refs #5468 feat: comprobacion de acl en el back en 'Reenvío de correo'

db/changes/232201/00-aclAccount.sql

@@ -5,4 +5,5 @@ DELETE
 INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId)
     VALUES
         ('Account', '*', 'WRITE', 'ALLOW', 'ROLE', 'sysadmin'),
-        ('Account', '*', 'READ', 'ALLOW', 'ROLE', 'employee');
+        ('Account', '*', 'READ', 'ALLOW', 'ROLE', 'employee'),
+        ('Account', 'changeMailForwarding', 'WRITE', 'ALLOW', 'ROLE', 'employee');

modules/account/back/methods/account/change-mail-forwarding.js

@@ -0,0 +1,38 @@
+
+const UserError = require('vn-loopback/util/user-error');
+
+module.exports = Self => {
+    Self.remoteMethodCtx('changeMailForwarding', {
+        description: 'Changes the mail forwarding',
+        accessType: 'WRITE',
+        accepts: [{
+            arg: 'id',
+            type: 'number',
+            description: 'The user id',
+            http: {source: 'path'}
+        }, {
+            arg: 'forwardTo',
+            type: 'string',
+            description: 'The mail forward'
+        }],
+        http: {
+            path: `/:id/changeMailForwarding`,
+            verb: 'POST'
+        }
+    });
+
+    Self.changeMailForwarding = async function(ctx, id, forwardTo) {
+        const models = Self.app.models;
+
+        const isSubordinate = await models.Worker.isSubordinate(ctx, id);
+        if (!isSubordinate)
+            throw new UserError(`You don't have enough privileges`);
+
+        if (!forwardTo) return models.MailForward.destroyById(id);
+
+        const mailForward = await models.MailForward.findById(id);
+
+        if (mailForward) return mailForward.updateAttribute('forwardTo', forwardTo);
+        else return models.MailForward.create({account: id, forwardTo: forwardTo});
+    };
+};

modules/account/back/models/account.js

@@ -7,4 +7,5 @@ module.exports = Self => {
     require('../methods/account/logout')(Self);
     require('../methods/account/change-password')(Self);
     require('../methods/account/set-password')(Self);
+    require('../methods/account/change-mail-forwarding')(Self);
 };

modules/account/front/mail-forwarding/index.html

@@ -4,7 +4,7 @@
         url="MailForwards"
         id-field="account"
         id-value="$ctrl.$params.id"
-        data="data"
+        data="$ctrl.data"
         form="form">
     </vn-watcher>
     <form
@@ -20,7 +20,7 @@
                 <vn-textfield
                     ng-if="watcher.hasData"
                     label="Forward email"
-                    ng-model="data.forwardTo"
+                    ng-model="$ctrl.data.forwardTo"
                     info="All emails will be forwarded to the specified address."
                     rule="MailForward"
                     vn-focus>

modules/account/front/mail-forwarding/index.js

@@ -4,16 +4,14 @@ import UserError from 'core/lib/user-error';
 
 export default class Controller extends Section {
     onSubmit() {
-        this.getIsAuthorized();
+        const query = `Accounts/${this.$params.id}/changeMailForwarding`;
-    }
+        const params = {
-
+            forwardTo: this.data?.forwardTo || undefined
-    getIsAuthorized() {
+        };
-        this.$http.get(`Workers/${this.$params.id}/isSubordinate`)
+        this.$http.post(query, params)
-            .then(res => {
+            .then(() => {
-                this.isSubordinate = res.data;
+                this.$.watcher.notifySaved();
-                if (!this.isSubordinate) throw new UserError(`You don't have enough privileges`);
+                this.$.watcher.updateOriginalData();
-
-                this.$.watcher.submit();
             });
     }
 }