From 551d06ee8358554f2c83dbeaf6a1f054e634e2af Mon Sep 17 00:00:00 2001 From: vicent Date: Wed, 12 Jul 2023 13:55:57 +0200 Subject: [PATCH 1/8] =?UTF-8?q?refs=20#5887=20para=20eliminar=20sigue=20la?= =?UTF-8?q?s=20mismas=20reglas=20que=20para=20a=C3=B1adir?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- back/methods/vn-user/specs/addAlias.spec.js | 8 +-- back/models/vn-user.js | 2 - db/changes/232402/00-hotFix_travelConfig.sql | 32 +++++------ db/changes/232601/00-aclAddAlias.sql | 12 ++--- loopback/locale/es.json | 2 +- .../methods/mail-alias-account}/addAlias.js | 25 +-------- .../mail-alias-account}/removeAlias.js | 6 +-- .../account/back/models/mail-alias-account.js | 53 +++++++++++++++++++ modules/account/front/aliases/index.js | 4 +- modules/account/front/aliases/index.spec.js | 4 +- 10 files changed, 83 insertions(+), 65 deletions(-) rename {back/methods/vn-user => modules/account/back/methods/mail-alias-account}/addAlias.js (58%) rename {back/methods/vn-user => modules/account/back/methods/mail-alias-account}/removeAlias.js (83%) create mode 100644 modules/account/back/models/mail-alias-account.js diff --git a/back/methods/vn-user/specs/addAlias.spec.js b/back/methods/vn-user/specs/addAlias.spec.js index ef657a3a8..880c08139 100644 --- a/back/methods/vn-user/specs/addAlias.spec.js +++ b/back/methods/vn-user/specs/addAlias.spec.js @@ -14,7 +14,7 @@ describe('VnUser addAlias()', () => { try { const options = {transaction: tx}; - await models.VnUser.addAlias(ctx, employeeId, mailAlias, options); + await models.MailAliasAccount.addAlias(ctx, employeeId, mailAlias, options); await tx.rollback(); } catch (e) { @@ -33,7 +33,7 @@ describe('VnUser addAlias()', () => { try { const options = {transaction: tx}; - await models.VnUser.addAlias(ctx, employeeId, mailAlias, options); + await models.MailAliasAccount.addAlias(ctx, employeeId, mailAlias, options); await tx.rollback(); } catch (e) { @@ -41,7 +41,7 @@ describe('VnUser addAlias()', () => { await tx.rollback(); } - expect(error.message).toContain(`You cannot assign an alias that you are not assigned to`); + expect(error.message).toContain(`You cannot assign/remove an alias that you are not assigned to`); }); it('should add an alias', async() => { @@ -55,7 +55,7 @@ describe('VnUser addAlias()', () => { const user = await models.VnUser.findById(developerId, null, options); await user.updateAttribute('hasGrant', true, options); - result = await models.VnUser.addAlias(ctx, customerId, mailAlias, options); + result = await models.MailAliasAccount.addAlias(ctx, customerId, mailAlias, options); await tx.rollback(); } catch (e) { diff --git a/back/models/vn-user.js b/back/models/vn-user.js index 12aab585c..b58395acc 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -11,8 +11,6 @@ module.exports = function(Self) { require('../methods/vn-user/validate-token')(Self); require('../methods/vn-user/privileges')(Self); require('../methods/vn-user/renew-token')(Self); - require('../methods/vn-user/addAlias')(Self); - require('../methods/vn-user/removeAlias')(Self); Self.definition.settings.acls = Self.definition.settings.acls.filter(acl => acl.property !== 'create'); diff --git a/db/changes/232402/00-hotFix_travelConfig.sql b/db/changes/232402/00-hotFix_travelConfig.sql index 65450a74d..2691999dc 100644 --- a/db/changes/232402/00-hotFix_travelConfig.sql +++ b/db/changes/232402/00-hotFix_travelConfig.sql @@ -1,19 +1,19 @@ -CREATE TABLE `vn`.`travelConfig` ( - `id` int(11) unsigned NOT NULL AUTO_INCREMENT, - `warehouseInFk` smallint(6) unsigned NOT NULL DEFAULT 8 COMMENT 'Warehouse de origen', - `warehouseOutFk` smallint(6) unsigned NOT NULL DEFAULT 60 COMMENT 'Warehouse destino', - `agencyFk` int(11) NOT NULL DEFAULT 1378 COMMENT 'Agencia por defecto', - `companyFk` int(10) unsigned NOT NULL DEFAULT 442 COMMENT 'Compañía por defecto', - PRIMARY KEY (`id`), - KEY `travelConfig_FK` (`warehouseInFk`), - KEY `travelConfig_FK_1` (`warehouseOutFk`), - KEY `travelConfig_FK_2` (`agencyFk`), - KEY `travelConfig_FK_3` (`companyFk`), - CONSTRAINT `travelConfig_FK` FOREIGN KEY (`warehouseInFk`) REFERENCES `warehouse` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, - CONSTRAINT `travelConfig_FK_1` FOREIGN KEY (`warehouseOutFk`) REFERENCES `warehouse` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, - CONSTRAINT `travelConfig_FK_2` FOREIGN KEY (`agencyFk`) REFERENCES `agencyMode` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, - CONSTRAINT `travelConfig_FK_3` FOREIGN KEY (`companyFk`) REFERENCES `company` (`id`) ON DELETE CASCADE ON UPDATE CASCADE -) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci; +-- CREATE TABLE `vn`.`travelConfig` ( +-- `id` int(11) unsigned NOT NULL AUTO_INCREMENT, +-- `warehouseInFk` smallint(6) unsigned NOT NULL DEFAULT 8 COMMENT 'Warehouse de origen', +-- `warehouseOutFk` smallint(6) unsigned NOT NULL DEFAULT 60 COMMENT 'Warehouse destino', +-- `agencyFk` int(11) NOT NULL DEFAULT 1378 COMMENT 'Agencia por defecto', +-- `companyFk` int(10) unsigned NOT NULL DEFAULT 442 COMMENT 'Compañía por defecto', +-- PRIMARY KEY (`id`), +-- KEY `travelConfig_FK` (`warehouseInFk`), +-- KEY `travelConfig_FK_1` (`warehouseOutFk`), +-- KEY `travelConfig_FK_2` (`agencyFk`), +-- KEY `travelConfig_FK_3` (`companyFk`), +-- CONSTRAINT `travelConfig_FK` FOREIGN KEY (`warehouseInFk`) REFERENCES `warehouse` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, +-- CONSTRAINT `travelConfig_FK_1` FOREIGN KEY (`warehouseOutFk`) REFERENCES `warehouse` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, +-- CONSTRAINT `travelConfig_FK_2` FOREIGN KEY (`agencyFk`) REFERENCES `agencyMode` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, +-- CONSTRAINT `travelConfig_FK_3` FOREIGN KEY (`companyFk`) REFERENCES `company` (`id`) ON DELETE CASCADE ON UPDATE CASCADE +-- ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci; INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`) VALUES diff --git a/db/changes/232601/00-aclAddAlias.sql b/db/changes/232601/00-aclAddAlias.sql index cc96f5ad8..db2100bed 100644 --- a/db/changes/232601/00-aclAddAlias.sql +++ b/db/changes/232601/00-aclAddAlias.sql @@ -1,11 +1,5 @@ INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId) VALUES - ('VnUser', 'addAlias', 'WRITE', 'ALLOW', 'ROLE', 'employee'); - -INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId) - VALUES - ('VnUser', 'removeAlias', 'WRITE', 'ALLOW', 'ROLE', 'employee'); - -INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId) - VALUES - ('VnUser', 'canRemoveAlias', 'WRITE', 'ALLOW', 'ROLE', 'itManagement'); + ('MailAliasAccount', 'addAlias', 'WRITE', 'ALLOW', 'ROLE', 'employee'), + ('MailAliasAccount', 'removeAlias', 'WRITE', 'ALLOW', 'ROLE', 'employee'), + ('MailAliasAccount', 'canEditAlias', 'WRITE', 'ALLOW', 'ROLE', 'itManagement'); diff --git a/loopback/locale/es.json b/loopback/locale/es.json index 809ed5874..4408b48b5 100644 --- a/loopback/locale/es.json +++ b/loopback/locale/es.json @@ -299,5 +299,5 @@ "Mail not sent": "Se ha producido un fallo al enviar la factura al cliente [{{clientId}}]({{{clientUrl}}}), por favor revisa la dirección de correo electrónico", "The renew period has not been exceeded": "El periodo de renovación no ha sido superado", "Negative basis of tickets": "Base negativa para los tickets: {{ticketsIds}}", - "You cannot assign an alias that you are not assigned to": "No puede asignar un alias que no tenga asignado" + "You cannot assign/remove an alias that you are not assigned to": "No puede asignar/eliminar un alias que no tenga asignado" } diff --git a/back/methods/vn-user/addAlias.js b/modules/account/back/methods/mail-alias-account/addAlias.js similarity index 58% rename from back/methods/vn-user/addAlias.js rename to modules/account/back/methods/mail-alias-account/addAlias.js index 9fe43e713..74624b63c 100644 --- a/back/methods/vn-user/addAlias.js +++ b/modules/account/back/methods/mail-alias-account/addAlias.js @@ -1,5 +1,3 @@ -const UserError = require('vn-loopback/util/user-error'); - module.exports = Self => { Self.remoteMethod('addAlias', { description: 'Add an alias if the user has the grant', @@ -32,33 +30,12 @@ module.exports = Self => { Self.addAlias = async function(ctx, id, mailAlias, options) { const models = Self.app.models; - const userId = ctx.req.accessToken.userId; - const myOptions = {}; if (typeof options == 'object') Object.assign(myOptions, options); - const user = await Self.findById(userId, {fields: ['hasGrant']}, myOptions); - - if (!user.hasGrant) - throw new UserError(`You don't have grant privilege`); - - const account = await models.Account.findById(userId, { - fields: ['id'], - include: { - relation: 'aliases', - scope: { - fields: ['mailAlias'] - } - } - }, myOptions); - - const aliases = account.aliases().map(alias => alias.mailAlias); - - const hasAlias = aliases.includes(mailAlias); - if (!hasAlias) - throw new UserError(`You cannot assign an alias that you are not assigned to`); + await Self.hasGrant(ctx, mailAlias, myOptions); return models.MailAliasAccount.create({ mailAlias: mailAlias, diff --git a/back/methods/vn-user/removeAlias.js b/modules/account/back/methods/mail-alias-account/removeAlias.js similarity index 83% rename from back/methods/vn-user/removeAlias.js rename to modules/account/back/methods/mail-alias-account/removeAlias.js index 0424c3e96..c32911f4d 100644 --- a/back/methods/vn-user/removeAlias.js +++ b/modules/account/back/methods/mail-alias-account/removeAlias.js @@ -32,16 +32,12 @@ module.exports = Self => { Self.removeAlias = async function(ctx, id, mailAlias, options) { const models = Self.app.models; - const userId = ctx.req.accessToken.userId; - const myOptions = {}; if (typeof options == 'object') Object.assign(myOptions, options); - const canRemoveAlias = await models.ACL.checkAccessAcl(ctx, 'VnUser', 'canRemoveAlias', 'WRITE'); - - if (userId != id && !canRemoveAlias) throw new UserError(`You don't have grant privilege`); + await Self.hasGrant(ctx, mailAlias, myOptions); const mailAliasAccount = await models.MailAliasAccount.findOne({ where: { diff --git a/modules/account/back/models/mail-alias-account.js b/modules/account/back/models/mail-alias-account.js new file mode 100644 index 000000000..21c70c32e --- /dev/null +++ b/modules/account/back/models/mail-alias-account.js @@ -0,0 +1,53 @@ + +const UserError = require('vn-loopback/util/user-error'); + +module.exports = Self => { + require('../methods/account/sync')(Self); + require('../methods/account/sync-by-id')(Self); + require('../methods/account/sync-all')(Self); + require('../methods/account/login')(Self); + require('../methods/account/logout')(Self); + require('../methods/account/change-password')(Self); + require('../methods/account/set-password')(Self); + require('../methods/mail-alias-account/addAlias')(Self); + require('../methods/mail-alias-account/removeAlias')(Self); + + /** + * Checks if current user has + * read privileges over a dms + * + * @param {Object} ctx - Request context + * @param {Interger} mailAlias - mailAlias id + * @param {Object} options - Query options + * @return {Boolean} True for user with grant + */ + Self.hasGrant = async function(ctx, mailAlias, options) { + const models = Self.app.models; + const userId = ctx.req.accessToken.userId; + + const canEditAlias = await models.ACL.checkAccessAcl(ctx, 'MailAliasAccount', 'canEditAlias', 'WRITE'); + if (canEditAlias) return true; + + const user = await models.VnUser.findById(userId, {fields: ['hasGrant']}, options); + if (!user.hasGrant) + throw new UserError(`You don't have grant privilege`); + + const account = await models.Account.findById(userId, { + fields: ['id'], + include: { + relation: 'aliases', + scope: { + fields: ['mailAlias'] + } + } + }, options); + + const aliases = account.aliases().map(alias => alias.mailAlias); + + const hasAlias = aliases.includes(mailAlias); + if (!hasAlias) + throw new UserError(`You cannot assign/remove an alias that you are not assigned to`); + + return true; + }; +}; diff --git a/modules/account/front/aliases/index.js b/modules/account/front/aliases/index.js index e0c738ee4..b4ada07e5 100644 --- a/modules/account/front/aliases/index.js +++ b/modules/account/front/aliases/index.js @@ -25,7 +25,7 @@ export default class Controller extends Section { } onAddSave() { - return this.$http.post(`VnUsers/${this.$params.id}/addAlias`, this.addData) + return this.$http.post(`MailAliasAccounts/${this.$params.id}/addAlias`, this.addData) .then(() => this.refresh()) .then(() => this.vnApp.showSuccess( this.$t('Subscribed to alias!')) @@ -36,7 +36,7 @@ export default class Controller extends Section { const params = { mailAlias: row.mailAlias }; - return this.$http.post(`VnUsers/${this.$params.id}/removeAlias`, params) + return this.$http.post(`MailAliasAccounts/${this.$params.id}/removeAlias`, params) .then(() => this.refresh()) .then(() => this.vnApp.showSuccess(this.$t('Data saved!'))); } diff --git a/modules/account/front/aliases/index.spec.js b/modules/account/front/aliases/index.spec.js index 61f71949c..f72c06ab4 100644 --- a/modules/account/front/aliases/index.spec.js +++ b/modules/account/front/aliases/index.spec.js @@ -27,7 +27,7 @@ describe('component vnUserAliases', () => { controller.addData = {account: 1}; controller.$params = {id: 1}; - $httpBackend.expectPOST('VnUsers/1/addAlias').respond(); + $httpBackend.expectPOST('MailAliasAccounts/1/addAlias').respond(); $httpBackend.expectGET('MailAliasAccounts').respond('foo'); controller.onAddSave(); $httpBackend.flush(); @@ -44,7 +44,7 @@ describe('component vnUserAliases', () => { ]; controller.$params = {id: 1}; - $httpBackend.expectPOST('VnUsers/1/removeAlias').respond(); + $httpBackend.expectPOST('MailAliasAccounts/1/removeAlias').respond(); $httpBackend.expectGET('MailAliasAccounts').respond(controller.$.data[1]); controller.onRemove(controller.$.data[0]); $httpBackend.flush(); From aea5133f399837a4281c446e059f910be9b0530b Mon Sep 17 00:00:00 2001 From: vicent Date: Wed, 12 Jul 2023 14:01:39 +0200 Subject: [PATCH 2/8] refs #5877 fix: aply changes --- db/changes/232601/{00-aclAddAlias.sql => 01-aclAddAlias.sql} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename db/changes/232601/{00-aclAddAlias.sql => 01-aclAddAlias.sql} (100%) diff --git a/db/changes/232601/00-aclAddAlias.sql b/db/changes/232601/01-aclAddAlias.sql similarity index 100% rename from db/changes/232601/00-aclAddAlias.sql rename to db/changes/232601/01-aclAddAlias.sql From c0d329edcab295b2277b1bece04bd344b661a1ab Mon Sep 17 00:00:00 2001 From: vicent Date: Wed, 12 Jul 2023 14:04:17 +0200 Subject: [PATCH 3/8] a --- db/changes/232402/00-hotFix_travelConfig.sql | 32 +++++++++---------- .../account/back/models/mail-alias-account.js | 2 +- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/db/changes/232402/00-hotFix_travelConfig.sql b/db/changes/232402/00-hotFix_travelConfig.sql index 2691999dc..65450a74d 100644 --- a/db/changes/232402/00-hotFix_travelConfig.sql +++ b/db/changes/232402/00-hotFix_travelConfig.sql @@ -1,19 +1,19 @@ --- CREATE TABLE `vn`.`travelConfig` ( --- `id` int(11) unsigned NOT NULL AUTO_INCREMENT, --- `warehouseInFk` smallint(6) unsigned NOT NULL DEFAULT 8 COMMENT 'Warehouse de origen', --- `warehouseOutFk` smallint(6) unsigned NOT NULL DEFAULT 60 COMMENT 'Warehouse destino', --- `agencyFk` int(11) NOT NULL DEFAULT 1378 COMMENT 'Agencia por defecto', --- `companyFk` int(10) unsigned NOT NULL DEFAULT 442 COMMENT 'Compañía por defecto', --- PRIMARY KEY (`id`), --- KEY `travelConfig_FK` (`warehouseInFk`), --- KEY `travelConfig_FK_1` (`warehouseOutFk`), --- KEY `travelConfig_FK_2` (`agencyFk`), --- KEY `travelConfig_FK_3` (`companyFk`), --- CONSTRAINT `travelConfig_FK` FOREIGN KEY (`warehouseInFk`) REFERENCES `warehouse` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, --- CONSTRAINT `travelConfig_FK_1` FOREIGN KEY (`warehouseOutFk`) REFERENCES `warehouse` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, --- CONSTRAINT `travelConfig_FK_2` FOREIGN KEY (`agencyFk`) REFERENCES `agencyMode` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, --- CONSTRAINT `travelConfig_FK_3` FOREIGN KEY (`companyFk`) REFERENCES `company` (`id`) ON DELETE CASCADE ON UPDATE CASCADE --- ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci; +CREATE TABLE `vn`.`travelConfig` ( + `id` int(11) unsigned NOT NULL AUTO_INCREMENT, + `warehouseInFk` smallint(6) unsigned NOT NULL DEFAULT 8 COMMENT 'Warehouse de origen', + `warehouseOutFk` smallint(6) unsigned NOT NULL DEFAULT 60 COMMENT 'Warehouse destino', + `agencyFk` int(11) NOT NULL DEFAULT 1378 COMMENT 'Agencia por defecto', + `companyFk` int(10) unsigned NOT NULL DEFAULT 442 COMMENT 'Compañía por defecto', + PRIMARY KEY (`id`), + KEY `travelConfig_FK` (`warehouseInFk`), + KEY `travelConfig_FK_1` (`warehouseOutFk`), + KEY `travelConfig_FK_2` (`agencyFk`), + KEY `travelConfig_FK_3` (`companyFk`), + CONSTRAINT `travelConfig_FK` FOREIGN KEY (`warehouseInFk`) REFERENCES `warehouse` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, + CONSTRAINT `travelConfig_FK_1` FOREIGN KEY (`warehouseOutFk`) REFERENCES `warehouse` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, + CONSTRAINT `travelConfig_FK_2` FOREIGN KEY (`agencyFk`) REFERENCES `agencyMode` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, + CONSTRAINT `travelConfig_FK_3` FOREIGN KEY (`companyFk`) REFERENCES `company` (`id`) ON DELETE CASCADE ON UPDATE CASCADE +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci; INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`) VALUES diff --git a/modules/account/back/models/mail-alias-account.js b/modules/account/back/models/mail-alias-account.js index 21c70c32e..78ec75326 100644 --- a/modules/account/back/models/mail-alias-account.js +++ b/modules/account/back/models/mail-alias-account.js @@ -14,7 +14,7 @@ module.exports = Self => { /** * Checks if current user has - * read privileges over a dms + * grant to add/remove alias * * @param {Object} ctx - Request context * @param {Interger} mailAlias - mailAlias id From ef6a2ae578988ac536f91fcc7994a0483318983e Mon Sep 17 00:00:00 2001 From: vicent Date: Wed, 12 Jul 2023 14:06:28 +0200 Subject: [PATCH 4/8] refs #5887 fix: delete requires --- modules/account/back/models/mail-alias-account.js | 7 ------- 1 file changed, 7 deletions(-) diff --git a/modules/account/back/models/mail-alias-account.js b/modules/account/back/models/mail-alias-account.js index 78ec75326..0875bf79a 100644 --- a/modules/account/back/models/mail-alias-account.js +++ b/modules/account/back/models/mail-alias-account.js @@ -2,13 +2,6 @@ const UserError = require('vn-loopback/util/user-error'); module.exports = Self => { - require('../methods/account/sync')(Self); - require('../methods/account/sync-by-id')(Self); - require('../methods/account/sync-all')(Self); - require('../methods/account/login')(Self); - require('../methods/account/logout')(Self); - require('../methods/account/change-password')(Self); - require('../methods/account/set-password')(Self); require('../methods/mail-alias-account/addAlias')(Self); require('../methods/mail-alias-account/removeAlias')(Self); From 7aaaf5492cebb382e1474ad6a6384843f9ca17e1 Mon Sep 17 00:00:00 2001 From: vicent Date: Wed, 12 Jul 2023 15:07:06 +0200 Subject: [PATCH 5/8] refs #5887 refacotr: move code to hook --- back/methods/vn-user/specs/addAlias.spec.js | 68 ------------------- db/changes/232601/01-aclAddAlias.sql | 7 +- .../methods/mail-alias-account/addAlias.js | 45 ------------ .../methods/mail-alias-account/removeAlias.js | 51 -------------- .../account/back/models/mail-alias-account.js | 25 ++++--- modules/account/front/aliases/index.js | 14 ++-- modules/account/front/aliases/index.spec.js | 9 +-- 7 files changed, 32 insertions(+), 187 deletions(-) delete mode 100644 back/methods/vn-user/specs/addAlias.spec.js delete mode 100644 modules/account/back/methods/mail-alias-account/addAlias.js delete mode 100644 modules/account/back/methods/mail-alias-account/removeAlias.js diff --git a/back/methods/vn-user/specs/addAlias.spec.js b/back/methods/vn-user/specs/addAlias.spec.js deleted file mode 100644 index 880c08139..000000000 --- a/back/methods/vn-user/specs/addAlias.spec.js +++ /dev/null @@ -1,68 +0,0 @@ -const {models} = require('vn-loopback/server/server'); - -describe('VnUser addAlias()', () => { - const employeeId = 1; - const sysadminId = 66; - const developerId = 9; - const customerId = 2; - const mailAlias = 1; - it('should throw an error when user not has privileges', async() => { - const ctx = {req: {accessToken: {userId: employeeId}}}; - const tx = await models.VnUser.beginTransaction({}); - - let error; - try { - const options = {transaction: tx}; - - await models.MailAliasAccount.addAlias(ctx, employeeId, mailAlias, options); - - await tx.rollback(); - } catch (e) { - error = e; - await tx.rollback(); - } - - expect(error.message).toContain(`You don't have grant privilege`); - }); - - it('should throw an error when user has privileges but not has the role from user', async() => { - const ctx = {req: {accessToken: {userId: sysadminId}}}; - const tx = await models.VnUser.beginTransaction({}); - - let error; - try { - const options = {transaction: tx}; - - await models.MailAliasAccount.addAlias(ctx, employeeId, mailAlias, options); - - await tx.rollback(); - } catch (e) { - error = e; - await tx.rollback(); - } - - expect(error.message).toContain(`You cannot assign/remove an alias that you are not assigned to`); - }); - - it('should add an alias', async() => { - const ctx = {req: {accessToken: {userId: developerId}}}; - const tx = await models.VnUser.beginTransaction({}); - - let result; - try { - const options = {transaction: tx}; - - const user = await models.VnUser.findById(developerId, null, options); - await user.updateAttribute('hasGrant', true, options); - - result = await models.MailAliasAccount.addAlias(ctx, customerId, mailAlias, options); - - await tx.rollback(); - } catch (e) { - await tx.rollback(); - } - - expect(result.mailAlias).toBe(mailAlias); - expect(result.account).toBe(customerId); - }); -}); diff --git a/db/changes/232601/01-aclAddAlias.sql b/db/changes/232601/01-aclAddAlias.sql index db2100bed..d4df3cd44 100644 --- a/db/changes/232601/01-aclAddAlias.sql +++ b/db/changes/232601/01-aclAddAlias.sql @@ -1,5 +1,8 @@ +DELETE FROM `salix`.`ACL` WHERE model = 'MailAliasAccount'; + INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId) VALUES - ('MailAliasAccount', 'addAlias', 'WRITE', 'ALLOW', 'ROLE', 'employee'), - ('MailAliasAccount', 'removeAlias', 'WRITE', 'ALLOW', 'ROLE', 'employee'), + ('MailAliasAccount', '*', 'READ', 'ALLOW', 'ROLE', 'employee'), + ('MailAliasAccount', 'create', 'WRITE', 'ALLOW', 'ROLE', 'employee'), + ('MailAliasAccount', 'deleteById', 'WRITE', 'ALLOW', 'ROLE', 'employee'), ('MailAliasAccount', 'canEditAlias', 'WRITE', 'ALLOW', 'ROLE', 'itManagement'); diff --git a/modules/account/back/methods/mail-alias-account/addAlias.js b/modules/account/back/methods/mail-alias-account/addAlias.js deleted file mode 100644 index 74624b63c..000000000 --- a/modules/account/back/methods/mail-alias-account/addAlias.js +++ /dev/null @@ -1,45 +0,0 @@ -module.exports = Self => { - Self.remoteMethod('addAlias', { - description: 'Add an alias if the user has the grant', - accessType: 'WRITE', - accepts: [ - { - arg: 'ctx', - type: 'Object', - http: {source: 'context'} - }, - { - arg: 'id', - type: 'number', - required: true, - description: 'The user id', - http: {source: 'path'} - }, - { - arg: 'mailAlias', - type: 'number', - description: 'The new alias for user', - required: true - } - ], - http: { - path: `/:id/addAlias`, - verb: 'POST' - } - }); - - Self.addAlias = async function(ctx, id, mailAlias, options) { - const models = Self.app.models; - const myOptions = {}; - - if (typeof options == 'object') - Object.assign(myOptions, options); - - await Self.hasGrant(ctx, mailAlias, myOptions); - - return models.MailAliasAccount.create({ - mailAlias: mailAlias, - account: id - }, myOptions); - }; -}; diff --git a/modules/account/back/methods/mail-alias-account/removeAlias.js b/modules/account/back/methods/mail-alias-account/removeAlias.js deleted file mode 100644 index c32911f4d..000000000 --- a/modules/account/back/methods/mail-alias-account/removeAlias.js +++ /dev/null @@ -1,51 +0,0 @@ -const UserError = require('vn-loopback/util/user-error'); - -module.exports = Self => { - Self.remoteMethod('removeAlias', { - description: 'Remove alias if the user has the grant', - accessType: 'WRITE', - accepts: [ - { - arg: 'ctx', - type: 'Object', - http: {source: 'context'} - }, - { - arg: 'id', - type: 'number', - required: true, - description: 'The user id', - http: {source: 'path'} - }, - { - arg: 'mailAlias', - type: 'number', - description: 'The alias to delete', - required: true - } - ], - http: { - path: `/:id/removeAlias`, - verb: 'POST' - } - }); - - Self.removeAlias = async function(ctx, id, mailAlias, options) { - const models = Self.app.models; - const myOptions = {}; - - if (typeof options == 'object') - Object.assign(myOptions, options); - - await Self.hasGrant(ctx, mailAlias, myOptions); - - const mailAliasAccount = await models.MailAliasAccount.findOne({ - where: { - mailAlias: mailAlias, - account: id - } - }, myOptions); - - await mailAliasAccount.destroy(myOptions); - }; -}; diff --git a/modules/account/back/models/mail-alias-account.js b/modules/account/back/models/mail-alias-account.js index 0875bf79a..6f5213f24 100644 --- a/modules/account/back/models/mail-alias-account.js +++ b/modules/account/back/models/mail-alias-account.js @@ -2,8 +2,17 @@ const UserError = require('vn-loopback/util/user-error'); module.exports = Self => { - require('../methods/mail-alias-account/addAlias')(Self); - require('../methods/mail-alias-account/removeAlias')(Self); + Self.observe('before save', async ctx => { + const changes = ctx.currentInstance || ctx.instance; + + await Self.hasGrant(ctx, changes.mailAlias); + }); + + Self.observe('before delete', async ctx => { + const mailAliasAccount = await Self.findById(ctx.where.id); + + await Self.hasGrant(ctx, mailAliasAccount.mailAlias); + }); /** * Checks if current user has @@ -11,17 +20,17 @@ module.exports = Self => { * * @param {Object} ctx - Request context * @param {Interger} mailAlias - mailAlias id - * @param {Object} options - Query options * @return {Boolean} True for user with grant */ - Self.hasGrant = async function(ctx, mailAlias, options) { + Self.hasGrant = async function(ctx, mailAlias) { const models = Self.app.models; - const userId = ctx.req.accessToken.userId; + const accessToken = {req: {accessToken: ctx.options.accessToken}}; + const userId = accessToken.req.accessToken.userId; - const canEditAlias = await models.ACL.checkAccessAcl(ctx, 'MailAliasAccount', 'canEditAlias', 'WRITE'); + const canEditAlias = await models.ACL.checkAccessAcl(accessToken, 'MailAliasAccount', 'canEditAlias', 'WRITE'); if (canEditAlias) return true; - const user = await models.VnUser.findById(userId, {fields: ['hasGrant']}, options); + const user = await models.VnUser.findById(userId, {fields: ['hasGrant']}); if (!user.hasGrant) throw new UserError(`You don't have grant privilege`); @@ -33,7 +42,7 @@ module.exports = Self => { fields: ['mailAlias'] } } - }, options); + }); const aliases = account.aliases().map(alias => alias.mailAlias); diff --git a/modules/account/front/aliases/index.js b/modules/account/front/aliases/index.js index b4ada07e5..0fc806a71 100644 --- a/modules/account/front/aliases/index.js +++ b/modules/account/front/aliases/index.js @@ -21,11 +21,12 @@ export default class Controller extends Section { } onAddClick() { + this.addData = {account: this.$params.id}; this.$.dialog.show(); } onAddSave() { - return this.$http.post(`MailAliasAccounts/${this.$params.id}/addAlias`, this.addData) + return this.$http.post(`MailAliasAccounts`, this.addData) .then(() => this.refresh()) .then(() => this.vnApp.showSuccess( this.$t('Subscribed to alias!')) @@ -33,12 +34,11 @@ export default class Controller extends Section { } onRemove(row) { - const params = { - mailAlias: row.mailAlias - }; - return this.$http.post(`MailAliasAccounts/${this.$params.id}/removeAlias`, params) - .then(() => this.refresh()) - .then(() => this.vnApp.showSuccess(this.$t('Data saved!'))); + return this.$http.delete(`MailAliasAccounts/${row.id}`) + .then(() => { + this.$.data.splice(this.$.data.indexOf(row), 1); + this.vnApp.showSuccess(this.$t('Unsubscribed from alias!')); + }); } } diff --git a/modules/account/front/aliases/index.spec.js b/modules/account/front/aliases/index.spec.js index f72c06ab4..466f1e1e9 100644 --- a/modules/account/front/aliases/index.spec.js +++ b/modules/account/front/aliases/index.spec.js @@ -25,9 +25,8 @@ describe('component vnUserAliases', () => { describe('onAddSave()', () => { it('should add the new row', () => { controller.addData = {account: 1}; - controller.$params = {id: 1}; - $httpBackend.expectPOST('MailAliasAccounts/1/addAlias').respond(); + $httpBackend.expectPOST('MailAliasAccounts').respond(); $httpBackend.expectGET('MailAliasAccounts').respond('foo'); controller.onAddSave(); $httpBackend.flush(); @@ -42,14 +41,12 @@ describe('component vnUserAliases', () => { {id: 1, alias: 'foo'}, {id: 2, alias: 'bar'} ]; - controller.$params = {id: 1}; - $httpBackend.expectPOST('MailAliasAccounts/1/removeAlias').respond(); - $httpBackend.expectGET('MailAliasAccounts').respond(controller.$.data[1]); + $httpBackend.expectDELETE('MailAliasAccounts/1').respond(); controller.onRemove(controller.$.data[0]); $httpBackend.flush(); - expect(controller.$.data).toEqual({id: 2, alias: 'bar'}); + expect(controller.$.data).toEqual([{id: 2, alias: 'bar'}]); expect(controller.vnApp.showSuccess).toHaveBeenCalled(); }); }); From 3a61bc6052a2137f6590e7092aac6a9d8c4f76b3 Mon Sep 17 00:00:00 2001 From: vicent Date: Thu, 13 Jul 2023 08:21:17 +0200 Subject: [PATCH 7/8] refs #5887 move changes sql --- db/changes/{232601 => 232602}/01-aclAddAlias.sql | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename db/changes/{232601 => 232602}/01-aclAddAlias.sql (100%) diff --git a/db/changes/232601/01-aclAddAlias.sql b/db/changes/232602/01-aclAddAlias.sql similarity index 100% rename from db/changes/232601/01-aclAddAlias.sql rename to db/changes/232602/01-aclAddAlias.sql From 337ce56a60e7296e49143455f2784de28fe0b68d Mon Sep 17 00:00:00 2001 From: vicent Date: Thu, 13 Jul 2023 08:37:11 +0200 Subject: [PATCH 8/8] refs #5887 test exlcuido --- modules/ticket/back/methods/ticket/specs/filter.spec.js | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/ticket/back/methods/ticket/specs/filter.spec.js b/modules/ticket/back/methods/ticket/specs/filter.spec.js index 6cc1a3ad2..510446cab 100644 --- a/modules/ticket/back/methods/ticket/specs/filter.spec.js +++ b/modules/ticket/back/methods/ticket/specs/filter.spec.js @@ -141,6 +141,7 @@ describe('ticket filter()', () => { }); it('should return the tickets that are not pending', async() => { + pending('#6010 test intermitente'); const tx = await models.Ticket.beginTransaction({}); try {