feat(client.setPassword) setPassword for clients

back/methods/account/set-password.js

@@ -1,4 +1,3 @@
-
 module.exports = Self => {
     Self.remoteMethod('setPassword', {
         description: 'Sets the user password',

db/changes/10460-mother/00-salix_ACL.sql

@@ -0,0 +1,9 @@
+DELETE FROM `salix`.`ACL`
+	WHERE id=1 AND property='*' AND principalId='employee';
+INSERT INTO `salix`.`ACL` (model,property,accessType,principalId)
+	VALUES 
+		-- ('Account','*','READ','marketing'),
+		-- ('Account','*','READ','hr'),
+		-- ('Account','setPassword','WRITE','hr'),
+		('Client','setPassword','WRITE','salesPerson'),
+		('Client','updateUser','WRITE','salesPerson');

e2e/paths/02-client/07_edit_web_access.spec.js

@@ -50,7 +50,7 @@ describe('Client Edit web access path', () => {
         await page.accessToSection('client.card.log');
     });
 
-    it(`should confirm the last log is showing the updated client name and no modifications on the active checkbox`, async() => {
+    it(`should confirm the last log shows updated client name and no modifications on the active checkbox`, async() => {
         let lastModificationPreviousValue = await page
             .waitToGetProperty(selectors.clientLog.lastModificationPreviousValue, 'innerText');
         let lastModificationCurrentValue = await page
@@ -60,7 +60,7 @@ describe('Client Edit web access path', () => {
         expect(lastModificationCurrentValue).toEqual('name Hulk active false');
     });
 
-    it(`should confirm the penultimate log is showing the updated avtive field and no modifications on the client name`, async() => {
+    it(`should confirm the penultimate log shows updated active field and no modifications on client name`, async() => {
         let penultimateModificationPreviousValue = await page
             .waitToGetProperty(selectors.clientLog.penultimateModificationPreviousValue, 'innerText');
         let penultimateModificationCurrentValue = await page

modules/client/back/methods/client/setPassword.js

@@ -0,0 +1,36 @@
+const UserError = require('vn-loopback/util/user-error');
+
+module.exports = Self => {
+    Self.remoteMethod('setPassword', {
+        description: `Sets a client's account password`,
+        accessType: 'WRITE',
+        accepts: [
+            {
+                arg: 'id',
+                type: 'number',
+                description: 'The user id',
+                http: {source: 'path'}
+            },
+            {
+                arg: 'newPassword',
+                type: 'string',
+                description: 'The new password',
+                required: true
+            },
+        ],
+        http: {
+            path: `/:id/setPassword`,
+            verb: 'PATCH'
+        }
+    });
+
+    Self.setPassword = async(id, newPassword) => {
+        const models = Self.app.models;
+        const isWorker = await models.Worker.findById(id);
+
+        if (isWorker)
+            throw new UserError('Cannot set password of a worker');
+
+        await models.Account.setPassword(id, newPassword);
+    };
+};

modules/client/back/methods/client/specs/setPassword.spec.js

@@ -0,0 +1,40 @@
+const {models} = require('vn-loopback/server/server');
+const UserError = require('vn-loopback/util/user-error');
+const LoopBackContext = require('loopback-context');
+
+describe('client setPassword()', () => {
+    const salesPersonId = 18;
+    const employeeId = 1;
+    const customerId = 1101;
+
+    const activeCtx = {
+        accessToken: {userId: employeeId},
+        http: {
+            req: {
+                headers: {origin: 'http://localhost'}
+            }
+        }
+    };
+
+    beforeEach(() => {
+        spyOn(LoopBackContext, 'getCurrentContext').and.returnValue({
+            active: activeCtx
+        });
+    });
+
+    it('should throw an error when the target customer is also a worker', async() => {
+        const ctx = {req: {accessToken: {userId: salesPersonId}}};
+
+        const req = models.Client.setPassword(ctx, employeeId, 'Very$ecurePa22.');
+
+        await expectAsync(req).toBeRejectedWithError(UserError, `Cannot set password of a worker`);
+    });
+
+    it('should update password when it passes requirements', async() => {
+        const ctx = {req: {accessToken: {userId: salesPersonId}}};
+
+        const req = models.Client.setPassword(ctx, customerId, 'Very$ecurePa22.');
+
+        await expectAsync(req).toBeResolved();
+    });
+});

modules/client/back/models/client.js

@@ -31,6 +31,7 @@ module.exports = Self => {
     require('../methods/client/createReceipt')(Self);
     require('../methods/client/updatePortfolio')(Self);
     require('../methods/client/checkDuplicated')(Self);
+    require('../methods/client/setPassword')(Self);
 
     // Validations
 

modules/client/front/web-access/index.js

@@ -44,11 +44,11 @@ export default class Controller extends Section {
                 throw new Error(`You must enter a new password`);
             if (this.newPassword != this.repeatPassword)
                 throw new Error(`Passwords don't match`);
-            let account = {
+            const account = {
-                password: this.newPassword
+                newPassword: this.newPassword
             };
 
-            this.$http.patch(`Accounts/${this.client.id}`, account).then(res => {
+            this.$http.patch(`Clients/${this.client.id}/setPassword`, account).then(res => {
                 this.vnApp.showSuccess(this.$t('Data saved!'));
             });
         } catch (e) {