diff --git a/db/changes/232201/00-aclAccount.sql b/db/changes/232201/00-aclAccount.sql index 1d5e1b2b3..bf8106b98 100644 --- a/db/changes/232201/00-aclAccount.sql +++ b/db/changes/232201/00-aclAccount.sql @@ -5,5 +5,4 @@ DELETE INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId) VALUES ('Account', '*', 'WRITE', 'ALLOW', 'ROLE', 'sysadmin'), - ('Account', '*', 'READ', 'ALLOW', 'ROLE', 'employee'), - ('Account', 'changeMailForwarding', 'WRITE', 'ALLOW', 'ROLE', 'employee'); + ('Account', '*', 'READ', 'ALLOW', 'ROLE', 'employee'); diff --git a/db/changes/232201/00-aclMailAliasAccount.sql b/db/changes/232201/00-aclMailAliasAccount.sql index c0f3a8829..619e9bb6e 100644 --- a/db/changes/232201/00-aclMailAliasAccount.sql +++ b/db/changes/232201/00-aclMailAliasAccount.sql @@ -1,4 +1,5 @@ DELETE FROM `salix`.`ACL` WHERE model = 'MailAliasAccount'; INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`) VALUES - ('MailAliasAccount', '*', 'READ', 'ALLOW', 'ROLE', 'employee'); + ('MailAliasAccount', '*', 'READ', 'ALLOW', 'ROLE', 'employee'), + ('MailAliasAccount', '*', 'WRITE', 'ALLOW', 'ROLE', 'itManagement'); diff --git a/db/changes/232201/00-aclMailForward.sql b/db/changes/232201/00-aclMailForward.sql index 0378a95f9..afe2acec8 100644 --- a/db/changes/232201/00-aclMailForward.sql +++ b/db/changes/232201/00-aclMailForward.sql @@ -1,4 +1,5 @@ DELETE FROM `salix`.`ACL` WHERE model = 'MailForward'; INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`) VALUES - ('MailForward', '*', 'READ', 'ALLOW', 'ROLE', 'employee'); + ('MailForward', '*', 'READ', 'ALLOW', 'ROLE', 'employee'), + ('MailForward', '*', 'WRITE', 'ALLOW', 'ROLE', 'itManagement'); diff --git a/modules/account/back/methods/account/add-mail-alias.js b/modules/account/back/methods/account/add-mail-alias.js deleted file mode 100644 index 814ddaf99..000000000 --- a/modules/account/back/methods/account/add-mail-alias.js +++ /dev/null @@ -1,34 +0,0 @@ - -const UserError = require('vn-loopback/util/user-error'); - -module.exports = Self => { - Self.remoteMethodCtx('addMailAlias', { - description: 'Add a mail alias', - accessType: 'WRITE', - accepts: [{ - arg: 'id', - type: 'number', - description: 'The user id', - http: {source: 'path'} - }, { - arg: 'mailAlias', - type: 'number', - description: 'The mail alias', - required: true - }], - http: { - path: `/:id/addMailAlias`, - verb: 'POST' - } - }); - - Self.addMailAlias = async function(ctx, id, mailAlias) { - const models = Self.app.models; - - const isAuthorized = await models.Worker.isAuthorized(ctx, id); - if (!isAuthorized) - throw new UserError(`You don't have enough privileges`); - - return models.MailAliasAccount.create({mailAlias: mailAlias, account: id}); - }; -}; diff --git a/modules/account/back/methods/account/change-mail-forwarding.js b/modules/account/back/methods/account/change-mail-forwarding.js deleted file mode 100644 index 21dae4624..000000000 --- a/modules/account/back/methods/account/change-mail-forwarding.js +++ /dev/null @@ -1,38 +0,0 @@ - -const UserError = require('vn-loopback/util/user-error'); - -module.exports = Self => { - Self.remoteMethodCtx('changeMailForwarding', { - description: 'Changes the mail forwarding', - accessType: 'WRITE', - accepts: [{ - arg: 'id', - type: 'number', - description: 'The user id', - http: {source: 'path'} - }, { - arg: 'forwardTo', - type: 'string', - description: 'The mail forward' - }], - http: { - path: `/:id/changeMailForwarding`, - verb: 'POST' - } - }); - - Self.changeMailForwarding = async function(ctx, id, forwardTo) { - const models = Self.app.models; - - const isSubordinate = await models.Worker.isSubordinate(ctx, id); - if (!isSubordinate) - throw new UserError(`You don't have enough privileges`); - - if (!forwardTo) return models.MailForward.destroyById(id); - - const mailForward = await models.MailForward.findById(id); - - if (mailForward) return mailForward.updateAttribute('forwardTo', forwardTo); - else return models.MailForward.create({account: id, forwardTo: forwardTo}); - }; -}; diff --git a/modules/account/back/methods/account/delete-mail-alias.js b/modules/account/back/methods/account/delete-mail-alias.js deleted file mode 100644 index 018a1e0b5..000000000 --- a/modules/account/back/methods/account/delete-mail-alias.js +++ /dev/null @@ -1,29 +0,0 @@ - -const UserError = require('vn-loopback/util/user-error'); - -module.exports = Self => { - Self.remoteMethodCtx('deleteMailAlias', { - description: 'Delete a mail alias', - accessType: 'WRITE', - accepts: [{ - arg: 'id', - type: 'number', - description: 'The mail alias account to id', - http: {source: 'path'} - }], - http: { - path: `/:id/deleteMailAlias`, - verb: 'POST' - } - }); - - Self.deleteMailAlias = async function(ctx, id) { - const models = Self.app.models; - - const isAuthorized = await models.Worker.isAuthorized(ctx, id); - if (!isAuthorized) - throw new UserError(`You don't have enough privileges`); - - return models.MailAliasAccount.destroyById(id); - }; -}; diff --git a/modules/account/back/methods/account/specs/add-mail-alias.spec.js b/modules/account/back/methods/account/specs/add-mail-alias.spec.js deleted file mode 100644 index bb59719cd..000000000 --- a/modules/account/back/methods/account/specs/add-mail-alias.spec.js +++ /dev/null @@ -1,26 +0,0 @@ -const {models} = require('vn-loopback/server/server'); - -describe('Account addMailAlias()', () => { - it('should throw an error when the user is not a superior', async() => { - const ctx = {req: {accessToken: {userId: 1}}}; - const employeeId = 1; - - let error; - try { - await models.Account.addMailAlias(ctx, employeeId, 1); - } catch (e) { - error = e.message; - } - - expect(error).toEqual(`You don't have enough privileges`); - }); - - it('should add a mail alias', async() => { - const ctx = {req: {accessToken: {userId: 9}}}; - const employeeId = 1; - - const result = await models.Account.addMailAlias(ctx, employeeId, 2); - - expect(result).toBeDefined(); - }); -}); diff --git a/modules/account/back/methods/account/specs/change-mail-forwarding.spec.js b/modules/account/back/methods/account/specs/change-mail-forwarding.spec.js deleted file mode 100644 index ba1a80806..000000000 --- a/modules/account/back/methods/account/specs/change-mail-forwarding.spec.js +++ /dev/null @@ -1,35 +0,0 @@ -const {models} = require('vn-loopback/server/server'); - -describe('Account changeMailForwarding()', () => { - it('should throw an error when the user is not himself or a superior', async() => { - const ctx = {req: {accessToken: {userId: 1}}}; - const developerId = 9; - - let error; - try { - await models.Account.changeMailForwarding(ctx, developerId, 'alias@test.test'); - } catch (e) { - error = e.message; - } - - expect(error).toEqual(`You don't have enough privileges`); - }); - - it('should change a mail forwarding when the user is himself', async() => { - const ctx = {req: {accessToken: {userId: 1}}}; - const employeeId = 1; - - const result = await models.Account.changeMailForwarding(ctx, employeeId, 'alias@test.test'); - - expect(result).toBeDefined(); - }); - - it('should change a mail forwarding when the user is a superior', async() => { - const ctx = {req: {accessToken: {userId: 9}}}; - const employeeId = 1; - - const result = await models.Account.changeMailForwarding(ctx, employeeId, 'alias@test.test'); - - expect(result).toBeDefined(); - }); -}); diff --git a/modules/account/back/methods/account/specs/delete-mail-alias.spec.js b/modules/account/back/methods/account/specs/delete-mail-alias.spec.js deleted file mode 100644 index fb69fe9c9..000000000 --- a/modules/account/back/methods/account/specs/delete-mail-alias.spec.js +++ /dev/null @@ -1,24 +0,0 @@ -const {models} = require('vn-loopback/server/server'); - -describe('Account deleteMailAlias()', () => { - it('should throw an error when the user is not a superior', async() => { - const ctx = {req: {accessToken: {userId: 1}}}; - - let error; - try { - await models.Account.deleteMailAlias(ctx, 1); - } catch (e) { - error = e.message; - } - - expect(error).toEqual(`You don't have enough privileges`); - }); - - it('should delete a mail alias', async() => { - const ctx = {req: {accessToken: {userId: 9}}}; - - const result = await models.Account.deleteMailAlias(ctx, 1); - - expect(result).toBeDefined(); - }); -}); diff --git a/modules/account/front/aliases/index.html b/modules/account/front/aliases/index.html index 57f7ae968..11d546afb 100644 --- a/modules/account/front/aliases/index.html +++ b/modules/account/front/aliases/index.html @@ -15,10 +15,11 @@ + ng-click="removeConfirm.show(row)" + vn-acl="itManagement" + vn-acl-action="remove"> @@ -27,12 +28,13 @@ + fixed-bottom-right + vn-acl="itManagement" + vn-acl-action="remove"> { - this.isAuthorized = res.data; - }); } refresh() { @@ -34,10 +26,7 @@ export default class Controller extends Section { } onAddSave() { - const params = { - mailAlias: this.addData.mailAlias - }; - return this.$http.post(`Accounts/${this.$params.id}/addMailAlias`, params) + return this.$http.post(`MailAliasAccounts`, this.addData) .then(() => this.refresh()) .then(() => this.vnApp.showSuccess( this.$t('Subscribed to alias!')) @@ -45,7 +34,7 @@ export default class Controller extends Section { } onRemove(row) { - return this.$http.post(`Accounts/${row.id}/deleteMailAlias`) + return this.$http.delete(`MailAliasAccounts/${row.id}`) .then(() => { this.$.data.splice(this.$.data.indexOf(row), 1); this.vnApp.showSuccess(this.$t('Unsubscribed from alias!')); diff --git a/modules/account/front/aliases/index.spec.js b/modules/account/front/aliases/index.spec.js index 53ce9e5d7..466f1e1e9 100644 --- a/modules/account/front/aliases/index.spec.js +++ b/modules/account/front/aliases/index.spec.js @@ -9,7 +9,6 @@ describe('component vnUserAliases', () => { beforeEach(inject(($componentController, _$httpBackend_) => { $httpBackend = _$httpBackend_; controller = $componentController('vnUserAliases', {$element: null}); - controller.$params.id = 1; jest.spyOn(controller.vnApp, 'showSuccess'); })); @@ -27,7 +26,7 @@ describe('component vnUserAliases', () => { it('should add the new row', () => { controller.addData = {account: 1}; - $httpBackend.expectPOST(`Accounts/${controller.$params.id}/addMailAlias`).respond(); + $httpBackend.expectPOST('MailAliasAccounts').respond(); $httpBackend.expectGET('MailAliasAccounts').respond('foo'); controller.onAddSave(); $httpBackend.flush(); @@ -43,7 +42,7 @@ describe('component vnUserAliases', () => { {id: 2, alias: 'bar'} ]; - $httpBackend.expectPOST(`Accounts/${controller.$params.id}/deleteMailAlias`).respond(); + $httpBackend.expectDELETE('MailAliasAccounts/1').respond(); controller.onRemove(controller.$.data[0]); $httpBackend.flush(); diff --git a/modules/account/front/mail-forwarding/index.html b/modules/account/front/mail-forwarding/index.html index e2f5ff86a..df5cd80bf 100644 --- a/modules/account/front/mail-forwarding/index.html +++ b/modules/account/front/mail-forwarding/index.html @@ -4,12 +4,12 @@ url="MailForwards" id-field="account" id-value="$ctrl.$params.id" - data="$ctrl.data" + data="data" form="form">
@@ -20,7 +20,7 @@ diff --git a/modules/account/front/mail-forwarding/index.js b/modules/account/front/mail-forwarding/index.js index 0b7b40cb9..5118e8eab 100644 --- a/modules/account/front/mail-forwarding/index.js +++ b/modules/account/front/mail-forwarding/index.js @@ -1,20 +1,7 @@ import ngModule from '../module'; import Section from 'salix/components/section'; -import UserError from 'core/lib/user-error'; -export default class Controller extends Section { - onSubmit() { - const query = `Accounts/${this.$params.id}/changeMailForwarding`; - const params = { - forwardTo: this.data?.forwardTo || undefined - }; - this.$http.post(query, params) - .then(() => { - this.$.watcher.notifySaved(); - this.$.watcher.updateOriginalData(); - }); - } -} +export default class Controller extends Section {} ngModule.component('vnUserMailForwarding', { template: require('./index.html'),