Merge branch 'dev' of https://gitea.verdnatura.es/verdnatura/salix into 5499_claim_rocketMessage_comercial
gitea/salix/pipeline/head There was a failure building this commit Details

This commit is contained in:
Javier Segarra 2023-12-20 14:40:42 +01:00
commit adc7608b25
20 changed files with 100 additions and 59 deletions

View File

@ -1,5 +1,14 @@
const UserError = require('vn-loopback/util/user-error'); const UserError = require('vn-loopback/util/user-error');
const {models} = require('vn-loopback/server/server');
const handlePromiseLogout = (Self, {id}, courtesyTime) => {
new Promise(res => {
setTimeout(() => {
res(Self.logout(id));
}
, courtesyTime * 1000);
});
};
module.exports = Self => { module.exports = Self => {
Self.remoteMethodCtx('renewToken', { Self.remoteMethodCtx('renewToken', {
description: 'Checks if the token has more than renewPeriod seconds to live and if so, renews it', description: 'Checks if the token has more than renewPeriod seconds to live and if so, renews it',
@ -16,23 +25,32 @@ module.exports = Self => {
}); });
Self.renewToken = async function(ctx) { Self.renewToken = async function(ctx) {
const models = Self.app.models; const {accessToken: token} = ctx.req;
const token = ctx.req.accessToken;
const now = new Date(); // Check if current token is valid
const differenceMilliseconds = now - token.created; const isValid = await validateToken(token);
const differenceSeconds = Math.floor(differenceMilliseconds / 1000); if (isValid)
return token;
const fields = ['renewPeriod', 'courtesyTime']; const {courtesyTime} = await models.AccessTokenConfig.findOne({fields: ['courtesyTime']});
const accessTokenConfig = await models.AccessTokenConfig.findOne({fields});
if (differenceSeconds < accessTokenConfig.renewPeriod - accessTokenConfig.courtesyTime) // Schedule to remove current token
throw new UserError(`The renew period has not been exceeded`, 'periodNotExceeded'); handlePromiseLogout(Self, token, courtesyTime);
await Self.logout(token.id); // Create new accessToken
const user = await Self.findById(token.userId); const user = await Self.findById(token.userId);
const accessToken = await user.createAccessToken(); const accessToken = await user.createAccessToken();
return {id: accessToken.id, ttl: accessToken.ttl}; return {id: accessToken.id, ttl: accessToken.ttl};
}; };
async function validateToken(token) {
const accessTokenConfig = await models.AccessTokenConfig.findOne({fields: ['renewPeriod', 'courtesyTime']});
const now = Date.now();
const differenceMilliseconds = now - token.created;
const differenceSeconds = Math.floor(differenceMilliseconds / 1000);
const isValid = differenceSeconds < accessTokenConfig.renewPeriod - accessTokenConfig.courtesyTime;
return isValid;
}
}; };

View File

@ -0,0 +1,49 @@
const {models} = require('vn-loopback/server/server');
describe('Renew Token', () => {
const startingTime = Date.now();
let ctx = null;
beforeAll(async() => {
const unAuthCtx = {
req: {
headers: {},
connection: {
remoteAddress: '127.0.0.1'
},
getLocale: () => 'en'
},
args: {}
};
let login = await models.VnUser.signIn(unAuthCtx, 'salesAssistant', 'nightmare');
let accessToken = await models.AccessToken.findById(login.token);
ctx = {req: {accessToken: accessToken}};
});
beforeEach(() => {
jasmine.clock().install();
jasmine.clock().mockDate(new Date(startingTime));
});
afterEach(() => {
jasmine.clock().uninstall();
});
it('should renew process', async() => {
jasmine.clock().mockDate(new Date(startingTime + 21600000));
const {id} = await models.VnUser.renewToken(ctx);
expect(id).not.toEqual(ctx.req.accessToken.id);
});
it('NOT should renew', async() => {
let error;
let response;
try {
response = await models.VnUser.renewToken(ctx);
} catch (e) {
error = e;
}
expect(error).toBeUndefined();
expect(response.id).toEqual(ctx.req.accessToken.id);
});
});

View File

@ -1,17 +0,0 @@
module.exports = Self => {
Self.remoteMethod('validateToken', {
description: 'Validates the current logged user token',
returns: {
type: 'Boolean',
root: true
},
http: {
path: `/validateToken`,
verb: 'GET'
}
});
Self.validateToken = async function() {
return true;
};
};

View File

@ -10,7 +10,6 @@ module.exports = function(Self) {
require('../methods/vn-user/sign-in')(Self); require('../methods/vn-user/sign-in')(Self);
require('../methods/vn-user/acl')(Self); require('../methods/vn-user/acl')(Self);
require('../methods/vn-user/recover-password')(Self); require('../methods/vn-user/recover-password')(Self);
require('../methods/vn-user/validate-token')(Self);
require('../methods/vn-user/privileges')(Self); require('../methods/vn-user/privileges')(Self);
require('../methods/vn-user/validate-auth')(Self); require('../methods/vn-user/validate-auth')(Self);
require('../methods/vn-user/renew-token')(Self); require('../methods/vn-user/renew-token')(Self);

View File

@ -102,13 +102,6 @@
"principalType": "ROLE", "principalType": "ROLE",
"principalId": "$everyone", "principalId": "$everyone",
"permission": "ALLOW" "permission": "ALLOW"
},
{
"property": "validateToken",
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$authenticated",
"permission": "ALLOW"
}, },
{ {
"property": "validateAuth", "property": "validateAuth",

View File

@ -0,0 +1,4 @@
-- Auto-generated SQL script #202311061003
UPDATE salix.accessTokenConfig
SET courtesyTime=60
WHERE id=1;

View File

@ -40,7 +40,7 @@ SELECT
`ts`.`state` AS `state`, `ts`.`state` AS `state`,
`ts`.`productionOrder` AS `productionOrder`, `ts`.`productionOrder` AS `productionOrder`,
`ts`.`alertLevel` AS `alertLevel`, `ts`.`alertLevel` AS `alertLevel`,
`ts`.`userFk` AS `worker`, `ts`.`worker` AS `worker`,
`ts`.`code` AS `code`, `ts`.`code` AS `code`,
`ts`.`updated` AS `updated`, `ts`.`updated` AS `updated`,
`ts`.`isPicked` AS `isPicked` `ts`.`isPicked` AS `isPicked`

View File

@ -2967,9 +2967,9 @@ INSERT INTO `vn`.`wagonTypeTray` (`id`, `typeFk`, `height`, `colorFk`)
(2, 1, 50, 2), (2, 1, 50, 2),
(3, 1, 0, 3); (3, 1, 0, 3);
INSERT INTO `salix`.`accessTokenConfig` (`id`, `renewPeriod`, `renewInterval`) INSERT INTO `salix`.`accessTokenConfig` (`id`, `renewPeriod`, `courtesyTime`, `renewInterval`)
VALUES VALUES
(1, 21600, 300); (1, 21600, 60, 300);
INSERT INTO `vn`.`travelConfig` (`id`, `warehouseInFk`, `warehouseOutFk`, `agencyFk`, `companyFk`) INSERT INTO `vn`.`travelConfig` (`id`, `warehouseInFk`, `warehouseOutFk`, `agencyFk`, `companyFk`)
VALUES VALUES

View File

@ -82,7 +82,7 @@ export default class Token {
if (!data) return; if (!data) return;
this.renewPeriod = data.renewPeriod; this.renewPeriod = data.renewPeriod;
this.stopRenewer(); this.stopRenewer();
this.inservalId = setInterval(() => this.checkValidity(), data.renewInterval * 1000); this.intervalId = setInterval(() => this.checkValidity(), data.renewInterval * 1000);
}); });
} }
@ -103,17 +103,13 @@ export default class Token {
const token = res.data; const token = res.data;
this.set(token.id, now, token.ttl, this.remember); this.set(token.id, now, token.ttl, this.remember);
}) })
.catch(res => {
if (res.data?.error?.code !== 'periodNotExceeded')
throw res;
})
.finally(() => { .finally(() => {
this.checking = false; this.checking = false;
}); });
} }
stopRenewer() { stopRenewer() {
clearInterval(this.inservalId); clearInterval(this.intervalId);
} }
} }
Token.$inject = ['vnInterceptor', '$http', '$rootScope']; Token.$inject = ['vnInterceptor', '$http', '$rootScope'];

View File

@ -18,7 +18,7 @@ Show summary: Mostrar vista previa
What is new: Novedades de la versión What is new: Novedades de la versión
Settings: Ajustes Settings: Ajustes
There is a new version, click here to reload: Hay una nueva versión, pulse aquí para recargar There is a new version, click here to reload: Hay una nueva versión, pulse aquí para recargar
This ticket is locked.: Este ticket está bloqueado This ticket is locked: Este ticket está bloqueado
# Actions # Actions

View File

@ -183,7 +183,7 @@
"Social name should be uppercase": "Social name should be uppercase", "Social name should be uppercase": "Social name should be uppercase",
"Street should be uppercase": "Street should be uppercase", "Street should be uppercase": "Street should be uppercase",
"You don't have enough privileges.": "You don't have enough privileges.", "You don't have enough privileges.": "You don't have enough privileges.",
"This ticket is locked.": "This ticket is locked.", "This ticket is locked": "This ticket is locked",
"This ticket is not editable.": "This ticket is not editable.", "This ticket is not editable.": "This ticket is not editable.",
"The ticket doesn't exist.": "The ticket doesn't exist.", "The ticket doesn't exist.": "The ticket doesn't exist.",
"The sales do not exists": "The sales do not exists", "The sales do not exists": "The sales do not exists",

View File

@ -312,7 +312,7 @@
"You cannot assign/remove an alias that you are not assigned to": "No puede asignar/eliminar un alias que no tenga asignado", "You cannot assign/remove an alias that you are not assigned to": "No puede asignar/eliminar un alias que no tenga asignado",
"This invoice has a linked vehicle.": "Esta factura tiene un vehiculo vinculado", "This invoice has a linked vehicle.": "Esta factura tiene un vehiculo vinculado",
"You don't have enough privileges.": "No tienes suficientes permisos.", "You don't have enough privileges.": "No tienes suficientes permisos.",
"This ticket is locked.": "Este ticket está bloqueado.", "This ticket is locked": "Este ticket está bloqueado.",
"This ticket is not editable.": "Este ticket no es editable.", "This ticket is not editable.": "Este ticket no es editable.",
"The ticket doesn't exist.": "No existe el ticket.", "The ticket doesn't exist.": "No existe el ticket.",
"Social name should be uppercase": "La razón social debe ir en mayúscula", "Social name should be uppercase": "La razón social debe ir en mayúscula",

View File

@ -1,6 +1,5 @@
module.exports = () => { module.exports = () => {
Date.vnUTC = () => { Date.vnUTC = (env = process.env.NODE_ENV) => {
const env = process.env.NODE_ENV;
if (!env || env === 'development') if (!env || env === 'development')
return new Date(Date.UTC(2001, 0, 1, 11)); return new Date(Date.UTC(2001, 0, 1, 11));

View File

@ -2,7 +2,7 @@ const {models} = require('vn-loopback/server/server');
describe('account changePassword()', () => { describe('account changePassword()', () => {
const userId = 70; const userId = 70;
const unauthCtx = { const unAuthCtx = {
req: { req: {
headers: {}, headers: {},
connection: { connection: {
@ -79,7 +79,7 @@ describe('account changePassword()', () => {
passExpired: yesterday passExpired: yesterday
} }
, options); , options);
await models.VnUser.signIn(unauthCtx, 'trainee', 'nightmare', options); await models.VnUser.signIn(unAuthCtx, 'trainee', 'nightmare', options);
} catch (e) { } catch (e) {
if (e.message != 'Pass expired') if (e.message != 'Pass expired')
throw e; throw e;

View File

@ -41,7 +41,7 @@ module.exports = Self => {
throw new ForbiddenError(`This ticket is not editable.`); throw new ForbiddenError(`This ticket is not editable.`);
if (isLocked && !isWeekly) if (isLocked && !isWeekly)
throw new ForbiddenError(`This ticket is locked.`); throw new ForbiddenError(`This ticket is locked`);
if (isWeekly && !canEditWeeklyTicket) if (isWeekly && !canEditWeeklyTicket)
throw new ForbiddenError(`You don't have enough privileges.`); throw new ForbiddenError(`You don't have enough privileges.`);

View File

@ -89,6 +89,6 @@ describe('ticket addSale()', () => {
error = e; error = e;
} }
expect(error.message).toEqual(`This ticket is locked.`); expect(error.message).toEqual(`This ticket is locked`);
}); });
}); });

View File

@ -40,7 +40,7 @@ describe('ticket isEditableOrThrow()', () => {
expect(error.message).toEqual(`This ticket is not editable.`); expect(error.message).toEqual(`This ticket is not editable.`);
}); });
it('should throw an error as this ticket is locked.', async() => { it('should throw an error as This ticket is locked', async() => {
const tx = await models.Ticket.beginTransaction({}); const tx = await models.Ticket.beginTransaction({});
let error; let error;
try { try {
@ -57,7 +57,7 @@ describe('ticket isEditableOrThrow()', () => {
await tx.rollback(); await tx.rollback();
} }
expect(error.message).toEqual(`This ticket is locked.`); expect(error.message).toEqual(`This ticket is locked`);
}); });
it('should throw an error as you do not have enough privileges.', async() => { it('should throw an error as you do not have enough privileges.', async() => {

View File

@ -39,6 +39,6 @@ describe('ticket recalculateComponents()', () => {
error = e; error = e;
} }
expect(error).toEqual(new ForbiddenError(`This ticket is locked.`)); expect(error).toEqual(new ForbiddenError(`This ticket is locked`));
}); });
}); });

View File

@ -23,7 +23,7 @@ describe('Ticket transferClient()', () => {
error = e; error = e;
} }
expect(error.message).toEqual(`This ticket is locked.`); expect(error.message).toEqual(`This ticket is locked`);
}); });
it('should be assigned a different clientFk', async() => { it('should be assigned a different clientFk', async() => {