refs #5472 refactor setPassword & changePassword, fix sync
gitea/salix/pipeline/head There was a failure building this commit Details

This commit is contained in:
Alex Moreno 2023-06-01 15:29:46 +02:00
parent d134ca45f1
commit 9462ca90a7
9 changed files with 74 additions and 144 deletions

View File

@ -110,7 +110,10 @@ module.exports = function(Self) {
});
const _setPassword = Self.setPassword;
Self.setPassword = async function(id, newPassword, options, cb) {
Self.setPassword = async function(id, newPassword, options) {
if (typeof options === 'function')
options = undefined;
const myOptions = {};
let tx;
@ -125,89 +128,59 @@ module.exports = function(Self) {
try {
await Self.rawSql(`CALL account.user_setPassword(?, ?)`, [id, newPassword], options);
await _setPassword.call(this, id, newPassword, options, cb);
const user = await Self.findById(id, null, options);
await _setPassword.call(this, id, newPassword, options);
const user = await Self.findById(id, {fields: ['id', 'name']}, options);
await user.updateAttribute('passExpired', null, options);
await models.Account.sync(user.name, newPassword);
if (tx) await tx.commit();
return;
} catch (e) {
} catch (err) {
if (tx) await tx.rollback();
// console.error('Error changing password, contact with informatica', e);
throw new UserError(e);
throw err;
}
};
const _changePassword = Self.changePassword;
Self.sharedClass._methods.find(method => method.name == 'changePassword').accessScopes = ['change-password'];
Self.changePassword = async function(id, oldPassword, newPassword, options, cb) {
const myOptions = {};
let tx;
Self.sharedClass._methods.find(method => method.name == 'changePassword')
.accessScopes = ['change-password'];
if (typeof options == 'object')
Object.assign(myOptions, options);
// FIXME: https://redmine.verdnatura.es/issues/5761
// Self.afterRemote('prototype.patchAttributes', async(ctx, instance) => {
// if (!ctx.args || !ctx.args.data.email) return;
if (!myOptions.transaction) {
tx = await Self.beginTransaction({});
myOptions.transaction = tx;
}
options = myOptions;
// const loopBackContext = LoopBackContext.getCurrentContext();
// const httpCtx = {req: loopBackContext.active};
// const httpRequest = httpCtx.req.http.req;
// const headers = httpRequest.headers;
// const origin = headers.origin;
// const url = origin.split(':');
try {
await Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`, [id, oldPassword, newPassword], options);
await _changePassword.call(this, id, oldPassword, newPassword, options, cb);
const user = await Self.findById(id, null, options);
await user.updateAttribute('passExpired', null, options);
if (tx) await tx.commit();
return;
} catch (error) {
if (tx) await tx.rollback();
// console.error('Error changing password, contact with informatica', error);
throw new UserError(error.sqlMessage || 'Error changing password, contact with informatica');
}
};
// class Mailer {
// async send(verifyOptions, cb) {
// const params = {
// url: verifyOptions.verifyHref,
// recipient: verifyOptions.to,
// lang: ctx.req.getLocale()
// };
Self.afterRemote('prototype.patchAttributes', async(ctx, instance) => {
if (!ctx.args || !ctx.args.data.email) return;
const models = Self.app.models;
// const email = new Email('email-verify', params);
// email.send();
const loopBackContext = LoopBackContext.getCurrentContext();
const httpCtx = {req: loopBackContext.active};
const httpRequest = httpCtx.req.http.req;
const headers = httpRequest.headers;
const origin = headers.origin;
const url = origin.split(':');
// cb(null, verifyOptions.to);
// }
// }
const userId = ctx.instance.id;
const user = await models.VnUser.findById(userId);
// const options = {
// type: 'email',
// to: instance.email,
// from: {},
// redirect: `${origin}/#!/account/${instance.id}/basic-data?emailConfirmed`,
// template: false,
// mailer: new Mailer,
// host: url[1].split('/')[2],
// port: url[2],
// protocol: url[0],
// user: Self
// };
class Mailer {
async send(verifyOptions, cb) {
const params = {
url: verifyOptions.verifyHref,
recipient: verifyOptions.to,
lang: ctx.req.getLocale()
};
const email = new Email('email-verify', params);
email.send();
cb(null, verifyOptions.to);
}
}
const options = {
type: 'email',
to: instance.email,
from: {},
redirect: `${origin}/#!/account/${instance.id}/basic-data?emailConfirmed`,
template: false,
mailer: new Mailer,
host: url[1].split('/')[2],
port: url[2],
protocol: url[0],
user: Self
};
await user.verify(options);
});
// await instance.verify(options);
// });
};

View File

@ -109,13 +109,6 @@
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW"
},
{
"property": "changePassword",
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW"
},
{
"property": "validateToken",

View File

@ -1,20 +0,0 @@
ALTER TABLE `account`.`user` ADD passExpired DATE DEFAULT NULL;
DROP TRIGGER IF EXISTS `account`.`user_beforeUpdate`;
USE account;
DELIMITER $$
$$
CREATE DEFINER=`root`@`localhost` TRIGGER `account`.`user_beforeUpdate`
BEFORE UPDATE ON `user`
FOR EACH ROW
BEGIN
IF !(NEW.`name` <=> OLD.`name`) THEN
CALL user_checkName (NEW.`name`);
END IF;
IF !(NEW.`password` <=> OLD.`password`) THEN
SET NEW.lastPassChange = util.VN_NOW();
END IF;
END$$
DELIMITER ;

View File

@ -0,0 +1,22 @@
ALTER TABLE `account`.`user` ADD passExpired DATE DEFAULT NULL;
-- DROP TRIGGER IF EXISTS `account`.`user_beforeUpdate`;
-- USE account;
-- DELIMITER $$
-- $$
-- CREATE DEFINER=`root`@`localhost` TRIGGER `account`.`user_beforeUpdate`
-- BEFORE UPDATE ON `user`
-- FOR EACH ROW
-- BEGIN
-- SET NEW.editorFk = account.myUser_getId();
-- IF !(NEW.`name` <=> OLD.`name`) THEN
-- CALL user_checkName (NEW.`name`);
-- END IF;
-- IF !(NEW.`password` <=> OLD.`password`) THEN
-- SET NEW.lastPassChange = util.VN_NOW();
-- END IF;
-- END$$
-- DELIMITER ;

View File

@ -1,30 +1,19 @@
DROP FUNCTION IF EXISTS `util`.`mockTime`;
DELIMITER $$
$$
CREATE DEFINER=`root`@`localhost` FUNCTION `util`.`mockTime`() RETURNS datetime
DETERMINISTIC
BEGIN
RETURN CONVERT_TZ('@mockDate', 'utc', 'Europe/Madrid');
END$$
DELIMITER ;
DROP FUNCTION IF EXISTS `util`.`mockUtcTime`;
DELIMITER $$
$$
CREATE DEFINER=`root`@`localhost` FUNCTION `util`.`mockUtcTime`() RETURNS datetime
DETERMINISTIC
BEGIN
RETURN CONVERT_TZ('@mockDate', 'utc', 'Europe/Madrid');
END$$
DELIMITER ;
DROP FUNCTION IF EXISTS `util`.`mockTimeBase`;
DELIMITER $$
$$
CREATE DEFINER=`root`@`localhost` FUNCTION `util`.`mockTimeBase`(vIsUtc BOOL) RETURNS datetime
CREATE OR REPLACE DEFINER=`root`@`localhost` FUNCTION `util`.`mockTime`() RETURNS datetime
DETERMINISTIC
BEGIN
RETURN CONVERT_TZ('@mockDate', 'utc', 'Europe/Madrid');
END$$
CREATE OR REPLACE DEFINER=`root`@`localhost` FUNCTION `util`.`mockUtcTime`() RETURNS datetime
DETERMINISTIC
BEGIN
RETURN CONVERT_TZ('@mockDate', 'utc', 'Europe/Madrid');
END$$
CREATE OR REPLACE DEFINER=`root`@`localhost` FUNCTION `util`.`mockTimeBase`(vIsUtc BOOL) RETURNS datetime
DETERMINISTIC
BEGIN
RETURN CONVERT_TZ('@mockDate', 'utc', 'Europe/Madrid');

View File

@ -33,7 +33,7 @@ module.exports = Self => {
const isSync = !await models.UserSync.exists(userName);
if (!force && isSync && user) return;
// await models.AccountConfig.syncUser(userName, password);
await models.AccountConfig.syncUser(userName, password);
await models.UserSync.destroyById(userName);
};
};

View File

@ -173,30 +173,6 @@ module.exports = Self => {
async synchronizerSyncRoles() {
for (let synchronizer of this.synchronizers)
await synchronizer.syncRoles();
},
async syncUser(userName, info, password) {
if (info.user && password)
await app.models.VnUser.setPassword(info.user.id, password);
},
async getUsers(usersToSync) {
let accounts = await app.models.Account.find({
fields: ['id'],
include: {
relation: 'user',
scope: {
fields: ['name'],
where: {active: true}
}
}
});
for (let account of accounts) {
let user = account.user();
if (!user) continue;
usersToSync.add(user.name);
}
}
});
};

View File

@ -6,9 +6,6 @@
"table": "account.accountConfig"
}
},
"mixins": {
"AccountSynchronizer": {}
},
"properties": {
"id": {
"type": "number",