From 0186c2c80678f518de105192d1e306f2361f056a Mon Sep 17 00:00:00 2001 From: carlossa Date: Wed, 29 Nov 2023 07:33:49 +0100 Subject: [PATCH 01/11] refs #6085 aclMail back --- db/changes/235001/00-aclsMails.sql | 7 ++++ .../account/front/alias/acl/create/index.js | 33 +++++++++++++++++++ modules/account/front/alias/acl/index.js | 4 +++ .../account/front/alias/acl/index/index.js | 15 +++++++++ modules/account/front/alias/acl/main/index.js | 18 ++++++++++ 5 files changed, 77 insertions(+) create mode 100644 db/changes/235001/00-aclsMails.sql create mode 100644 modules/account/front/alias/acl/create/index.js create mode 100644 modules/account/front/alias/acl/index.js create mode 100644 modules/account/front/alias/acl/index/index.js create mode 100644 modules/account/front/alias/acl/main/index.js diff --git a/db/changes/235001/00-aclsMails.sql b/db/changes/235001/00-aclsMails.sql new file mode 100644 index 000000000..92603aec4 --- /dev/null +++ b/db/changes/235001/00-aclsMails.sql @@ -0,0 +1,7 @@ +-- Definición de la tabla mailAliasACL +CREATE TABLE `account`.`mailAliasACL` ( + `mailAliasFk` int(10) unsigned NOT NULL, + `roleFk` int(10) unsigned NOT NULL, + FOREIGN KEY (`mailAliasFk`) REFERENCES `account`.`mailAlias` (`id`), + FOREIGN KEY (`roleFk`) REFERENCES `account`.`role` (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_general_ci; diff --git a/modules/account/front/alias/acl/create/index.js b/modules/account/front/alias/acl/create/index.js new file mode 100644 index 000000000..1f9d73272 --- /dev/null +++ b/modules/account/front/alias/acl/create/index.js @@ -0,0 +1,33 @@ +import ngModule from '../../module'; +import Section from 'salix/components/section'; + +export default class Controller extends Section { + constructor(...args) { + super(...args); + this.accessTypes = [ + {name: '*'}, + {name: 'READ'}, + {name: 'WRITE'} + ]; + this.permissions = [ + {name: 'ALLOW'}, + {name: 'DENY'} + ]; + + this.models = []; + for (let model in window.validations) + this.models.push({name: model}); + + this.acl = { + property: '*', + principalType: 'ROLE', + accessType: 'READ', + permission: 'ALLOW' + }; + } +} + +ngModule.component('vnAclMailCreate', { + template: require('./index.html'), + controller: Controller +}); diff --git a/modules/account/front/alias/acl/index.js b/modules/account/front/alias/acl/index.js new file mode 100644 index 000000000..8393859a5 --- /dev/null +++ b/modules/account/front/alias/acl/index.js @@ -0,0 +1,4 @@ +import './main'; +import './index/'; +import './create'; +import './search-panel'; diff --git a/modules/account/front/alias/acl/index/index.js b/modules/account/front/alias/acl/index/index.js new file mode 100644 index 000000000..b78dfa7f5 --- /dev/null +++ b/modules/account/front/alias/acl/index/index.js @@ -0,0 +1,15 @@ +import ngModule from '../../module'; +import Section from 'salix/components/section'; + +export default class Controller extends Section { + onDelete(row) { + return this.$http.delete(`ACLs/${row.id}`) + .then(() => this.$.model.refresh()) + .then(() => this.vnApp.showSuccess(this.$t('ACL removed'))); + } +} + +ngModule.component('vnAclMailIndex', { + template: require('./index.html'), + controller: Controller +}); diff --git a/modules/account/front/alias/acl/main/index.js b/modules/account/front/alias/acl/main/index.js new file mode 100644 index 000000000..431ef48c5 --- /dev/null +++ b/modules/account/front/alias/acl/main/index.js @@ -0,0 +1,18 @@ +import ngModule from '../../module'; +import ModuleMain from 'salix/components/module-main'; + +export default class ACL extends ModuleMain { + exprBuilder(param, value) { + switch (param) { + case 'search': + return {model: {like: `%${value}%`}}; + default: + return {[param]: value}; + } + } +} + +ngModule.vnComponent('vnAclMailComponent', { + controller: ACL, + template: require('./index.html') +}); From e548ef4dae1d056cfc2f34396a3e3e164ee2b9a8 Mon Sep 17 00:00:00 2001 From: carlossa Date: Wed, 29 Nov 2023 07:51:58 +0100 Subject: [PATCH 02/11] refs #6085 searchpanel and change path --- .../account/front/alias/acl/create/index.js | 4 +-- .../account/front/alias/acl/index/index.js | 4 +-- modules/account/front/alias/acl/main/index.js | 6 ++--- .../front/alias/acl/search-panel/index.js | 26 +++++++++++++++++++ modules/account/front/alias/index.js | 1 + 5 files changed, 34 insertions(+), 7 deletions(-) create mode 100644 modules/account/front/alias/acl/search-panel/index.js diff --git a/modules/account/front/alias/acl/create/index.js b/modules/account/front/alias/acl/create/index.js index 1f9d73272..58e70e4aa 100644 --- a/modules/account/front/alias/acl/create/index.js +++ b/modules/account/front/alias/acl/create/index.js @@ -1,4 +1,4 @@ -import ngModule from '../../module'; +import ngModule from '../../../module'; import Section from 'salix/components/section'; export default class Controller extends Section { @@ -28,6 +28,6 @@ export default class Controller extends Section { } ngModule.component('vnAclMailCreate', { - template: require('./index.html'), + // template: require('./index.html'), controller: Controller }); diff --git a/modules/account/front/alias/acl/index/index.js b/modules/account/front/alias/acl/index/index.js index b78dfa7f5..5d8d49574 100644 --- a/modules/account/front/alias/acl/index/index.js +++ b/modules/account/front/alias/acl/index/index.js @@ -1,4 +1,4 @@ -import ngModule from '../../module'; +import ngModule from '../../../module'; import Section from 'salix/components/section'; export default class Controller extends Section { @@ -10,6 +10,6 @@ export default class Controller extends Section { } ngModule.component('vnAclMailIndex', { - template: require('./index.html'), + // template: require('./index.html'), controller: Controller }); diff --git a/modules/account/front/alias/acl/main/index.js b/modules/account/front/alias/acl/main/index.js index 431ef48c5..97f04ee50 100644 --- a/modules/account/front/alias/acl/main/index.js +++ b/modules/account/front/alias/acl/main/index.js @@ -1,4 +1,4 @@ -import ngModule from '../../module'; +import ngModule from '../../../module'; import ModuleMain from 'salix/components/module-main'; export default class ACL extends ModuleMain { @@ -13,6 +13,6 @@ export default class ACL extends ModuleMain { } ngModule.vnComponent('vnAclMailComponent', { - controller: ACL, - template: require('./index.html') + controller: ACL + // template: require('./index.html') }); diff --git a/modules/account/front/alias/acl/search-panel/index.js b/modules/account/front/alias/acl/search-panel/index.js new file mode 100644 index 000000000..67db33383 --- /dev/null +++ b/modules/account/front/alias/acl/search-panel/index.js @@ -0,0 +1,26 @@ +import ngModule from '../../../module'; +import SearchPanel from 'core/components/searchbar/search-panel'; + +export default class Controller extends SearchPanel { + constructor(...args) { + super(...args); + this.accessTypes = [ + {name: '*'}, + {name: 'READ'}, + {name: 'WRITE'} + ]; + this.permissions = [ + {name: 'ALLOW'}, + {name: 'DENY'} + ]; + + this.models = []; + for (let model in window.validations) + this.models.push({name: model}); + } +} + +ngModule.component('vnAclSearchPanel', { + // template: require('./index.html'), + controller: Controller +}); diff --git a/modules/account/front/alias/index.js b/modules/account/front/alias/index.js index 8eed3a3d3..598421749 100644 --- a/modules/account/front/alias/index.js +++ b/modules/account/front/alias/index.js @@ -7,3 +7,4 @@ import './descriptor'; import './create'; import './basic-data'; import './users'; +import './acl'; From 9a3efdd6fe9e29cf0dd6ca97c8c384e26bd99a53 Mon Sep 17 00:00:00 2001 From: carlossa Date: Wed, 29 Nov 2023 13:55:44 +0100 Subject: [PATCH 03/11] refs #6085 model y back --- modules/account/back/models/mail-alias-acl.js | 70 +++++++++++++++++++ .../account/back/models/mail-alias-acl.json | 29 ++++++++ 2 files changed, 99 insertions(+) create mode 100644 modules/account/back/models/mail-alias-acl.js create mode 100644 modules/account/back/models/mail-alias-acl.json diff --git a/modules/account/back/models/mail-alias-acl.js b/modules/account/back/models/mail-alias-acl.js new file mode 100644 index 000000000..4a74472fe --- /dev/null +++ b/modules/account/back/models/mail-alias-acl.js @@ -0,0 +1,70 @@ +const UserError = require('vn-loopback/util/user-error'); + +module.exports = Self => { + require('../methods/notification/getList')(Self); + + Self.observe('before save', async function(ctx) { + await checkModifyPermission(ctx); + }); + + Self.observe('before delete', async function(ctx) { + await checkModifyPermission(ctx); + }); + + async function checkModifyPermission(ctx) { + const models = Self.app.models; + const instance = ctx.instance; + const userId = ctx.options.accessToken.userId; + + let mailAliasFk; + let roleFk; + + if (instance) { + mailAliasFk = instance.mailAliasFk; + roleFk = instance.roleFk; + } else { + const mailAliasAcl = await models.MailAlias.findById(ctx.where.id); + mailAliasFk = mailAliasAcl.id; + roleFk = mailAliasAcl.roleFk; + } + + const role = await models.VnUser.findById(roleFk, {fields: ['id', 'role']}); + const available = await Self.getAvailable(roleFk); + const hasAcl = available.has(mailAliasFk); + + if (!hasAcl || (userId.role != role)) + throw new UserError('The alias cant be modified'); + } + + Self.getAvailable = async function(userId, options) { + const availableMailAliasMap = new Map(); + const models = Self.app.models; + + const myOptions = {}; + + if (typeof options == 'object') + Object.assign(myOptions, options); + + const roles = await models.RoleMapping.find({ + fields: ['roleId'], + where: {principalId: userId} + }, myOptions); + + const availableMailAlias = await models.MailAliasAcl.find({ + fields: ['mailAliasFk', 'roleFk'], + include: {relation: 'roleFk'}, + where: { + roleFk: { + inq: roles.map(role => role.roleId), + }, + } + }, myOptions); + + for (available of availableMailAlias) { + availableMailAliasMap.set(available.mailAliasFk, { + mailAliasFk: available.mailAliasFk, + }); + } + return availableMailAliasMap; + }; +}; diff --git a/modules/account/back/models/mail-alias-acl.json b/modules/account/back/models/mail-alias-acl.json new file mode 100644 index 000000000..2e44f38eb --- /dev/null +++ b/modules/account/back/models/mail-alias-acl.json @@ -0,0 +1,29 @@ +{ + "name": "mailAliasACL", + "base": "VnModel", + "options": { + "mysql": { + "table": "account.mailAliasACL" + } + }, + "properties": { + "mailAliasFk": { + "type": "number" + }, + "roleFk": { + "type": "number" + } + }, + "relations": { + "mailAlias": { + "type": "belongsTo", + "model": "VnUser", + "foreignKey": "mailAliasFk" + }, + "role": { + "type": "belongsTo", + "model": "VnUser", + "foreignKey": "roleFk" + } + } +} From 6d486fbec99ae2b471882a2b24530b5b34453f06 Mon Sep 17 00:00:00 2001 From: carlossa Date: Fri, 1 Dec 2023 13:58:45 +0100 Subject: [PATCH 04/11] refs #6085 trad, remove front, back test --- back/models/specs/mailAliasAccount.spec.js | 73 +++++++++++++++++++ db/changes/235001/00-aclsMails.sql | 3 +- db/dump/fixtures.sql | 7 ++ front/core/locale/es.yml | 1 + loopback/locale/es.json | 4 +- modules/account/back/model-config.json | 3 + .../account/back/models/mail-alias-account.js | 68 ++++++++--------- modules/account/back/models/mail-alias-acl.js | 59 ++++++--------- .../account/back/models/mail-alias-acl.json | 10 ++- .../account/front/alias/acl/create/index.js | 33 --------- modules/account/front/alias/acl/index.js | 4 - .../account/front/alias/acl/index/index.js | 15 ---- modules/account/front/alias/acl/main/index.js | 18 ----- .../front/alias/acl/search-panel/index.js | 26 ------- modules/account/front/alias/index.js | 1 - 15 files changed, 151 insertions(+), 174 deletions(-) create mode 100644 back/models/specs/mailAliasAccount.spec.js delete mode 100644 modules/account/front/alias/acl/create/index.js delete mode 100644 modules/account/front/alias/acl/index.js delete mode 100644 modules/account/front/alias/acl/index/index.js delete mode 100644 modules/account/front/alias/acl/main/index.js delete mode 100644 modules/account/front/alias/acl/search-panel/index.js diff --git a/back/models/specs/mailAliasAccount.spec.js b/back/models/specs/mailAliasAccount.spec.js new file mode 100644 index 000000000..46d447f90 --- /dev/null +++ b/back/models/specs/mailAliasAccount.spec.js @@ -0,0 +1,73 @@ +const models = require('vn-loopback/server/server').models; + +fdescribe('loopback model MailAliasAccount', () => { + it('should fail to add a mail Alias if the worker doesnt have ACLs', async() => { + const tx = await models.MailAliasAccount.beginTransaction({}); + let error; + + try { + const options = {transaction: tx, accessToken: {userId: 1}}; + await models.MailAliasAccount.create({mailAliasFk: 2, roleFk: 5}, options); + + await tx.rollback(); + } catch (e) { + await tx.rollback(); + error = e; + } + + expect(error.message).toEqual('The alias cant be modified'); + }); + + it('should add a mail Alias', async() => { + const tx = await models.MailAliasAccount.beginTransaction({}); + let error; + + try { + const options = {transaction: tx, accessToken: {userId: 9}}; + await models.MailAliasAccount.create({mailAliasFk: 2, roleFk: 5}, options); + + await tx.rollback(); + } catch (e) { + await tx.rollback(); + error = e; + } + + expect(error).toBeUndefined(); + }); + + it('should add a mail Alias of an inherit role', async() => { + const tx = await models.MailAliasAccount.beginTransaction({}); + let error; + + try { + const options = {transaction: tx, accessToken: {userId: 9}}; + await models.MailAliasAccount.create({mailAliasFk: 3, roleFk: 5}, options); + + await tx.rollback(); + } catch (e) { + await tx.rollback(); + error = e; + } + + expect(error).toBeUndefined(); + }); + + it('should delete a mail Alias', async() => { + const tx = await models.MailAliasAccount.beginTransaction({}); + let error; + + try { + const options = {transaction: tx, accessToken: {userId: 1}}; + const mailAclId = 2; + await models.MailAliasAccount.destroyAll({id: mailAclId}, options); + + await tx.rollback(); + } catch (e) { + await tx.rollback(); + error = e; + } + + expect(error).toBeUndefined(); + }); +}); + diff --git a/db/changes/235001/00-aclsMails.sql b/db/changes/235001/00-aclsMails.sql index 92603aec4..5cfea4030 100644 --- a/db/changes/235001/00-aclsMails.sql +++ b/db/changes/235001/00-aclsMails.sql @@ -1,5 +1,6 @@ -- Definición de la tabla mailAliasACL -CREATE TABLE `account`.`mailAliasACL` ( + +CREATE OR REPLACE TABLE `account`.`mailAliasAcl` ( `mailAliasFk` int(10) unsigned NOT NULL, `roleFk` int(10) unsigned NOT NULL, FOREIGN KEY (`mailAliasFk`) REFERENCES `account`.`mailAlias` (`id`), diff --git a/db/dump/fixtures.sql b/db/dump/fixtures.sql index 93b7b796f..62f96b459 100644 --- a/db/dump/fixtures.sql +++ b/db/dump/fixtures.sql @@ -3002,3 +3002,10 @@ INSERT INTO `vn`.`invoiceCorrectionType` (`id`, `description`) (1, 'Error in VAT calculation'), (2, 'Error in sales details'), (3, 'Error in customer data'); + +INSERT INTO `account`.`mailAliasAcl` (`mailAliasFk`, `roleFk`) + VALUES + (1, 1), + (2, 9), + (3, 15); + diff --git a/front/core/locale/es.yml b/front/core/locale/es.yml index 96c34d98c..1b9bbb40b 100644 --- a/front/core/locale/es.yml +++ b/front/core/locale/es.yml @@ -68,3 +68,4 @@ Load more results: Cargar más resultados Send cau: Enviar cau By sending this ticket, all the data related to the error, the section, the user, etc., are already sent.: Al enviar este cau ya se envían todos los datos relacionados con el error, la sección, el usuario, etc ExplainReason: Explique el motivo por el que no deberia aparecer este fallo +You already have the mailAlias: Ya tienes este mail diff --git a/loopback/locale/es.json b/loopback/locale/es.json index 01384efb4..2e516bf12 100644 --- a/loopback/locale/es.json +++ b/loopback/locale/es.json @@ -329,5 +329,7 @@ "The amount cannot be less than the minimum": "La cantidad no puede ser menor que la cantidad mínima", "quantityLessThanMin": "La cantidad no puede ser menor que la cantidad mínima", "Cannot past travels with entries": "No se pueden pasar envíos con entradas", - "It was not able to remove the next expeditions:": "No se pudo eliminar las siguientes expediciones: {{expeditions}}" + "It was not able to remove the next expeditions:": "No se pudo eliminar las siguientes expediciones: {{expeditions}}", + "You already have the mailAlias": "You already have the mailAlias", + "The alias cant be modified": "The alias cant be modified" } \ No newline at end of file diff --git a/modules/account/back/model-config.json b/modules/account/back/model-config.json index b4bd6dbaf..0cd43d0ce 100644 --- a/modules/account/back/model-config.json +++ b/modules/account/back/model-config.json @@ -14,6 +14,9 @@ "MailAliasAccount": { "dataSource": "vn" }, + "MailAliasAcl": { + "dataSource": "vn" + }, "MailConfig": { "dataSource": "vn" }, diff --git a/modules/account/back/models/mail-alias-account.js b/modules/account/back/models/mail-alias-account.js index 6f5213f24..a95189689 100644 --- a/modules/account/back/models/mail-alias-account.js +++ b/modules/account/back/models/mail-alias-account.js @@ -2,54 +2,54 @@ const UserError = require('vn-loopback/util/user-error'); module.exports = Self => { + Self.rewriteDbError(function(err) { + if (err.code === 'ER_DUP_ENTRY') + return new UserError(`You already have the mailAlias`); + return err; + }); + Self.observe('before save', async ctx => { const changes = ctx.currentInstance || ctx.instance; - await Self.hasGrant(ctx, changes.mailAlias); + await checkModifyPermission(ctx, changes.mailAlias); }); Self.observe('before delete', async ctx => { const mailAliasAccount = await Self.findById(ctx.where.id); - await Self.hasGrant(ctx, mailAliasAccount.mailAlias); + await checkModifyPermission(ctx, mailAliasAccount.mailAlias); }); - /** - * Checks if current user has - * grant to add/remove alias - * - * @param {Object} ctx - Request context - * @param {Interger} mailAlias - mailAlias id - * @return {Boolean} True for user with grant - */ - Self.hasGrant = async function(ctx, mailAlias) { + async function checkModifyPermission(ctx, mailAliasFk) { + const userId = ctx.options.accessToken.userId; + const available = await Self.getAvailable(userId); + if (!available.has(mailAliasFk)) + throw new UserError('The alias cant be modified'); + } + + Self.getAvailable = async function(userId, options) { const models = Self.app.models; - const accessToken = {req: {accessToken: ctx.options.accessToken}}; - const userId = accessToken.req.accessToken.userId; - const canEditAlias = await models.ACL.checkAccessAcl(accessToken, 'MailAliasAccount', 'canEditAlias', 'WRITE'); - if (canEditAlias) return true; + const myOptions = {}; - const user = await models.VnUser.findById(userId, {fields: ['hasGrant']}); - if (!user.hasGrant) - throw new UserError(`You don't have grant privilege`); + if (typeof options == 'object') + Object.assign(myOptions, options); - const account = await models.Account.findById(userId, { - fields: ['id'], - include: { - relation: 'aliases', - scope: { - fields: ['mailAlias'] - } + const roles = await models.RoleMapping.find({ + fields: ['roleId'], + where: {principalId: userId} + }, myOptions); + + const availableMailAlias = await models.MailAliasAcl.find({ + fields: ['mailAliasFk'], + include: {relation: 'mailAlias'}, + where: { + roleFk: { + inq: roles.map(role => role.roleId), + }, } - }); - - const aliases = account.aliases().map(alias => alias.mailAlias); - - const hasAlias = aliases.includes(mailAlias); - if (!hasAlias) - throw new UserError(`You cannot assign/remove an alias that you are not assigned to`); - - return true; + }, myOptions); + const mailAliasArray = Array.from(availableMailAlias, alias => alias.mailAliasFk); + return new Set(mailAliasArray); }; }; diff --git a/modules/account/back/models/mail-alias-acl.js b/modules/account/back/models/mail-alias-acl.js index 4a74472fe..a95189689 100644 --- a/modules/account/back/models/mail-alias-acl.js +++ b/modules/account/back/models/mail-alias-acl.js @@ -1,43 +1,33 @@ + const UserError = require('vn-loopback/util/user-error'); module.exports = Self => { - require('../methods/notification/getList')(Self); - - Self.observe('before save', async function(ctx) { - await checkModifyPermission(ctx); + Self.rewriteDbError(function(err) { + if (err.code === 'ER_DUP_ENTRY') + return new UserError(`You already have the mailAlias`); + return err; }); - Self.observe('before delete', async function(ctx) { - await checkModifyPermission(ctx); + Self.observe('before save', async ctx => { + const changes = ctx.currentInstance || ctx.instance; + + await checkModifyPermission(ctx, changes.mailAlias); }); - async function checkModifyPermission(ctx) { - const models = Self.app.models; - const instance = ctx.instance; + Self.observe('before delete', async ctx => { + const mailAliasAccount = await Self.findById(ctx.where.id); + + await checkModifyPermission(ctx, mailAliasAccount.mailAlias); + }); + + async function checkModifyPermission(ctx, mailAliasFk) { const userId = ctx.options.accessToken.userId; - - let mailAliasFk; - let roleFk; - - if (instance) { - mailAliasFk = instance.mailAliasFk; - roleFk = instance.roleFk; - } else { - const mailAliasAcl = await models.MailAlias.findById(ctx.where.id); - mailAliasFk = mailAliasAcl.id; - roleFk = mailAliasAcl.roleFk; - } - - const role = await models.VnUser.findById(roleFk, {fields: ['id', 'role']}); - const available = await Self.getAvailable(roleFk); - const hasAcl = available.has(mailAliasFk); - - if (!hasAcl || (userId.role != role)) + const available = await Self.getAvailable(userId); + if (!available.has(mailAliasFk)) throw new UserError('The alias cant be modified'); } Self.getAvailable = async function(userId, options) { - const availableMailAliasMap = new Map(); const models = Self.app.models; const myOptions = {}; @@ -51,20 +41,15 @@ module.exports = Self => { }, myOptions); const availableMailAlias = await models.MailAliasAcl.find({ - fields: ['mailAliasFk', 'roleFk'], - include: {relation: 'roleFk'}, + fields: ['mailAliasFk'], + include: {relation: 'mailAlias'}, where: { roleFk: { inq: roles.map(role => role.roleId), }, } }, myOptions); - - for (available of availableMailAlias) { - availableMailAliasMap.set(available.mailAliasFk, { - mailAliasFk: available.mailAliasFk, - }); - } - return availableMailAliasMap; + const mailAliasArray = Array.from(availableMailAlias, alias => alias.mailAliasFk); + return new Set(mailAliasArray); }; }; diff --git a/modules/account/back/models/mail-alias-acl.json b/modules/account/back/models/mail-alias-acl.json index 2e44f38eb..014b95d14 100644 --- a/modules/account/back/models/mail-alias-acl.json +++ b/modules/account/back/models/mail-alias-acl.json @@ -1,28 +1,30 @@ { - "name": "mailAliasACL", + "name": "MailAliasAcl", "base": "VnModel", "options": { "mysql": { - "table": "account.mailAliasACL" + "table": "account.mailAliasAcl" } }, "properties": { "mailAliasFk": { + "id": true, "type": "number" }, "roleFk": { + "id": true, "type": "number" } }, "relations": { "mailAlias": { "type": "belongsTo", - "model": "VnUser", + "model": "MailAlias", "foreignKey": "mailAliasFk" }, "role": { "type": "belongsTo", - "model": "VnUser", + "model": "Role", "foreignKey": "roleFk" } } diff --git a/modules/account/front/alias/acl/create/index.js b/modules/account/front/alias/acl/create/index.js deleted file mode 100644 index 58e70e4aa..000000000 --- a/modules/account/front/alias/acl/create/index.js +++ /dev/null @@ -1,33 +0,0 @@ -import ngModule from '../../../module'; -import Section from 'salix/components/section'; - -export default class Controller extends Section { - constructor(...args) { - super(...args); - this.accessTypes = [ - {name: '*'}, - {name: 'READ'}, - {name: 'WRITE'} - ]; - this.permissions = [ - {name: 'ALLOW'}, - {name: 'DENY'} - ]; - - this.models = []; - for (let model in window.validations) - this.models.push({name: model}); - - this.acl = { - property: '*', - principalType: 'ROLE', - accessType: 'READ', - permission: 'ALLOW' - }; - } -} - -ngModule.component('vnAclMailCreate', { - // template: require('./index.html'), - controller: Controller -}); diff --git a/modules/account/front/alias/acl/index.js b/modules/account/front/alias/acl/index.js deleted file mode 100644 index 8393859a5..000000000 --- a/modules/account/front/alias/acl/index.js +++ /dev/null @@ -1,4 +0,0 @@ -import './main'; -import './index/'; -import './create'; -import './search-panel'; diff --git a/modules/account/front/alias/acl/index/index.js b/modules/account/front/alias/acl/index/index.js deleted file mode 100644 index 5d8d49574..000000000 --- a/modules/account/front/alias/acl/index/index.js +++ /dev/null @@ -1,15 +0,0 @@ -import ngModule from '../../../module'; -import Section from 'salix/components/section'; - -export default class Controller extends Section { - onDelete(row) { - return this.$http.delete(`ACLs/${row.id}`) - .then(() => this.$.model.refresh()) - .then(() => this.vnApp.showSuccess(this.$t('ACL removed'))); - } -} - -ngModule.component('vnAclMailIndex', { - // template: require('./index.html'), - controller: Controller -}); diff --git a/modules/account/front/alias/acl/main/index.js b/modules/account/front/alias/acl/main/index.js deleted file mode 100644 index 97f04ee50..000000000 --- a/modules/account/front/alias/acl/main/index.js +++ /dev/null @@ -1,18 +0,0 @@ -import ngModule from '../../../module'; -import ModuleMain from 'salix/components/module-main'; - -export default class ACL extends ModuleMain { - exprBuilder(param, value) { - switch (param) { - case 'search': - return {model: {like: `%${value}%`}}; - default: - return {[param]: value}; - } - } -} - -ngModule.vnComponent('vnAclMailComponent', { - controller: ACL - // template: require('./index.html') -}); diff --git a/modules/account/front/alias/acl/search-panel/index.js b/modules/account/front/alias/acl/search-panel/index.js deleted file mode 100644 index 67db33383..000000000 --- a/modules/account/front/alias/acl/search-panel/index.js +++ /dev/null @@ -1,26 +0,0 @@ -import ngModule from '../../../module'; -import SearchPanel from 'core/components/searchbar/search-panel'; - -export default class Controller extends SearchPanel { - constructor(...args) { - super(...args); - this.accessTypes = [ - {name: '*'}, - {name: 'READ'}, - {name: 'WRITE'} - ]; - this.permissions = [ - {name: 'ALLOW'}, - {name: 'DENY'} - ]; - - this.models = []; - for (let model in window.validations) - this.models.push({name: model}); - } -} - -ngModule.component('vnAclSearchPanel', { - // template: require('./index.html'), - controller: Controller -}); diff --git a/modules/account/front/alias/index.js b/modules/account/front/alias/index.js index 598421749..8eed3a3d3 100644 --- a/modules/account/front/alias/index.js +++ b/modules/account/front/alias/index.js @@ -7,4 +7,3 @@ import './descriptor'; import './create'; import './basic-data'; import './users'; -import './acl'; From c0ce7e542febf97895ad6ff14e9869f182407e05 Mon Sep 17 00:00:00 2001 From: carlossa Date: Mon, 4 Dec 2023 09:40:57 +0100 Subject: [PATCH 05/11] refs #6085 solve testback --- back/models/specs/mailAliasAccount.spec.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/back/models/specs/mailAliasAccount.spec.js b/back/models/specs/mailAliasAccount.spec.js index 46d447f90..c07e16d60 100644 --- a/back/models/specs/mailAliasAccount.spec.js +++ b/back/models/specs/mailAliasAccount.spec.js @@ -24,7 +24,7 @@ fdescribe('loopback model MailAliasAccount', () => { try { const options = {transaction: tx, accessToken: {userId: 9}}; - await models.MailAliasAccount.create({mailAliasFk: 2, roleFk: 5}, options); + await models.MailAliasAccount.create({mailAlias: 2, account: 5}, options); await tx.rollback(); } catch (e) { @@ -41,7 +41,7 @@ fdescribe('loopback model MailAliasAccount', () => { try { const options = {transaction: tx, accessToken: {userId: 9}}; - await models.MailAliasAccount.create({mailAliasFk: 3, roleFk: 5}, options); + await models.MailAliasAccount.create({mailAlias: 3, account: 5}, options); await tx.rollback(); } catch (e) { From 051c93a42cdee0ab6403924c95cc1dd4771e6859 Mon Sep 17 00:00:00 2001 From: carlossa Date: Mon, 4 Dec 2023 09:41:24 +0100 Subject: [PATCH 06/11] remove fdescribe --- back/models/specs/mailAliasAccount.spec.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/back/models/specs/mailAliasAccount.spec.js b/back/models/specs/mailAliasAccount.spec.js index c07e16d60..d26ed2313 100644 --- a/back/models/specs/mailAliasAccount.spec.js +++ b/back/models/specs/mailAliasAccount.spec.js @@ -1,6 +1,6 @@ const models = require('vn-loopback/server/server').models; -fdescribe('loopback model MailAliasAccount', () => { +describe('loopback model MailAliasAccount', () => { it('should fail to add a mail Alias if the worker doesnt have ACLs', async() => { const tx = await models.MailAliasAccount.beginTransaction({}); let error; From 584f3264edc86712c840998d5794c9b34c7fd632 Mon Sep 17 00:00:00 2001 From: carlossa Date: Mon, 11 Dec 2023 08:54:58 +0100 Subject: [PATCH 07/11] refs #6085 refactor sql trad --- .../{235001 => 235201}/00-aclsMails.sql | 0 front/core/locale/es.yml | 2 +- loopback/locale/es.json | 6 +- .../account/back/models/mail-alias-account.js | 14 ++--- modules/account/back/models/mail-alias-acl.js | 55 ------------------- 5 files changed, 9 insertions(+), 68 deletions(-) rename db/changes/{235001 => 235201}/00-aclsMails.sql (100%) delete mode 100644 modules/account/back/models/mail-alias-acl.js diff --git a/db/changes/235001/00-aclsMails.sql b/db/changes/235201/00-aclsMails.sql similarity index 100% rename from db/changes/235001/00-aclsMails.sql rename to db/changes/235201/00-aclsMails.sql diff --git a/front/core/locale/es.yml b/front/core/locale/es.yml index 1b9bbb40b..17e955ff5 100644 --- a/front/core/locale/es.yml +++ b/front/core/locale/es.yml @@ -68,4 +68,4 @@ Load more results: Cargar más resultados Send cau: Enviar cau By sending this ticket, all the data related to the error, the section, the user, etc., are already sent.: Al enviar este cau ya se envían todos los datos relacionados con el error, la sección, el usuario, etc ExplainReason: Explique el motivo por el que no deberia aparecer este fallo -You already have the mailAlias: Ya tienes este mail +You already have the mailAlias: Ya tienes este alias de correo diff --git a/loopback/locale/es.json b/loopback/locale/es.json index 2e516bf12..c26bf3ebc 100644 --- a/loopback/locale/es.json +++ b/loopback/locale/es.json @@ -330,6 +330,6 @@ "quantityLessThanMin": "La cantidad no puede ser menor que la cantidad mínima", "Cannot past travels with entries": "No se pueden pasar envíos con entradas", "It was not able to remove the next expeditions:": "No se pudo eliminar las siguientes expediciones: {{expeditions}}", - "You already have the mailAlias": "You already have the mailAlias", - "The alias cant be modified": "The alias cant be modified" -} \ No newline at end of file + "You already have the mailAlias": "Ya tienes este alias de correo", + "The alias cant be modified": "Este alias de correo no puede ser modificado" +} diff --git a/modules/account/back/models/mail-alias-account.js b/modules/account/back/models/mail-alias-account.js index a95189689..91fc43008 100644 --- a/modules/account/back/models/mail-alias-account.js +++ b/modules/account/back/models/mail-alias-account.js @@ -22,12 +22,6 @@ module.exports = Self => { async function checkModifyPermission(ctx, mailAliasFk) { const userId = ctx.options.accessToken.userId; - const available = await Self.getAvailable(userId); - if (!available.has(mailAliasFk)) - throw new UserError('The alias cant be modified'); - } - - Self.getAvailable = async function(userId, options) { const models = Self.app.models; const myOptions = {}; @@ -47,9 +41,11 @@ module.exports = Self => { roleFk: { inq: roles.map(role => role.roleId), }, + mailAliasFk } }, myOptions); - const mailAliasArray = Array.from(availableMailAlias, alias => alias.mailAliasFk); - return new Set(mailAliasArray); - }; + + console.log(availableMailAlias); + if (!availableMailAlias.length) throw new UserError('The alias cant be modified'); + } }; diff --git a/modules/account/back/models/mail-alias-acl.js b/modules/account/back/models/mail-alias-acl.js deleted file mode 100644 index a95189689..000000000 --- a/modules/account/back/models/mail-alias-acl.js +++ /dev/null @@ -1,55 +0,0 @@ - -const UserError = require('vn-loopback/util/user-error'); - -module.exports = Self => { - Self.rewriteDbError(function(err) { - if (err.code === 'ER_DUP_ENTRY') - return new UserError(`You already have the mailAlias`); - return err; - }); - - Self.observe('before save', async ctx => { - const changes = ctx.currentInstance || ctx.instance; - - await checkModifyPermission(ctx, changes.mailAlias); - }); - - Self.observe('before delete', async ctx => { - const mailAliasAccount = await Self.findById(ctx.where.id); - - await checkModifyPermission(ctx, mailAliasAccount.mailAlias); - }); - - async function checkModifyPermission(ctx, mailAliasFk) { - const userId = ctx.options.accessToken.userId; - const available = await Self.getAvailable(userId); - if (!available.has(mailAliasFk)) - throw new UserError('The alias cant be modified'); - } - - Self.getAvailable = async function(userId, options) { - const models = Self.app.models; - - const myOptions = {}; - - if (typeof options == 'object') - Object.assign(myOptions, options); - - const roles = await models.RoleMapping.find({ - fields: ['roleId'], - where: {principalId: userId} - }, myOptions); - - const availableMailAlias = await models.MailAliasAcl.find({ - fields: ['mailAliasFk'], - include: {relation: 'mailAlias'}, - where: { - roleFk: { - inq: roles.map(role => role.roleId), - }, - } - }, myOptions); - const mailAliasArray = Array.from(availableMailAlias, alias => alias.mailAliasFk); - return new Set(mailAliasArray); - }; -}; From 57ed36cdfc3a0015da94a0eacc74bb0bbcef1505 Mon Sep 17 00:00:00 2001 From: carlossa Date: Mon, 11 Dec 2023 09:43:38 +0100 Subject: [PATCH 08/11] ref #6085 remove console options --- modules/account/back/models/mail-alias-account.js | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/modules/account/back/models/mail-alias-account.js b/modules/account/back/models/mail-alias-account.js index 91fc43008..cf9c73f3b 100644 --- a/modules/account/back/models/mail-alias-account.js +++ b/modules/account/back/models/mail-alias-account.js @@ -26,8 +26,7 @@ module.exports = Self => { const myOptions = {}; - if (typeof options == 'object') - Object.assign(myOptions, options); + Object.assign(myOptions); const roles = await models.RoleMapping.find({ fields: ['roleId'], @@ -45,7 +44,6 @@ module.exports = Self => { } }, myOptions); - console.log(availableMailAlias); if (!availableMailAlias.length) throw new UserError('The alias cant be modified'); } }; From 6ac5d28c4003cd7a192955d5538e5074e45d8b11 Mon Sep 17 00:00:00 2001 From: carlossa Date: Mon, 11 Dec 2023 09:59:09 +0100 Subject: [PATCH 09/11] refs #6085 fix back --- back/models/specs/mailAliasAccount.spec.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/back/models/specs/mailAliasAccount.spec.js b/back/models/specs/mailAliasAccount.spec.js index d26ed2313..c13cc7ae8 100644 --- a/back/models/specs/mailAliasAccount.spec.js +++ b/back/models/specs/mailAliasAccount.spec.js @@ -6,8 +6,8 @@ describe('loopback model MailAliasAccount', () => { let error; try { - const options = {transaction: tx, accessToken: {userId: 1}}; - await models.MailAliasAccount.create({mailAliasFk: 2, roleFk: 5}, options); + const options = {transaction: tx, accessToken: {userId: 57}}; + await models.MailAliasAccount.create({mailAlias: 2, account: 5}, options); await tx.rollback(); } catch (e) { From 53ff8784ffd8c388b3f3607a1d09977980fa4cf3 Mon Sep 17 00:00:00 2001 From: carlossa Date: Mon, 11 Dec 2023 10:16:46 +0100 Subject: [PATCH 10/11] refs #6085 remove myOptions --- modules/account/back/models/mail-alias-account.js | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/modules/account/back/models/mail-alias-account.js b/modules/account/back/models/mail-alias-account.js index cf9c73f3b..8f8e45ae8 100644 --- a/modules/account/back/models/mail-alias-account.js +++ b/modules/account/back/models/mail-alias-account.js @@ -24,14 +24,10 @@ module.exports = Self => { const userId = ctx.options.accessToken.userId; const models = Self.app.models; - const myOptions = {}; - - Object.assign(myOptions); - const roles = await models.RoleMapping.find({ fields: ['roleId'], where: {principalId: userId} - }, myOptions); + }); const availableMailAlias = await models.MailAliasAcl.find({ fields: ['mailAliasFk'], @@ -42,7 +38,7 @@ module.exports = Self => { }, mailAliasFk } - }, myOptions); + }); if (!availableMailAlias.length) throw new UserError('The alias cant be modified'); } From 2beb1f65f09847b78ec5e486af4f359a36887cb0 Mon Sep 17 00:00:00 2001 From: carlossa Date: Mon, 11 Dec 2023 12:45:55 +0100 Subject: [PATCH 11/11] refs #6085 findOne --- modules/account/back/models/mail-alias-account.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/account/back/models/mail-alias-account.js b/modules/account/back/models/mail-alias-account.js index 8f8e45ae8..5eb561408 100644 --- a/modules/account/back/models/mail-alias-account.js +++ b/modules/account/back/models/mail-alias-account.js @@ -29,7 +29,7 @@ module.exports = Self => { where: {principalId: userId} }); - const availableMailAlias = await models.MailAliasAcl.find({ + const availableMailAlias = await models.MailAliasAcl.findOne({ fields: ['mailAliasFk'], include: {relation: 'mailAlias'}, where: { @@ -40,6 +40,6 @@ module.exports = Self => { } }); - if (!availableMailAlias.length) throw new UserError('The alias cant be modified'); + if (!availableMailAlias) throw new UserError('The alias cant be modified'); } };