feat(salix): refs #6427 #6427 Use UserSecurity instead validation
gitea/salix/pipeline/pr-dev This commit looks good Details

This commit is contained in:
Javier Segarra 2024-05-06 14:53:41 +02:00
parent 036be54f97
commit 9cf4ef04c5
5 changed files with 25 additions and 28 deletions

View File

@ -4,13 +4,6 @@
ng-model="$ctrl.user"
vn-focus>
</vn-textfield>
<!-- <vn-textfield
ng-if="$ctrl.sms"
disabled="$ctrl.otp"
label="User's phone"
ng-model="$ctrl.user"
required="true">
</vn-textfield> -->
<vn-textfield
ng-if="$ctrl.otp"
label="Verification code"

View File

@ -3,7 +3,7 @@ We will sent you an email to recover your password: Te enviaremos un correo para
We will sent you a sms to recover your password: Te enviaremos un sms para restablecer tu contraseña
We will sent you a item to recover your password: Te enviaremos un {{mode}} para restablecer tu contraseña
Notification sent!: ¡Notificación enviada!
User or recovery email: Usuario, télefono o correo de recuperación
User or recovery email: Usuario, móvil o email recuperación
User's phone: Móvil del usuario
User's id: Id del usuario
Credentials not valid: Credenciales no válidas

View File

@ -355,11 +355,12 @@
"No results found": "No se han encontrado resultados",
"InvoiceIn is already booked": "La factura recibida está contabilizada",
"This workCenter is already assigned to this agency": "Este centro de trabajo ya está asignado a esta agencia",
"Select ticket or client": "Elija un ticket o un client",
"Select ticket or client": "Elija un ticket o un client",
"It was not able to create the invoice": "No se pudo crear la factura",
"Phone not valid": "Teléfono no es válido",
"User not valid": "Usuario no válido",
"Credentials not valid": "Credenciales no válidas",
"This worker cant be modified": "This worker cant be modified",
"Phone can't be updated": "Phone can't be updated"
"Phone can't be updated": "Phone can't be updated",
"ReferenceError: models is not defined": "ReferenceError: models is not defined"
}

View File

@ -45,29 +45,33 @@ module.exports = Self => {
Self.observe('before save', async function(ctx, next) {
if (ctx.isNewInstance) return;
const isOwner = await checkModifyPermission(ctx);
const instanceId = ctx.currentInstance.id;
const userId = ctx.options.accessToken.userId;
const isOwner = instanceId === userId;
const phoneHasChanged = !!ctx.data.user?.recoveryPhone;
const {models} = Self.app;
try {
await Self.app.models.VnUser.userSecurity(ctx, ctx.where.id);
} catch (error) {
throw new UserError('Phone can\'t be updated');
}
if (!isOwner) {
if (phoneHasChanged)
throw new UserError('Phone can\'t be updated');
else {
if (phoneHasChanged) {
const {recoveryPhone} = ctx.data.user;
const {id} = ctx.currentInstance;
await models.VnUser.updateAll({id}, {recoveryPhone});
await Self.app.models.VnUser.updateAll({id}, {recoveryPhone});
ctx.data.code = ctx.currentInstance.code;
}
}
delete ctx.data.user;
});
async function checkModifyPermission(ctx) {
const instanceId = ctx.currentInstance.id;
const userId = ctx.options.accessToken.userId;
try {
return (instanceId == userId);
} catch (error) {
throw new UserError(error);
}
}
// async function checkModifyPermission(ctx) {
// const instanceId = ctx.currentInstance.id;
// const userId = ctx.options.accessToken.userId;
// try {
// if (instanceId === userId) return true;
// return
// } catch (error) {
// throw new UserError(error);
// }
// }
};

View File

@ -79,7 +79,6 @@
vn-one
label="Recovery phone"
ng-model="$ctrl.worker.user.recoveryPhone"
disabled="$root.user.id !== $ctrl.worker.id"
>
</vn-textfield>
<vn-input-number