refs #6023 Fix change rol bug
gitea/salix/pipeline/head There was a failure building this commit
Details
gitea/salix/pipeline/head There was a failure building this commit
Details
This commit is contained in:
parent
1ad9a30848
commit
d1df8009a6
|
|
@ -40,44 +40,56 @@ module.exports = Self => {
|
|||
const userId = ctx.req.accessToken.userId;
|
||||
|
||||
const myOptions = {};
|
||||
let tx;
|
||||
|
||||
if (typeof options == 'object')
|
||||
Object.assign(myOptions, options);
|
||||
|
||||
const user = await Self.findById(userId, {fields: ['hasGrant']}, myOptions);
|
||||
if (!myOptions.transaction) {
|
||||
tx = await Self.beginTransaction({});
|
||||
myOptions.transaction = tx;
|
||||
};
|
||||
|
||||
const userToUpdate = await Self.findById(id, {
|
||||
fields: ['id', 'name', 'hasGrant', 'roleFk', 'password', 'email'],
|
||||
include: {
|
||||
relation: 'role',
|
||||
scope: {
|
||||
fields: ['name']
|
||||
try {
|
||||
const user = await Self.findById(userId, {fields: ['hasGrant']}, myOptions);
|
||||
|
||||
const userToUpdate = await Self.findById(id, {
|
||||
fields: ['id', 'name', 'hasGrant', 'roleFk', 'password', 'email'],
|
||||
include: {
|
||||
relation: 'role',
|
||||
scope: {
|
||||
fields: ['name']
|
||||
}
|
||||
}
|
||||
}
|
||||
}, myOptions);
|
||||
}, myOptions);
|
||||
|
||||
if (!user.hasGrant)
|
||||
throw new UserError(`You don't have grant privilege`);
|
||||
if (!user.hasGrant)
|
||||
throw new UserError(`You don't have grant privilege`);
|
||||
|
||||
const hasRoleFromUser = await Self.hasRole(userId, userToUpdate.role().name, myOptions);
|
||||
const hasRoleFromUser = await Self.hasRole(userId, userToUpdate.role().name, myOptions);
|
||||
|
||||
if (!hasRoleFromUser)
|
||||
throw new UserError(`You don't own the role and you can't assign it to another user`);
|
||||
|
||||
if (hasGrant != null)
|
||||
userToUpdate.hasGrant = hasGrant;
|
||||
|
||||
if (roleFk) {
|
||||
const role = await models.Role.findById(roleFk, {fields: ['name']}, myOptions);
|
||||
const hasRole = await Self.hasRole(userId, role.name, myOptions);
|
||||
|
||||
if (!hasRole)
|
||||
if (!hasRoleFromUser)
|
||||
throw new UserError(`You don't own the role and you can't assign it to another user`);
|
||||
|
||||
userToUpdate.roleFk = roleFk;
|
||||
}
|
||||
if (hasGrant != null)
|
||||
userToUpdate.hasGrant = hasGrant;
|
||||
|
||||
await userToUpdate.save(userToUpdate);
|
||||
await models.Account.sync(userToUpdate.name);
|
||||
if (roleFk) {
|
||||
const role = await models.Role.findById(roleFk, {fields: ['name']}, myOptions);
|
||||
const hasRole = await Self.hasRole(userId, role.name, myOptions);
|
||||
|
||||
if (!hasRole)
|
||||
throw new UserError(`You don't own the role and you can't assign it to another user`);
|
||||
|
||||
userToUpdate.roleFk = roleFk;
|
||||
}
|
||||
|
||||
await userToUpdate.save(myOptions);
|
||||
await models.Account.sync(userToUpdate.name, null, null, myOptions);
|
||||
await tx.commit();
|
||||
} catch (err) {
|
||||
await tx.rollback();
|
||||
throw err;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -30,6 +30,11 @@ module.exports = Self => {
|
|||
if (typeof options == 'object')
|
||||
Object.assign(myOptions, options);
|
||||
|
||||
if (!myOptions.transaction) {
|
||||
tx = await Self.beginTransaction({});
|
||||
myOptions.transaction = tx;
|
||||
};
|
||||
|
||||
const models = Self.app.models;
|
||||
const user = await models.VnUser.findOne({
|
||||
fields: ['id'],
|
||||
|
|
|
|||
Loading…
Reference in New Issue