This commit is contained in:
parent
4bfd259845
commit
9f2768c131
|
|
@ -33,11 +33,11 @@ module.exports = Self => {
|
|||
}
|
||||
|
||||
try {
|
||||
const ishimself = userId === workerId;
|
||||
const isHimself = userId === workerId;
|
||||
const isSubordinate = await Self.isSubordinate(ctx, workerId, myOptions);
|
||||
const {emailVerified} = await models.VnUser.findById(workerId, {fields: ['emailVerified']}, myOptions);
|
||||
|
||||
if (ishimself || (isSubordinate && !emailVerified)) {
|
||||
if (isHimself || (isSubordinate && !emailVerified)) {
|
||||
await models.VnUser.setPassword(workerId, newPass, myOptions);
|
||||
await models.VnUser.updateAll({id: workerId}, {emailVerified: true}, myOptions);
|
||||
} else
|
||||
|
|
|
|||
|
|
@ -1,31 +1,30 @@
|
|||
const UserError = require('vn-loopback/util/user-error');
|
||||
|
||||
const models = require('vn-loopback/server/server').models;
|
||||
const {models} = require('vn-loopback/server/server');
|
||||
|
||||
describe('worker setPassword()', () => {
|
||||
let ctx;
|
||||
const newPass = 'H3rn4d3z#';
|
||||
const employeeId = 1;
|
||||
const managerId = 20;
|
||||
const administrativeId = 5;
|
||||
|
||||
beforeAll(() => {
|
||||
ctx = {
|
||||
req: {
|
||||
accessToken: {},
|
||||
accessToken: {userId: managerId},
|
||||
headers: {origin: 'http://localhost'}
|
||||
},
|
||||
args: {workerFk: 9}
|
||||
};
|
||||
});
|
||||
|
||||
beforeEach(() => {
|
||||
ctx.req.accessToken.userId = 20;
|
||||
ctx.args.newPass = 'H3rn4d3z#';
|
||||
});
|
||||
|
||||
it('should change the password', async() => {
|
||||
it('should change the password if it is a subordinate and the email is not verified', async() => {
|
||||
const tx = await models.Worker.beginTransaction({});
|
||||
|
||||
try {
|
||||
const options = {transaction: tx};
|
||||
await models.Worker.setPassword(ctx, options);
|
||||
await models.Worker.setPassword(ctx, employeeId, newPass, options);
|
||||
const isNewPass = await passHasBeenChanged(employeeId, newPass, options);
|
||||
|
||||
expect(isNewPass).toBeTrue();
|
||||
await tx.rollback();
|
||||
} catch (e) {
|
||||
await tx.rollback();
|
||||
|
|
@ -33,29 +32,64 @@ describe('worker setPassword()', () => {
|
|||
}
|
||||
});
|
||||
|
||||
it('should throw an error: Password does not meet requirements', async() => {
|
||||
const tx = await models.Collection.beginTransaction({});
|
||||
ctx.args.newPass = 'Hi';
|
||||
it('should not change the password if it is a subordinate and the email is verified', async() => {
|
||||
const tx = await models.Worker.beginTransaction({});
|
||||
|
||||
try {
|
||||
const options = {transaction: tx};
|
||||
await models.Worker.setPassword(ctx, options);
|
||||
await models.VnUser.updateAll({id: employeeId}, {emailVerified: true}, options);
|
||||
await models.Worker.setPassword(ctx, employeeId, newPass, options);
|
||||
|
||||
await tx.rollback();
|
||||
} catch (e) {
|
||||
expect(e.message).toEqual(`You don't have enough privileges.`);
|
||||
await tx.rollback();
|
||||
}
|
||||
});
|
||||
|
||||
it('should change the password if it is himself', async() => {
|
||||
const tx = await models.Worker.beginTransaction({});
|
||||
|
||||
try {
|
||||
const options = {transaction: tx};
|
||||
await models.VnUser.updateAll({id: managerId}, {emailVerified: true}, options);
|
||||
await models.Worker.setPassword(ctx, managerId, newPass, options);
|
||||
const isNewPass = await passHasBeenChanged(managerId, newPass, options);
|
||||
|
||||
expect(isNewPass).toBeTrue();
|
||||
await tx.rollback();
|
||||
} catch (e) {
|
||||
await tx.rollback();
|
||||
}
|
||||
});
|
||||
|
||||
it('should not change the password if it is not a subordinate', async() => {
|
||||
const tx = await models.Worker.beginTransaction({});
|
||||
try {
|
||||
const options = {transaction: tx};
|
||||
await models.Worker.setPassword(ctx, administrativeId, newPass, options);
|
||||
await tx.rollback();
|
||||
} catch (e) {
|
||||
expect(e.message).toEqual(`You don't have enough privileges.`);
|
||||
await tx.rollback();
|
||||
}
|
||||
});
|
||||
|
||||
it('should throw an error: Password does not meet requirements', async() => {
|
||||
const tx = await models.Worker.beginTransaction({});
|
||||
const newPass = 'Hi';
|
||||
try {
|
||||
const options = {transaction: tx};
|
||||
await models.Worker.setPassword(ctx, employeeId, newPass, options);
|
||||
await tx.rollback();
|
||||
} catch (e) {
|
||||
expect(e.sqlMessage).toEqual('Password does not meet requirements');
|
||||
await tx.rollback();
|
||||
}
|
||||
});
|
||||
|
||||
it('should throw an error: You don\'t have enough privileges.', async() => {
|
||||
ctx.req.accessToken.userId = 5;
|
||||
const tx = await models.Collection.beginTransaction({});
|
||||
try {
|
||||
const options = {transaction: tx};
|
||||
await models.Worker.setPassword(ctx, options);
|
||||
await tx.rollback();
|
||||
} catch (e) {
|
||||
expect(e).toEqual(new UserError(`You don't have enough privileges.`));
|
||||
await tx.rollback();
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
const passHasBeenChanged = async(userId, pass, options) => {
|
||||
const user = await models.VnUser.findById(userId, null, options);
|
||||
return user.hasPassword(pass);
|
||||
};
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@ describe('vnWorkerDescriptor', () => {
|
|||
const id = 1;
|
||||
const response = 'foo';
|
||||
|
||||
$httpBackend.whenGET('UserConfigs/getUserConfig').respond({});
|
||||
$httpBackend.expectRoute('GET', `Workers/${id}`).respond(response);
|
||||
controller.id = id;
|
||||
$httpBackend.flush();
|
||||
|
|
|
|||
Loading…
Reference in New Issue