund", "A claim with that sale already exists": "A claim with that sale already exists", - "Pass expired": "The password has expired, change it from Salix", + "Pass expired": "The password has expired, change it from Salix", "Can't transfer claimed sales": "Can't transfer claimed sales", "Invalid quantity": "Invalid quantity" } From cb50c617ee6fdb500efd8517abf5d3e023a86b94 Mon Sep 17 00:00:00 2001 From: alexm Date: Tue, 6 Jun 2023 15:09:01 +0200 Subject: [PATCH 14/19] refs #5489 deprecate account.user.password --- back/models/vn-user.json | 8 +- db/changes/232401/00-userPassExpired.sql | 88 +++++++++++++++---- db/dump/fixtures.sql | 6 +- e2e/paths/01-salix/05_changePassword.spec.js | 37 ++++---- modules/account/back/models/account-config.js | 2 +- 5 files changed, 92 insertions(+), 49 deletions(-) diff --git a/back/models/vn-user.json b/back/models/vn-user.json index ce78b09a82..8486e29b8b 100644 --- a/back/models/vn-user.json +++ b/back/models/vn-user.json @@ -25,10 +25,7 @@ }, "password": { "type": "string", - "required": true, - "mysql": { - "columnName": "bcryptPassword" - } + "required": true }, "roleFk": { "type": "number", @@ -42,9 +39,6 @@ "lang": { "type": "string" }, - "bcryptPassword": { - "type": "string" - }, "active": { "type": "boolean" }, diff --git a/db/changes/232401/00-userPassExpired.sql b/db/changes/232401/00-userPassExpired.sql index 316496a508..2d4b45937f 100644 --- a/db/changes/232401/00-userPassExpired.sql +++ b/db/changes/232401/00-userPassExpired.sql @@ -1,22 +1,76 @@ ALTER TABLE `account`.`user` ADD passExpired DATE DEFAULT NULL; --- DROP TRIGGER IF EXISTS `account`.`user_beforeUpdate`; --- USE account; +DROP PROCEDURE `account`.`myUser_changePassword`; +DROP PROCEDURE `account`.`myUser_restorePassword`; +DROP PROCEDURE `account`.`user_changePassword`; +DROP PROCEDURE `account`.`user_restorePassword`; +DROP PROCEDURE `account`.`user_setPassword`; --- DELIMITER $$ --- $$ --- CREATE DEFINER=`root`@`localhost` TRIGGER `account`.`user_beforeUpdate` --- BEFORE UPDATE ON `user` --- FOR EACH ROW --- BEGIN --- SET NEW.editorFk = account.myUser_getId(); +ALTER TABLE account.`user` CHANGE password password__ char(64) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL COMMENT 'Deprecated'; +ALTER TABLE account.`user` CHANGE bcryptPassword password varchar(512) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci DEFAULT NULL NULL; --- IF !(NEW.`name` <=> OLD.`name`) THEN --- CALL user_checkName (NEW.`name`); --- END IF; +DELIMITER $$ +$$ +CREATE OR REPLACE DEFINER=`root`@`localhost` TRIGGER `account`.`user_beforeUpdate` + BEFORE UPDATE ON `user` + FOR EACH ROW +BEGIN + SET NEW.editorFk = account.myUser_getId(); --- IF !(NEW.`password` <=> OLD.`password`) THEN --- SET NEW.lastPassChange = util.VN_NOW(); --- END IF; --- END$$ --- DELIMITER ; + IF !(NEW.`name` <=> OLD.`name`) THEN + CALL user_checkName (NEW.`name`); + END IF; + + IF !(NEW.`password` <=> OLD.`password`) THEN + SET NEW.lastPassChange = util.VN_NOW(); + END IF; +END$$ +DELIMITER ; + +CREATE OR REPLACE DEFINER=`root`@`localhost` + SQL SECURITY DEFINER + VIEW `account`.`accountDovecot` AS +select + `u`.`name` AS `name`, + `u`.`password` AS `password` +from + (`account`.`user` `u` +join `account`.`account` `a` on + (`a`.`id` = `u`.`id`)) +where + `u`.`active` <> 0; + +CREATE OR REPLACE DEFINER=`root`@`localhost` + SQL SECURITY DEFINER + VIEW `salix`.`User` AS +select + `account`.`user`.`id` AS `id`, + `account`.`user`.`realm` AS `realm`, + `account`.`user`.`name` AS `username`, + `account`.`user`.`password` AS `password`, + `account`.`user`.`email` AS `email`, + `account`.`user`.`emailVerified` AS `emailVerified`, + `account`.`user`.`verificationToken` AS `verificationToken` +from + `account`.`user`; + +CREATE OR REPLACE DEFINER=`root`@`localhost` + SQL SECURITY DEFINER + VIEW `vn`.`workerTimeControlUserInfo` AS +select + `u`.`id` AS `userFk`, + `w`.`firstName` AS `name`, + `w`.`lastName` AS `surname`, + `u`.`name` AS `user`, + `u`.`password` AS `password`, + `wd`.`departmentFk` AS `departmentFk`, + left(`c`.`fi`, + 8) AS `dni` +from + (((`account`.`user` `u` +join `vn`.`worker` `w` on + (`w`.`userFk` = `u`.`id`)) +join `vn`.`client` `c` on + (`c`.`id` = `u`.`id`)) +left join `vn`.`workerDepartment` `wd` on + (`wd`.`workerFk` = `w`.`id`)); diff --git a/db/dump/fixtures.sql b/db/dump/fixtures.sql index 67b8b718ac..a08ab38140 100644 --- a/db/dump/fixtures.sql +++ b/db/dump/fixtures.sql @@ -71,8 +71,8 @@ INSERT INTO `account`.`roleConfig`(`id`, `mysqlPassword`, `rolePrefix`, `userPre CALL `account`.`role_sync`; -INSERT INTO `account`.`user`(`id`,`name`, `nickname`, `password`,`role`,`active`,`email`, `lang`, `image`, `bcryptPassword`) - SELECT id, name, CONCAT(name, 'Nick'),MD5('nightmare'), id, 1, CONCAT(name, '@mydomain.com'), 'en', '4fa3ada0-3ac4-11eb-9ab8-27f6fc3b85fd', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2' +INSERT INTO `account`.`user`(`id`,`name`, `nickname`, `role`,`active`,`email`, `lang`, `image`, `password`) + SELECT id, name, CONCAT(name, 'Nick'), id, 1, CONCAT(name, '@mydomain.com'), 'en', '4fa3ada0-3ac4-11eb-9ab8-27f6fc3b85fd', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2' FROM `account`.`role` WHERE id <> 20 ORDER BY id; @@ -98,7 +98,7 @@ INSERT INTO `hedera`.`tpvConfig`(`id`, `currency`, `terminal`, `transactionType` VALUES (1, 978, 1, 0, 2000, 9, 0); -INSERT INTO `account`.`user`(`id`,`name`,`nickname`, `bcryptPassword`, `password`,`role`,`active`,`email`,`lang`, `image`) +INSERT INTO `account`.`user`(`id`,`name`,`nickname`, `password`, `password`,`role`,`active`,`email`,`lang`, `image`) VALUES (1101, 'BruceWayne', 'Bruce Wayne', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 2, 1, 'BruceWayne@mydomain.com', 'es', 'e7723f0b24ff05b32ed09d95196f2f29'), (1102, 'PetterParker', 'Petter Parker', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 2, 1, 'PetterParker@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'), diff --git a/e2e/paths/01-salix/05_changePassword.spec.js b/e2e/paths/01-salix/05_changePassword.spec.js index 969360cc4d..f07b6e18b7 100644 --- a/e2e/paths/01-salix/05_changePassword.spec.js +++ b/e2e/paths/01-salix/05_changePassword.spec.js @@ -18,63 +18,58 @@ fdescribe('ChangePassword path', async() => { const toExpects = []; async function saveExpets(message, expectMessage, expectState) { - console.log(message); - if (!message) message = await page.waitForSnackbar(); + if (!message && expectMessage) message = await page.waitForSnackbar(); if (expectState) - toExpects.push({value: await page.getState(), expected: toExpects.length + expectState}); + toExpects.push({value: await page.getState(), expected: expectState}); if (expectMessage) - toExpects.push({value: message.text, expected: toExpects.length + expectMessage}); - } - - function expects() { - for (let toExpect of toExpects) - expect(toExpect.expected).toContain(toExpect.value); // eslint-disable-line + toExpects.push({value: message.text, expected: expectMessage}); } const oldPassword = 'nightmare'; const newPassword = 'newPass.1234'; describe('Bad login', async() => { it('should receive an error when the password is expired', async() => { - // 0 Expired login + // Expired login await saveExpets(await page.doLogin( - 'maintenance', + 'Maintenance', oldPassword ), 'The password has expired, change it from Salix', 'change-password'); - // 1 Bad attempt: incorrect current password + // Bad attempt: incorrect current password await saveExpets(await page.sendForm($.form, { oldPassword: newPassword, newPassword: oldPassword, repeatPassword: oldPassword }), 'Invalid current password'); - // 2 Bad attempt: password not meet requirements + // Bad attempt: password not meet requirements await saveExpets(await page.sendForm($.form, { oldPassword: oldPassword, newPassword: oldPassword, repeatPassword: oldPassword }), 'Password does not meet requirements'); - // 3 Correct attempt: change password + // Correct attempt: change password await saveExpets(await page.sendForm($.form, { oldPassword: oldPassword, newPassword: newPassword, repeatPassword: newPassword }), 'Password updated!', 'login'); - // 4 Bad login, old password + // Bad login, old password await saveExpets(await page.doLogin( - 'maintenance', + 'Maintenance', oldPassword - ), 'The password has expired, change it from Salix'); + ), 'Invalid login'); - // 5 Correct login, new password + // Correct login, new password await saveExpets(await page.doLogin( - 'maintenance', + 'Maintenance', newPassword - ), null, 'change-password'); + ), null, 'login'); - expects(); + for (let toExpect of toExpects) + expect(toExpect.value).toContain(toExpect.expected); // eslint-disable-line }); }); }); diff --git a/modules/account/back/models/account-config.js b/modules/account/back/models/account-config.js index 265f34275a..db3a3de8af 100644 --- a/modules/account/back/models/account-config.js +++ b/modules/account/back/models/account-config.js @@ -111,7 +111,7 @@ module.exports = Self => { 'sync', 'active', 'created', - 'bcryptPassword', + 'password', 'updated' ], include: [ From edc601fd5df2b231f305147b780b3ad36c5c59b9 Mon Sep 17 00:00:00 2001 From: alexm Date: Wed, 7 Jun 2023 13:34:13 +0200 Subject: [PATCH 15/19] refs #5489 fix(account/sync), fix(order) catalog-search-panel popover --- back/methods/vn-user/recover-password.js | 1 + db/dump/fixtures.sql | 26 +++++++++---------- e2e/paths/01-salix/05_changePassword.spec.js | 2 +- loopback/common/models/vn-model.js | 1 - .../account/specs/change-password.spec.js | 2 +- modules/account/back/methods/account/sync.js | 11 +++++--- modules/account/back/models/account-config.js | 10 +++---- .../order/front/catalog-search-panel/index.js | 4 +-- modules/order/front/catalog/index.html | 26 +++++++++---------- 9 files changed, 43 insertions(+), 40 deletions(-) diff --git a/back/methods/vn-user/recover-password.js b/back/methods/vn-user/recover-password.js index 34f5dd545b..b87bb14d46 100644 --- a/back/methods/vn-user/recover-password.js +++ b/back/methods/vn-user/recover-password.js @@ -24,6 +24,7 @@ module.exports = Self => { fields: ['email'], where: {name: user} }); + if (!account) return; user = account.email; } diff --git a/db/dump/fixtures.sql b/db/dump/fixtures.sql index d4e48c2c53..a81760ff34 100644 --- a/db/dump/fixtures.sql +++ b/db/dump/fixtures.sql @@ -98,20 +98,20 @@ INSERT INTO `hedera`.`tpvConfig`(`id`, `currency`, `terminal`, `transactionType` VALUES (1, 978, 1, 0, 2000, 9, 0); -INSERT INTO `account`.`user`(`id`,`name`,`nickname`, `password`, `password`,`role`,`active`,`email`,`lang`, `image`) +INSERT INTO `account`.`user`(`id`,`name`,`nickname`, `password`,`role`,`active`,`email`,`lang`, `image`) VALUES - (1101, 'BruceWayne', 'Bruce Wayne', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 2, 1, 'BruceWayne@mydomain.com', 'es', 'e7723f0b24ff05b32ed09d95196f2f29'), - (1102, 'PetterParker', 'Petter Parker', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 2, 1, 'PetterParker@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'), - (1103, 'ClarkKent', 'Clark Kent', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 2, 1, 'ClarkKent@mydomain.com', 'fr', 'e7723f0b24ff05b32ed09d95196f2f29'), - (1104, 'TonyStark', 'Tony Stark', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 2, 1, 'TonyStark@mydomain.com', 'es', 'e7723f0b24ff05b32ed09d95196f2f29'), - (1105, 'MaxEisenhardt', 'Max Eisenhardt', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 2, 1, 'MaxEisenhardt@mydomain.com', 'pt', 'e7723f0b24ff05b32ed09d95196f2f29'), - (1106, 'DavidCharlesHaller', 'David Charles Haller', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 1, 1, 'DavidCharlesHaller@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'), - (1107, 'HankPym', 'Hank Pym', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 1, 1, 'HankPym@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'), - (1108, 'CharlesXavier', 'Charles Xavier', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 1, 1, 'CharlesXavier@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'), - (1109, 'BruceBanner', 'Bruce Banner', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 1, 1, 'BruceBanner@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'), - (1110, 'JessicaJones', 'Jessica Jones', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 1, 1, 'JessicaJones@mydomain.com', 'en', NULL), - (1111, 'Missing', 'Missing', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 2, 0, NULL, 'en', NULL), - (1112, 'Trash', 'Trash', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 2, 0, NULL, 'en', NULL); + (1101, 'BruceWayne', 'Bruce Wayne', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'BruceWayne@mydomain.com', 'es', 'e7723f0b24ff05b32ed09d95196f2f29'), + (1102, 'PetterParker', 'Petter Parker', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'PetterParker@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'), + (1103, 'ClarkKent', 'Clark Kent', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'ClarkKent@mydomain.com', 'fr', 'e7723f0b24ff05b32ed09d95196f2f29'), + (1104, 'TonyStark', 'Tony Stark', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'TonyStark@mydomain.com', 'es', 'e7723f0b24ff05b32ed09d95196f2f29'), + (1105, 'MaxEisenhardt', 'Max Eisenhardt', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'MaxEisenhardt@mydomain.com', 'pt', 'e7723f0b24ff05b32ed09d95196f2f29'), + (1106, 'DavidCharlesHaller', 'David Charles Haller', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 1, 1, 'DavidCharlesHaller@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'), + (1107, 'HankPym', 'Hank Pym', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 1, 1, 'HankPym@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'), + (1108, 'CharlesXavier', 'Charles Xavier', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 1, 1, 'CharlesXavier@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'), + (1109, 'BruceBanner', 'Bruce Banner', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 1, 1, 'BruceBanner@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'), + (1110, 'JessicaJones', 'Jessica Jones', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 1, 1, 'JessicaJones@mydomain.com', 'en', NULL), + (1111, 'Missing', 'Missing', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 0, NULL, 'en', NULL), + (1112, 'Trash', 'Trash', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 0, NULL, 'en', NULL); UPDATE account.`user` SET passExpired = DATE_SUB(util.VN_CURDATE(), INTERVAL 1 YEAR) diff --git a/e2e/paths/01-salix/05_changePassword.spec.js b/e2e/paths/01-salix/05_changePassword.spec.js index f07b6e18b7..318e26799c 100644 --- a/e2e/paths/01-salix/05_changePassword.spec.js +++ b/e2e/paths/01-salix/05_changePassword.spec.js @@ -4,7 +4,7 @@ const $ = { form: 'vn-out-layout form' }; -fdescribe('ChangePassword path', async() => { +describe('ChangePassword path', async() => { let browser; let page; beforeAll(async() => { diff --git a/loopback/common/models/vn-model.js b/loopback/common/models/vn-model.js index 37328247bd..d63d1be382 100644 --- a/loopback/common/models/vn-model.js +++ b/loopback/common/models/vn-model.js @@ -2,7 +2,6 @@ const ParameterizedSQL = require('loopback-connector').ParameterizedSQL; const UserError = require('vn-loopback/util/user-error'); const utils = require('loopback/lib/utils'); -const {util} = require('webpack'); module.exports = function(Self) { Self.ParameterizedSQL = ParameterizedSQL; diff --git a/modules/account/back/methods/account/specs/change-password.spec.js b/modules/account/back/methods/account/specs/change-password.spec.js index 0667336f32..0fd6ecbd52 100644 --- a/modules/account/back/methods/account/specs/change-password.spec.js +++ b/modules/account/back/methods/account/specs/change-password.spec.js @@ -9,7 +9,7 @@ describe('account changePassword()', () => { error = e.message; } - expect(error).toContain('Invalid password'); + expect(error).toContain('Invalid current password'); }); it('should change password', async() => { diff --git a/modules/account/back/methods/account/sync.js b/modules/account/back/methods/account/sync.js index 95454a6006..a5befc22c5 100644 --- a/modules/account/back/methods/account/sync.js +++ b/modules/account/back/methods/account/sync.js @@ -25,16 +25,21 @@ module.exports = Self => { }); Self.sync = async function(userName, password, force, options) { + const myOptions = {}; + + if (typeof options == 'object') + Object.assign(myOptions, options); + const models = Self.app.models; const user = await models.VnUser.findOne({ fields: ['id'], where: {name: userName} - }, options); - const isSync = !await models.UserSync.exists(userName, options); + }, myOptions); + const isSync = !await models.UserSync.exists(userName, myOptions); if (!force && isSync && user) return; await models.AccountConfig.syncUser(userName, password); - await models.UserSync.destroyById(userName, options); + await models.UserSync.destroyById(userName, myOptions); }; }; diff --git a/modules/account/back/models/account-config.js b/modules/account/back/models/account-config.js index db3a3de8af..0db699b99f 100644 --- a/modules/account/back/models/account-config.js +++ b/modules/account/back/models/account-config.js @@ -1,5 +1,5 @@ -const app = require('vn-loopback/server/server'); +const models = require('vn-loopback/server/server').models; module.exports = Self => { Object.assign(Self, { @@ -63,7 +63,7 @@ module.exports = Self => { Object.assign(Self.prototype, { async synchronizerInit() { - let mailConfig = await app.models.MailConfig.findOne({ + let mailConfig = await models.MailConfig.findOne({ fields: ['domain'] }); @@ -91,8 +91,6 @@ module.exports = Self => { }, async synchronizerSyncUser(userName, password, syncGroups) { - let $ = app.models; - if (!userName) return; userName = userName.toLowerCase(); @@ -100,7 +98,7 @@ module.exports = Self => { if (['administrator', 'root'].indexOf(userName) >= 0) return; - let user = await $.VnUser.findOne({ + let user = await models.VnUser.findOne({ where: {name: userName}, fields: [ 'id', @@ -138,7 +136,7 @@ module.exports = Self => { }; if (user) { - let exists = await $.Account.exists(user.id); + let exists = await models.Account.exists(user.id); Object.assign(info, { hasAccount: user.active && exists, corporateMail: `${userName}@${this.domain}`, diff --git a/modules/order/front/catalog-search-panel/index.js b/modules/order/front/catalog-search-panel/index.js index ed0af1d6e0..21c0c50fa0 100644 --- a/modules/order/front/catalog-search-panel/index.js +++ b/modules/order/front/catalog-search-panel/index.js @@ -23,7 +23,7 @@ class Controller extends SearchPanel { addValue() { this.filter.values.push({}); - setTimeout(() => this.popover.relocate()); + setTimeout(() => this.parentPopover.relocate()); } changeTag() { @@ -36,7 +36,7 @@ ngModule.vnComponent('vnOrderCatalogSearchPanel', { controller: Controller, bindings: { onSubmit: '&?', - popover: ' @@ -31,7 +31,7 @@ label="Category"> - - @@ -104,20 +104,20 @@ on-close="$ctrl.onPopoverClose()">
- + class="colored"> Id: {{$ctrl.itemId}} - {{$ctrl.itemName}}
- + class="colored"> {{category.selection.name}} - + class="colored"> {{type.selection.name}} + class="colored">
{{::tagGroup.tagSelection.name}}: @@ -163,4 +163,4 @@
- \ No newline at end of file + From 60024f845497ac90a5ef5a439da1d4e7350340ee Mon Sep 17 00:00:00 2001 From: alexm Date: Wed, 7 Jun 2023 13:44:52 +0200 Subject: [PATCH 16/19] typo --- e2e/paths/06-claim/05_summary.spec.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/e2e/paths/06-claim/05_summary.spec.js b/e2e/paths/06-claim/05_summary.spec.js index 46c208723b..b67c665aeb 100644 --- a/e2e/paths/06-claim/05_summary.spec.js +++ b/e2e/paths/06-claim/05_summary.spec.js @@ -53,7 +53,7 @@ describe('Claim summary path', () => { await page.evaluate(selectors => { document.querySelector(selectors).scrollIntoView(); }, firstItem); - await page.waitToClick(firstItem, true); + await page.waitToClick(firstItem); await page.waitImgLoad(selectors.claimSummary.firstSaleDescriptorImage); const visible = await page.isVisible(selectors.claimSummary.itemDescriptorPopover); From f797cc17615faa129e1780f658144bcf594d6ebb Mon Sep 17 00:00:00 2001 From: alexm Date: Fri, 9 Jun 2023 08:31:05 +0200 Subject: [PATCH 17/19] refs #5489 refactor e2e --- e2e/paths/01-salix/05_changePassword.spec.js | 54 +++++++++----------- 1 file changed, 25 insertions(+), 29 deletions(-) diff --git a/e2e/paths/01-salix/05_changePassword.spec.js b/e2e/paths/01-salix/05_changePassword.spec.js index 318e26799c..6e4cfb7f38 100644 --- a/e2e/paths/01-salix/05_changePassword.spec.js +++ b/e2e/paths/01-salix/05_changePassword.spec.js @@ -16,60 +16,56 @@ describe('ChangePassword path', async() => { await browser.close(); }); - const toExpects = []; - async function saveExpets(message, expectMessage, expectState) { - if (!message && expectMessage) message = await page.waitForSnackbar(); - if (expectState) - toExpects.push({value: await page.getState(), expected: expectState}); - if (expectMessage) - toExpects.push({value: message.text, expected: expectMessage}); - } - const oldPassword = 'nightmare'; const newPassword = 'newPass.1234'; describe('Bad login', async() => { it('should receive an error when the password is expired', async() => { // Expired login - await saveExpets(await page.doLogin( - 'Maintenance', - oldPassword - ), 'The password has expired, change it from Salix', 'change-password'); + await page.doLogin('Maintenance', oldPassword); + let message = await page.waitForSnackbar(); + + expect(message.text).toContain('The password has expired, change it from Salix'); + expect(await page.getState()).toContain('change-password'); // Bad attempt: incorrect current password - await saveExpets(await page.sendForm($.form, { + message = await page.sendForm($.form, { oldPassword: newPassword, newPassword: oldPassword, repeatPassword: oldPassword - }), 'Invalid current password'); + }); + + expect(message.text).toContain('Invalid current password'); // Bad attempt: password not meet requirements - await saveExpets(await page.sendForm($.form, { + message = await page.sendForm($.form, { oldPassword: oldPassword, newPassword: oldPassword, repeatPassword: oldPassword - }), 'Password does not meet requirements'); + }); + + expect(message.text).toContain('Password does not meet requirements'); // Correct attempt: change password - await saveExpets(await page.sendForm($.form, { + message = await page.sendForm($.form, { oldPassword: oldPassword, newPassword: newPassword, repeatPassword: newPassword - }), 'Password updated!', 'login'); + }); + + expect(message.text).toContain('Password updated!'); + expect(await page.getState()).toContain('login'); // Bad login, old password - await saveExpets(await page.doLogin( - 'Maintenance', - oldPassword - ), 'Invalid login'); + await page.doLogin('Maintenance', oldPassword); + message = await page.waitForSnackbar(); + + expect(message.text).toContain('Invalid login'); // Correct login, new password - await saveExpets(await page.doLogin( - 'Maintenance', - newPassword - ), null, 'login'); + await page.doLogin('Maintenance', newPassword); + await page.waitForSelector('vn-home'); - for (let toExpect of toExpects) - expect(toExpect.value).toContain(toExpect.expected); // eslint-disable-line + expect(await page.getState()).toBe('home'); }); }); }); From 5c1b867d0537b521125fcf3823a6e9f4b543e27d Mon Sep 17 00:00:00 2001 From: alexm Date: Mon, 12 Jun 2023 10:46:21 +0200 Subject: [PATCH 18/19] WIP: d735f142a Merge branch 'dev' into 5472-user_passExpired --- back/methods/collection/newCollection.js | 12 +- back/methods/edi/updateData.js | 350 +++++++++--------- back/models/vn-user.js | 1 + loopback/common/models/vn-model.js | 44 ++- .../back/methods/account/change-password.js | 2 +- .../importToNewRefundTicket.js | 2 +- .../back/methods/client/confirmTransaction.js | 2 +- .../methods/client/consumptionSendQueued.js | 6 +- .../back/methods/client/createReceipt.js | 2 +- modules/client/back/methods/client/filter.js | 4 +- modules/client/back/methods/client/getCard.js | 6 +- modules/client/back/methods/client/getDebt.js | 6 +- .../back/methods/client/specs/getCard.spec.js | 3 +- .../back/methods/client/specs/getDebt.spec.js | 3 +- .../back/methods/client/specs/summary.spec.js | 15 +- modules/client/back/methods/client/summary.js | 6 +- .../back/methods/tpv-transaction/confirm.js | 6 +- .../back/methods/tpv-transaction/end.js | 2 +- .../back/methods/tpv-transaction/start.js | 2 +- .../entry/back/methods/entry/importBuys.js | 4 +- .../back/methods/invoice-in/toBook.js | 2 +- .../back/methods/invoiceOut/book.js | 6 +- .../methods/invoiceOut/clientsToInvoice.js | 2 +- .../methods/invoiceOut/createManualInvoice.js | 2 +- .../back/methods/invoiceOut/invoiceClient.js | 2 +- .../back/methods/invoiceOut/refund.js | 6 +- .../methods/invoiceOut/specs/book.spec.js | 3 +- .../methods/invoiceOut/specs/refund.spec.js | 3 +- modules/item/back/methods/item/getBalance.js | 6 +- modules/item/back/methods/item/new.js | 6 +- .../methods/item/specs/getBalance.spec.js | 7 +- .../item/back/methods/item/specs/new.spec.js | 3 +- .../back/methods/order-row/addToOrder.js | 6 +- .../order-row/specs/addToOrder.spec.js | 3 +- modules/order/back/methods/order/confirm.js | 2 +- modules/order/back/methods/order/new.js | 6 +- .../order/back/methods/order/newFromTicket.js | 6 +- .../back/methods/order/specs/new.spec.js | 5 +- .../methods/order/specs/newFromTicket.spec.js | 3 +- .../methods/agency-term/createInvoiceIn.js | 6 +- .../agency-term/specs/createInvoiceIn.spec.js | 3 +- .../route/back/methods/route/guessPriority.js | 2 +- .../route/back/methods/route/updateVolume.js | 2 +- .../back/methods/sale/recalculatePrice.js | 2 +- modules/ticket/back/methods/sale/refund.js | 6 +- .../back/methods/sale/specs/refund.spec.js | 7 +- .../back/methods/sale/specs/reserve.spec.js | 4 +- .../ticket/back/methods/sale/updatePrice.js | 2 +- modules/ticket/back/methods/sale/usesMana.js | 2 +- .../back/methods/ticket-request/confirm.js | 2 +- modules/ticket/back/methods/ticket/addSale.js | 2 +- .../ticket/back/methods/ticket/closeAll.js | 8 +- modules/ticket/back/methods/ticket/closure.js | 29 +- .../back/methods/ticket/componentUpdate.js | 2 +- .../ticket/back/methods/ticket/getSales.js | 6 +- .../ticket/back/methods/ticket/makeInvoice.js | 2 +- modules/ticket/back/methods/ticket/new.js | 6 +- .../back/methods/ticket/priceDifference.js | 2 +- .../methods/ticket/recalculateComponents.js | 2 +- modules/ticket/back/methods/ticket/refund.js | 6 +- .../ticket/back/methods/ticket/saveSign.js | 2 +- .../ticket/back/methods/ticket/setDeleted.js | 2 +- .../methods/ticket/specs/getSales.spec.js | 3 +- .../back/methods/ticket/specs/summary.spec.js | 9 +- .../ticket/specs/transferSales.spec.js | 16 +- modules/ticket/back/methods/ticket/summary.js | 6 +- .../back/methods/ticket/transferSales.js | 2 +- .../back/methods/ticket/updateDiscount.js | 2 +- .../methods/thermograph/createThermograph.js | 6 +- .../specs/createThermograph.spec.js | 7 +- .../back/methods/travel/deleteThermograph.js | 6 +- .../back/methods/department/getLeaves.js | 7 +- .../worker-time-control/addTimeEntry.js | 6 +- .../worker-time-control/deleteTimeEntry.js | 6 +- .../methods/worker-time-control/sendMail.js | 2 +- modules/worker/back/methods/worker/new.js | 2 +- .../back/methods/worker/specs/new.spec.js | 18 +- .../agency/getAgenciesWithWarehouse.js | 6 +- .../zone/back/methods/agency/landsThatDay.js | 6 +- .../specs/getAgenciesWithWarehouse.spec.js | 5 +- .../methods/agency/specs/landsThatDay.spec.js | 3 +- modules/zone/back/methods/zone/deleteZone.js | 2 +- modules/zone/back/methods/zone/getEvents.js | 6 +- modules/zone/back/methods/zone/getLeaves.js | 6 +- .../methods/zone/getUpcomingDeliveries.js | 6 +- .../back/methods/zone/specs/getEvents.spec.js | 3 +- .../back/methods/zone/specs/getLeaves.spec.js | 3 +- .../zone/specs/getUpcomingDeliveries.spec.js | 3 +- 88 files changed, 440 insertions(+), 371 deletions(-) diff --git a/back/methods/collection/newCollection.js b/back/methods/collection/newCollection.js index 31e419b674..2be9f8b0ef 100644 --- a/back/methods/collection/newCollection.js +++ b/back/methods/collection/newCollection.js @@ -30,11 +30,11 @@ module.exports = Self => { Self.newCollection = async(ctx, collectionFk, sectorFk, vWagons) => { let query = ''; + const userId = ctx.req.accessToken.userId; if (!collectionFk) { - const userId = ctx.req.accessToken.userId; query = `CALL vn.collectionTrain_newBeta(?,?,?)`; - const [result] = await Self.rawSql(query, [sectorFk, vWagons, userId]); + const [result] = await Self.rawSql(query, [sectorFk, vWagons, userId], {userId}); if (result.length == 0) throw new Error(`No collections for today`); @@ -42,16 +42,16 @@ module.exports = Self => { } query = `CALL vn.collectionTicket_get(?)`; - const [tickets] = await Self.rawSql(query, [collectionFk]); + const [tickets] = await Self.rawSql(query, [collectionFk], {userId}); query = `CALL vn.collectionSale_get(?)`; - const [sales] = await Self.rawSql(query, [collectionFk]); + const [sales] = await Self.rawSql(query, [collectionFk], {userId}); query = `CALL vn.collectionPlacement_get(?)`; - const [placements] = await Self.rawSql(query, [collectionFk]); + const [placements] = await Self.rawSql(query, [collectionFk], {userId}); query = `CALL vn.collectionSticker_print(?,?)`; - await Self.rawSql(query, [collectionFk, sectorFk]); + await Self.rawSql(query, [collectionFk, sectorFk], {userId}); return makeCollection(tickets, sales, placements, collectionFk); }; diff --git a/back/methods/edi/updateData.js b/back/methods/edi/updateData.js index 1057be39b7..10c81a7958 100644 --- a/back/methods/edi/updateData.js +++ b/back/methods/edi/updateData.js @@ -3,237 +3,237 @@ const path = require('path'); const fs = require('fs-extra'); module.exports = Self => { - Self.remoteMethodCtx('updateData', { - description: 'Updates schema data from external provider', - accessType: 'WRITE', - returns: { - type: 'object', - root: true - }, - http: { - path: `/updateData`, - verb: 'POST' - } - }); + Self.remoteMethodCtx('updateData', { + description: 'Updates schema data from external provider', + accessType: 'WRITE', + returns: { + type: 'object', + root: true + }, + http: { + path: `/updateData`, + verb: 'POST' + } + }); - Self.updateData = async() => { - const models = Self.app.models; + Self.updateData = async ctx => { + const models = Self.app.models; - // Get files checksum - const tx = await Self.beginTransaction({}); + // Get files checksum + const tx = await Self.beginTransaction({}); - try { - const options = {transaction: tx}; - const files = await Self.rawSql('SELECT name, checksum, keyValue FROM edi.fileConfig', null, options); + try { + const options = {transaction: tx, userId: ctx.req.accessToken.userId}; + const files = await Self.rawSql('SELECT name, checksum, keyValue FROM edi.fileConfig', null, options); - const updatableFiles = []; - for (const file of files) { - const fileChecksum = await getChecksum(file); + const updatableFiles = []; + for (const file of files) { + const fileChecksum = await getChecksum(file); - if (file.checksum != fileChecksum) { - updatableFiles.push({ - name: file.name, - checksum: fileChecksum - }); - } else - console.debug(`File already updated, skipping...`); - } + if (file.checksum != fileChecksum) { + updatableFiles.push({ + name: file.name, + checksum: fileChecksum + }); + } else + console.debug(`File already updated, skipping...`); + } - if (updatableFiles.length === 0) - return false; + if (updatableFiles.length === 0) + return false; - // Download files - const container = await models.TempContainer.container('edi'); - const tempPath = path.join(container.client.root, container.name); + // Download files + const container = await models.TempContainer.container('edi'); + const tempPath = path.join(container.client.root, container.name); - let remoteFile; - let tempDir; - let tempFile; + let remoteFile; + let tempDir; + let tempFile; - const fileNames = updatableFiles.map(file => file.name); + const fileNames = updatableFiles.map(file => file.name); - const tables = await Self.rawSql(` + const tables = await Self.rawSql(` SELECT fileName, toTable, file FROM edi.tableConfig WHERE file IN (?)`, [fileNames], options); - for (const table of tables) { - const fileName = table.file; + for (const table of tables) { + const fileName = table.file; - remoteFile = `codes/${fileName}.ZIP`; - tempDir = `${tempPath}/${fileName}`; - tempFile = `${tempPath}/${fileName}.zip`; + remoteFile = `codes/${fileName}.ZIP`; + tempDir = `${tempPath}/${fileName}`; + tempFile = `${tempPath}/${fileName}.zip`; - try { - await fs.readFile(tempFile); - } catch (error) { - if (error.code === 'ENOENT') { - console.debug(`Downloading file ${fileName}...`); - const downloadOutput = await downloadFile(remoteFile, tempFile); - if (downloadOutput.error) - continue; - } - } + try { + await fs.readFile(tempFile); + } catch (error) { + if (error.code === 'ENOENT') { + console.debug(`Downloading file ${fileName}...`); + const downloadOutput = await downloadFile(remoteFile, tempFile); + if (downloadOutput.error) + continue; + } + } - await extractFile(fileName, tempFile, tempDir); + await extractFile(fileName, tempFile, tempDir); - console.debug(`Updating table ${table.toTable}...`); - await dumpData(tempDir, table, options); - } + console.debug(`Updating table ${table.toTable}...`); + await dumpData(tempDir, table, options); + } - // Update files checksum - for (const file of updatableFiles) { - console.log(`Updating file ${file.name} checksum...`); - await Self.rawSql(` + // Update files checksum + for (const file of updatableFiles) { + console.log(`Updating file ${file.name} checksum...`); + await Self.rawSql(` UPDATE edi.fileConfig SET checksum = ? WHERE name = ?`, - [file.checksum, file.name], options); - } + [file.checksum, file.name], options); + } - await tx.commit(); + await tx.commit(); - // Clean files - try { - console.debug(`Cleaning files...`); - await fs.remove(tempPath); - } catch (error) { - if (error.code !== 'ENOENT') - throw e; - } + // Clean files + try { + console.debug(`Cleaning files...`); + await fs.remove(tempPath); + } catch (error) { + if (error.code !== 'ENOENT') + throw e; + } - return true; - } catch (error) { - await tx.rollback(); - throw error; - } - }; + return true; + } catch (error) { + await tx.rollback(); + throw error; + } + }; - let ftpClient; - async function getFtpClient() { - if (!ftpClient) { - const [ftpConfig] = await Self.rawSql('SELECT host, user, password FROM edi.ftpConfig'); - console.debug(`Openning FTP connection to ${ftpConfig.host}...\n`); + let ftpClient; + async function getFtpClient() { + if (!ftpClient) { + const [ftpConfig] = await Self.rawSql('SELECT host, user, password FROM edi.ftpConfig'); + console.debug(`Openning FTP connection to ${ftpConfig.host}...\n`); - const FtpClient = require('ftps'); + const FtpClient = require('ftps'); - ftpClient = new FtpClient({ - host: ftpConfig.host, - username: ftpConfig.user, - password: ftpConfig.password, - procotol: 'ftp', - additionalLftpCommands: 'set ssl:verify-certificate no' - }); - } + ftpClient = new FtpClient({ + host: ftpConfig.host, + username: ftpConfig.user, + password: ftpConfig.password, + procotol: 'ftp', + additionalLftpCommands: 'set ssl:verify-certificate no' + }); + } - return ftpClient; - } + return ftpClient; + } - async function getChecksum(file) { - const ftpClient = await getFtpClient(); - console.debug(`Checking checksum for file ${file.name}...`); + async function getChecksum(file) { + const ftpClient = await getFtpClient(); + console.debug(`Checking checksum for file ${file.name}...`); - ftpClient.cat(`codes/${file.name}.TXT`); + ftpClient.cat(`codes/${file.name}.TXT`); - const response = await new Promise((resolve, reject) => { - ftpClient.exec((err, response) => { - if (err || response.error) { - console.debug(`Error downloading checksum file... ${response.error}`); - return reject(err); - } + const response = await new Promise((resolve, reject) => { + ftpClient.exec((err, response) => { + if (err || response.error) { + console.debug(`Error downloading checksum file... ${response.error}`); + return reject(err); + } - resolve(response); - }); - }); + resolve(response); + }); + }); - if (response && response.data) { - const fileContents = response.data; - const rows = fileContents.split('\n'); - const row = rows[4]; - const columns = row.split(/\s+/); + if (response && response.data) { + const fileContents = response.data; + const rows = fileContents.split('\n'); + const row = rows[4]; + const columns = row.split(/\s+/); - let fileChecksum; - if (file.keyValue) - fileChecksum = columns[1]; + let fileChecksum; + if (file.keyValue) + fileChecksum = columns[1]; - if (!file.keyValue) - fileChecksum = columns[0]; + if (!file.keyValue) + fileChecksum = columns[0]; - return fileChecksum; - } - } + return fileChecksum; + } + } - async function downloadFile(remoteFile, tempFile) { - const ftpClient = await getFtpClient(); + async function downloadFile(remoteFile, tempFile) { + const ftpClient = await getFtpClient(); - ftpClient.get(remoteFile, tempFile); + ftpClient.get(remoteFile, tempFile); - return new Promise((resolve, reject) => { - ftpClient.exec((err, response) => { - if (err || response.error) { - console.debug(`Error downloading file... ${response.error}`); - return reject(err); - } + return new Promise((resolve, reject) => { + ftpClient.exec((err, response) => { + if (err || response.error) { + console.debug(`Error downloading file... ${response.error}`); + return reject(err); + } - resolve(response); - }); - }); - } + resolve(response); + }); + }); + } - async function extractFile(fileName, tempFile, tempDir) { - const JSZip = require('jszip'); + async function extractFile(fileName, tempFile, tempDir) { + const JSZip = require('jszip'); - try { - await fs.mkdir(tempDir); - console.debug(`Extracting file ${fileName}...`); - } catch (error) { - if (error.code !== 'EEXIST') - throw e; - } + try { + await fs.mkdir(tempDir); + console.debug(`Extracting file ${fileName}...`); + } catch (error) { + if (error.code !== 'EEXIST') + throw e; + } - const fileStream = await fs.readFile(tempFile); - if (fileStream) { - const zip = new JSZip(); - const zipContents = await zip.loadAsync(fileStream); + const fileStream = await fs.readFile(tempFile); + if (fileStream) { + const zip = new JSZip(); + const zipContents = await zip.loadAsync(fileStream); - if (!zipContents) return; + if (!zipContents) return; - const fileNames = Object.keys(zipContents.files); + const fileNames = Object.keys(zipContents.files); - for (const fileName of fileNames) { - const fileContent = await zip.file(fileName).async('nodebuffer'); - const dest = path.join(tempDir, fileName); - await fs.writeFile(dest, fileContent); - } - } - } + for (const fileName of fileNames) { + const fileContent = await zip.file(fileName).async('nodebuffer'); + const dest = path.join(tempDir, fileName); + await fs.writeFile(dest, fileContent); + } + } + } - async function dumpData(tempDir, table, options) { - const toTable = table.toTable; - const baseName = table.fileName; + async function dumpData(tempDir, table, options) { + const toTable = table.toTable; + const baseName = table.fileName; - console.log(`Emptying table ${toTable}...`); - const tableName = `edi.${toTable}`; - await Self.rawSql(`DELETE FROM ??`, [tableName]); + console.log(`Emptying table ${toTable}...`); + const tableName = `edi.${toTable}`; + await Self.rawSql(`DELETE FROM ??`, [tableName]); - const dirFiles = await fs.readdir(tempDir); - const files = dirFiles.filter(file => file.startsWith(baseName)); + const dirFiles = await fs.readdir(tempDir); + const files = dirFiles.filter(file => file.startsWith(baseName)); - for (const file of files) { - console.log(`Dumping data from file ${file}...`); + for (const file of files) { + console.log(`Dumping data from file ${file}...`); - const templatePath = path.join(__dirname, `./sql/${toTable}.sql`); - const sqlTemplate = await fs.readFile(templatePath, 'utf8'); - const filePath = path.join(tempDir, file); + const templatePath = path.join(__dirname, `./sql/${toTable}.sql`); + const sqlTemplate = await fs.readFile(templatePath, 'utf8'); + const filePath = path.join(tempDir, file); - await Self.rawSql(sqlTemplate, [filePath], options); - await Self.rawSql(` + await Self.rawSql(sqlTemplate, [filePath], options); + await Self.rawSql(` UPDATE edi.tableConfig SET updated = ? WHERE fileName = ? `, [Date.vnNew(), baseName], options); - } + } - console.log(`Updated table ${toTable}\n`); - } + console.log(`Updated table ${toTable}\n`); + } }; diff --git a/back/models/vn-user.js b/back/models/vn-user.js index fb32793539..bf568e85c7 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -110,6 +110,7 @@ module.exports = function(Self) { const _setPassword = Self.prototype.setPassword; Self.prototype.setPassword = async function(newPassword, options, cb) { + console.log('ENTRY'); if (cb === undefined && typeof options === 'function') { cb = options; options = undefined; diff --git a/loopback/common/models/vn-model.js b/loopback/common/models/vn-model.js index d63d1be382..f92e1ea09e 100644 --- a/loopback/common/models/vn-model.js +++ b/loopback/common/models/vn-model.js @@ -195,8 +195,48 @@ module.exports = function(Self) { /* * Shortcut to VnMySQL.executeP() */ - rawSql(query, params, options, cb) { - return this.dataSource.connector.executeP(query, params, options, cb); + async rawSql(query, params, options) { + const userId = options?.userId; + const connector = this.dataSource.connector; + let conn; + let res; + const opts = Object.assign({}, options); + + try { + if (userId) { + conn = await new Promise((resolve, reject) => { + connector.client.getConnection(function(err, conn) { + if (err) + reject(err); + else + resolve(conn); + }); + }); + + const opts = Object.assign({}, options); + if (!opts.transaction) { + opts.transaction = { + connection: conn, + connector + }; + } + + await connector.executeP( + 'CALL account.myUser_loginWithName((SELECT name FROM account.user WHERE id = ?))', + [userId], opts + ); + } + + res = await connector.executeP(query, params, opts); + + if (userId) { + await connector.executeP('CALL account.myUser_logout()', null, opts); + } + } finally { + if (conn) conn.release(); + } + + return res; }, /* diff --git a/modules/account/back/methods/account/change-password.js b/modules/account/back/methods/account/change-password.js index c6f08a232a..c5372d9771 100644 --- a/modules/account/back/methods/account/change-password.js +++ b/modules/account/back/methods/account/change-password.js @@ -1,6 +1,6 @@ module.exports = Self => { - Self.remoteMethod('changePassword', { + Self.remoteMethodCtx('changePassword', { description: 'Changes the user password', accessType: 'WRITE', accepts: [ diff --git a/modules/claim/back/methods/claim-beginning/importToNewRefundTicket.js b/modules/claim/back/methods/claim-beginning/importToNewRefundTicket.js index 83043f012f..cdf3fc2c38 100644 --- a/modules/claim/back/methods/claim-beginning/importToNewRefundTicket.js +++ b/modules/claim/back/methods/claim-beginning/importToNewRefundTicket.js @@ -63,7 +63,7 @@ module.exports = Self => { }; let tx; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/client/back/methods/client/confirmTransaction.js b/modules/client/back/methods/client/confirmTransaction.js index a1969d6fd7..fcb33c4ca5 100644 --- a/modules/client/back/methods/client/confirmTransaction.js +++ b/modules/client/back/methods/client/confirmTransaction.js @@ -23,7 +23,7 @@ module.exports = Self => { const userId = ctx.req.accessToken.userId; let tx; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/client/back/methods/client/consumptionSendQueued.js b/modules/client/back/methods/client/consumptionSendQueued.js index 07b5fb57b0..a7081c5503 100644 --- a/modules/client/back/methods/client/consumptionSendQueued.js +++ b/modules/client/back/methods/client/consumptionSendQueued.js @@ -1,7 +1,7 @@ const {Email} = require('vn-print'); module.exports = Self => { - Self.remoteMethod('consumptionSendQueued', { + Self.remoteMethodCtx('consumptionSendQueued', { description: 'Send all queued invoices', accessType: 'WRITE', accepts: [], @@ -15,7 +15,7 @@ module.exports = Self => { } }); - Self.consumptionSendQueued = async() => { + Self.consumptionSendQueued = async ctx => { const queues = await Self.rawSql(` SELECT id, @@ -68,7 +68,7 @@ module.exports = Self => { SET status = 'printed', printed = ? WHERE id = ?`, - [Date.vnNew(), queue.id]); + [Date.vnNew(), queue.id], {userId: ctx.req.accessToken.userId}); } catch (error) { await Self.rawSql(` UPDATE clientConsumptionQueue diff --git a/modules/client/back/methods/client/createReceipt.js b/modules/client/back/methods/client/createReceipt.js index cb032270a4..b70b9bbe00 100644 --- a/modules/client/back/methods/client/createReceipt.js +++ b/modules/client/back/methods/client/createReceipt.js @@ -55,7 +55,7 @@ module.exports = function(Self) { date.setHours(0, 0, 0, 0); let tx; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/client/back/methods/client/filter.js b/modules/client/back/methods/client/filter.js index 1ae569fd37..3bf29501b7 100644 --- a/modules/client/back/methods/client/filter.js +++ b/modules/client/back/methods/client/filter.js @@ -72,7 +72,7 @@ module.exports = Self => { Self.filter = async(ctx, filter, options) => { const conn = Self.dataSource.connector; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; const postalCode = []; const args = ctx.args; @@ -120,7 +120,7 @@ module.exports = Self => { const stmts = []; const stmt = new ParameterizedSQL( - `SELECT + `SELECT DISTINCT c.id, c.name, c.fi, diff --git a/modules/client/back/methods/client/getCard.js b/modules/client/back/methods/client/getCard.js index 48840b036a..10e6f7adf6 100644 --- a/modules/client/back/methods/client/getCard.js +++ b/modules/client/back/methods/client/getCard.js @@ -1,5 +1,5 @@ module.exports = function(Self) { - Self.remoteMethod('getCard', { + Self.remoteMethodCtx('getCard', { description: 'Get client basic data and debt', accepts: { arg: 'id', @@ -18,8 +18,8 @@ module.exports = function(Self) { } }); - Self.getCard = async(id, options) => { - const myOptions = {}; + Self.getCard = async(ctx, id, options) => { + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/client/back/methods/client/getDebt.js b/modules/client/back/methods/client/getDebt.js index 859746083f..6ed59684bd 100644 --- a/modules/client/back/methods/client/getDebt.js +++ b/modules/client/back/methods/client/getDebt.js @@ -1,5 +1,5 @@ module.exports = Self => { - Self.remoteMethod('getDebt', { + Self.remoteMethodCtx('getDebt', { description: 'Returns the boolean debt of a client', accessType: 'READ', accepts: [{ @@ -19,8 +19,8 @@ module.exports = Self => { } }); - Self.getDebt = async(clientFk, options) => { - const myOptions = {}; + Self.getDebt = async(ctx, clientFk, options) => { + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/client/back/methods/client/specs/getCard.spec.js b/modules/client/back/methods/client/specs/getCard.spec.js index e713c9883c..962e0a2d44 100644 --- a/modules/client/back/methods/client/specs/getCard.spec.js +++ b/modules/client/back/methods/client/specs/getCard.spec.js @@ -5,10 +5,11 @@ describe('Client getCard()', () => { const tx = await models.Client.beginTransaction({}); try { + const ctx = {req: {accessToken: {userId: 9}}}; const options = {transaction: tx}; const id = 1101; - const result = await models.Client.getCard(id, options); + const result = await models.Client.getCard(ctx, id, options); expect(result.id).toEqual(id); expect(result.name).toEqual('Bruce Wayne'); diff --git a/modules/client/back/methods/client/specs/getDebt.spec.js b/modules/client/back/methods/client/specs/getDebt.spec.js index 471d45a6d3..b3b5286c08 100644 --- a/modules/client/back/methods/client/specs/getDebt.spec.js +++ b/modules/client/back/methods/client/specs/getDebt.spec.js @@ -3,11 +3,12 @@ const models = require('vn-loopback/server/server').models; describe('client getDebt()', () => { it('should return the client debt', async() => { const tx = await models.Client.beginTransaction({}); + const ctx = {req: {accessToken: {userId: 9}}}; try { const options = {transaction: tx}; - const result = await models.Client.getDebt(1101, options); + const result = await models.Client.getDebt(ctx, 1101, options); expect(result.debt).toEqual(jasmine.any(Number)); diff --git a/modules/client/back/methods/client/specs/summary.spec.js b/modules/client/back/methods/client/specs/summary.spec.js index f2d576e39c..227f4c398b 100644 --- a/modules/client/back/methods/client/specs/summary.spec.js +++ b/modules/client/back/methods/client/specs/summary.spec.js @@ -1,6 +1,7 @@ const models = require('vn-loopback/server/server').models; describe('client summary()', () => { + const ctx = {req: {accessToken: {userId: 9}}}; it('should return a summary object containing data', async() => { const clientId = 1101; const tx = await models.Client.beginTransaction({}); @@ -8,7 +9,7 @@ describe('client summary()', () => { try { const options = {transaction: tx}; - const result = await models.Client.summary(clientId, options); + const result = await models.Client.summary(ctx, clientId, options); expect(result.id).toEqual(clientId); expect(result.name).toEqual('Bruce Wayne'); @@ -27,7 +28,7 @@ describe('client summary()', () => { try { const options = {transaction: tx}; - const result = await models.Client.summary(clientId, options); + const result = await models.Client.summary(ctx, clientId, options); expect(result.mana.mana).toEqual(0.34); @@ -45,7 +46,7 @@ describe('client summary()', () => { try { const options = {transaction: tx}; - const result = await models.Client.summary(clientId, options); + const result = await models.Client.summary(ctx, clientId, options); expect(result.debt.debt).toEqual(jasmine.any(Number)); @@ -63,7 +64,7 @@ describe('client summary()', () => { try { const options = {transaction: tx}; - const result = await models.Client.summary(clientId, options); + const result = await models.Client.summary(ctx, clientId, options); expect(result.averageInvoiced.invoiced).toEqual(1500); @@ -81,7 +82,7 @@ describe('client summary()', () => { try { const options = {transaction: tx}; - const result = await models.Client.summary(clientId, options); + const result = await models.Client.summary(ctx, clientId, options); expect(result.totalGreuge).toEqual(203.71); @@ -99,7 +100,7 @@ describe('client summary()', () => { try { const options = {transaction: tx}; - const result = await models.Client.summary(clientId, options); + const result = await models.Client.summary(ctx, clientId, options); expect(result.recovery).toEqual(null); @@ -117,7 +118,7 @@ describe('client summary()', () => { try { const options = {transaction: tx}; - const result = await models.Client.summary(clientId, options); + const result = await models.Client.summary(ctx, clientId, options); expect(result.recovery.id).toEqual(3); await tx.rollback(); diff --git a/modules/client/back/methods/client/summary.js b/modules/client/back/methods/client/summary.js index 7dab1f68b6..8de887b47a 100644 --- a/modules/client/back/methods/client/summary.js +++ b/modules/client/back/methods/client/summary.js @@ -1,5 +1,5 @@ module.exports = Self => { - Self.remoteMethod('summary', { + Self.remoteMethodCtx('summary', { description: 'Returns a client summary', accessType: 'READ', accepts: [{ @@ -19,7 +19,7 @@ module.exports = Self => { } }); - Self.summary = async(clientFk, options) => { + Self.summary = async(ctx, clientFk, options) => { const models = Self.app.models; const myOptions = {}; @@ -28,7 +28,7 @@ module.exports = Self => { const summaryObj = await getSummary(models.Client, clientFk, myOptions); summaryObj.mana = await models.Client.getMana(clientFk, myOptions); - summaryObj.debt = await models.Client.getDebt(clientFk, myOptions); + summaryObj.debt = await models.Client.getDebt(ctx, clientFk, myOptions); summaryObj.averageInvoiced = await models.Client.getAverageInvoiced(clientFk, myOptions); summaryObj.totalGreuge = await models.Greuge.sumAmount(clientFk, myOptions); summaryObj.recovery = await getRecoveries(models.Recovery, clientFk, myOptions); diff --git a/modules/client/back/methods/tpv-transaction/confirm.js b/modules/client/back/methods/tpv-transaction/confirm.js index 41229a1fd0..4faa21bb5e 100644 --- a/modules/client/back/methods/tpv-transaction/confirm.js +++ b/modules/client/back/methods/tpv-transaction/confirm.js @@ -2,7 +2,7 @@ const UserError = require('vn-loopback/util/user-error'); const base64url = require('base64url'); module.exports = Self => { - Self.remoteMethod('confirm', { + Self.remoteMethodCtx('confirm', { description: 'Confirms electronic payment transaction', accessType: 'WRITE', accepts: [ @@ -30,7 +30,7 @@ module.exports = Self => { } }); - Self.confirm = async(signatureVersion, merchantParameters, signature) => { + Self.confirm = async(ctx, signatureVersion, merchantParameters, signature) => { const $ = Self.app.models; let transaction; @@ -83,7 +83,7 @@ module.exports = Self => { params['Ds_Currency'], params['Ds_Response'], params['Ds_ErrorCode'] - ]); + ], {userId: ctx.req.accessToken.userId}); return true; } catch (err) { diff --git a/modules/client/back/methods/tpv-transaction/end.js b/modules/client/back/methods/tpv-transaction/end.js index 5a757aa48d..3233f482f1 100644 --- a/modules/client/back/methods/tpv-transaction/end.js +++ b/modules/client/back/methods/tpv-transaction/end.js @@ -34,6 +34,6 @@ module.exports = Self => { 'CALL hedera.tpvTransaction_end(?, ?)', [ orderId, status - ]); + ], {userId}); }; }; diff --git a/modules/client/back/methods/tpv-transaction/start.js b/modules/client/back/methods/tpv-transaction/start.js index ea6ed05ebd..178c56d766 100644 --- a/modules/client/back/methods/tpv-transaction/start.js +++ b/modules/client/back/methods/tpv-transaction/start.js @@ -40,7 +40,7 @@ module.exports = Self => { amount, companyId, userId - ]); + ], {userId}); if (!row) throw new UserError('Transaction error'); diff --git a/modules/entry/back/methods/entry/importBuys.js b/modules/entry/back/methods/entry/importBuys.js index fdc6b058e5..1e6f01a5ed 100644 --- a/modules/entry/back/methods/entry/importBuys.js +++ b/modules/entry/back/methods/entry/importBuys.js @@ -46,7 +46,7 @@ module.exports = Self => { const args = ctx.args; const models = Self.app.models; let tx; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); @@ -79,7 +79,7 @@ module.exports = Self => { ], myOptions); const buyUltimate = await Self.rawSql(` - SELECT * + SELECT * FROM tmp.buyUltimate WHERE warehouseFk = ? `, [travel.warehouseInFk], myOptions); diff --git a/modules/invoiceIn/back/methods/invoice-in/toBook.js b/modules/invoiceIn/back/methods/invoice-in/toBook.js index 588d53f1f7..877552f41e 100644 --- a/modules/invoiceIn/back/methods/invoice-in/toBook.js +++ b/modules/invoiceIn/back/methods/invoice-in/toBook.js @@ -21,7 +21,7 @@ module.exports = Self => { Self.toBook = async(ctx, id, options) => { let tx; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/invoiceOut/back/methods/invoiceOut/book.js b/modules/invoiceOut/back/methods/invoiceOut/book.js index 7aa0eac1f0..af5633ff2b 100644 --- a/modules/invoiceOut/back/methods/invoiceOut/book.js +++ b/modules/invoiceOut/back/methods/invoiceOut/book.js @@ -1,6 +1,6 @@ module.exports = Self => { - Self.remoteMethod('book', { + Self.remoteMethodCtx('book', { description: 'Book an invoiceOut', accessType: 'WRITE', accepts: { @@ -20,10 +20,10 @@ module.exports = Self => { } }); - Self.book = async(ref, options) => { + Self.book = async(ctx, ref, options) => { const models = Self.app.models; let tx; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/invoiceOut/back/methods/invoiceOut/clientsToInvoice.js b/modules/invoiceOut/back/methods/invoiceOut/clientsToInvoice.js index f18b0c6828..63b00fe382 100644 --- a/modules/invoiceOut/back/methods/invoiceOut/clientsToInvoice.js +++ b/modules/invoiceOut/back/methods/invoiceOut/clientsToInvoice.js @@ -36,7 +36,7 @@ module.exports = Self => { Self.clientsToInvoice = async(ctx, clientId, invoiceDate, maxShipped, companyFk, options) => { let tx; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/invoiceOut/back/methods/invoiceOut/createManualInvoice.js b/modules/invoiceOut/back/methods/invoiceOut/createManualInvoice.js index a458aa18e7..18e6903d68 100644 --- a/modules/invoiceOut/back/methods/invoiceOut/createManualInvoice.js +++ b/modules/invoiceOut/back/methods/invoiceOut/createManualInvoice.js @@ -51,7 +51,7 @@ module.exports = Self => { const args = ctx.args; let tx; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/invoiceOut/back/methods/invoiceOut/invoiceClient.js b/modules/invoiceOut/back/methods/invoiceOut/invoiceClient.js index c8f8a6778d..421cbaea13 100644 --- a/modules/invoiceOut/back/methods/invoiceOut/invoiceClient.js +++ b/modules/invoiceOut/back/methods/invoiceOut/invoiceClient.js @@ -50,7 +50,7 @@ module.exports = Self => { Self.invoiceClient = async(ctx, options) => { const args = ctx.args; const models = Self.app.models; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; let tx; if (typeof options == 'object') diff --git a/modules/invoiceOut/back/methods/invoiceOut/refund.js b/modules/invoiceOut/back/methods/invoiceOut/refund.js index c722d98061..1b7ccc1e42 100644 --- a/modules/invoiceOut/back/methods/invoiceOut/refund.js +++ b/modules/invoiceOut/back/methods/invoiceOut/refund.js @@ -1,5 +1,5 @@ module.exports = Self => { - Self.remoteMethod('refund', { + Self.remoteMethodCtx('refund', { description: 'Create refund tickets with sales and services if provided', accessType: 'WRITE', accepts: [ @@ -25,7 +25,7 @@ module.exports = Self => { } }); - Self.refund = async(ref, withWarehouse, options) => { + Self.refund = async(ctx, ref, withWarehouse, options) => { const models = Self.app.models; const myOptions = {}; let tx; @@ -43,7 +43,7 @@ module.exports = Self => { const tickets = await models.Ticket.find(filter, myOptions); const ticketsIds = tickets.map(ticket => ticket.id); - const refundedTickets = await models.Ticket.refund(ticketsIds, withWarehouse, myOptions); + const refundedTickets = await models.Ticket.refund(ctx, ticketsIds, withWarehouse, myOptions); if (tx) await tx.commit(); diff --git a/modules/invoiceOut/back/methods/invoiceOut/specs/book.spec.js b/modules/invoiceOut/back/methods/invoiceOut/specs/book.spec.js index ee72f22186..3af7542ca4 100644 --- a/modules/invoiceOut/back/methods/invoiceOut/specs/book.spec.js +++ b/modules/invoiceOut/back/methods/invoiceOut/specs/book.spec.js @@ -1,6 +1,7 @@ const models = require('vn-loopback/server/server').models; describe('invoiceOut book()', () => { + const ctx = {req: {accessToken: {userId: 9}}}; const invoiceOutId = 5; it('should update the booked property', async() => { @@ -12,7 +13,7 @@ describe('invoiceOut book()', () => { const bookedDate = originalInvoiceOut.booked; const invoiceOutRef = originalInvoiceOut.ref; - await models.InvoiceOut.book(invoiceOutRef, options); + await models.InvoiceOut.book(ctx, invoiceOutRef, options); const updatedInvoiceOut = await models.InvoiceOut.findById(invoiceOutId, {}, options); diff --git a/modules/invoiceOut/back/methods/invoiceOut/specs/refund.spec.js b/modules/invoiceOut/back/methods/invoiceOut/specs/refund.spec.js index 3d0ea6809f..072fcc12c6 100644 --- a/modules/invoiceOut/back/methods/invoiceOut/specs/refund.spec.js +++ b/modules/invoiceOut/back/methods/invoiceOut/specs/refund.spec.js @@ -3,6 +3,7 @@ const LoopBackContext = require('loopback-context'); describe('InvoiceOut refund()', () => { const userId = 5; + const ctx = {req: {accessToken: userId}}; const withWarehouse = true; const activeCtx = { accessToken: {userId: userId}, @@ -16,7 +17,7 @@ describe('InvoiceOut refund()', () => { const options = {transaction: tx}; try { - const result = await models.InvoiceOut.refund('T1111111', withWarehouse, options); + const result = await models.InvoiceOut.refund(ctx, 'T1111111', withWarehouse, options); expect(result).toBeDefined(); diff --git a/modules/item/back/methods/item/getBalance.js b/modules/item/back/methods/item/getBalance.js index 5751b0a043..d4e2d0f74a 100644 --- a/modules/item/back/methods/item/getBalance.js +++ b/modules/item/back/methods/item/getBalance.js @@ -1,5 +1,5 @@ module.exports = Self => { - Self.remoteMethod('getBalance', { + Self.remoteMethodCtx('getBalance', { description: 'Returns the ', accessType: 'READ', accepts: [{ @@ -19,8 +19,8 @@ module.exports = Self => { } }); - Self.getBalance = async(filter, options) => { - const myOptions = {}; + Self.getBalance = async(ctx, filter, options) => { + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/item/back/methods/item/new.js b/modules/item/back/methods/item/new.js index d066f2c9f0..c82e2a6b1e 100644 --- a/modules/item/back/methods/item/new.js +++ b/modules/item/back/methods/item/new.js @@ -1,7 +1,7 @@ let UserError = require('vn-loopback/util/user-error'); module.exports = Self => { - Self.remoteMethod('new', { + Self.remoteMethodCtx('new', { description: 'returns the created item', accessType: 'WRITE', accepts: [{ @@ -19,9 +19,9 @@ module.exports = Self => { } }); - Self.new = async(params, options) => { + Self.new = async(ctx, params, options) => { const models = Self.app.models; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; let tx; if (typeof options == 'object') diff --git a/modules/item/back/methods/item/specs/getBalance.spec.js b/modules/item/back/methods/item/specs/getBalance.spec.js index 1ffd3c3028..e013d8956d 100644 --- a/modules/item/back/methods/item/specs/getBalance.spec.js +++ b/modules/item/back/methods/item/specs/getBalance.spec.js @@ -2,6 +2,7 @@ const models = require('vn-loopback/server/server').models; const LoopBackContext = require('loopback-context'); describe('item getBalance()', () => { + const ctx = {req: {accessToken: {userId: 9}}}; it('should return the balance lines of a client type loses in which one has highlighted true', async() => { const tx = await models.Item.beginTransaction({}); const options = {transaction: tx}; @@ -25,7 +26,7 @@ describe('item getBalance()', () => { date: null } }; - const results = await models.Item.getBalance(filter, options); + const results = await models.Item.getBalance(ctx, filter, options); const result = results.find(element => element.clientType == 'loses'); @@ -59,8 +60,8 @@ describe('item getBalance()', () => { } }; - const firstItemBalance = await models.Item.getBalance(firstFilter, options); - const secondItemBalance = await models.Item.getBalance(secondFilter, options); + const firstItemBalance = await models.Item.getBalance(ctx, firstFilter, options); + const secondItemBalance = await models.Item.getBalance(ctx, secondFilter, options); expect(firstItemBalance[9].claimFk).toEqual(null); expect(secondItemBalance[5].claimFk).toEqual(2); diff --git a/modules/item/back/methods/item/specs/new.spec.js b/modules/item/back/methods/item/specs/new.spec.js index a1c7416490..2ffaf87a5b 100644 --- a/modules/item/back/methods/item/specs/new.spec.js +++ b/modules/item/back/methods/item/specs/new.spec.js @@ -2,6 +2,7 @@ const models = require('vn-loopback/server/server').models; const LoopBackContext = require('loopback-context'); describe('item new()', () => { + const ctx = {req: {accessToken: {userId: 9}}}; beforeAll(async() => { const activeCtx = { accessToken: {userId: 9}, @@ -30,7 +31,7 @@ describe('item new()', () => { tag: 1 }; - let item = await models.Item.new(itemParams, options); + let item = await models.Item.new(ctx, itemParams, options); let itemType = await models.ItemType.findById(item.typeFk, options); diff --git a/modules/order/back/methods/order-row/addToOrder.js b/modules/order/back/methods/order-row/addToOrder.js index 639fa8be74..0bf65ef1f0 100644 --- a/modules/order/back/methods/order-row/addToOrder.js +++ b/modules/order/back/methods/order-row/addToOrder.js @@ -1,7 +1,7 @@ const UserError = require('vn-loopback/util/user-error'); module.exports = Self => { - Self.remoteMethod('addToOrder', { + Self.remoteMethodCtx('addToOrder', { description: 'Creates rows (lines) for a order', accessType: 'WRITE', accepts: [{ @@ -21,8 +21,8 @@ module.exports = Self => { } }); - Self.addToOrder = async(params, options) => { - const myOptions = {}; + Self.addToOrder = async(ctx, params, options) => { + const myOptions = {userId: ctx.req.accessToken.userId}; let tx; if (typeof options == 'object') diff --git a/modules/order/back/methods/order-row/specs/addToOrder.spec.js b/modules/order/back/methods/order-row/specs/addToOrder.spec.js index d902a1062b..96544a1a9c 100644 --- a/modules/order/back/methods/order-row/specs/addToOrder.spec.js +++ b/modules/order/back/methods/order-row/specs/addToOrder.spec.js @@ -1,6 +1,7 @@ const models = require('vn-loopback/server/server').models; describe('order addToOrder()', () => { + const ctx = {req: {accessToken: {userId: 9}}}; const orderId = 8; it('should add a row to a given order', async() => { const tx = await models.Order.beginTransaction({}); @@ -21,7 +22,7 @@ describe('order addToOrder()', () => { }] }; - await models.OrderRow.addToOrder(params, options); + await models.OrderRow.addToOrder(ctx, params, options); const modifiedRows = await models.OrderRow.find({where: {orderFk: orderId}}, options); diff --git a/modules/order/back/methods/order/confirm.js b/modules/order/back/methods/order/confirm.js index 52acc86482..5fdab29b39 100644 --- a/modules/order/back/methods/order/confirm.js +++ b/modules/order/back/methods/order/confirm.js @@ -23,7 +23,7 @@ module.exports = Self => { const userId = ctx.req.accessToken.userId; const query = `CALL hedera.order_confirmWithUser(?, ?)`; - const response = await Self.rawSql(query, [orderFk, userId]); + const response = await Self.rawSql(query, [orderFk, userId], {userId}); return response; }; diff --git a/modules/order/back/methods/order/new.js b/modules/order/back/methods/order/new.js index 147859dcca..d65b18e12d 100644 --- a/modules/order/back/methods/order/new.js +++ b/modules/order/back/methods/order/new.js @@ -1,7 +1,7 @@ let UserError = require('vn-loopback/util/user-error'); module.exports = Self => { - Self.remoteMethod('new', { + Self.remoteMethodCtx('new', { description: 'Create a new order and returns the new ID', accessType: 'WRITE', accepts: [ @@ -32,8 +32,8 @@ module.exports = Self => { } }); - Self.new = async(landed, addressId, agencyModeId, options) => { - const myOptions = {}; + Self.new = async(ctx, landed, addressId, agencyModeId, options) => { + const myOptions = {userId: ctx.req.accessToken.userId}; let tx; if (typeof options == 'object') diff --git a/modules/order/back/methods/order/newFromTicket.js b/modules/order/back/methods/order/newFromTicket.js index e0578ff9ad..3614d8e326 100644 --- a/modules/order/back/methods/order/newFromTicket.js +++ b/modules/order/back/methods/order/newFromTicket.js @@ -1,5 +1,5 @@ module.exports = Self => { - Self.remoteMethod('newFromTicket', { + Self.remoteMethodCtx('newFromTicket', { description: 'Create a new order and returns the new ID', accessType: 'WRITE', accepts: [{ @@ -18,7 +18,7 @@ module.exports = Self => { } }); - Self.newFromTicket = async(ticketFk, options) => { + Self.newFromTicket = async(ctx, ticketFk, options) => { const myOptions = {}; let tx; @@ -39,7 +39,7 @@ module.exports = Self => { const addressFk = ticket.addressFk; const agencyModeFk = ticket.agencyModeFk; - const orderID = await Self.app.models.Order.new(landed, addressFk, agencyModeFk, myOptions); + const orderID = await Self.app.models.Order.new(ctx, landed, addressFk, agencyModeFk, myOptions); if (tx) await tx.commit(); diff --git a/modules/order/back/methods/order/specs/new.spec.js b/modules/order/back/methods/order/specs/new.spec.js index f113675798..c43527f663 100644 --- a/modules/order/back/methods/order/specs/new.spec.js +++ b/modules/order/back/methods/order/specs/new.spec.js @@ -2,6 +2,7 @@ const models = require('vn-loopback/server/server').models; const UserError = require('vn-loopback/util/user-error'); describe('order new()', () => { + const ctx = {req: {accessToken: {userId: 9}}}; it('should throw an error if the client isnt active', async() => { const tx = await models.Order.beginTransaction({}); @@ -13,7 +14,7 @@ describe('order new()', () => { const addressFk = 6; const agencyModeFk = 1; - await models.Order.new(landed, addressFk, agencyModeFk, options); + await models.Order.new(ctx, landed, addressFk, agencyModeFk, options); await tx.rollback(); } catch (e) { @@ -34,7 +35,7 @@ describe('order new()', () => { const addressFk = 121; const agencyModeFk = 1; - orderId = await models.Order.new(landed, addressFk, agencyModeFk, options); + orderId = await models.Order.new(ctx, landed, addressFk, agencyModeFk, options); const highestOrderIdInFixtures = 3; diff --git a/modules/order/back/methods/order/specs/newFromTicket.spec.js b/modules/order/back/methods/order/specs/newFromTicket.spec.js index 6f18d17516..c509552fe3 100644 --- a/modules/order/back/methods/order/specs/newFromTicket.spec.js +++ b/modules/order/back/methods/order/specs/newFromTicket.spec.js @@ -1,6 +1,7 @@ const models = require('vn-loopback/server/server').models; describe('order newFromTicket()', () => { + const ctx = {req: {accessToken: {userId: 9}}}; it('should create a new order from an existing ticket', async() => { const tx = await models.Order.beginTransaction({}); @@ -9,7 +10,7 @@ describe('order newFromTicket()', () => { const ticketId = 11; - const orderId = await models.Order.newFromTicket(ticketId, options); + const orderId = await models.Order.newFromTicket(ctx, ticketId, options); const highestOrderIdInFixtures = 3; diff --git a/modules/route/back/methods/agency-term/createInvoiceIn.js b/modules/route/back/methods/agency-term/createInvoiceIn.js index 836655bd3c..5a8430e49f 100644 --- a/modules/route/back/methods/agency-term/createInvoiceIn.js +++ b/modules/route/back/methods/agency-term/createInvoiceIn.js @@ -1,5 +1,5 @@ module.exports = Self => { - Self.remoteMethod('createInvoiceIn', { + Self.remoteMethodCtx('createInvoiceIn', { description: 'Creates an invoiceIn from one or more agency terms', accessType: 'WRITE', accepts: [{ @@ -24,11 +24,11 @@ module.exports = Self => { } }); - Self.createInvoiceIn = async(rows, dms, options) => { + Self.createInvoiceIn = async(ctx, rows, dms, options) => { const models = Self.app.models; let tx; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/route/back/methods/agency-term/specs/createInvoiceIn.spec.js b/modules/route/back/methods/agency-term/specs/createInvoiceIn.spec.js index 628c5fb9ab..d3a0755eff 100644 --- a/modules/route/back/methods/agency-term/specs/createInvoiceIn.spec.js +++ b/modules/route/back/methods/agency-term/specs/createInvoiceIn.spec.js @@ -2,6 +2,7 @@ const models = require('vn-loopback/server/server').models; const LoopBackContext = require('loopback-context'); describe('AgencyTerm createInvoiceIn()', () => { + const ctx = {req: {accessToken: {userId: 9}}}; beforeAll(async() => { const activeCtx = { accessToken: {userId: 9}, @@ -42,7 +43,7 @@ describe('AgencyTerm createInvoiceIn()', () => { const oldInvoiceInDueDay = await models.InvoiceInDueDay.findById(invoiceInDueDayId, null, options); const oldInvoiceInTax = await models.InvoiceInTax.findById(invoiceInTaxId, null, options); - await models.AgencyTerm.createInvoiceIn(rows, dms, options); + await models.AgencyTerm.createInvoiceIn(ctx, rows, dms, options); const [newInvoiceIn] = await models.InvoiceIn.rawSql('SELECT MAX(id) id FROM invoiceIn', null, options); diff --git a/modules/route/back/methods/route/guessPriority.js b/modules/route/back/methods/route/guessPriority.js index eab9f3473e..67b68aa89c 100644 --- a/modules/route/back/methods/route/guessPriority.js +++ b/modules/route/back/methods/route/guessPriority.js @@ -26,7 +26,7 @@ module.exports = Self => { const tx = await Self.beginTransaction({}); try { - let options = {transaction: tx}; + let options = {transaction: tx, userId}; const priority = await Self.rawSql(query, [id], options); diff --git a/modules/route/back/methods/route/updateVolume.js b/modules/route/back/methods/route/updateVolume.js index f3b8da1301..cdced38820 100644 --- a/modules/route/back/methods/route/updateVolume.js +++ b/modules/route/back/methods/route/updateVolume.js @@ -24,7 +24,7 @@ module.exports = Self => { const models = Self.app.models; let tx; - const myOptions = {}; + const myOptions = {userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/ticket/back/methods/sale/recalculatePrice.js b/modules/ticket/back/methods/sale/recalculatePrice.js index 2c8e6768bc..fd3d6aa9b7 100644 --- a/modules/ticket/back/methods/sale/recalculatePrice.js +++ b/modules/ticket/back/methods/sale/recalculatePrice.js @@ -23,7 +23,7 @@ module.exports = Self => { Self.recalculatePrice = async(ctx, sales, options) => { const models = Self.app.models; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; let tx; if (typeof options == 'object') diff --git a/modules/ticket/back/methods/sale/refund.js b/modules/ticket/back/methods/sale/refund.js index e842327522..7abcedd905 100644 --- a/modules/ticket/back/methods/sale/refund.js +++ b/modules/ticket/back/methods/sale/refund.js @@ -1,5 +1,5 @@ module.exports = Self => { - Self.remoteMethod('refund', { + Self.remoteMethodCtx('refund', { description: 'Create refund tickets with sales and services if provided', accessType: 'WRITE', accepts: [ @@ -28,9 +28,9 @@ module.exports = Self => { } }); - Self.refund = async(salesIds, servicesIds, withWarehouse, options) => { + Self.refund = async(ctx, salesIds, servicesIds, withWarehouse, options) => { const models = Self.app.models; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; let tx; if (typeof options == 'object') diff --git a/modules/ticket/back/methods/sale/specs/refund.spec.js b/modules/ticket/back/methods/sale/specs/refund.spec.js index b870a36f73..b81f7f84d8 100644 --- a/modules/ticket/back/methods/sale/specs/refund.spec.js +++ b/modules/ticket/back/methods/sale/specs/refund.spec.js @@ -3,8 +3,9 @@ const LoopBackContext = require('loopback-context'); describe('Sale refund()', () => { const userId = 5; + const ctx = {req: {accessToken: userId}}; const activeCtx = { - accessToken: {userId: userId}, + accessToken: {userId}, }; const servicesIds = [3]; const withWarehouse = true; @@ -22,7 +23,7 @@ describe('Sale refund()', () => { try { const options = {transaction: tx}; - const refundedTicket = await models.Sale.refund(salesIds, servicesIds, withWarehouse, options); + const refundedTicket = await models.Sale.refund(ctx, salesIds, servicesIds, withWarehouse, options); expect(refundedTicket).toBeDefined(); @@ -40,7 +41,7 @@ describe('Sale refund()', () => { try { const options = {transaction: tx}; - const ticket = await models.Sale.refund(salesIds, servicesIds, withWarehouse, options); + const ticket = await models.Sale.refund(ctx, salesIds, servicesIds, withWarehouse, options); const refundedTicket = await models.Ticket.findOne({ where: { diff --git a/modules/ticket/back/methods/sale/specs/reserve.spec.js b/modules/ticket/back/methods/sale/specs/reserve.spec.js index 259cb8cd5f..7ba5999b33 100644 --- a/modules/ticket/back/methods/sale/specs/reserve.spec.js +++ b/modules/ticket/back/methods/sale/specs/reserve.spec.js @@ -52,7 +52,7 @@ describe('sale reserve()', () => { try { const options = {transaction: tx}; - originalTicketSales = await models.Ticket.getSales(11, options); + originalTicketSales = await models.Ticket.getSales(ctx, 11, options); expect(originalTicketSales[0].reserved).toEqual(false); expect(originalTicketSales[1].reserved).toEqual(false); @@ -63,7 +63,7 @@ describe('sale reserve()', () => { await models.Sale.reserve(ctx, ticketId, sales, reserved, options); - const reservedTicketSales = await models.Ticket.getSales(ticketId, options); + const reservedTicketSales = await models.Ticket.getSales(ctx, ticketId, options); expect(reservedTicketSales[0].reserved).toEqual(true); expect(reservedTicketSales[1].reserved).toEqual(true); diff --git a/modules/ticket/back/methods/sale/updatePrice.js b/modules/ticket/back/methods/sale/updatePrice.js index 505de51807..649395da6d 100644 --- a/modules/ticket/back/methods/sale/updatePrice.js +++ b/modules/ticket/back/methods/sale/updatePrice.js @@ -31,7 +31,7 @@ module.exports = Self => { Self.updatePrice = async(ctx, id, newPrice, options) => { const $t = ctx.req.__; // $translate const models = Self.app.models; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; let tx; if (typeof options == 'object') diff --git a/modules/ticket/back/methods/sale/usesMana.js b/modules/ticket/back/methods/sale/usesMana.js index 3f55293bfe..75d8cdda79 100644 --- a/modules/ticket/back/methods/sale/usesMana.js +++ b/modules/ticket/back/methods/sale/usesMana.js @@ -22,7 +22,7 @@ module.exports = Self => { Object.assign(myOptions, options); const salesDepartment = await models.Department.findOne({where: {code: 'VT'}, fields: 'id'}, myOptions); - const departments = await models.Department.getLeaves(salesDepartment.id, null, myOptions); + const departments = await models.Department.getLeaves(ctx, salesDepartment.id, null, myOptions); const workerDepartment = await models.WorkerDepartment.findById(userId, null, myOptions); if (!workerDepartment) return false; diff --git a/modules/ticket/back/methods/ticket-request/confirm.js b/modules/ticket/back/methods/ticket-request/confirm.js index f7f7fbc2a8..2061ca3553 100644 --- a/modules/ticket/back/methods/ticket-request/confirm.js +++ b/modules/ticket/back/methods/ticket-request/confirm.js @@ -34,7 +34,7 @@ module.exports = Self => { const userId = ctx.req.accessToken.userId; const models = Self.app.models; const $t = ctx.req.__; // $translate - const myOptions = {}; + const myOptions = {userId}; let tx; if (typeof options == 'object') diff --git a/modules/ticket/back/methods/ticket/addSale.js b/modules/ticket/back/methods/ticket/addSale.js index 37d97b2c79..85b0510ae0 100644 --- a/modules/ticket/back/methods/ticket/addSale.js +++ b/modules/ticket/back/methods/ticket/addSale.js @@ -35,7 +35,7 @@ module.exports = Self => { Self.addSale = async(ctx, id, itemId, quantity, options) => { const $t = ctx.req.__; // $translate const models = Self.app.models; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; let tx; if (typeof options == 'object') diff --git a/modules/ticket/back/methods/ticket/closeAll.js b/modules/ticket/back/methods/ticket/closeAll.js index 6690126b95..660c168937 100644 --- a/modules/ticket/back/methods/ticket/closeAll.js +++ b/modules/ticket/back/methods/ticket/closeAll.js @@ -2,7 +2,7 @@ const UserError = require('vn-loopback/util/user-error'); const closure = require('./closure'); module.exports = Self => { - Self.remoteMethod('closeAll', { + Self.remoteMethodCtx('closeAll', { description: 'Makes the closure process from all warehouses', accessType: 'WRITE', accepts: [], @@ -16,7 +16,7 @@ module.exports = Self => { } }); - Self.closeAll = async() => { + Self.closeAll = async ctx => { const toDate = Date.vnNew(); toDate.setHours(0, 0, 0, 0); toDate.setDate(toDate.getDate() - 1); @@ -59,7 +59,7 @@ module.exports = Self => { GROUP BY t.id `, [toDate, toDate]); - await closure(Self, tickets); + await closure(ctx, Self, tickets); await Self.rawSql(` UPDATE ticket t @@ -73,7 +73,7 @@ module.exports = Self => { AND util.dayEnd(?) AND al.code NOT IN('DELIVERED','PACKED') AND t.routeFk - AND z.name LIKE '%MADRID%'`, [toDate, toDate]); + AND z.name LIKE '%MADRID%'`, [toDate, toDate], {userId: ctx.req.accessToken.userId}); return { message: 'Success' diff --git a/modules/ticket/back/methods/ticket/closure.js b/modules/ticket/back/methods/ticket/closure.js index 9b3355d6c3..eee5e28e26 100644 --- a/modules/ticket/back/methods/ticket/closure.js +++ b/modules/ticket/back/methods/ticket/closure.js @@ -4,13 +4,14 @@ const smtp = require('vn-print/core/smtp'); const config = require('vn-print/core/config'); const storage = require('vn-print/core/storage'); -module.exports = async function(Self, tickets, reqArgs = {}) { +module.exports = async function(ctx, Self, tickets, reqArgs = {}) { + const userId = ctx.req.accessToken.userId; if (tickets.length == 0) return; const failedtickets = []; for (const ticket of tickets) { try { - await Self.rawSql(`CALL vn.ticket_closeByTicket(?)`, [ticket.id]); + await Self.rawSql(`CALL vn.ticket_closeByTicket(?)`, [ticket.id], {userId}); const [invoiceOut] = await Self.rawSql(` SELECT io.id, io.ref, io.serial, cny.code companyCode, io.issued @@ -52,7 +53,7 @@ module.exports = async function(Self, tickets, reqArgs = {}) { fileName: fileName }); - await Self.rawSql('UPDATE invoiceOut SET hasPdf = true WHERE id = ?', [invoiceOut.id]); + await Self.rawSql('UPDATE invoiceOut SET hasPdf = true WHERE id = ?', [invoiceOut.id], {userId}); if (isToBeMailed) { const invoiceAttachment = { @@ -91,7 +92,7 @@ module.exports = async function(Self, tickets, reqArgs = {}) { // Incoterms authorization const [{firstOrder}] = await Self.rawSql(` SELECT COUNT(*) as firstOrder - FROM ticket t + FROM ticket t JOIN client c ON c.id = t.clientFk WHERE t.clientFk = ? AND NOT t.isDeleted @@ -111,14 +112,14 @@ module.exports = async function(Self, tickets, reqArgs = {}) { await email.send(); const [sample] = await Self.rawSql( - `SELECT id - FROM sample + `SELECT id + FROM sample WHERE code = 'incoterms-authorization' `); await Self.rawSql(` INSERT INTO clientSample (clientFk, typeFk, companyFk) VALUES(?, ?, ?) - `, [ticket.clientFk, sample.id, ticket.companyFk]); + `, [ticket.clientFk, sample.id, ticket.companyFk], {userId}); } } catch (error) { // Domain not found @@ -152,23 +153,23 @@ module.exports = async function(Self, tickets, reqArgs = {}) { async function invalidEmail(ticket) { await Self.rawSql(`UPDATE client SET email = NULL WHERE id = ?`, [ ticket.clientFk - ]); + ], {userId}); const oldInstance = `{"email": "${ticket.recipient}"}`; const newInstance = `{"email": ""}`; await Self.rawSql(` - INSERT INTO clientLog (originFk, userFk, action, changedModel, oldInstance, newInstance) + INSERT INTO clientLog (originFk, userFk, action, changedModel, oldInstance, newInstance) VALUES (?, NULL, 'UPDATE', 'Client', ?, ?)`, [ ticket.clientFk, oldInstance, newInstance - ]); + ], {userId}); - const body = `No se ha podido enviar el albarán ${ticket.id} - al cliente ${ticket.clientFk} - ${ticket.clientName} - porque la dirección de email "${ticket.recipient}" no es correcta + const body = `No se ha podido enviar el albarán ${ticket.id} + al cliente ${ticket.clientFk} - ${ticket.clientName} + porque la dirección de email "${ticket.recipient}" no es correcta o no está disponible.

- Para evitar que se repita este error, se ha eliminado la dirección de email de la ficha del cliente. + Para evitar que se repita este error, se ha eliminado la dirección de email de la ficha del cliente. Actualiza la dirección de email con una correcta.`; smtp.send({ diff --git a/modules/ticket/back/methods/ticket/componentUpdate.js b/modules/ticket/back/methods/ticket/componentUpdate.js index dac8e4f52c..a8b631d7cf 100644 --- a/modules/ticket/back/methods/ticket/componentUpdate.js +++ b/modules/ticket/back/methods/ticket/componentUpdate.js @@ -101,7 +101,7 @@ module.exports = Self => { Self.componentUpdate = async(ctx, options) => { const args = ctx.args; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; let tx; if (typeof options == 'object') diff --git a/modules/ticket/back/methods/ticket/getSales.js b/modules/ticket/back/methods/ticket/getSales.js index 321e8e24e3..e721d90aee 100644 --- a/modules/ticket/back/methods/ticket/getSales.js +++ b/modules/ticket/back/methods/ticket/getSales.js @@ -1,6 +1,6 @@ module.exports = Self => { - Self.remoteMethod('getSales', { + Self.remoteMethodCtx('getSales', { description: 'New filter', accessType: 'READ', accepts: [{ @@ -20,10 +20,10 @@ module.exports = Self => { } }); - Self.getSales = async(id, options) => { + Self.getSales = async(ctx, id, options) => { const models = Self.app.models; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/ticket/back/methods/ticket/makeInvoice.js b/modules/ticket/back/methods/ticket/makeInvoice.js index d8ec5eb9a5..ee82b874fc 100644 --- a/modules/ticket/back/methods/ticket/makeInvoice.js +++ b/modules/ticket/back/methods/ticket/makeInvoice.js @@ -28,7 +28,7 @@ module.exports = function(Self) { const date = Date.vnNew(); date.setHours(0, 0, 0, 0); - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; let tx; if (typeof options == 'object') diff --git a/modules/ticket/back/methods/ticket/new.js b/modules/ticket/back/methods/ticket/new.js index 5f7cf3cb6a..b461fb26d3 100644 --- a/modules/ticket/back/methods/ticket/new.js +++ b/modules/ticket/back/methods/ticket/new.js @@ -59,9 +59,9 @@ module.exports = Self => { Self.new = async(ctx, options) => { const args = ctx.args; - const myUserId = ctx.req.accessToken.userId; + const userId = ctx.req.accessToken.userId; const models = Self.app.models; - const myOptions = {}; + const myOptions = {userId}; let tx; if (typeof options == 'object') @@ -123,7 +123,7 @@ module.exports = Self => { args.routeId || null, args.landed, true, - myUserId + userId ], myOptions); const ticket = await models.Ticket.findById(result[1][0].newTicketId, null, myOptions); diff --git a/modules/ticket/back/methods/ticket/priceDifference.js b/modules/ticket/back/methods/ticket/priceDifference.js index 27fdb91608..42a71f1c8c 100644 --- a/modules/ticket/back/methods/ticket/priceDifference.js +++ b/modules/ticket/back/methods/ticket/priceDifference.js @@ -60,7 +60,7 @@ module.exports = Self => { Self.priceDifference = async(ctx, options) => { const args = ctx.args; const models = Self.app.models; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; let tx; if (typeof options == 'object') diff --git a/modules/ticket/back/methods/ticket/recalculateComponents.js b/modules/ticket/back/methods/ticket/recalculateComponents.js index 5b9e8e5dc0..eb9c8a72ed 100644 --- a/modules/ticket/back/methods/ticket/recalculateComponents.js +++ b/modules/ticket/back/methods/ticket/recalculateComponents.js @@ -21,7 +21,7 @@ module.exports = Self => { }); Self.recalculateComponents = async(ctx, id, options) => { - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; let tx; if (typeof options == 'object') diff --git a/modules/ticket/back/methods/ticket/refund.js b/modules/ticket/back/methods/ticket/refund.js index fe17b71015..c99b6aa835 100644 --- a/modules/ticket/back/methods/ticket/refund.js +++ b/modules/ticket/back/methods/ticket/refund.js @@ -1,5 +1,5 @@ module.exports = Self => { - Self.remoteMethod('refund', { + Self.remoteMethodCtx('refund', { description: 'Create refund tickets with all their sales and services', accessType: 'WRITE', accepts: [ @@ -24,7 +24,7 @@ module.exports = Self => { } }); - Self.refund = async(ticketsIds, withWarehouse, options) => { + Self.refund = async(ctx, ticketsIds, withWarehouse, options) => { const models = Self.app.models; const myOptions = {}; let tx; @@ -46,7 +46,7 @@ module.exports = Self => { const services = await models.TicketService.find(filter, myOptions); const servicesIds = services.map(service => service.id); - const refundedTickets = await models.Sale.refund(salesIds, servicesIds, withWarehouse, myOptions); + const refundedTickets = await models.Sale.refund(ctx, salesIds, servicesIds, withWarehouse, myOptions); if (tx) await tx.commit(); diff --git a/modules/ticket/back/methods/ticket/saveSign.js b/modules/ticket/back/methods/ticket/saveSign.js index b8f9d5ced6..55d2e32814 100644 --- a/modules/ticket/back/methods/ticket/saveSign.js +++ b/modules/ticket/back/methods/ticket/saveSign.js @@ -31,7 +31,7 @@ module.exports = Self => { Self.saveSign = async(ctx, tickets, location, signedTime, options) => { const models = Self.app.models; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; let tx; let dms; let gestDocCreated = false; diff --git a/modules/ticket/back/methods/ticket/setDeleted.js b/modules/ticket/back/methods/ticket/setDeleted.js index 228e2e7656..7cc300547b 100644 --- a/modules/ticket/back/methods/ticket/setDeleted.js +++ b/modules/ticket/back/methods/ticket/setDeleted.js @@ -24,7 +24,7 @@ module.exports = Self => { Self.setDeleted = async(ctx, id, options) => { const models = Self.app.models; const $t = ctx.req.__; // $translate - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; let tx; if (typeof options == 'object') diff --git a/modules/ticket/back/methods/ticket/specs/getSales.spec.js b/modules/ticket/back/methods/ticket/specs/getSales.spec.js index b9f78e40bd..7c0a67d451 100644 --- a/modules/ticket/back/methods/ticket/specs/getSales.spec.js +++ b/modules/ticket/back/methods/ticket/specs/getSales.spec.js @@ -1,13 +1,14 @@ const models = require('vn-loopback/server/server').models; describe('ticket getSales()', () => { + const ctx = {req: {accessToken: 9}}; it('should return the sales of a ticket', async() => { const tx = await models.Ticket.beginTransaction({}); try { const options = {transaction: tx}; - const sales = await models.Ticket.getSales(16, options); + const sales = await models.Ticket.getSales(ctx, 16, options); expect(sales.length).toEqual(4); expect(sales[0].item).toBeDefined(); diff --git a/modules/ticket/back/methods/ticket/specs/summary.spec.js b/modules/ticket/back/methods/ticket/specs/summary.spec.js index 5d2991b0ac..2c4aedf1e5 100644 --- a/modules/ticket/back/methods/ticket/specs/summary.spec.js +++ b/modules/ticket/back/methods/ticket/specs/summary.spec.js @@ -1,13 +1,14 @@ const models = require('vn-loopback/server/server').models; describe('ticket summary()', () => { + const ctx = {req: {accessToken: 9}}; it('should return a summary object containing data from 1 ticket', async() => { const tx = await models.Ticket.beginTransaction({}); try { const options = {transaction: tx}; - const result = await models.Ticket.summary(1, options); + const result = await models.Ticket.summary(ctx, 1, options); expect(result.id).toEqual(1); expect(result.nickname).toEqual('Bat cave'); @@ -25,7 +26,7 @@ describe('ticket summary()', () => { try { const options = {transaction: tx}; - const result = await models.Ticket.summary(1, options); + const result = await models.Ticket.summary(ctx, 1, options); expect(result.sales.length).toEqual(4); @@ -42,7 +43,7 @@ describe('ticket summary()', () => { try { const options = {transaction: tx}; - const result = await models.Ticket.summary(1, options); + const result = await models.Ticket.summary(ctx, 1, options); expect(result.totalWithoutVat).toEqual(jasmine.any(Number)); @@ -59,7 +60,7 @@ describe('ticket summary()', () => { try { const options = {transaction: tx}; - const result = await models.Ticket.summary(1, options); + const result = await models.Ticket.summary(ctx, 1, options); expect(result.totalWithVat).toEqual(jasmine.any(Number)); diff --git a/modules/ticket/back/methods/ticket/specs/transferSales.spec.js b/modules/ticket/back/methods/ticket/specs/transferSales.spec.js index 270aae2f8e..5626889178 100644 --- a/modules/ticket/back/methods/ticket/specs/transferSales.spec.js +++ b/modules/ticket/back/methods/ticket/specs/transferSales.spec.js @@ -67,7 +67,7 @@ describe('sale transferSales()', () => { const ticketId = 11; const receiverTicketId = null; - const sales = await models.Ticket.getSales(ticketId, options); + const sales = await models.Ticket.getSales(ctx, ticketId, options); await models.Ticket.transferSales(ctx, ticketId, receiverTicketId, sales, options); @@ -89,7 +89,7 @@ describe('sale transferSales()', () => { const formerTicketId = 22; let createdTicketId = undefined; - let formerTicketSales = await models.Ticket.getSales(formerTicketId, options); + let formerTicketSales = await models.Ticket.getSales(ctx, formerTicketId, options); expect(formerTicketSales.length).toEqual(2); @@ -98,8 +98,8 @@ describe('sale transferSales()', () => { createdTicketId = createdTicket.id; - formerTicketSales = await models.Ticket.getSales(formerTicketId, options); - let createdTicketSales = await models.Ticket.getSales(createdTicketId, options); + formerTicketSales = await models.Ticket.getSales(ctx, formerTicketId, options); + let createdTicketSales = await models.Ticket.getSales(ctx, createdTicketId, options); expect(formerTicketSales.length).toEqual(0); expect(createdTicketSales.length).toEqual(2); @@ -120,7 +120,7 @@ describe('sale transferSales()', () => { const options = {transaction: tx}; const currentTicketId = 22; - const currentTicketSales = await models.Ticket.getSales(currentTicketId, options); + const currentTicketSales = await models.Ticket.getSales(ctx, currentTicketId, options); const receiverTicketId = undefined; @@ -147,7 +147,7 @@ describe('sale transferSales()', () => { const formerTicketId = 22; let createdTicketId = undefined; - let formerTicketSales = await models.Ticket.getSales(formerTicketId, options); + let formerTicketSales = await models.Ticket.getSales(ctx, formerTicketId, options); const completeSaleId = formerTicketSales[1].id; let partialSaleTotalQuantity = formerTicketSales[0].quantity; @@ -161,8 +161,8 @@ describe('sale transferSales()', () => { createdTicketId = createdTicket.id; - formerTicketSales = await models.Ticket.getSales(formerTicketId, options); - createdTicketSales = await models.Ticket.getSales(createdTicketId, options); + formerTicketSales = await models.Ticket.getSales(ctx, formerTicketId, options); + createdTicketSales = await models.Ticket.getSales(ctx, createdTicketId, options); const [createdPartialSale] = createdTicketSales.filter(sale => { return sale.id != completeSaleId; diff --git a/modules/ticket/back/methods/ticket/summary.js b/modules/ticket/back/methods/ticket/summary.js index a57968fc17..1ce91e1b27 100644 --- a/modules/ticket/back/methods/ticket/summary.js +++ b/modules/ticket/back/methods/ticket/summary.js @@ -1,5 +1,5 @@ module.exports = Self => { - Self.remoteMethod('summary', { + Self.remoteMethodCtx('summary', { description: 'Returns a ticket summary', accessType: 'READ', accepts: [{ @@ -19,7 +19,7 @@ module.exports = Self => { } }); - Self.summary = async(ticketFk, options) => { + Self.summary = async(ctx, ticketFk, options) => { const models = Self.app.models; const myOptions = {}; @@ -28,7 +28,7 @@ module.exports = Self => { const summaryObj = await getTicketData(Self, ticketFk, myOptions); - summaryObj.sales = await models.Ticket.getSales(ticketFk, myOptions); + summaryObj.sales = await models.Ticket.getSales(ctx, ticketFk, myOptions); summaryObj.packagings = await models.TicketPackaging.find({ where: {ticketFk: ticketFk}, diff --git a/modules/ticket/back/methods/ticket/transferSales.js b/modules/ticket/back/methods/ticket/transferSales.js index 5737e628f3..01ada49d01 100644 --- a/modules/ticket/back/methods/ticket/transferSales.js +++ b/modules/ticket/back/methods/ticket/transferSales.js @@ -36,7 +36,7 @@ module.exports = Self => { Self.transferSales = async(ctx, id, ticketId, sales, options) => { const userId = ctx.req.accessToken.userId; const models = Self.app.models; - const myOptions = {}; + const myOptions = {userId}; let tx; if (typeof options == 'object') diff --git a/modules/ticket/back/methods/ticket/updateDiscount.js b/modules/ticket/back/methods/ticket/updateDiscount.js index 4b31c0ce4b..6feeafa1ad 100644 --- a/modules/ticket/back/methods/ticket/updateDiscount.js +++ b/modules/ticket/back/methods/ticket/updateDiscount.js @@ -44,7 +44,7 @@ module.exports = Self => { Self.updateDiscount = async(ctx, id, salesIds, newDiscount, manaCode, options) => { const $t = ctx.req.__; // $translate const models = Self.app.models; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; let tx; if (typeof options == 'object') diff --git a/modules/travel/back/methods/thermograph/createThermograph.js b/modules/travel/back/methods/thermograph/createThermograph.js index 75d9676283..243e2129fe 100644 --- a/modules/travel/back/methods/thermograph/createThermograph.js +++ b/modules/travel/back/methods/thermograph/createThermograph.js @@ -1,5 +1,5 @@ module.exports = Self => { - Self.remoteMethod('createThermograph', { + Self.remoteMethodCtx('createThermograph', { description: 'Creates a new thermograph', accessType: 'WRITE', accepts: [{ @@ -36,10 +36,10 @@ module.exports = Self => { } }); - Self.createThermograph = async(thermographId, model, temperatureFk, warehouseId, options) => { + Self.createThermograph = async(ctx, thermographId, model, temperatureFk, warehouseId, options) => { const models = Self.app.models; let tx; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; const date = Date.vnNew(); if (typeof options == 'object') diff --git a/modules/travel/back/methods/thermograph/specs/createThermograph.spec.js b/modules/travel/back/methods/thermograph/specs/createThermograph.spec.js index 32014e303c..90855bf813 100644 --- a/modules/travel/back/methods/thermograph/specs/createThermograph.spec.js +++ b/modules/travel/back/methods/thermograph/specs/createThermograph.spec.js @@ -5,6 +5,7 @@ describe('Termograph createThermograph()', () => { const model = 'DISPOSABLE'; const temperatureFk = 'COOL'; const warehouseId = 1; + const ctx = {req: {accessToken: {userId: 9}}}; it(`should create a thermograph which is saved in both thermograph and travelThermograph`, async() => { const tx = await models.Thermograph.beginTransaction({}); @@ -12,7 +13,7 @@ describe('Termograph createThermograph()', () => { try { const options = {transaction: tx}; - const createdThermograph = await models.Thermograph.createThermograph(thermographId, model, temperatureFk, warehouseId, options); + const createdThermograph = await models.Thermograph.createThermograph(ctx, thermographId, model, temperatureFk, warehouseId, options); expect(createdThermograph.id).toEqual(thermographId); expect(createdThermograph.model).toEqual(model); @@ -37,8 +38,8 @@ describe('Termograph createThermograph()', () => { try { const options = {transaction: tx}; - await models.Thermograph.createThermograph(thermographId, model, temperatureFk, warehouseId, options); - await models.Thermograph.createThermograph(thermographId, model, temperatureFk, warehouseId, options); + await models.Thermograph.createThermograph(ctx, thermographId, model, temperatureFk, warehouseId, options); + await models.Thermograph.createThermograph(ctx, thermographId, model, temperatureFk, warehouseId, options); await tx.rollback(); } catch (e) { diff --git a/modules/travel/back/methods/travel/deleteThermograph.js b/modules/travel/back/methods/travel/deleteThermograph.js index ba541c560c..d22fc8b292 100644 --- a/modules/travel/back/methods/travel/deleteThermograph.js +++ b/modules/travel/back/methods/travel/deleteThermograph.js @@ -26,9 +26,9 @@ module.exports = Self => { await models.Dms.removeFile(ctx, travelThermograph.dmsFk); await Self.rawSql(` - UPDATE travelThermograph - SET travelFk = NULL, dmsFk = NULL - WHERE id = ?`, [id]); + UPDATE travelThermograph + SET travelFk = NULL, dmsFk = NULL + WHERE id = ?`, [id], {userId}); const oldInstance = { travelFk: travelThermograph.travelFk, diff --git a/modules/worker/back/methods/department/getLeaves.js b/modules/worker/back/methods/department/getLeaves.js index 614f3388e7..48fe78e086 100644 --- a/modules/worker/back/methods/department/getLeaves.js +++ b/modules/worker/back/methods/department/getLeaves.js @@ -1,5 +1,5 @@ module.exports = Self => { - Self.remoteMethod('getLeaves', { + Self.remoteMethodCtx, ('getLeaves', { description: 'Returns the nodes for a department', accepts: [{ arg: 'parentId', @@ -20,10 +20,11 @@ module.exports = Self => { } }); - Self.getLeaves = async(parentId = null, search) => { + Self.getLeaves = async(ctx, parentId = null, search) => { let [res] = await Self.rawSql( `CALL department_getLeaves(?, ?)`, - [parentId, search] + [parentId, search], + {userId: ctx.req.accessToken.userId} ); let map = new Map(); diff --git a/modules/worker/back/methods/worker-time-control/addTimeEntry.js b/modules/worker/back/methods/worker-time-control/addTimeEntry.js index bcc96985fa..cc652fb90b 100644 --- a/modules/worker/back/methods/worker-time-control/addTimeEntry.js +++ b/modules/worker/back/methods/worker-time-control/addTimeEntry.js @@ -33,15 +33,15 @@ module.exports = Self => { Self.addTimeEntry = async(ctx, workerId, options) => { const models = Self.app.models; const args = ctx.args; - const currentUserId = ctx.req.accessToken.userId; - const myOptions = {}; + const userId = ctx.req.accessToken.userId; + const myOptions = {userId}; if (typeof options == 'object') Object.assign(myOptions, options); const isSubordinate = await models.Worker.isSubordinate(ctx, workerId, myOptions); const isTeamBoss = await models.ACL.checkAccessAcl(ctx, 'Worker', 'isTeamBoss', 'WRITE'); - const isHimself = currentUserId == workerId; + const isHimself = userId == workerId; if (!isSubordinate || (isSubordinate && isHimself && !isTeamBoss)) throw new UserError(`You don't have enough privileges`); diff --git a/modules/worker/back/methods/worker-time-control/deleteTimeEntry.js b/modules/worker/back/methods/worker-time-control/deleteTimeEntry.js index 80482901fb..8f95415964 100644 --- a/modules/worker/back/methods/worker-time-control/deleteTimeEntry.js +++ b/modules/worker/back/methods/worker-time-control/deleteTimeEntry.js @@ -22,10 +22,10 @@ module.exports = Self => { }); Self.deleteTimeEntry = async(ctx, id, options) => { - const currentUserId = ctx.req.accessToken.userId; + const userId = ctx.req.accessToken.userId; const models = Self.app.models; - const myOptions = {}; + const myOptions = {userId}; if (typeof options == 'object') Object.assign(myOptions, options); @@ -33,7 +33,7 @@ module.exports = Self => { const targetTimeEntry = await Self.findById(id, null, myOptions); const isSubordinate = await models.Worker.isSubordinate(ctx, targetTimeEntry.userFk, myOptions); const isTeamBoss = await models.ACL.checkAccessAcl(ctx, 'Worker', 'isTeamBoss', 'WRITE'); - const isHimself = currentUserId == targetTimeEntry.userFk; + const isHimself = userId == targetTimeEntry.userFk; if (isSubordinate === false || (isSubordinate && isHimself && !isTeamBoss)) throw new UserError(`You don't have enough privileges`); diff --git a/modules/worker/back/methods/worker-time-control/sendMail.js b/modules/worker/back/methods/worker-time-control/sendMail.js index 3d57ebbbdf..ab5e56a77f 100644 --- a/modules/worker/back/methods/worker-time-control/sendMail.js +++ b/modules/worker/back/methods/worker-time-control/sendMail.js @@ -33,7 +33,7 @@ module.exports = Self => { const conn = Self.dataSource.connector; const args = ctx.args; let tx; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/worker/back/methods/worker/new.js b/modules/worker/back/methods/worker/new.js index 3984111184..27acc98ab0 100644 --- a/modules/worker/back/methods/worker/new.js +++ b/modules/worker/back/methods/worker/new.js @@ -119,7 +119,7 @@ module.exports = Self => { Self.new = async(ctx, options) => { const models = Self.app.models; - const myOptions = {}; + const myOptions = {userId: ctx.req.accessToken.userId}; const args = ctx.args; let tx; diff --git a/modules/worker/back/methods/worker/specs/new.spec.js b/modules/worker/back/methods/worker/specs/new.spec.js index 44f6e9b094..b2804c2031 100644 --- a/modules/worker/back/methods/worker/specs/new.spec.js +++ b/modules/worker/back/methods/worker/specs/new.spec.js @@ -36,6 +36,7 @@ describe('Worker new', () => { payMethodFk: 1, roleFk: 1 }; + const req = {accessToken: {userId: 9}}; it('should return error if personal mail already exists', async() => { const user = await models.VnUser.findById(employeeId, {fields: ['email']}); @@ -46,7 +47,8 @@ describe('Worker new', () => { try { const options = {transaction: tx}; const ctx = { - args: Object.assign({}, defaultWorker, {email: user.email}) + args: Object.assign({}, defaultWorker, {email: user.email}), + req }; await models.Worker.new(ctx, options); @@ -69,7 +71,8 @@ describe('Worker new', () => { try { const options = {transaction: tx}; const ctx = { - args: Object.assign({}, defaultWorker, {code: worker.code}) + args: Object.assign({}, defaultWorker, {code: worker.code}), + req }; await models.Worker.new(ctx, options); @@ -92,7 +95,8 @@ describe('Worker new', () => { try { const options = {transaction: tx}; const ctx = { - args: Object.assign({}, defaultWorker, {fi: worker.fi}) + args: Object.assign({}, defaultWorker, {fi: worker.fi}), + req }; await models.Worker.new(ctx, options); @@ -119,7 +123,8 @@ describe('Worker new', () => { try { const options = {transaction: tx}; const ctx = { - args: Object.assign({}, defaultWorker, {payMethodFk: payMethodIbanRequired.id}) + args: Object.assign({}, defaultWorker, {payMethodFk: payMethodIbanRequired.id}), + req }; await models.Worker.new(ctx, options); @@ -133,7 +138,7 @@ describe('Worker new', () => { }); it('should create a new worker', async() => { - const newWorker = await models.Worker.new({args: defaultWorker}); + const newWorker = await models.Worker.new({args: defaultWorker, req}); await models.Worker.destroyById(newWorker.id); await models.Address.destroyAll({clientFk: newWorker.id}); @@ -155,7 +160,8 @@ describe('Worker new', () => { { fi: client.fi, email: client.email - }) + }), + req }; const newWorker = await models.Worker.new(newWorkerData); diff --git a/modules/zone/back/methods/agency/getAgenciesWithWarehouse.js b/modules/zone/back/methods/agency/getAgenciesWithWarehouse.js index 846ad6a3db..c8ab4f67c7 100644 --- a/modules/zone/back/methods/agency/getAgenciesWithWarehouse.js +++ b/modules/zone/back/methods/agency/getAgenciesWithWarehouse.js @@ -1,5 +1,5 @@ module.exports = Self => { - Self.remoteMethod('getAgenciesWithWarehouse', { + Self.remoteMethodCtx('getAgenciesWithWarehouse', { description: 'Returns a list of agencies that can land a shipment on a day for an address and a warehouse', accepts: [ { @@ -28,8 +28,8 @@ module.exports = Self => { } }); - Self.getAgenciesWithWarehouse = async(addressFk, landed, warehouseFk, options) => { - const myOptions = {}; + Self.getAgenciesWithWarehouse = async(ctx, addressFk, landed, warehouseFk, options) => { + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/zone/back/methods/agency/landsThatDay.js b/modules/zone/back/methods/agency/landsThatDay.js index b7f13dddae..4d73e4d087 100644 --- a/modules/zone/back/methods/agency/landsThatDay.js +++ b/modules/zone/back/methods/agency/landsThatDay.js @@ -1,5 +1,5 @@ module.exports = Self => { - Self.remoteMethod('landsThatDay', { + Self.remoteMethodCtx('landsThatDay', { description: 'Returns a list of agencies that can land a shipment on a day for an address', accepts: [ { @@ -22,8 +22,8 @@ module.exports = Self => { } }); - Self.landsThatDay = async(addressFk, landed, options) => { - const myOptions = {}; + Self.landsThatDay = async(ctx, addressFk, landed, options) => { + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/zone/back/methods/agency/specs/getAgenciesWithWarehouse.spec.js b/modules/zone/back/methods/agency/specs/getAgenciesWithWarehouse.spec.js index 4f79b23157..f760559cbd 100644 --- a/modules/zone/back/methods/agency/specs/getAgenciesWithWarehouse.spec.js +++ b/modules/zone/back/methods/agency/specs/getAgenciesWithWarehouse.spec.js @@ -2,6 +2,7 @@ const app = require('vn-loopback/server/server'); describe('Agency getAgenciesWithWarehouse()', () => { const today = Date.vnNew(); + const ctx = {req: {accessToken: {userId: 9}}}; it('should return the agencies that can handle the given delivery request', async() => { const tx = await app.models.Zone.beginTransaction({}); @@ -9,7 +10,7 @@ describe('Agency getAgenciesWithWarehouse()', () => { const options = {transaction: tx}; const addressId = 101; - const agencies = await app.models.Agency.getAgenciesWithWarehouse(addressId, today, 1, options); + const agencies = await app.models.Agency.getAgenciesWithWarehouse(ctx, addressId, today, 1, options); expect(agencies.length).toEqual(3); expect(agencies[0].agencyMode).toEqual('inhouse pickup'); @@ -30,7 +31,7 @@ describe('Agency getAgenciesWithWarehouse()', () => { const options = {transaction: tx}; const addressId = 101; - const agencies = await app.models.Agency.getAgenciesWithWarehouse(addressId, null, 1, options); + const agencies = await app.models.Agency.getAgenciesWithWarehouse(ctx, addressId, null, 1, options); expect(agencies.length).toEqual(0); diff --git a/modules/zone/back/methods/agency/specs/landsThatDay.spec.js b/modules/zone/back/methods/agency/specs/landsThatDay.spec.js index 4bde379847..1ec675071c 100644 --- a/modules/zone/back/methods/agency/specs/landsThatDay.spec.js +++ b/modules/zone/back/methods/agency/specs/landsThatDay.spec.js @@ -1,6 +1,7 @@ const {models} = require('vn-loopback/server/server'); describe('Agency landsThatDay()', () => { + const ctx = {req: {accessToken: {userId: 9}}}; const today = Date.vnNew(); it('should return a list of agencies that can land a shipment on a day for an address', async() => { const tx = await models.Agency.beginTransaction({}); @@ -8,7 +9,7 @@ describe('Agency landsThatDay()', () => { try { const options = {transaction: tx}; - const agencies = await models.Agency.landsThatDay(101, today, options); + const agencies = await models.Agency.landsThatDay(ctx, 101, today, options); expect(agencies.length).toBeGreaterThanOrEqual(3); diff --git a/modules/zone/back/methods/zone/deleteZone.js b/modules/zone/back/methods/zone/deleteZone.js index e3846132b4..bcfb91e3d6 100644 --- a/modules/zone/back/methods/zone/deleteZone.js +++ b/modules/zone/back/methods/zone/deleteZone.js @@ -26,7 +26,7 @@ module.exports = Self => { today.setHours(0, 0, 0, 0); let tx; - const myOptions = {}; + const myOptions = {userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/zone/back/methods/zone/getEvents.js b/modules/zone/back/methods/zone/getEvents.js index a8ee8bb7be..03fb31438a 100644 --- a/modules/zone/back/methods/zone/getEvents.js +++ b/modules/zone/back/methods/zone/getEvents.js @@ -1,6 +1,6 @@ module.exports = Self => { - Self.remoteMethod('getEvents', { + Self.remoteMethodCtx('getEvents', { description: 'Returns delivery days for a postcode', accepts: [ { @@ -25,8 +25,8 @@ module.exports = Self => { } }); - Self.getEvents = async(geoFk, agencyModeFk, options) => { - const myOptions = {}; + Self.getEvents = async(ctx, geoFk, agencyModeFk, options) => { + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/zone/back/methods/zone/getLeaves.js b/modules/zone/back/methods/zone/getLeaves.js index ed421e3397..a6db3b7111 100644 --- a/modules/zone/back/methods/zone/getLeaves.js +++ b/modules/zone/back/methods/zone/getLeaves.js @@ -1,6 +1,6 @@ module.exports = Self => { - Self.remoteMethod('getLeaves', { + Self.remoteMethodCtx('getLeaves', { description: 'Returns the nodes for a zone', accepts: [ { @@ -31,8 +31,8 @@ module.exports = Self => { } }); - Self.getLeaves = async(id, parentId = null, search, options) => { - const myOptions = {}; + Self.getLeaves = async(ctx, id, parentId = null, search, options) => { + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/zone/back/methods/zone/getUpcomingDeliveries.js b/modules/zone/back/methods/zone/getUpcomingDeliveries.js index 2a1c39ed6d..e8b7e76363 100644 --- a/modules/zone/back/methods/zone/getUpcomingDeliveries.js +++ b/modules/zone/back/methods/zone/getUpcomingDeliveries.js @@ -1,5 +1,5 @@ module.exports = Self => { - Self.remoteMethod('getUpcomingDeliveries', { + Self.remoteMethodCtx('getUpcomingDeliveries', { description: 'Returns the upcomings deliveries', accessType: 'READ', accepts: [], @@ -13,8 +13,8 @@ module.exports = Self => { } }); - Self.getUpcomingDeliveries = async options => { - const myOptions = {}; + Self.getUpcomingDeliveries = async(ctx, options) => { + const myOptions = {userId: ctx.req.accessToken.userId}; if (typeof options == 'object') Object.assign(myOptions, options); diff --git a/modules/zone/back/methods/zone/specs/getEvents.spec.js b/modules/zone/back/methods/zone/specs/getEvents.spec.js index d1c51baff2..c1dee3e0f1 100644 --- a/modules/zone/back/methods/zone/specs/getEvents.spec.js +++ b/modules/zone/back/methods/zone/specs/getEvents.spec.js @@ -1,13 +1,14 @@ const models = require('vn-loopback/server/server').models; describe('zone getEvents()', () => { + const ctx = {req: {accessToken: {userId: 9}}}; it('should return all events for the specified geo and agency mode', async() => { const tx = await models.Zone.beginTransaction({}); try { const options = {transaction: tx}; - let result = await models.Zone.getEvents(20, 1, options); + let result = await models.Zone.getEvents(ctx, 20, 1, options); expect(result.events.length).toEqual(10); diff --git a/modules/zone/back/methods/zone/specs/getLeaves.spec.js b/modules/zone/back/methods/zone/specs/getLeaves.spec.js index db7359671f..9342a0b506 100644 --- a/modules/zone/back/methods/zone/specs/getLeaves.spec.js +++ b/modules/zone/back/methods/zone/specs/getLeaves.spec.js @@ -1,13 +1,14 @@ const models = require('vn-loopback/server/server').models; describe('zone getLeaves()', () => { + const ctx = {req: {accessToken: {userId: 9}}}; it('should return the country and the childs containing the search value', async() => { const tx = await models.Zone.beginTransaction({}); try { const options = {transaction: tx}; - let result = await models.Zone.getLeaves(1, null, '46000', options); + let result = await models.Zone.getLeaves(ctx, 1, null, '46000', options); expect(result.length).toEqual(1); diff --git a/modules/zone/back/methods/zone/specs/getUpcomingDeliveries.spec.js b/modules/zone/back/methods/zone/specs/getUpcomingDeliveries.spec.js index acef079f60..fe542fbf36 100644 --- a/modules/zone/back/methods/zone/specs/getUpcomingDeliveries.spec.js +++ b/modules/zone/back/methods/zone/specs/getUpcomingDeliveries.spec.js @@ -1,12 +1,13 @@ const models = require('vn-loopback/server/server').models; describe('zone getUpcomingDeliveries()', () => { + const ctx = {req: {accessToken: {userId: 9}}}; it('should check returns data', async() => { const tx = await models.Zone.beginTransaction({}); try { const options = {transaction: tx}; - let result = await models.Zone.getUpcomingDeliveries(options); + let result = await models.Zone.getUpcomingDeliveries(ctx, options); const firstResultLines = result[0].lines; const secondResultLines = result[1].lines; From 1c39ad873c276e992881e800ca81ef011eecd4eb Mon Sep 17 00:00:00 2001 From: alexm Date: Mon, 12 Jun 2023 11:06:45 +0200 Subject: [PATCH 19/19] resolve dev conflicts --- back/models/vn-user.js | 1 - .../account/back/methods/account/specs/set-password.spec.js | 5 ++--- modules/client/back/methods/client/specs/setPassword.spec.js | 5 ++--- 3 files changed, 4 insertions(+), 7 deletions(-) diff --git a/back/models/vn-user.js b/back/models/vn-user.js index bf568e85c7..fb32793539 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -110,7 +110,6 @@ module.exports = function(Self) { const _setPassword = Self.prototype.setPassword; Self.prototype.setPassword = async function(newPassword, options, cb) { - console.log('ENTRY'); if (cb === undefined && typeof options === 'function') { cb = options; options = undefined; diff --git a/modules/account/back/methods/account/specs/set-password.spec.js b/modules/account/back/methods/account/specs/set-password.spec.js index f54fba36fe..5de2a7bad1 100644 --- a/modules/account/back/methods/account/specs/set-password.spec.js +++ b/modules/account/back/methods/account/specs/set-password.spec.js @@ -1,15 +1,14 @@ const {models} = require('vn-loopback/server/server'); describe('Account setPassword()', () => { - const ctx = {req: {accessToken: {userId: 9}}}; it('should throw an error when password does not meet requirements', async() => { - let req = models.Account.setPassword(ctx, 1, 'insecurePass'); + let req = models.Account.setPassword(1, 'insecurePass'); await expectAsync(req).toBeRejected(); }); it('should update password when it passes requirements', async() => { - let req = models.Account.setPassword(ctx, 1, 'Very$ecurePa22.'); + let req = models.Account.setPassword(1, 'Very$ecurePa22.'); await expectAsync(req).toBeResolved(); }); diff --git a/modules/client/back/methods/client/specs/setPassword.spec.js b/modules/client/back/methods/client/specs/setPassword.spec.js index c004b0372a..590172a02b 100644 --- a/modules/client/back/methods/client/specs/setPassword.spec.js +++ b/modules/client/back/methods/client/specs/setPassword.spec.js @@ -1,12 +1,11 @@ const models = require('vn-loopback/server/server').models; describe('Client setPassword', () => { - const ctx = {req: {accessToken: {userId: 9}}}; it('should throw an error the setPassword target is not just a client but a worker', async() => { let error; try { - await models.Client.setPassword(ctx, 1, 't0pl3v3l.p455w0rd!'); + await models.Client.setPassword(1, 't0pl3v3l.p455w0rd!'); } catch (e) { error = e; } @@ -18,7 +17,7 @@ describe('Client setPassword', () => { let error; try { - await models.Client.setPassword(ctx, 1101, 't0pl3v3l.p455w0rd!'); + await models.Client.setPassword(1101, 't0pl3v3l.p455w0rd!'); } catch (e) { error = e; }