From 63533459b0991abf3c3d67492c1739780f7bbd98 Mon Sep 17 00:00:00 2001 From: Javier Segarra Date: Tue, 28 Nov 2023 13:22:17 +0100 Subject: [PATCH 01/13] refs #6434 feat: improve signIn method --- back/methods/vn-user/sign-in.js | 8 +--- back/methods/vn-user/specs/sign-in.spec.js | 15 +++--- back/models/vn-user.js | 47 ++++++++++++++----- db/changes/234901/00-createSignInLogTable.sql | 15 ++++++ modules/account/back/models/sign_in-log.json | 7 ++- 5 files changed, 66 insertions(+), 26 deletions(-) create mode 100644 db/changes/234901/00-createSignInLogTable.sql diff --git a/back/methods/vn-user/sign-in.js b/back/methods/vn-user/sign-in.js index 9c2d568f4..782046641 100644 --- a/back/methods/vn-user/sign-in.js +++ b/back/methods/vn-user/sign-in.js @@ -49,13 +49,7 @@ module.exports = Self => { if (vnUser.twoFactor) throw new ForbiddenError(null, 'REQUIRES_2FA'); } - const validateLogin = await Self.validateLogin(user, password); - await Self.app.models.SignInLog.create({ - token: validateLogin.token, - userFk: vnUser.id, - ip: ctx.req.ip - }); - return validateLogin; + return Self.validateLogin(user, password, ctx); }; Self.passExpired = async vnUser => { diff --git a/back/methods/vn-user/specs/sign-in.spec.js b/back/methods/vn-user/specs/sign-in.spec.js index ac2dfe2b2..1c4b4af51 100644 --- a/back/methods/vn-user/specs/sign-in.spec.js +++ b/back/methods/vn-user/specs/sign-in.spec.js @@ -2,7 +2,7 @@ const {models} = require('vn-loopback/server/server'); describe('VnUser Sign-in()', () => { const employeeId = 1; - const unauthCtx = { + const unAuthCtx = { req: { headers: {}, connection: { @@ -15,20 +15,21 @@ describe('VnUser Sign-in()', () => { const {VnUser, AccessToken, SignInLog} = models; describe('when credentials are correct', () => { it('should return the token if user uses email', async() => { - let login = await VnUser.signIn(unauthCtx, 'salesAssistant@mydomain.com', 'nightmare'); + let login = await VnUser.signIn(unAuthCtx, 'salesAssistant@mydomain.com', 'nightmare'); let accessToken = await AccessToken.findById(login.token); let ctx = {req: {accessToken: accessToken}}; let signInLog = await SignInLog.find({where: {token: accessToken.id}}); expect(signInLog.length).toEqual(1); expect(signInLog[0].userFk).toEqual(accessToken.userId); + expect(signInLog[0].owner).toEqual(true); expect(login.token).toBeDefined(); await VnUser.logout(ctx.req.accessToken.id); }); it('should return the token', async() => { - let login = await VnUser.signIn(unauthCtx, 'salesAssistant', 'nightmare'); + let login = await VnUser.signIn(unAuthCtx, 'salesAssistant', 'nightmare'); let accessToken = await AccessToken.findById(login.token); let ctx = {req: {accessToken: accessToken}}; @@ -38,7 +39,7 @@ describe('VnUser Sign-in()', () => { }); it('should return the token if the user doesnt exist but the client does', async() => { - let login = await VnUser.signIn(unauthCtx, 'PetterParker', 'nightmare'); + let login = await VnUser.signIn(unAuthCtx, 'PetterParker', 'nightmare'); let accessToken = await AccessToken.findById(login.token); let ctx = {req: {accessToken: accessToken}}; @@ -53,7 +54,7 @@ describe('VnUser Sign-in()', () => { let error; try { - await VnUser.signIn(unauthCtx, 'IDontExist', 'TotallyWrongPassword'); + await VnUser.signIn(unAuthCtx, 'IDontExist', 'TotallyWrongPassword'); } catch (e) { error = e; } @@ -74,7 +75,7 @@ describe('VnUser Sign-in()', () => { const options = {transaction: tx}; await employee.updateAttribute('twoFactor', 'email', options); - await VnUser.signIn(unauthCtx, 'employee', 'nightmare', options); + await VnUser.signIn(unAuthCtx, 'employee', 'nightmare', options); await tx.rollback(); } catch (e) { await tx.rollback(); @@ -99,7 +100,7 @@ describe('VnUser Sign-in()', () => { const options = {transaction: tx}; await employee.updateAttribute('passExpired', yesterday, options); - await VnUser.signIn(unauthCtx, 'employee', 'nightmare', options); + await VnUser.signIn(unAuthCtx, 'employee', 'nightmare', options); await tx.rollback(); } catch (e) { await tx.rollback(); diff --git a/back/models/vn-user.js b/back/models/vn-user.js index 719e96cbf..6b9b9bab5 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -124,20 +124,43 @@ module.exports = function(Self) { return email.send(); }); - Self.signInValidate = (user, userToken) => { + + /** + * Sign-in validate. * + * @param {Integer} user The user + * @param {Object} userToken Options + * @param {Object} token accessToken + * @param {Object} ctx context + */ + Self.signInValidate = async(user, userToken, token, ctx) => { const [[key, value]] = Object.entries(Self.userUses(user)); - if (userToken[key].toLowerCase().trim() !== value.toLowerCase().trim()) { - console.error('ERROR!!! - Signin with other user', userToken, user); + const isOwner = Self.rawSql(`SELECT ? = ? `, [userToken[key], value]); + await Self.app.models.SignInLog.create({ + token: token.id, + userFk: userToken.id, + ip: ctx.req.ip, + owner: isOwner + }); + if (!isOwner) { + console.error('ERROR!!! - SignIn with other user', userToken, user); throw new UserError('Try again'); } }; - Self.validateLogin = async function(user, password) { + /** + * Validate login params* + * @param {String} user The user + * @param {String} password + * @param {Object} ctx context + */ + Self.validateLogin = async function(user, password, ctx) { const loginInfo = Object.assign({password}, Self.userUses(user)); const token = await Self.login(loginInfo, 'user'); const userToken = await token.user.get(); - Self.signInValidate(user, userToken); + + if (ctx) + await Self.signInValidate(user, userToken, token, ctx); try { await Self.app.models.Account.sync(userToken.name, password); @@ -187,8 +210,8 @@ module.exports = function(Self) { }; Self.sharedClass._methods.find(method => method.name == 'changePassword').ctor.settings.acls = - Self.sharedClass._methods.find(method => method.name == 'changePassword').ctor.settings.acls - .filter(acl => acl.property != 'changePassword'); + Self.sharedClass._methods.find(method => method.name == 'changePassword').ctor.settings.acls + .filter(acl => acl.property != 'changePassword'); Self.userSecurity = async(ctx, userId, options) => { const models = Self.app.models; @@ -226,10 +249,12 @@ module.exports = function(Self) { const env = process.env.NODE_ENV; const liliumUrl = await Self.app.models.Url.findOne({ - where: {and: [ - {appName: 'lilium'}, - {environment: env} - ]} + where: { + and: [ + {appName: 'lilium'}, + {environment: env} + ] + } }); class Mailer { diff --git a/db/changes/234901/00-createSignInLogTable.sql b/db/changes/234901/00-createSignInLogTable.sql new file mode 100644 index 000000000..f77268375 --- /dev/null +++ b/db/changes/234901/00-createSignInLogTable.sql @@ -0,0 +1,15 @@ + +DROP TABLE IF EXISTS `account`.`signInLog`; +/*!40101 SET @saved_cs_client = @@character_set_client */; +/*!40101 SET character_set_client = utf8 */; +CREATE TABLE `account`.`signInLog` ( + id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, + `token` varchar(255) NOT NULL , + `userFk` int(10) unsigned DEFAULT NULL, + `creationDate` timestamp NULL DEFAULT current_timestamp(), + `ip` varchar(100) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NOT NULL, + `owner` tinyint(1) DEFAULT 1, + KEY `userFk` (`userFk`), + CONSTRAINT `signInLog_ibfk_1` FOREIGN KEY (`userFk`) REFERENCES `user` (`id`) ON DELETE CASCADE ON UPDATE CASCADE +); + diff --git a/modules/account/back/models/sign_in-log.json b/modules/account/back/models/sign_in-log.json index c5c014e60..0da3dc3dd 100644 --- a/modules/account/back/models/sign_in-log.json +++ b/modules/account/back/models/sign_in-log.json @@ -25,7 +25,12 @@ "type": "number" }, "ip": { - "type": "string" + "type": "string" + }, + "owner": { + "type": "boolean", + "required": true, + "default": true } }, "relations": { From 48b82b02cad3501d599c4ef688942de5f0ecf807 Mon Sep 17 00:00:00 2001 From: JAVIER SEGARRA MARTINEZ Date: Wed, 29 Nov 2023 19:32:10 +0000 Subject: [PATCH 02/13] refs #6434 change param type for signInValidate --- back/models/vn-user.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/back/models/vn-user.js b/back/models/vn-user.js index 6b9b9bab5..e32d83a36 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -127,7 +127,7 @@ module.exports = function(Self) { /** * Sign-in validate. * - * @param {Integer} user The user + * @param {String} user The user * @param {Object} userToken Options * @param {Object} token accessToken * @param {Object} ctx context From ed6c0924d794e1a99a1f08e9c69ba55303120c24 Mon Sep 17 00:00:00 2001 From: JAVIER SEGARRA MARTINEZ Date: Wed, 29 Nov 2023 19:33:04 +0000 Subject: [PATCH 03/13] refs #6434 perf: remove console.error --- back/models/vn-user.js | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/back/models/vn-user.js b/back/models/vn-user.js index e32d83a36..288bd4d1f 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -141,10 +141,8 @@ module.exports = function(Self) { ip: ctx.req.ip, owner: isOwner }); - if (!isOwner) { - console.error('ERROR!!! - SignIn with other user', userToken, user); + if (!isOwner) throw new UserError('Try again'); - } }; /** From 9176cdb4cbed343727f470d01bc0cfff9a65ad8b Mon Sep 17 00:00:00 2001 From: JAVIER SEGARRA MARTINEZ Date: Wed, 29 Nov 2023 19:34:00 +0000 Subject: [PATCH 04/13] refs #6434 perf: new field in SignInLog table --- back/models/vn-user.js | 1 + 1 file changed, 1 insertion(+) diff --git a/back/models/vn-user.js b/back/models/vn-user.js index 288bd4d1f..ad0f88d8c 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -136,6 +136,7 @@ module.exports = function(Self) { const [[key, value]] = Object.entries(Self.userUses(user)); const isOwner = Self.rawSql(`SELECT ? = ? `, [userToken[key], value]); await Self.app.models.SignInLog.create({ + userName: user, token: token.id, userFk: userToken.id, ip: ctx.req.ip, From 46774b2e73b42fefa147803770e54adfd992a06c Mon Sep 17 00:00:00 2001 From: JAVIER SEGARRA MARTINEZ Date: Wed, 29 Nov 2023 19:35:37 +0000 Subject: [PATCH 05/13] refs #6434 perf: new field in SignInLog table --- db/changes/234901/00-createSignInLogTable.sql | 1 + 1 file changed, 1 insertion(+) diff --git a/db/changes/234901/00-createSignInLogTable.sql b/db/changes/234901/00-createSignInLogTable.sql index f77268375..49187c9cb 100644 --- a/db/changes/234901/00-createSignInLogTable.sql +++ b/db/changes/234901/00-createSignInLogTable.sql @@ -7,6 +7,7 @@ CREATE TABLE `account`.`signInLog` ( `token` varchar(255) NOT NULL , `userFk` int(10) unsigned DEFAULT NULL, `creationDate` timestamp NULL DEFAULT current_timestamp(), + `userName` varchar(30) NOT NULL, `ip` varchar(100) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NOT NULL, `owner` tinyint(1) DEFAULT 1, KEY `userFk` (`userFk`), From 1576ab992d2cc6a4b5f1e89efa5c2c6136c52634 Mon Sep 17 00:00:00 2001 From: JAVIER SEGARRA MARTINEZ Date: Wed, 29 Nov 2023 19:36:30 +0000 Subject: [PATCH 06/13] refs #6434 perf: new field in SignInLog table --- modules/account/back/models/sign_in-log.json | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/account/back/models/sign_in-log.json b/modules/account/back/models/sign_in-log.json index 0da3dc3dd..8656e92dc 100644 --- a/modules/account/back/models/sign_in-log.json +++ b/modules/account/back/models/sign_in-log.json @@ -27,6 +27,9 @@ "ip": { "type": "string" }, + "userName": { + "type": "string" + }, "owner": { "type": "boolean", "required": true, From 138d11b7b0cb72c3b0d91fa553eaf32cfba5b8de Mon Sep 17 00:00:00 2001 From: Javier Segarra Date: Thu, 30 Nov 2023 08:10:32 +0100 Subject: [PATCH 07/13] refs #6434 perf new version folder for sql file --- db/changes/{234604 => 264802}/00-createSignInLogTable.sql | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename db/changes/{234604 => 264802}/00-createSignInLogTable.sql (100%) diff --git a/db/changes/234604/00-createSignInLogTable.sql b/db/changes/264802/00-createSignInLogTable.sql similarity index 100% rename from db/changes/234604/00-createSignInLogTable.sql rename to db/changes/264802/00-createSignInLogTable.sql From 6b354a20adc64aed73826740de80839051aca1c0 Mon Sep 17 00:00:00 2001 From: Javier Segarra Date: Thu, 30 Nov 2023 08:13:28 +0100 Subject: [PATCH 08/13] refs #6434 perf: add sql table description --- db/changes/234901/00-createSignInLogTable.sql | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/db/changes/234901/00-createSignInLogTable.sql b/db/changes/234901/00-createSignInLogTable.sql index 49187c9cb..942f651c9 100644 --- a/db/changes/234901/00-createSignInLogTable.sql +++ b/db/changes/234901/00-createSignInLogTable.sql @@ -1,4 +1,9 @@ +-- +-- Table structure for table `signInLog` +-- Description: log to debug cross-login error +-- + DROP TABLE IF EXISTS `account`.`signInLog`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; From 58855a7cddb75720369e9eb596f96f0e16f8f692 Mon Sep 17 00:00:00 2001 From: Javier Segarra Date: Thu, 30 Nov 2023 08:14:56 +0100 Subject: [PATCH 09/13] refs #6434 perf: remove bad characters method description --- back/models/vn-user.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/back/models/vn-user.js b/back/models/vn-user.js index ad0f88d8c..e14cd30ea 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -126,7 +126,7 @@ module.exports = function(Self) { }); /** - * Sign-in validate. * + * Sign-in validate * @param {String} user The user * @param {Object} userToken Options * @param {Object} token accessToken @@ -147,7 +147,7 @@ module.exports = function(Self) { }; /** - * Validate login params* + * Validate login params * @param {String} user The user * @param {String} password * @param {Object} ctx context From 80f8037f58f72f0e3ecdf34755d81422951eebe8 Mon Sep 17 00:00:00 2001 From: Javier Segarra Date: Thu, 30 Nov 2023 08:23:14 +0100 Subject: [PATCH 10/13] refs #6434 perf remove version folder for sql file --- db/changes/264802/00-createSignInLogTable.sql | 20 ------------------- 1 file changed, 20 deletions(-) delete mode 100644 db/changes/264802/00-createSignInLogTable.sql diff --git a/db/changes/264802/00-createSignInLogTable.sql b/db/changes/264802/00-createSignInLogTable.sql deleted file mode 100644 index 525348135..000000000 --- a/db/changes/264802/00-createSignInLogTable.sql +++ /dev/null @@ -1,20 +0,0 @@ - - --- --- Table structure for table `signInLog` --- Description: log to debug cross-login error --- - -DROP TABLE IF EXISTS `account`.`signInLog`; -/*!40101 SET @saved_cs_client = @@character_set_client */; -/*!40101 SET character_set_client = utf8 */; -CREATE TABLE `account`.`signInLog` ( - id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, - `token` varchar(255) NOT NULL , - `userFk` int(10) unsigned DEFAULT NULL, - `creationDate` timestamp NULL DEFAULT current_timestamp(), - `ip` varchar(100) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NOT NULL, - KEY `userFk` (`userFk`), - CONSTRAINT `signInLog_ibfk_1` FOREIGN KEY (`userFk`) REFERENCES `user` (`id`) ON DELETE CASCADE ON UPDATE CASCADE -); - From 7611acb8f2d156358b8d4699594cfbc2ac3157f6 Mon Sep 17 00:00:00 2001 From: Javier Segarra Date: Thu, 30 Nov 2023 08:34:10 +0100 Subject: [PATCH 11/13] refs #6434 perf rename version folder for sql file --- db/changes/{234901 => 234802}/00-createSignInLogTable.sql | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename db/changes/{234901 => 234802}/00-createSignInLogTable.sql (100%) diff --git a/db/changes/234901/00-createSignInLogTable.sql b/db/changes/234802/00-createSignInLogTable.sql similarity index 100% rename from db/changes/234901/00-createSignInLogTable.sql rename to db/changes/234802/00-createSignInLogTable.sql From 9cdb7c3ccab620912c1a4bb9c7c7ac955895c00e Mon Sep 17 00:00:00 2001 From: carlossa Date: Thu, 30 Nov 2023 09:18:00 +0100 Subject: [PATCH 12/13] refs #6065 remove workcenter --- modules/worker/front/time-control/index.js | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/worker/front/time-control/index.js b/modules/worker/front/time-control/index.js index f8a94be52..f6a6ed535 100644 --- a/modules/worker/front/time-control/index.js +++ b/modules/worker/front/time-control/index.js @@ -111,8 +111,10 @@ class Controller extends Section { dayIndex.setDate(dayIndex.getDate() + 1); } - this.fetchHours(); - this.getWeekData(); + if (this.worker) { + this.fetchHours(); + this.getWeekData(); + } } set weekTotalHours(totalHours) { @@ -171,8 +173,6 @@ class Controller extends Section { ]} }; this.$.model.applyFilter(filter, params).then(() => { - if (!this.card.hasWorkCenter) return; - this.getWorkedHours(this.started, this.ended); this.getAbsences(); }); From ab69dcd4fe5c182f71713de516ff12c40a29a792 Mon Sep 17 00:00:00 2001 From: alexm Date: Thu, 30 Nov 2023 12:32:41 +0100 Subject: [PATCH 13/13] refs #6524 fix: fixtures and feat: new changelog format --- CHANGELOG.md | 13 ++++++------- db/dump/fixtures.sql | 4 ++++ 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1f16511b6..70174ede3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,14 +7,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [2348.01] - 2023-11-30 -### Added -- (Ticket -> Adelantar) Permite mover lineas sin generar negativos -- (Ticket -> Adelantar) Permite modificar la fecha de los tickets -- (Trabajadores -> Notificaciones) Nueva sección (lilium) +### Características Añadidas 🆕 +- **Tickets → Adelantar:** Permite mover lineas sin generar negativos +- **Tickets → Adelantar:** Permite modificar la fecha de los tickets +- **Trabajadores → Notificaciones:** Nueva sección (lilium) -### Changed -### Fixed -- (Ticket -> RocketChat) Arreglada detección de cambios +### Correcciones 🛠️ +- **Tickets → RocketChat:** Arreglada detección de cambios ## [2346.01] - 2023-11-16 diff --git a/db/dump/fixtures.sql b/db/dump/fixtures.sql index 788487ed0..d9eed401e 100644 --- a/db/dump/fixtures.sql +++ b/db/dump/fixtures.sql @@ -1,6 +1,10 @@ CREATE SCHEMA IF NOT EXISTS `vn2008`; CREATE SCHEMA IF NOT EXISTS `tmp`; +CREATE ROLE 'salix'; +GRANT 'salix' TO 'root'@'%'; +SET DEFAULT ROLE 'salix' FOR 'root'@'%'; + UPDATE `util`.`config` SET `environment`= 'development';