refs #5468 refactor: modificado acl directamente sin necesidad de crear una nueva ruta
gitea/salix/pipeline/head This commit looks good Details

This commit is contained in:
Vicent Llopis 2023-05-30 09:13:47 +02:00
parent c9b4c68b0c
commit ea1c860a18
6 changed files with 19 additions and 78 deletions

View File

@ -1,70 +0,0 @@
module.exports = function(Self) {
Self.remoteMethodCtx('createUser', {
description: 'Create a user',
accessType: 'WRITE',
accepts: [{
arg: 'name',
type: 'string',
required: true
},
{
arg: 'nickname',
type: 'string',
required: true
},
{
arg: 'email',
type: 'string',
required: true
},
{
arg: 'roleFk',
type: 'number',
required: true
},
{
arg: 'password',
type: 'string',
required: true
},
{
arg: 'active',
type: 'boolean'
}],
returns: {
root: true,
type: 'object'
},
http: {
verb: 'POST',
path: '/createUser'
}
});
Self.createUser = async(ctx, options) => {
const models = Self.app.models;
const args = ctx.args;
let tx;
const myOptions = {};
if (typeof options == 'object')
Object.assign(myOptions, options);
if (!myOptions.transaction) {
tx = await Self.beginTransaction({});
myOptions.transaction = tx;
}
try {
delete args.ctx; // Remove unwanted properties
const newUser = await models.VnUser.create(args, myOptions);
if (tx) await tx.commit();
return newUser;
} catch (e) {
if (tx) await tx.rollback();
throw e;
}
};
};

View File

@ -10,9 +10,8 @@ module.exports = function(Self) {
require('../methods/vn-user/recover-password')(Self);
require('../methods/vn-user/validate-token')(Self);
require('../methods/vn-user/privileges')(Self);
require('../methods/vn-user/createUser')(Self);
Self.definition.settings.acls.find(acl => acl.property == 'create').permission = 'DENY';
Self.definition.settings.acls.find(acl => acl.property == 'create').principalId = 'itManagement';
// Validations

View File

@ -124,7 +124,21 @@
],
"scopes": {
"preview": {
"fields": ["id", "name", "username", "roleFk", "nickname", "lang", "active", "created", "updated", "image", "hasGrant", "realm", "email"]
"fields": [
"id",
"name",
"username",
"roleFk",
"nickname",
"lang",
"active",
"created",
"updated",
"image",
"hasGrant",
"realm",
"email"
]
}
}
}

View File

@ -2,5 +2,4 @@ DELETE FROM `salix`.`ACL` WHERE model = 'Role';
INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`)
VALUES
('Role', '*', 'READ', 'ALLOW', 'ROLE', 'employee'),
('Role', '*', 'WRITE', 'ALLOW', 'ROLE', 'hr'),
('Role', '*', 'WRITE', 'ALLOW', 'ROLE', 'marketing');
('Role', '*', 'WRITE', 'ALLOW', 'ROLE', 'it');

View File

@ -6,5 +6,4 @@ INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalTyp
VALUES
('VnUser', '*', '*', 'ALLOW', 'ROLE', 'itManagement'),
('VnUser', '__get__preview', 'READ', 'ALLOW', 'ROLE', 'employee'),
('VnUser', 'preview', '*', 'ALLOW', 'ROLE', 'employee'),
('VnUser', 'createUser', 'WRITE', 'ALLOW', 'ROLE', 'itManagement');
('VnUser', 'preview', '*', 'ALLOW', 'ROLE', 'employee');

View File

@ -1,6 +1,6 @@
<vn-watcher
vn-id="watcher"
url="VnUsers/createUser"
url="VnUsers"
data="$ctrl.user"
insert-mode="true"
form="form">