diff --git a/Jenkinsfile b/Jenkinsfile index 06eb855612..8f87ffe610 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -25,9 +25,11 @@ pipeline { switch (env.BRANCH_NAME) { case 'master': env.NODE_ENV = 'production' + env.BACK_REPLICAS = 4 break case 'test': env.NODE_ENV = 'test' + env.BACK_REPLICAS = 2 break } } diff --git a/back/methods/image/upload.js b/back/methods/image/upload.js index 649d13c680..a93ead6510 100644 --- a/back/methods/image/upload.js +++ b/back/methods/image/upload.js @@ -48,7 +48,7 @@ module.exports = Self => { throw new UserError(`You don't have enough privileges`); if (process.env.NODE_ENV == 'test') - throw new UserError(`You can't upload images on the test instance`); + throw new UserError(`You can't upload images on the test environment`); // Upload file to temporary path const tempContainer = await TempContainer.container(args.collection); diff --git a/db/changes/12270-wisemen/00-itemTag.sql b/db/changes/12270-wisemen/00-itemTag.sql new file mode 100644 index 0000000000..f1e9370d5f --- /dev/null +++ b/db/changes/12270-wisemen/00-itemTag.sql @@ -0,0 +1,19 @@ +DROP TRIGGER IF EXISTS `vn`.`itemTag_afterUpdate`; + +DELIMITER $$ +USE `vn`$$ +CREATE DEFINER=`root`@`%` TRIGGER `vn`.`itemTag_afterUpdate` + AFTER UPDATE ON `itemTag` FOR EACH ROW +trig: BEGIN + IF @isTriggerDisabled THEN + LEAVE trig; + END IF; + + DROP TEMPORARY TABLE IF EXISTS tmp.item; + CREATE TEMPORARY TABLE tmp.item + SELECT NEW.itemFk id; + + CALL item_refreshTags(); + DROP TEMPORARY TABLE tmp.item; +END$$ +DELIMITER ; \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index c04f7e3887..24e1446e91 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -8,7 +8,7 @@ services: ports: - 80 deploy: - replicas: 3 + replicas: 2 back: image: registry.verdnatura.es/salix-back:${BRANCH_NAME:?} build: . @@ -30,7 +30,7 @@ services: - /mnt/storage/dms:/var/lib/salix/dms - /mnt/storage/image:/var/lib/salix/image deploy: - replicas: 6 + replicas: ${BACK_REPLICAS:?} configs: datasources: external: true diff --git a/modules/account/back/models/ldap-config.js b/modules/account/back/models/ldap-config.js index 9f0e84c666..819659066d 100644 --- a/modules/account/back/models/ldap-config.js +++ b/modules/account/back/models/ldap-config.js @@ -35,14 +35,13 @@ module.exports = Self => { accountConfig } = this; - let newEntry; + let dn = `uid=${userName},${this.userDn}`; if (info.hasAccount) { let {user} = info; let oldUser = await client.searchOne(this.userDn, { scope: 'sub', - attributes: ['userPassword', 'sambaNTPassword'], filter: `&(uid=${userName})` }); @@ -52,7 +51,7 @@ module.exports = Self => { ? nameArgs.splice(1).join(' ') : '-'; - newEntry = { + let newEntry = { uid: userName, objectClass: [ 'inetOrgPerson', @@ -101,62 +100,115 @@ module.exports = Self => { if (newEntry[prop] == null) delete newEntry[prop]; } + + if (oldUser) { + let changes = []; + let skipProps = new Set([ + 'dn', + 'controls' + ]); + + for (let prop in oldUser) { + let deleteProp = !skipProps.has(prop) + && !newEntry.hasOwnProperty(prop); + if (!deleteProp) continue; + changes.push(new ldap.Change({ + operation: 'delete', + modification: { + [prop]: oldUser[prop] + } + })); + } + for (let prop in newEntry) { + if (this.isEqual(oldUser[prop], newEntry[prop])) + continue; + changes.push(new ldap.Change({ + operation: 'replace', + modification: { + [prop]: newEntry[prop] + } + })); + } + + if (changes.length) + await client.modify(dn, changes); + } else + await client.add(dn, newEntry); + } else { + try { + await client.del(dn); + console.log(` -> User '${userName}' removed from LDAP`); + } catch (e) { + if (e.name !== 'NoSuchObjectError') throw e; + } } + }, - // Remove and recreate (if applicable) user - - let dn = `uid=${userName},${this.userDn}`; - let operation; - - try { - await client.del(dn); - operation = 'delete'; - } catch (e) { - if (e.name !== 'NoSuchObjectError') throw e; - } - - if (info.hasAccount) { - await client.add(dn, newEntry); - operation = 'add'; - } - - if (operation === 'delete') - console.log(` -> User '${userName}' removed from LDAP`); + isEqual(a, b) { + if (Array.isArray(a) && Array.isArray(b)) { + if (a.length !== b.length) + return false; + for (let element of a) { + if (b.indexOf(element) === -1) + return false; + } + return true; + } else + return a == b; }, async syncUserGroups(userName, info) { let {client} = this; + let {user} = info; + let groupDn = this.groupDn; let opts = { scope: 'sub', - attributes: ['dn'], + attributes: ['dn', 'cn'], filter: `&(memberUid=${userName})(objectClass=posixGroup)` }; - let oldGroups = await client.searchAll(this.groupDn, opts); + let oldGroups = await client.searchAll(groupDn, opts); - let reqs = []; - for (let oldGroup of oldGroups) { - let change = new ldap.Change({ - operation: 'delete', - modification: {memberUid: userName} - }); - reqs.push(client.modify(oldGroup.dn, change)); + let deleteGroups = []; + let addGroups = []; + + if (info.hasAccount) { + let oldSet = new Set(); + oldGroups.forEach(e => oldSet.add(e.cn)); + + let newSet = new Set(); + user.roles().forEach(e => newSet.add(e.inherits().name)); + + for (let group of oldGroups) { + if (!newSet.has(group.cn)) + deleteGroups.push(group.cn); + } + for (let role of user.roles()) { + if (!oldSet.has(role.inherits().name)) + addGroups.push(role.inherits().name); + } + } else { + for (let group of oldGroups) + deleteGroups.push(group.cn); } - await Promise.all(reqs); - if (!info.hasAccount) return; - - reqs = []; - for (let role of info.user.roles()) { - let change = new ldap.Change({ - operation: 'add', - modification: {memberUid: userName} - }); - let roleName = role.inherits().name; - let dn = `cn=${roleName},${this.groupDn}`; - reqs.push(client.modify(dn, change)); + async function applyOperations(groups, operation) { + for (let group of groups) { + try { + let dn = `cn=${group},${groupDn}`; + await client.modify(dn, new ldap.Change({ + operation, + modification: {memberUid: userName} + })); + } catch (err) { + if (err.name !== 'NoSuchObjectError') + throw err; + } + } } - await Promise.all(reqs); + + await applyOperations(deleteGroups, 'delete'); + await applyOperations(addGroups, 'add'); }, async getUsers(usersToSync) { diff --git a/modules/client/front/consumption/index.js b/modules/client/front/consumption/index.js index af08a88719..7017fed411 100644 --- a/modules/client/front/consumption/index.js +++ b/modules/client/front/consumption/index.js @@ -33,7 +33,7 @@ class Controller extends Section { get reportParams() { const userParams = this.$.model.userParams; return Object.assign({ - authorization: this.vnToken.token, + recipient: this.client.email, recipientId: this.client.id }, userParams); } diff --git a/modules/worker/back/models/calendar.json b/modules/worker/back/models/calendar.json index 199d81e6c7..1da7179c4e 100644 --- a/modules/worker/back/models/calendar.json +++ b/modules/worker/back/models/calendar.json @@ -1,6 +1,6 @@ { "name": "Calendar", - "base": "Loggable", + "base": "VnModel", "log": { "model": "WorkerLog", "relation": "labour" diff --git a/print/templates/email/letter-debtor-nd/sql/client.sql b/print/templates/email/letter-debtor-nd/sql/client.sql index 1f672879b6..aad907a4b1 100644 --- a/print/templates/email/letter-debtor-nd/sql/client.sql +++ b/print/templates/email/letter-debtor-nd/sql/client.sql @@ -7,4 +7,4 @@ FROM client c JOIN company AS cny JOIN supplierAccount AS sa ON sa.id = cny.supplierAccountFk JOIN bankEntity be ON be.id = sa.bankEntityFk -WHERE c.id = ? AND cny.id = ?` \ No newline at end of file +WHERE c.id = ? AND cny.id = ? \ No newline at end of file