From d6ff61b76861a93a616186e91cf62a55c7add360 Mon Sep 17 00:00:00 2001
From: vicent <vicent@verdnatura.es>
Date: Wed, 26 Apr 2023 09:48:02 +0200
Subject: [PATCH] =?UTF-8?q?refs=20#5468=20corregidas=20condiciones=20de=20?=
 =?UTF-8?q?autorizaci=C3=B3n?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 modules/account/front/aliases/index.html               |  4 ++--
 modules/account/front/aliases/index.js                 |  7 ++++---
 modules/account/front/mail-forwarding/index.js         |  7 +++----
 modules/account/front/mail-forwarding/locale/es.yml    |  1 +
 .../{authorizeSelfOrSuperior.js => isAuthorized.js}    | 10 +++++-----
 modules/worker/back/models/worker.js                   |  2 +-
 6 files changed, 16 insertions(+), 15 deletions(-)
 rename modules/worker/back/methods/worker/{authorizeSelfOrSuperior.js => isAuthorized.js} (75%)

diff --git a/modules/account/front/aliases/index.html b/modules/account/front/aliases/index.html
index 87f3c92de..57f7ae968 100644
--- a/modules/account/front/aliases/index.html
+++ b/modules/account/front/aliases/index.html
@@ -15,9 +15,8 @@
                     </vn-item-section>
                     <vn-item-section side>
                         <vn-icon-button
-                            ng-if="!$ctrl.isSubordinate"
+                            ng-if="$ctrl.isAuthorized"
                             icon="delete"
-                            label="$ctrl.isSubordinate"
                             translate-attr="{title: 'Unsubscribe'}"
                             ng-click="removeConfirm.show(row)">
                         </vn-icon-button>
@@ -28,6 +27,7 @@
         </vn-card>
     </vn-data-viewer>
     <vn-float-button
+        ng-if="$ctrl.isAuthorized"
         icon="add"
         translate-attr="{title: 'Add'}"
         vn-bind="+"
diff --git a/modules/account/front/aliases/index.js b/modules/account/front/aliases/index.js
index 9cedaf308..c7c5cb82d 100644
--- a/modules/account/front/aliases/index.js
+++ b/modules/account/front/aliases/index.js
@@ -5,12 +5,13 @@ export default class Controller extends Section {
     $onInit() {
         this.refresh();
         this.getIsSubordinate();
-        console.log(this.isSubordinate);
     }
 
     getIsSubordinate() {
-        this.$http.get(`Workers/${this.$params.id}/isSubordinate`)
-            .then(res => this.isSubordinate = res.data);
+        this.$http.get(`Workers/${this.$params.id}/isAuthorized`)
+            .then(res => {
+                this.isAuthorized = res.data;
+            });
     }
 
     refresh() {
diff --git a/modules/account/front/mail-forwarding/index.js b/modules/account/front/mail-forwarding/index.js
index 2047cdaa8..b48fd2258 100644
--- a/modules/account/front/mail-forwarding/index.js
+++ b/modules/account/front/mail-forwarding/index.js
@@ -8,11 +8,10 @@ export default class Controller extends Section {
     }
 
     getIsAuthorized() {
-        this.$http.get(`Workers/${this.$params.id}/authorizeSelfOrSuperior`)
+        this.$http.get(`Workers/${this.$params.id}/isSubordinate`)
             .then(res => {
-                this.isAuthorized = res.data;
-
-                if (!this.isAuthorized) throw new UserError(`You don't have enough privileges`);
+                this.isSubordinate = res.data;
+                if (!this.isSubordinate) throw new UserError(`You don't have enough privileges`);
                 this.$.watcher.submit();
             });
     }
diff --git a/modules/account/front/mail-forwarding/locale/es.yml b/modules/account/front/mail-forwarding/locale/es.yml
index 0322e3e42..688ace6b5 100644
--- a/modules/account/front/mail-forwarding/locale/es.yml
+++ b/modules/account/front/mail-forwarding/locale/es.yml
@@ -4,3 +4,4 @@ Enable mail forwarding: Habilitar redirección de correo
 All emails will be forwarded to the specified address.: >
     Todos los correos serán reenviados a la dirección especificada, no se
     mantendrá copia de los mismos en el buzón del usuario.
+You don't have enough privileges: No tienes suficientes permisos
diff --git a/modules/worker/back/methods/worker/authorizeSelfOrSuperior.js b/modules/worker/back/methods/worker/isAuthorized.js
similarity index 75%
rename from modules/worker/back/methods/worker/authorizeSelfOrSuperior.js
rename to modules/worker/back/methods/worker/isAuthorized.js
index 30dfd17c1..519aab94f 100644
--- a/modules/worker/back/methods/worker/authorizeSelfOrSuperior.js
+++ b/modules/worker/back/methods/worker/isAuthorized.js
@@ -1,6 +1,6 @@
 module.exports = Self => {
-    Self.remoteMethod('authorizeSelfOrSuperior', {
-        description: 'Return true if is himself or a superior',
+    Self.remoteMethod('isAuthorized', {
+        description: 'Return true if the current user is a superior of the worker that is passed by parameter',
         accessType: 'READ',
         accepts: [{
             arg: 'ctx',
@@ -18,12 +18,12 @@ module.exports = Self => {
             root: true
         },
         http: {
-            path: `/:id/authorizeSelfOrSuperior`,
+            path: `/:id/isAuthorized`,
             verb: 'GET'
         }
     });
 
-    Self.authorizeSelfOrSuperior = async(ctx, id, options) => {
+    Self.isAuthorized = async(ctx, id, options) => {
         const models = Self.app.models;
         const currentUserId = ctx.req.accessToken.userId;
         const isHimself = currentUserId == id;
@@ -36,7 +36,7 @@ module.exports = Self => {
         const isSubordinate = await models.Worker.isSubordinate(ctx, id, myOptions);
         const isTeamBoss = await models.VnUser.hasRole(currentUserId, 'teamBoss', myOptions);
 
-        if (!isSubordinate || (isSubordinate && !isHimself && !isTeamBoss))
+        if (!isSubordinate || (isSubordinate && isHimself && !isTeamBoss))
             return false;
 
         return true;
diff --git a/modules/worker/back/models/worker.js b/modules/worker/back/models/worker.js
index ffcb688ee..b44703a88 100644
--- a/modules/worker/back/models/worker.js
+++ b/modules/worker/back/models/worker.js
@@ -16,7 +16,7 @@ module.exports = Self => {
     require('../methods/worker/new')(Self);
     require('../methods/worker/deallocatePDA')(Self);
     require('../methods/worker/allocatePDA')(Self);
-    require('../methods/worker/authorizeSelfOrSuperior')(Self);
+    require('../methods/worker/isAuthorized')(Self);
 
     Self.validatesUniquenessOf('locker', {
         message: 'This locker has already been assigned'