refs #5472 refactor setPassword & changePassword, fix sync

2023-06-01 15:29:46 +02:00 · 2023-06-01 15:29:46 +02:00 · 9462ca90a7
parent d134ca45f1
commit 9462ca90a7
9 changed files with 74 additions and 144 deletions
--- a/back/models/vn-user.js
+++ b/back/models/vn-user.js
@ -110,7 +110,10 @@ module.exports = function(Self) {
    });

    const _setPassword = Self.setPassword;
-    Self.setPassword = async function(id, newPassword, options, cb) {
+    Self.setPassword = async function(id, newPassword, options) {
+        if (typeof options === 'function')
+            options = undefined;
+
        const myOptions = {};
        let tx;

@ -125,89 +128,59 @@ module.exports = function(Self) {

        try {
            await Self.rawSql(`CALL account.user_setPassword(?, ?)`, [id, newPassword], options);
-            await _setPassword.call(this, id, newPassword, options, cb);
-            const user = await Self.findById(id, null, options);
+            await _setPassword.call(this, id, newPassword, options);
+            const user = await Self.findById(id, {fields: ['id', 'name']}, options);
            await user.updateAttribute('passExpired', null, options);
+            await models.Account.sync(user.name, newPassword);
            if (tx) await tx.commit();
-            return;
-        } catch (e) {
+        } catch (err) {
            if (tx) await tx.rollback();
-            // console.error('Error changing password, contact with informatica', e);
-            throw new UserError(e);
+            throw err;
        }
    };

-    const _changePassword = Self.changePassword;
-    Self.sharedClass._methods.find(method => method.name == 'changePassword').accessScopes = ['change-password'];
-    Self.changePassword = async function(id, oldPassword, newPassword, options, cb) {
-        const myOptions = {};
-        let tx;
+    Self.sharedClass._methods.find(method => method.name == 'changePassword')
+        .accessScopes = ['change-password'];

-        if (typeof options == 'object')
-            Object.assign(myOptions, options);
+    // FIXME: https://redmine.verdnatura.es/issues/5761
+    // Self.afterRemote('prototype.patchAttributes', async(ctx, instance) => {
+    //     if (!ctx.args || !ctx.args.data.email) return;

-        if (!myOptions.transaction) {
-            tx = await Self.beginTransaction({});
-            myOptions.transaction = tx;
-        }
-        options = myOptions;
+    //     const loopBackContext = LoopBackContext.getCurrentContext();
+    //     const httpCtx = {req: loopBackContext.active};
+    //     const httpRequest = httpCtx.req.http.req;
+    //     const headers = httpRequest.headers;
+    //     const origin = headers.origin;
+    //     const url = origin.split(':');

-        try {
-            await Self.rawSql(`CALL account.user_changePassword(?, ?, ?)`, [id, oldPassword, newPassword], options);
-            await _changePassword.call(this, id, oldPassword, newPassword, options, cb);
-            const user = await Self.findById(id, null, options);
-            await user.updateAttribute('passExpired', null, options);
-            if (tx) await tx.commit();
-            return;
-        } catch (error) {
-            if (tx) await tx.rollback();
-            // console.error('Error changing password, contact with informatica', error);
-            throw new UserError(error.sqlMessage || 'Error changing password, contact with informatica');
-        }
-    };
+    //     class Mailer {
+    //         async send(verifyOptions, cb) {
+    //             const params = {
+    //                 url: verifyOptions.verifyHref,
+    //                 recipient: verifyOptions.to,
+    //                 lang: ctx.req.getLocale()
+    //             };

-    Self.afterRemote('prototype.patchAttributes', async(ctx, instance) => {
-        if (!ctx.args || !ctx.args.data.email) return;
-        const models = Self.app.models;
+    //             const email = new Email('email-verify', params);
+    //             email.send();

-        const loopBackContext = LoopBackContext.getCurrentContext();
-        const httpCtx = {req: loopBackContext.active};
-        const httpRequest = httpCtx.req.http.req;
-        const headers = httpRequest.headers;
-        const origin = headers.origin;
-        const url = origin.split(':');
+    //             cb(null, verifyOptions.to);
+    //         }
+    //     }

-        const userId = ctx.instance.id;
-        const user = await models.VnUser.findById(userId);
+    //     const options = {
+    //         type: 'email',
+    //         to: instance.email,
+    //         from: {},
+    //         redirect: `${origin}/#!/account/${instance.id}/basic-data?emailConfirmed`,
+    //         template: false,
+    //         mailer: new Mailer,
+    //         host: url[1].split('/')[2],
+    //         port: url[2],
+    //         protocol: url[0],
+    //         user: Self
+    //     };

-        class Mailer {
-            async send(verifyOptions, cb) {
-                const params = {
-                    url: verifyOptions.verifyHref,
-                    recipient: verifyOptions.to,
-                    lang: ctx.req.getLocale()
-                };
-
-                const email = new Email('email-verify', params);
-                email.send();
-
-                cb(null, verifyOptions.to);
-            }
-        }
-
-        const options = {
-            type: 'email',
-            to: instance.email,
-            from: {},
-            redirect: `${origin}/#!/account/${instance.id}/basic-data?emailConfirmed`,
-            template: false,
-            mailer: new Mailer,
-            host: url[1].split('/')[2],
-            port: url[2],
-            protocol: url[0],
-            user: Self
-        };
-
-        await user.verify(options);
-    });
+    //     await instance.verify(options);
+    // });
 };
--- a/back/models/vn-user.json
+++ b/back/models/vn-user.json
@ -109,13 +109,6 @@
            "principalType": "ROLE",
            "principalId": "$everyone",
            "permission": "ALLOW"
-        },
-        {
-            "property": "changePassword",
-            "accessType": "EXECUTE",
-            "principalType": "ROLE",
-            "principalId": "$everyone",
-            "permission": "ALLOW"
        },
 		{
            "property": "validateToken",
--- a/db/changes/232201/00-userPassExpired.sql
+++ b/db/changes/232201/00-userPassExpired.sql
@ -1,20 +0,0 @@
-ALTER TABLE `account`.`user` ADD passExpired DATE DEFAULT NULL;
-
-DROP TRIGGER IF EXISTS `account`.`user_beforeUpdate`;
-USE account;
-
-DELIMITER $$
-$$
-CREATE DEFINER=`root`@`localhost` TRIGGER `account`.`user_beforeUpdate`
-	BEFORE UPDATE ON `user`
-	FOR EACH ROW
-BEGIN
-	IF !(NEW.`name` <=> OLD.`name`) THEN
-		CALL user_checkName (NEW.`name`);
-	END IF;
-
-	IF !(NEW.`password` <=> OLD.`password`) THEN
-		SET NEW.lastPassChange = util.VN_NOW();
-	END IF;
-END$$
-DELIMITER ;
--- a/db/changes/232401/00-userPassExpired.sql
+++ b/db/changes/232401/00-userPassExpired.sql
@ -0,0 +1,22 @@
+ALTER TABLE `account`.`user` ADD passExpired DATE DEFAULT NULL;
+
+-- DROP TRIGGER IF EXISTS `account`.`user_beforeUpdate`;
+-- USE account;
+
+-- DELIMITER $$
+-- $$
+-- CREATE DEFINER=`root`@`localhost` TRIGGER `account`.`user_beforeUpdate`
+-- 	BEFORE UPDATE ON `user`
+-- 	FOR EACH ROW
+-- BEGIN
+--     SET NEW.editorFk = account.myUser_getId();
+
+-- 	IF !(NEW.`name` <=> OLD.`name`) THEN
+-- 		CALL user_checkName (NEW.`name`);
+-- 	END IF;
+
+-- 	IF !(NEW.`password` <=> OLD.`password`) THEN
+-- 		SET NEW.lastPassChange = util.VN_NOW();
+-- 	END IF;
+-- END$$
+-- DELIMITER ;
--- a/db/dump/mockDate.sql
+++ b/db/dump/mockDate.sql
@ -1,30 +1,19 @@
-DROP FUNCTION IF EXISTS `util`.`mockTime`;

 DELIMITER $$
-$$
-CREATE DEFINER=`root`@`localhost` FUNCTION `util`.`mockTime`() RETURNS datetime
+
+CREATE OR REPLACE DEFINER=`root`@`localhost` FUNCTION `util`.`mockTime`() RETURNS datetime
    DETERMINISTIC
 BEGIN
 	RETURN CONVERT_TZ('@mockDate', 'utc', 'Europe/Madrid');
 END$$
-DELIMITER ;

-DROP FUNCTION IF EXISTS `util`.`mockUtcTime`;
-
-DELIMITER $$
-$$
-CREATE DEFINER=`root`@`localhost` FUNCTION `util`.`mockUtcTime`() RETURNS datetime
+CREATE OR REPLACE DEFINER=`root`@`localhost` FUNCTION `util`.`mockUtcTime`() RETURNS datetime
    DETERMINISTIC
 BEGIN
 	RETURN CONVERT_TZ('@mockDate', 'utc', 'Europe/Madrid');
 END$$
-DELIMITER ;

-DROP FUNCTION IF EXISTS `util`.`mockTimeBase`;
-
-DELIMITER $$
-$$
-CREATE DEFINER=`root`@`localhost` FUNCTION `util`.`mockTimeBase`(vIsUtc BOOL) RETURNS datetime
+CREATE OR REPLACE DEFINER=`root`@`localhost` FUNCTION `util`.`mockTimeBase`(vIsUtc BOOL) RETURNS datetime
    DETERMINISTIC
 BEGIN
    RETURN CONVERT_TZ('@mockDate', 'utc', 'Europe/Madrid');
--- a/loopback/locale/es.json
+++ b/loopback/locale/es.json
@ -83,7 +83,7 @@
 	"The current ticket can't be modified": "El ticket actual no puede ser modificado",
 	"The current claim can't be modified": "La reclamación actual no puede ser modificada",
 	"The sales of this ticket can't be modified": "Las lineas de este ticket no pueden ser modificadas",
-    "The sales do not exists": "La(s) línea(s) seleccionada(s) no existe(n)",
+	"The sales do not exists": "La(s) línea(s) seleccionada(s) no existe(n)",
 	"Please select at least one sale": "Por favor selecciona al menos una linea",
 	"All sales must belong to the same ticket": "Todas las lineas deben pertenecer al mismo ticket",
 	"NO_ZONE_FOR_THIS_PARAMETERS": "Para este día no hay ninguna zona configurada",
--- a/modules/account/back/methods/account/sync.js
+++ b/modules/account/back/methods/account/sync.js
@ -33,7 +33,7 @@ module.exports = Self => {
        const isSync = !await models.UserSync.exists(userName);

        if (!force && isSync && user) return;
-        // await models.AccountConfig.syncUser(userName, password);
+        await models.AccountConfig.syncUser(userName, password);
        await models.UserSync.destroyById(userName);
    };
 };
--- a/modules/account/back/models/account-config.js
+++ b/modules/account/back/models/account-config.js
@ -173,30 +173,6 @@ module.exports = Self => {
        async synchronizerSyncRoles() {
            for (let synchronizer of this.synchronizers)
                await synchronizer.syncRoles();
-        },
-
-        async syncUser(userName, info, password) {
-            if (info.user && password)
-                await app.models.VnUser.setPassword(info.user.id, password);
-        },
-
-        async getUsers(usersToSync) {
-            let accounts = await app.models.Account.find({
-                fields: ['id'],
-                include: {
-                    relation: 'user',
-                    scope: {
-                        fields: ['name'],
-                        where: {active: true}
-                    }
-                }
-            });
-
-            for (let account of accounts) {
-                let user = account.user();
-                if (!user) continue;
-                usersToSync.add(user.name);
-            }
        }
    });
 };
--- a/modules/account/back/models/account-config.json
+++ b/modules/account/back/models/account-config.json
@ -6,9 +6,6 @@
 			"table": "account.accountConfig"
 		}
 	},
-	"mixins": {
-		"AccountSynchronizer": {}
-	},
 	"properties": {
 		"id": {
 			"type": "number",