This commit is contained in:
parent
9668468f94
commit
9f92bc4b4c
|
|
@ -40,56 +40,44 @@ module.exports = Self => {
|
||||||
const userId = ctx.req.accessToken.userId;
|
const userId = ctx.req.accessToken.userId;
|
||||||
|
|
||||||
const myOptions = {};
|
const myOptions = {};
|
||||||
let tx;
|
|
||||||
|
|
||||||
if (typeof options == 'object')
|
if (typeof options == 'object')
|
||||||
Object.assign(myOptions, options);
|
Object.assign(myOptions, options);
|
||||||
|
|
||||||
if (!myOptions.transaction) {
|
const user = await Self.findById(userId, {fields: ['hasGrant']}, myOptions);
|
||||||
tx = await Self.beginTransaction({});
|
|
||||||
myOptions.transaction = tx;
|
|
||||||
};
|
|
||||||
|
|
||||||
try {
|
const userToUpdate = await Self.findById(id, {
|
||||||
const user = await Self.findById(userId, {fields: ['hasGrant']}, myOptions);
|
fields: ['id', 'name', 'hasGrant', 'roleFk', 'password', 'email'],
|
||||||
|
include: {
|
||||||
const userToUpdate = await Self.findById(id, {
|
relation: 'role',
|
||||||
fields: ['id', 'name', 'hasGrant', 'roleFk', 'password', 'email'],
|
scope: {
|
||||||
include: {
|
fields: ['name']
|
||||||
relation: 'role',
|
|
||||||
scope: {
|
|
||||||
fields: ['name']
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}, myOptions);
|
}
|
||||||
|
}, myOptions);
|
||||||
|
|
||||||
if (!user.hasGrant)
|
if (!user.hasGrant)
|
||||||
throw new UserError(`You don't have grant privilege`);
|
throw new UserError(`You don't have grant privilege`);
|
||||||
|
|
||||||
const hasRoleFromUser = await Self.hasRole(userId, userToUpdate.role().name, myOptions);
|
const hasRoleFromUser = await Self.hasRole(userId, userToUpdate.role().name, myOptions);
|
||||||
|
|
||||||
if (!hasRoleFromUser)
|
if (!hasRoleFromUser)
|
||||||
|
throw new UserError(`You don't own the role and you can't assign it to another user`);
|
||||||
|
|
||||||
|
if (hasGrant != null)
|
||||||
|
userToUpdate.hasGrant = hasGrant;
|
||||||
|
|
||||||
|
if (roleFk) {
|
||||||
|
const role = await models.Role.findById(roleFk, {fields: ['name']}, myOptions);
|
||||||
|
const hasRole = await Self.hasRole(userId, role.name, myOptions);
|
||||||
|
|
||||||
|
if (!hasRole)
|
||||||
throw new UserError(`You don't own the role and you can't assign it to another user`);
|
throw new UserError(`You don't own the role and you can't assign it to another user`);
|
||||||
|
|
||||||
if (hasGrant != null)
|
userToUpdate.roleFk = roleFk;
|
||||||
userToUpdate.hasGrant = hasGrant;
|
}
|
||||||
|
|
||||||
if (roleFk) {
|
await userToUpdate.save(userToUpdate);
|
||||||
const role = await models.Role.findById(roleFk, {fields: ['name']}, myOptions);
|
await models.Account.sync(userToUpdate.name);
|
||||||
const hasRole = await Self.hasRole(userId, role.name, myOptions);
|
|
||||||
|
|
||||||
if (!hasRole)
|
|
||||||
throw new UserError(`You don't own the role and you can't assign it to another user`);
|
|
||||||
|
|
||||||
userToUpdate.roleFk = roleFk;
|
|
||||||
}
|
|
||||||
|
|
||||||
await userToUpdate.save(myOptions);
|
|
||||||
await models.Account.sync(userToUpdate.name, null, null, myOptions);
|
|
||||||
if (tx) await tx.commit();
|
|
||||||
} catch (err) {
|
|
||||||
if (tx) await tx.rollback();
|
|
||||||
throw err;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue