refs #5475 feat(account_changePassword)
gitea/salix/pipeline/head There was a failure building this commit Details

This commit is contained in:
Alex Moreno 2023-06-16 09:35:20 +02:00
parent b96f0f22b5
commit cf01c8d46e
4 changed files with 28 additions and 32 deletions

View File

@ -153,25 +153,13 @@ module.exports = function(Self) {
} }
}; };
Self.sharedClass._methods.find(method => method.name == 'changePassword') // Self.sharedClass._methods.find(method => method.name == 'changePassword')
.accessScopes = ['change-password']; // .accessScopes = ['change-password'];
// Self.sharedClass._methods.find(method => method.name == 'changePassword').accepts.splice(3, 0, { Self.sharedClass._methods.find(method => method.name == 'changePassword').ctor.settings.acls =
// arg: 'verificationCode', Self.sharedClass._methods.find(method => method.name == 'changePassword').ctor.settings.acls
// type: 'string' .filter(acl => acl.property != 'changePassword');
// });
// const _changePassword = Self.changePassword;
// Self.changePassword = async(userId, oldPassword, newPassword, verificationCode, options, cb) => {
// if (oldPassword == newPassword)
// throw new UserError(`You can't use the same password`);
// const user = await this.findById(userId, {fields: ['name', 'twoFactor']}); const _changePassword = Self.prototype.ChangePassword;
// if (user.twoFactor)
// await Self.validateCode(user.name, verificationCode);
// await _changePassword.call(this, userId, oldPassword, newPassword, options, cb);
// };
const _prototypeChangePassword = Self.prototype.ChangePassword;
Self.prototype.changePassword = async function(oldPassword, newPassword, options, cb) { Self.prototype.changePassword = async function(oldPassword, newPassword, options, cb) {
if (cb === undefined && typeof options === 'function') { if (cb === undefined && typeof options === 'function') {
cb = options; cb = options;
@ -191,7 +179,7 @@ module.exports = function(Self) {
options = myOptions; options = myOptions;
try { try {
await _prototypeChangePassword.call(this, oldPassword, newPassword, options); await _changePassword.call(this, oldPassword, newPassword, options);
tx && await tx.commit(); tx && await tx.commit();
cb && cb(); cb && cb();
} catch (err) { } catch (err) {

View File

@ -15,6 +15,11 @@ export default class Controller {
} }
$onInit() { $onInit() {
this.oldPassword = 'nightmare';
this.repeatPassword = 'test.1234';
this.newPassword = 'test.1234';
this.verificationCode = '1234';
if (!this.$state.params || !this.$state.params.id || !this.$state.params.token) if (!this.$state.params || !this.$state.params.id || !this.$state.params.token)
this.$state.go('login'); this.$state.go('login');
@ -47,9 +52,8 @@ export default class Controller {
newPassword, newPassword,
verificationCode verificationCode
}); });
this.$http.post('VnUsers/change-password', this.$http.patch('Accounts/change-password',
{ {
id,
oldPassword, oldPassword,
newPassword, newPassword,
verificationCode verificationCode

View File

@ -1,15 +1,11 @@
module.exports = Self => { module.exports = Self => {
Self.remoteMethod('changePassword', { Self.remoteMethodCtx('changePassword', {
description: 'Changes the user password', description: 'Changes the user password',
accessType: 'WRITE', accessType: 'WRITE',
accessScopes: 'change-password',
accepts: [ accepts: [
{ {
arg: 'id',
type: 'number',
description: 'The user id',
http: {source: 'path'}
}, {
arg: 'oldPassword', arg: 'oldPassword',
type: 'string', type: 'string',
description: 'The old password', description: 'The old password',
@ -26,20 +22,21 @@ module.exports = Self => {
} }
], ],
http: { http: {
path: `/:id/changePassword`, path: `/changePassword`,
verb: 'PATCH' verb: 'PATCH'
} }
}); });
Self.changePassword = async function(id, oldPassword, newPassword, verificationCode) { Self.changePassword = async function(ctx, oldPassword, newPassword, verificationCode) {
const userId = ctx.req.accessToken.userId;
const {vnUser} = Self.app.models; const {vnUser} = Self.app.models;
if (oldPassword == newPassword) if (oldPassword == newPassword)
throw new UserError(`You can't use the same password`); throw new UserError(`You can't use the same password`);
const user = await vnUser.findById(id, {fields: ['name', 'twoFactor']}); const user = await vnUser.findById(userId, {fields: ['name', 'twoFactor']});
if (user.twoFactor) if (user.twoFactor)
await vnUser.validateCode(user.name, verificationCode); await vnUser.validateCode(user.name, verificationCode);
await vnUser.changePassword(id, oldPassword, newPassword); await vnUser.changePassword(userId, oldPassword, newPassword);
}; };
}; };

View File

@ -37,6 +37,13 @@
"principalType": "ROLE", "principalType": "ROLE",
"principalId": "$authenticated", "principalId": "$authenticated",
"permission": "ALLOW" "permission": "ALLOW"
},
{
"property": "changePassword",
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW"
} }
] ]
} }