verdnatura/salix
verdnatura
/
salix
3
4
Fork 0
Code Issues Pull Requests 57 Releases Wiki Activity

refactor(account): account model refactor
gitea/salix/pipeline/head There was a failure building this commit Details

This commit is contained in:
Joan Sanchez 2023-01-23 15:24:00 +01:00
parent 9b0134cb1c
commit ee1ce21bb9
82 changed files with 285 additions and 321 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
back/methods/chat/send.js
View File

@ -26,7 +26,7 @@ module.exports = Self => {
Self.send = async(ctx, to, message) => { Self.send = async(ctx, to, message) => {
const models = Self.app.models; const models = Self.app.models;
const accessToken = ctx.req.accessToken; const accessToken = ctx.req.accessToken;
const sender = await models.Account.findById(accessToken.userId); const sender = await models.VnUser.findById(accessToken.userId);
const recipient = to.replace('@', ''); const recipient = to.replace('@', '');
if (sender.name != recipient) { if (sender.name != recipient) {

4
back/methods/chat/sendCheckingPresence.js
View File

@ -34,8 +34,8 @@ module.exports = Self => {
const models = Self.app.models; const models = Self.app.models;
const userId = ctx.req.accessToken.userId; const userId = ctx.req.accessToken.userId;
const sender = await models.Account.findById(userId); const sender = await models.VnUser.findById(userId);
const recipient = await models.Account.findById(recipientId, null, myOptions); const recipient = await models.VnUser.findById(recipientId, null, myOptions);
// Prevent sending messages to yourself // Prevent sending messages to yourself
if (recipientId == userId) return false; if (recipientId == userId) return false;

4
back/methods/chat/sendQueued.js
View File

@ -56,7 +56,7 @@ module.exports = Self => {
const models = Self.app.models; const models = Self.app.models;
const recipientName = chat.recipient.slice(1); const recipientName = chat.recipient.slice(1);
const recipient = await models.Account.findOne({ const recipient = await models.VnUser.findOne({
where: { where: {
name: recipientName name: recipientName
} }
@ -102,7 +102,7 @@ module.exports = Self => {
} }
const models = Self.app.models; const models = Self.app.models;
const sender = await models.Account.findById(senderFk); const sender = await models.VnUser.findById(senderFk);
const login = await Self.getServiceAuth(); const login = await Self.getServiceAuth();
const avatar = `${login.host}/avatar/${sender.name}`; const avatar = `${login.host}/avatar/${sender.name}`;

2
back/methods/account/acl.js → back/methods/vn-user/acl.js
View File

@ -22,7 +22,7 @@ module.exports = Self => {
let userId = ctx.req.accessToken.userId; let userId = ctx.req.accessToken.userId;
let models = Self.app.models; let models = Self.app.models;
let user = await models.Account.findById(userId, { let user = await models.VnUser.findById(userId, {
fields: ['id', 'name', 'nickname', 'email', 'lang'], fields: ['id', 'name', 'nickname', 'email', 'lang'],
include: { include: {
relation: 'userConfig', relation: 'userConfig',

0
back/methods/account/change-password.js → back/methods/vn-user/change-password.js
View File

15
back/methods/account/privileges.js → back/methods/vn-user/privileges.js
View File

@ -1,9 +1,14 @@
const UserError = require('vn-loopback/util/user-error'); const UserError = require('vn-loopback/util/user-error');
module.exports = Self => { module.exports = Self => {
Self.remoteMethodCtx('privileges', { Self.remoteMethod('privileges', {
description: 'Change role and hasGrant if user has privileges', description: 'Change role and hasGrant if user has privileges',
accepts: [ accepts: [
{
arg: 'ctx',
type: 'Object',
http: {source: 'context'}
},
{ {
arg: 'id', arg: 'id',
type: 'number', type: 'number',
@ -39,9 +44,9 @@ module.exports = Self => {
if (typeof options == 'object') if (typeof options == 'object')
Object.assign(myOptions, options); Object.assign(myOptions, options);
const user = await models.Account.findById(userId, {fields: ['hasGrant']}, myOptions); const user = await models.VnUser.findById(userId, {fields: ['hasGrant']}, myOptions);
const userToUpdate = await models.Account.findById(id, { const userToUpdate = await models.VnUser.findById(id, {
fields: ['id', 'name', 'hasGrant', 'roleFk', 'password'], fields: ['id', 'name', 'hasGrant', 'roleFk', 'password'],
include: { include: {
relation: 'role', relation: 'role',
@ -54,7 +59,7 @@ module.exports = Self => {
if (!user.hasGrant) if (!user.hasGrant)
throw new UserError(`You don't have grant privilege`); throw new UserError(`You don't have grant privilege`);
const hasRoleFromUser = await models.Account.hasRole(userId, userToUpdate.role().name, myOptions); const hasRoleFromUser = await models.VnUser.hasRole(userId, userToUpdate.role().name, myOptions);
if (!hasRoleFromUser) if (!hasRoleFromUser)
throw new UserError(`You don't own the role and you can't assign it to another user`); throw new UserError(`You don't own the role and you can't assign it to another user`);
@ -64,7 +69,7 @@ module.exports = Self => {
if (roleFk) { if (roleFk) {
const role = await models.Role.findById(roleFk, {fields: ['name']}, myOptions); const role = await models.Role.findById(roleFk, {fields: ['name']}, myOptions);
const hasRole = await models.Account.hasRole(userId, role.name, myOptions); const hasRole = await models.VnUser.hasRole(userId, role.name, myOptions);
if (!hasRole) if (!hasRole)
throw new UserError(`You don't own the role and you can't assign it to another user`); throw new UserError(`You don't own the role and you can't assign it to another user`);

0
back/methods/account/recover-password.js → back/methods/vn-user/recover-password.js
View File

0
back/methods/account/set-password.js → back/methods/vn-user/set-password.js
View File

15
back/methods/account/login.js → back/methods/vn-user/signIn.js
View File

@ -2,13 +2,14 @@ const md5 = require('md5');
const UserError = require('vn-loopback/util/user-error'); const UserError = require('vn-loopback/util/user-error');
module.exports = Self => { module.exports = Self => {
Self.remoteMethod('login', { Self.remoteMethod('signIn', {
description: 'Login a user with username/email and password', description: 'Login a user with username/email and password',
accepts: [ accepts: [
{ {
arg: 'user', arg: 'user',
type: 'String', type: 'String',
description: 'The user name or email', description: 'The user name or email',
http: {source: 'form'},
required: true required: true
}, { }, {
arg: 'password', arg: 'password',
@ -21,20 +22,20 @@ module.exports = Self => {
root: true root: true
}, },
http: { http: {
path: `/login`, path: `/signIn`,
verb: 'POST' verb: 'POST'
} }
}); });
Self.login = async function(user, password) { Self.signIn = async function(user, password) {
let $ = Self.app.models; let models = Self.app.models;
let token; let token;
let usesEmail = user.indexOf('@') !== -1; let usesEmail = user.indexOf('@') !== -1;
let userInfo = usesEmail let userInfo = usesEmail
? {email: user} ? {email: user}
: {username: user}; : {username: user};
let instance = await $.User.findOne({ let instance = await models.User.findOne({
fields: ['username', 'password'], fields: ['username', 'password'],
where: userInfo where: userInfo
}); });
@ -57,14 +58,14 @@ module.exports = Self => {
throw new UserError('User disabled'); throw new UserError('User disabled');
try { try {
await $.UserAccount.sync(instance.username, password); await models.UserAccount.sync(instance.username, password);
} catch (err) { } catch (err) {
console.warn(err); console.warn(err);
} }
} }
let loginInfo = Object.assign({password}, userInfo); let loginInfo = Object.assign({password}, userInfo);
token = await $.User.login(loginInfo, 'user'); token = await models.User.login(loginInfo, 'user');
return {token: token.id}; return {token: token.id};
}; };
}; };

8
back/methods/account/logout.js → back/methods/vn-user/signOut.js
View File

@ -1,5 +1,5 @@
module.exports = Self => { module.exports = Self => {
Self.remoteMethod('logout', { Self.remoteMethod('signOut', {
description: 'Logout a user with access token', description: 'Logout a user with access token',
accepts: [ accepts: [
{ {
@ -13,13 +13,13 @@ module.exports = Self => {
root: true root: true
}, },
http: { http: {
path: `/logout`, path: `/signOut`,
verb: 'POST' verb: 'POST'
} }
}); });
Self.logout = async function(ctx) { Self.signOut = async function(ctx) {
await Self.app.models.User.logout(ctx.req.accessToken.id); await Self.app.models.VnUser.logout(ctx.req.accessToken.id);
return true; return true;
}; };
}; };

2
back/methods/account/specs/change-password.spec.js → back/methods/vn-user/specs/change-password.spec.js
View File

@ -3,7 +3,7 @@ const {models} = require('vn-loopback/server/server');
describe('account changePassword()', () => { describe('account changePassword()', () => {
it('should throw an error when old password is wrong', async() => { it('should throw an error when old password is wrong', async() => {
let err; let err;
await models.Account.changePassword(1, 'wrongPassword', 'nightmare.9999') await models.VnUser.changePassword(1, 'wrongPassword', 'nightmare.9999')
.catch(error => err = error.sqlMessage); .catch(error => err = error.sqlMessage);
expect(err).toBeDefined(); expect(err).toBeDefined();

10
back/methods/account/specs/login.spec.js → back/methods/vn-user/specs/login.spec.js
View File

@ -3,23 +3,23 @@ const app = require('vn-loopback/server/server');
describe('account login()', () => { describe('account login()', () => {
describe('when credentials are correct', () => { describe('when credentials are correct', () => {
it('should return the token', async() => { it('should return the token', async() => {
let login = await app.models.Account.login('salesAssistant', 'nightmare'); let login = await app.models.VnUser.login('salesAssistant', 'nightmare');
let accessToken = await app.models.AccessToken.findById(login.token); let accessToken = await app.models.AccessToken.findById(login.token);
let ctx = {req: {accessToken: accessToken}}; let ctx = {req: {accessToken: accessToken}};
expect(login.token).toBeDefined(); expect(login.token).toBeDefined();
await app.models.Account.logout(ctx); await app.models.VnUser.logout(ctx);
}); });
it('should return the token if the user doesnt exist but the client does', async() => { it('should return the token if the user doesnt exist but the client does', async() => {
let login = await app.models.Account.login('PetterParker', 'nightmare'); let login = await app.models.VnUser.login('PetterParker', 'nightmare');
let accessToken = await app.models.AccessToken.findById(login.token); let accessToken = await app.models.AccessToken.findById(login.token);
let ctx = {req: {accessToken: accessToken}}; let ctx = {req: {accessToken: accessToken}};
expect(login.token).toBeDefined(); expect(login.token).toBeDefined();
await app.models.Account.logout(ctx); await app.models.VnUser.logout(ctx);
}); });
}); });
@ -28,7 +28,7 @@ describe('account login()', () => {
let error; let error;
try { try {
await app.models.Account.login('IDontExist', 'TotallyWrongPassword'); await app.models.VnUser.login('IDontExist', 'TotallyWrongPassword');
} catch (e) { } catch (e) {
error = e; error = e;
} }

8
back/methods/account/specs/logout.spec.js → back/methods/vn-user/specs/logout.spec.js
View File

@ -2,11 +2,11 @@ const app = require('vn-loopback/server/server');
describe('account logout()', () => { describe('account logout()', () => {
it('should logout and remove token after valid login', async() => { it('should logout and remove token after valid login', async() => {
let loginResponse = await app.models.Account.login('buyer', 'nightmare'); let loginResponse = await app.models.VnUser.login('buyer', 'nightmare');
let accessToken = await app.models.AccessToken.findById(loginResponse.token); let accessToken = await app.models.AccessToken.findById(loginResponse.token);
let ctx = {req: {accessToken: accessToken}}; let ctx = {req: {accessToken: accessToken}};
let logoutResponse = await app.models.Account.logout(ctx); let logoutResponse = await app.models.VnUser.logout(ctx);
let tokenAfterLogout = await app.models.AccessToken.findById(loginResponse.token); let tokenAfterLogout = await app.models.AccessToken.findById(loginResponse.token);
expect(logoutResponse).toBeTrue(); expect(logoutResponse).toBeTrue();
@ -18,7 +18,7 @@ describe('account logout()', () => {
let ctx = {req: {accessToken: {id: 'invalidToken'}}}; let ctx = {req: {accessToken: {id: 'invalidToken'}}};
try { try {
response = await app.models.Account.logout(ctx); response = await app.models.VnUser.logout(ctx);
} catch (e) { } catch (e) {
error = e; error = e;
} }
@ -32,7 +32,7 @@ describe('account logout()', () => {
let ctx = {req: {accessToken: null}}; let ctx = {req: {accessToken: null}};
try { try {
response = await app.models.Account.logout(ctx); response = await app.models.VnUser.logout(ctx);
} catch (e) { } catch (e) {
error = e; error = e;
} }

26
back/methods/account/specs/privileges.spec.js → back/methods/vn-user/specs/privileges.spec.js
View File

@ -1,6 +1,6 @@
const models = require('vn-loopback/server/server').models; const models = require('vn-loopback/server/server').models;
describe('account privileges()', () => { describe('VnUser privileges()', () => {
const employeeId = 1; const employeeId = 1;
const developerId = 9; const developerId = 9;
const sysadminId = 66; const sysadminId = 66;
@ -10,13 +10,13 @@ describe('account privileges()', () => {
it('should throw an error when user not has privileges', async() => { it('should throw an error when user not has privileges', async() => {
const ctx = {req: {accessToken: {userId: developerId}}}; const ctx = {req: {accessToken: {userId: developerId}}};
const tx = await models.Account.beginTransaction({}); const tx = await models.VnUser.beginTransaction({});
let error; let error;
try { try {
const options = {transaction: tx}; const options = {transaction: tx};
await models.Account.privileges(ctx, employeeId, null, true, options); await models.VnUser.privileges(ctx, employeeId, null, true, options);
await tx.rollback(); await tx.rollback();
} catch (e) { } catch (e) {
@ -29,13 +29,13 @@ describe('account privileges()', () => {
it('should throw an error when user has privileges but not has the role', async() => { it('should throw an error when user has privileges but not has the role', async() => {
const ctx = {req: {accessToken: {userId: sysadminId}}}; const ctx = {req: {accessToken: {userId: sysadminId}}};
const tx = await models.Account.beginTransaction({}); const tx = await models.VnUser.beginTransaction({});
let error; let error;
try { try {
const options = {transaction: tx}; const options = {transaction: tx};
await models.Account.privileges(ctx, employeeId, rootId, null, options); await models.VnUser.privileges(ctx, employeeId, rootId, null, options);
await tx.rollback(); await tx.rollback();
} catch (e) { } catch (e) {
@ -48,13 +48,13 @@ describe('account privileges()', () => {
it('should throw an error when user has privileges but not has the role from user', async() => { it('should throw an error when user has privileges but not has the role from user', async() => {
const ctx = {req: {accessToken: {userId: sysadminId}}}; const ctx = {req: {accessToken: {userId: sysadminId}}};
const tx = await models.Account.beginTransaction({}); const tx = await models.VnUser.beginTransaction({});
let error; let error;
try { try {
const options = {transaction: tx}; const options = {transaction: tx};
await models.Account.privileges(ctx, itBossId, developerId, null, options); await models.VnUser.privileges(ctx, itBossId, developerId, null, options);
await tx.rollback(); await tx.rollback();
} catch (e) { } catch (e) {
@ -67,7 +67,7 @@ describe('account privileges()', () => {
it('should change role', async() => { it('should change role', async() => {
const ctx = {req: {accessToken: {userId: sysadminId}}}; const ctx = {req: {accessToken: {userId: sysadminId}}};
const tx = await models.Account.beginTransaction({}); const tx = await models.VnUser.beginTransaction({});
const options = {transaction: tx}; const options = {transaction: tx};
const agency = await models.Role.findOne({ const agency = await models.Role.findOne({
@ -79,8 +79,8 @@ describe('account privileges()', () => {
let error; let error;
let result; let result;
try { try {
await models.Account.privileges(ctx, clarkKent, agency.id, null, options); await models.VnUser.privileges(ctx, clarkKent, agency.id, null, options);
result = await models.Account.findById(clarkKent, null, options); result = await models.VnUser.findById(clarkKent, null, options);
await tx.rollback(); await tx.rollback();
} catch (e) { } catch (e) {
@ -94,14 +94,14 @@ describe('account privileges()', () => {
it('should change hasGrant', async() => { it('should change hasGrant', async() => {
const ctx = {req: {accessToken: {userId: sysadminId}}}; const ctx = {req: {accessToken: {userId: sysadminId}}};
const tx = await models.Account.beginTransaction({}); const tx = await models.VnUser.beginTransaction({});
let error; let error;
let result; let result;
try { try {
const options = {transaction: tx}; const options = {transaction: tx};
await models.Account.privileges(ctx, clarkKent, null, true, options); await models.VnUser.privileges(ctx, clarkKent, null, true, options);
result = await models.Account.findById(clarkKent, null, options); result = await models.VnUser.findById(clarkKent, null, options);
await tx.rollback(); await tx.rollback();
} catch (e) { } catch (e) {

6
back/methods/account/specs/set-password.spec.js → back/methods/vn-user/specs/set-password.spec.js
View File

@ -1,14 +1,14 @@
const app = require('vn-loopback/server/server'); const app = require('vn-loopback/server/server');
describe('account setPassword()', () => { describe('VnUser setPassword()', () => {
it('should throw an error when password does not meet requirements', async() => { it('should throw an error when password does not meet requirements', async() => {
let req = app.models.Account.setPassword(1, 'insecurePass'); let req = app.models.VnUser.setPassword(1, 'insecurePass');
await expectAsync(req).toBeRejected(); await expectAsync(req).toBeRejected();
}); });
it('should update password when it passes requirements', async() => { it('should update password when it passes requirements', async() => {
let req = app.models.Account.setPassword(1, 'Very$ecurePa22.'); let req = app.models.VnUser.setPassword(1, 'Very$ecurePa22.');
await expectAsync(req).toBeResolved(); await expectAsync(req).toBeResolved();
}); });

0
back/methods/account/validate-token.js → back/methods/vn-user/validate-token.js
View File

6
back/model-config.json
View File

@ -1,7 +1,4 @@
{ {
"Account": {
"dataSource": "vn"
},
"AccountingType": { "AccountingType": {
"dataSource": "vn" "dataSource": "vn"
}, },
@ -131,6 +128,9 @@
"Warehouse": { "Warehouse": {
"dataSource": "vn" "dataSource": "vn"
}, },
"VnUser": {
"dataSource": "vn"
},
"OsTicket": { "OsTicket": {
"dataSource": "osticket" "dataSource": "osticket"
}, },

139
back/models/account.js
View File

@ -1,139 +0,0 @@
/* eslint max-len: ["error", { "code": 150 }]*/
const md5 = require('md5');
const LoopBackContext = require('loopback-context');
const {Email} = require('vn-print');
module.exports = Self => {
require('../methods/account/login')(Self);
require('../methods/account/logout')(Self);
require('../methods/account/acl')(Self);
require('../methods/account/change-password')(Self);
require('../methods/account/set-password')(Self);
require('../methods/account/recover-password')(Self);
require('../methods/account/validate-token')(Self);
require('../methods/account/privileges')(Self);
// Validations
Self.validatesFormatOf('email', {
message: 'Invalid email',
allowNull: true,
allowBlank: true,
with: /^[\w|.|-]+@[\w|-]+(\.[\w|-]+)*(,[\w|.|-]+@[\w|-]+(\.[\w|-]+)*)*$/
});
Self.validatesUniquenessOf('name', {
message: `A client with that Web User name already exists`
});
Self.observe('before save', async function(ctx) {
if (ctx.currentInstance && ctx.currentInstance.id && ctx.data && ctx.data.password)
ctx.data.password = md5(ctx.data.password);
});
Self.afterRemote('prototype.patchAttributes', async(ctx, instance) => {
if (!ctx.args || !ctx.args.data.email) return;
const models = Self.app.models;
const loopBackContext = LoopBackContext.getCurrentContext();
const httpCtx = {req: loopBackContext.active};
const httpRequest = httpCtx.req.http.req;
const headers = httpRequest.headers;
const origin = headers.origin;
const url = origin.split(':');
const userId = ctx.instance.id;
const user = await models.user.findById(userId);
class Mailer {
async send(verifyOptions, cb) {
const params = {
url: verifyOptions.verifyHref,
recipient: verifyOptions.to,
lang: ctx.req.getLocale()
};
const email = new Email('email-verify', params);
email.send();
cb(null, verifyOptions.to);
}
}
const options = {
type: 'email',
to: instance.email,
from: {},
redirect: `${origin}/#!/account/${instance.id}/basic-data?emailConfirmed`,
template: false,
mailer: new Mailer,
host: url[1].split('/')[2],
port: url[2],
protocol: url[0],
user: Self
};
await user.verify(options);
});
Self.remoteMethod('getCurrentUserData', {
description: 'Gets the current user data',
accepts: [
{
arg: 'ctx',
type: 'object',
http: {source: 'context'}
}
],
returns: {
type: 'object',
root: true
},
http: {
verb: 'GET',
path: '/getCurrentUserData'
}
});
Self.getCurrentUserData = async function(ctx) {
let userId = ctx.req.accessToken.userId;
return await Self.findById(userId, {
fields: ['id', 'name', 'nickname']
});
};
/**
* Checks if user has a role.
*
* @param {Integer} userId The user id
* @param {String} name The role name
* @param {object} options Options
* @return {Boolean} %true if user has the role, %false otherwise
*/
Self.hasRole = async function(userId, name, options) {
let roles = await Self.getRoles(userId, options);
return roles.some(role => role == name);
};
/**
* Get all user roles.
*
* @param {Integer} userId The user id
* @param {object} options Options
* @return {object} User role list
*/
Self.getRoles = async(userId, options) => {
let result = await Self.rawSql(
`SELECT r.name
FROM account.user u
JOIN account.roleRole rr ON rr.role = u.role
JOIN account.role r ON r.id = rr.inheritsFrom
WHERE u.id = ?`, [userId], options);
let roles = [];
for (role of result)
roles.push(role.name);
return roles;
};
};

4
back/models/dms-type.js
View File

@ -54,8 +54,8 @@ module.exports = Self => {
const writeRole = dmsType.writeRole() && dmsType.writeRole().name; const writeRole = dmsType.writeRole() && dmsType.writeRole().name;
const requiredRole = readRole || writeRole; const requiredRole = readRole || writeRole;
const hasRequiredRole = await models.Account.hasRole(myUserId, requiredRole, options); const hasRequiredRole = await models.VnUser.hasRole(myUserId, requiredRole, options);
const isRoot = await models.Account.hasRole(myUserId, 'root', options); const isRoot = await models.VnUser.hasRole(myUserId, 'root', options);
if (isRoot || hasRequiredRole) if (isRoot || hasRequiredRole)
return true; return true;

4
back/models/image-collection.js
View File

@ -53,8 +53,8 @@ module.exports = Self => {
const writeRole = collection.writeRole() && collection.writeRole().name; const writeRole = collection.writeRole() && collection.writeRole().name;
const requiredRole = readRole || writeRole; const requiredRole = readRole || writeRole;
const hasRequiredRole = await models.Account.hasRole(myUserId, requiredRole, options); const hasRequiredRole = await models.VnUser.hasRole(myUserId, requiredRole, options);
const isRoot = await models.Account.hasRole(myUserId, 'root', options); const isRoot = await models.VnUser.hasRole(myUserId, 'root', options);
if (isRoot || hasRequiredRole) if (isRoot || hasRequiredRole)
return true; return true;

6
back/models/specs/user.spec.js
View File

@ -1,7 +1,7 @@
const models = require('vn-loopback/server/server').models; const models = require('vn-loopback/server/server').models;
const LoopBackContext = require('loopback-context'); const LoopBackContext = require('loopback-context');
describe('account recoverPassword()', () => { describe('VnUser recoverPassword()', () => {
const userId = 1107; const userId = 1107;
const activeCtx = { const activeCtx = {
@ -21,9 +21,9 @@ describe('account recoverPassword()', () => {
it('should send email with token', async() => { it('should send email with token', async() => {
const userId = 1107; const userId = 1107;
const user = await models.Account.findById(userId); const user = await models.VnUser.findById(userId);
await models.Account.recoverPassword(user.email); await models.VnUser.recoverPassword(user.email);
const result = await models.AccessToken.findOne({where: {userId: userId}}); const result = await models.AccessToken.findOne({where: {userId: userId}});

6
back/models/specs/account.spec.js → back/models/specs/vn-user.spec.js
View File

@ -1,14 +1,14 @@
const models = require('vn-loopback/server/server').models; const models = require('vn-loopback/server/server').models;
describe('loopback model Account', () => { describe('loopback model VnUser', () => {
it('should return true if the user has the given role', async() => { it('should return true if the user has the given role', async() => {
let result = await models.Account.hasRole(1, 'employee'); let result = await models.VnUser.hasRole(1, 'employee');
expect(result).toBeTruthy(); expect(result).toBeTruthy();
}); });
it('should return false if the user doesnt have the given role', async() => { it('should return false if the user doesnt have the given role', async() => {
let result = await models.Account.hasRole(1, 'administrator'); let result = await models.VnUser.hasRole(1, 'administrator');
expect(result).toBeFalsy(); expect(result).toBeFalsy();
}); });

2
back/models/user.js
View File

@ -9,7 +9,7 @@ module.exports = function(Self) {
const headers = httpRequest.headers; const headers = httpRequest.headers;
const origin = headers.origin; const origin = headers.origin;
const user = await Self.app.models.Account.findById(info.user.id); const user = await Self.app.models.VnUser.findById(info.user.id);
const params = { const params = {
recipient: info.email, recipient: info.email,
lang: user.lang, lang: user.lang,

22
back/models/user.json
View File

@ -2,18 +2,18 @@
"name": "user", "name": "user",
"base": "User", "base": "User",
"options": { "options": {
"mysql": { "mysql": {
"table": "salix.User" "table": "salix.User"
} }
}, },
"properties": { "properties": {
"id": { "id": {
"id": true, "id": true,
"type": "number", "type": "number",
"forceId": false "forceId": false
}, },
"username":{ "username":{
"type": "string" "type": "string"
} }
} }
} }

92
back/models/vn-user.js Normal file
View File

@ -0,0 +1,92 @@
const md5 = require('md5');
// const vnModel = require('vn-loopback/common/mixins/vn-model');
module.exports = function(Self) {
// vnModel(Self);
require('../methods/vn-user/signIn')(Self);
require('../methods/vn-user/signOut')(Self);
require('../methods/vn-user/acl')(Self);
require('../methods/vn-user/change-password')(Self);
require('../methods/vn-user/set-password')(Self);
require('../methods/vn-user/validate-token')(Self);
require('../methods/vn-user/privileges')(Self);
// Validations
Self.validatesFormatOf('email', {
message: 'Invalid email',
allowNull: true,
allowBlank: true,
with: /^[\w|.|-]+@[\w|-]+(\.[\w|-]+)*(,[\w|.|-]+@[\w|-]+(\.[\w|-]+)*)*$/
});
Self.validatesUniquenessOf('name', {
message: `A client with that Web User name already exists`
});
Self.observe('before save', async function(ctx) {
if (ctx.currentInstance && ctx.currentInstance.id && ctx.data && ctx.data.password)
ctx.data.password = md5(ctx.data.password);
});
Self.remoteMethod('getCurrentUserData', {
description: 'Gets the current user data',
accepts: [
{
arg: 'ctx',
type: 'Object',
http: {source: 'context'}
}
],
returns: {
type: 'Object',
root: true
},
http: {
verb: 'GET',
path: '/getCurrentUserData'
}
});
Self.getCurrentUserData = async function(ctx) {
let userId = ctx.req.accessToken.userId;
return await Self.findById(userId, {
fields: ['id', 'name', 'nickname']
});
};
/**
* Checks if user has a role.
*
* @param {Integer} userId The user id
* @param {String} name The role name
* @param {Object} options Options
* @return {Boolean} %true if user has the role, %false otherwise
*/
Self.hasRole = async function(userId, name, options) {
const roles = await Self.getRoles(userId, options);
return roles.some(role => role == name);
};
/**
* Get all user roles.
*
* @param {Integer} userId The user id
* @param {Object} options Options
* @return {Object} User role list
*/
Self.getRoles = async(userId, options) => {
const result = await Self.rawSql(
`SELECT r.name
FROM account.user u
JOIN account.roleRole rr ON rr.role = u.role
JOIN account.role r ON r.id = rr.inheritsFrom
WHERE u.id = ?`, [userId], options);
const roles = [];
for (const role of result)
roles.push(role.name);
return roles;
};
};

36
back/models/account.json → back/models/vn-user.json
View File

@ -1,11 +1,16 @@
{ {
"name": "Account", "name": "VnUser",
"base": "VnModel", "base": "User",
"validateUpsert": true,
"options": { "options": {
"mysql": { "mysql": {
"table": "account.user" "table": "account.user"
} }
}, },
"excludeBaseProperties": [
"username",
"login"
],
"properties": { "properties": {
"id": { "id": {
"type": "number", "type": "number",
@ -40,9 +45,6 @@
"email": { "email": {
"type": "string" "type": "string"
}, },
"emailVerified": {
"type": "boolean"
},
"created": { "created": {
"type": "date" "type": "date"
}, },
@ -86,39 +88,25 @@
}, },
"acls": [ "acls": [
{ {
"property": "login", "property": "signIn",
"accessType": "EXECUTE", "accessType": "EXECUTE",
"principalType": "ROLE", "principalType": "ROLE",
"principalId": "$everyone", "principalId": "$everyone",
"permission": "ALLOW" "permission": "ALLOW"
}, },
{
"property": "recoverPassword",
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW"
},
{ {
"property": "logout", "property": "logout",
"accessType": "EXECUTE", "accessType": "EXECUTE",
"principalType": "ROLE", "principalType": "ROLE",
"principalId": "$authenticated", "principalId": "$authenticated",
"permission": "ALLOW" "permission": "ALLOW"
}, },
{ {
"property": "validateToken", "property": "validateToken",
"accessType": "EXECUTE", "accessType": "EXECUTE",
"principalType": "ROLE", "principalType": "ROLE",
"principalId": "$authenticated", "principalId": "$authenticated",
"permission": "ALLOW" "permission": "ALLOW"
},
{
"property": "privileges",
"accessType": "*",
"principalType": "ROLE",
"principalId": "$authenticated",
"permission": "ALLOW"
} }
] ]
} }

17
db/changes/230401/00-ACL.sql Normal file
View File

@ -0,0 +1,17 @@
UPDATE `salix`.`ACL`
SET model='VnUser'
WHERE id=1;
UPDATE `salix`.`ACL`
SET model='VnUser'
WHERE id=219;
UPDATE `salix`.`ACL`
SET model='VnUser'
WHERE id=220;
UPDATE `salix`.`ACL`
SET model='VnUser'
WHERE id=246;
UPDATE hedera.imageCollection t
SET t.model = 'VnUser'
WHERE t.id = 6;

2
front/core/directives/specs/acl.spec.js
View File

@ -7,7 +7,7 @@ describe('Directive acl', () => {
beforeEach(ngModule('vnCore')); beforeEach(ngModule('vnCore'));
beforeEach(inject(($httpBackend, aclService) => { beforeEach(inject(($httpBackend, aclService) => {
$httpBackend.whenGET('Accounts/acl') $httpBackend.whenGET('VnUsers/acl')
.respond({ .respond({
user: {id: 1, name: 'myUser'}, user: {id: 1, name: 'myUser'},
roles: [ roles: [

2
front/core/lib/specs/acl-service.spec.js
View File

@ -4,7 +4,7 @@ describe('Service acl', () => {
beforeEach(ngModule('vnCore')); beforeEach(ngModule('vnCore'));
beforeEach(inject((_aclService_, $httpBackend) => { beforeEach(inject((_aclService_, $httpBackend) => {
$httpBackend.when('GET', `Accounts/acl`).respond({ $httpBackend.when('GET', `VnUsers/acl`).respond({
roles: [ roles: [
{role: {name: 'foo'}}, {role: {name: 'foo'}},
{role: {name: 'bar'}}, {role: {name: 'bar'}},

2
front/core/services/acl-service.js
View File

@ -11,7 +11,7 @@ class AclService {
} }
load() { load() {
return this.$http.get('Accounts/acl').then(res => { return this.$http.get('VnUsers/acl').then(res => {
this.user = res.data.user; this.user = res.data.user;
this.roles = {}; this.roles = {};

4
front/core/services/auth.js
View File

@ -59,7 +59,7 @@ export default class Auth {
password: password || undefined password: password || undefined
}; };
return this.$http.post('Accounts/login', params).then( return this.$http.post('VnUsers/signIn', params).then(
json => this.onLoginOk(json, remember)); json => this.onLoginOk(json, remember));
} }
@ -76,7 +76,7 @@ export default class Auth {
} }
logout() { logout() {
let promise = this.$http.post('Accounts/logout', null, { let promise = this.$http.post('VnUsers/signOut', null, {
headers: {Authorization: this.vnToken.token} headers: {Authorization: this.vnToken.token}
}).catch(() => {}); }).catch(() => {});

2
front/salix/components/layout/index.js
View File

@ -13,7 +13,7 @@ export class Layout extends Component {
} }
getUserData() { getUserData() {
this.$http.get('Accounts/getCurrentUserData').then(json => { this.$http.get('VnUsers/getCurrentUserData').then(json => {
this.$.$root.user = json.data; this.$.$root.user = json.data;
window.localStorage.currentUserWorkerId = json.data.id; window.localStorage.currentUserWorkerId = json.data.id;
}); });

2
front/salix/components/layout/index.spec.js
View File

@ -15,7 +15,7 @@ describe('Component vnLayout', () => {
describe('getUserData()', () => { describe('getUserData()', () => {
it(`should set the user name property in the controller`, () => { it(`should set the user name property in the controller`, () => {
$httpBackend.expect('GET', `Accounts/getCurrentUserData`).respond({name: 'batman'}); $httpBackend.expect('GET', `VnUsers/getCurrentUserData`).respond({name: 'batman'});
controller.getUserData(); controller.getUserData();
$httpBackend.flush(); $httpBackend.flush();

2
front/salix/components/recover-password/index.js
View File

@ -23,7 +23,7 @@ export default class Controller {
email: this.email email: this.email
}; };
this.$http.post('Accounts/recoverPassword', params) this.$http.post('VnUsers/recoverPassword', params)
.then(() => { .then(() => {
this.goToLogin(); this.goToLogin();
}); });

2
loopback/common/models/vn-model.js
View File

@ -228,7 +228,7 @@ module.exports = function(Self) {
async checkAcls(ctx, actionType) { async checkAcls(ctx, actionType) {
let userId = ctx.req.accessToken.userId; let userId = ctx.req.accessToken.userId;
let models = this.app.models; let models = this.app.models;
let userRoles = await models.Account.getRoles(userId); let userRoles = await models.VnUser.getRoles(userId);
let data = ctx.args.data; let data = ctx.args.data;
let modelAcls; let modelAcls;

2
modules/account/back/methods/user-account/sync-by-id.js
View File

@ -25,7 +25,7 @@ module.exports = Self => {
}); });
Self.syncById = async function(id, password, force) { Self.syncById = async function(id, password, force) {
let user = await Self.app.models.Account.findById(id, {fields: ['name']}); let user = await Self.app.models.VnUser.findById(id, {fields: ['name']});
await Self.sync(user.name, password, force); await Self.sync(user.name, password, force);
}; };
}; };

2
modules/account/back/methods/user-account/sync.js
View File

@ -26,7 +26,7 @@ module.exports = Self => {
Self.sync = async function(userName, password, force) { Self.sync = async function(userName, password, force) {
let $ = Self.app.models; let $ = Self.app.models;
let user = await $.Account.findOne({ let user = await $.VnUser.findOne({
fields: ['id'], fields: ['id'],
where: {name: userName} where: {name: userName}
}); });

2
modules/account/back/models/account-config.js
View File

@ -100,7 +100,7 @@ module.exports = Self => {
if (['administrator', 'root'].indexOf(userName) >= 0) if (['administrator', 'root'].indexOf(userName) >= 0)
return; return;
let user = await $.Account.findOne({ let user = await $.VnUser.findOne({
where: {name: userName}, where: {name: userName},
fields: [ fields: [
'id', 'id',

2
modules/account/back/models/sip-config.js
View File

@ -10,7 +10,7 @@ module.exports = Self => {
async syncUser(userName, info, password) { async syncUser(userName, info, password) {
if (!info.hasAccount || !password) return; if (!info.hasAccount || !password) return;
await app.models.Account.rawSql('CALL pbx.sip_setPassword(?, ?)', await app.models.VnUser.rawSql('CALL pbx.sip_setPassword(?, ?)',
[info.user.id, password] [info.user.id, password]
); );
} }

2
modules/account/front/card/index.js
View File

@ -14,7 +14,7 @@ class Controller extends ModuleCard {
}; };
return Promise.all([ return Promise.all([
this.$http.get(`Accounts/${this.$params.id}`, {filter}) this.$http.get(`VnUsers/${this.$params.id}`, {filter})
.then(res => this.user = res.data), .then(res => this.user = res.data),
this.$http.get(`UserAccounts/${this.$params.id}/exists`) this.$http.get(`UserAccounts/${this.$params.id}/exists`)
.then(res => this.hasAccount = res.data.exists) .then(res => this.hasAccount = res.data.exists)

2
modules/account/front/card/index.spec.js
View File

@ -15,7 +15,7 @@ describe('component vnUserCard', () => {
it('should reload the controller data', () => { it('should reload the controller data', () => {
controller.$params.id = 1; controller.$params.id = 1;
$httpBackend.expectGET('Accounts/1').respond('foo'); $httpBackend.expectGET('VnUsers/1').respond('foo');
$httpBackend.expectGET('UserAccounts/1/exists').respond({exists: true}); $httpBackend.expectGET('UserAccounts/1/exists').respond({exists: true});
controller.reload(); controller.reload();
$httpBackend.flush(); $httpBackend.flush();

6
modules/account/front/descriptor/index.js
View File

@ -25,7 +25,7 @@ class Controller extends Descriptor {
} }
onDelete() { onDelete() {
return this.$http.delete(`Accounts/${this.id}`) return this.$http.delete(`VnUsers/${this.id}`)
.then(() => this.$state.go('account.index')) .then(() => this.$state.go('account.index'))
.then(() => this.vnApp.showSuccess(this.$t('User removed'))); .then(() => this.vnApp.showSuccess(this.$t('User removed')));
} }
@ -54,7 +54,7 @@ class Controller extends Descriptor {
} else } else
method = 'setPassword'; method = 'setPassword';
return this.$http.patch(`Accounts/${this.id}/${method}`, params) return this.$http.patch(`VnUsers/${this.id}/${method}`, params)
.then(() => { .then(() => {
this.emit('change'); this.emit('change');
this.vnApp.showSuccess(this.$t('Password changed succesfully!')); this.vnApp.showSuccess(this.$t('Password changed succesfully!'));
@ -88,7 +88,7 @@ class Controller extends Descriptor {
} }
onSetActive(active) { onSetActive(active) {
return this.$http.patch(`Accounts/${this.id}`, {active}) return this.$http.patch(`VnUsers/${this.id}`, {active})
.then(() => { .then(() => {
this.user.active = active; this.user.active = active;
const message = active const message = active

4
modules/account/front/descriptor/index.spec.js
View File

@ -21,7 +21,7 @@ describe('component vnUserDescriptor', () => {
it('should delete entity and go to index', () => { it('should delete entity and go to index', () => {
controller.$state.go = jest.fn(); controller.$state.go = jest.fn();
$httpBackend.expectDELETE('Accounts/1').respond(); $httpBackend.expectDELETE('VnUsers/1').respond();
controller.onDelete(); controller.onDelete();
$httpBackend.flush(); $httpBackend.flush();
@ -85,7 +85,7 @@ describe('component vnUserDescriptor', () => {
describe('onSetActive()', () => { describe('onSetActive()', () => {
it('should make request to activate/deactivate the user', () => { it('should make request to activate/deactivate the user', () => {
$httpBackend.expectPATCH('Accounts/1', {active: true}).respond(); $httpBackend.expectPATCH('VnUsers/1', {active: true}).respond();
controller.onSetActive(true); controller.onSetActive(true);
$httpBackend.flush(); $httpBackend.flush();

2
modules/account/front/privileges/index.html
View File

@ -1,4 +1,4 @@
<mg-ajax path="Accounts/{{post.params.id}}/privileges" options="vnPost"></mg-ajax> <mg-ajax path="VnUsers/{{post.params.id}}/privileges" options="vnPost"></mg-ajax>
<vn-watcher <vn-watcher
vn-id="watcher" vn-id="watcher"
url="Accounts" url="Accounts"

2
modules/account/front/summary/index.js
View File

@ -15,7 +15,7 @@ class Controller extends Summary {
} }
} }
}; };
this.$http.get(`Accounts/${value.id}`, {filter}) this.$http.get(`VnUsers/${value.id}`, {filter})
.then(res => this.$.summary = res.data); .then(res => this.$.summary = res.data);
} }
get isHr() { get isHr() {

2
modules/claim/back/methods/claim/createFromSales.js
View File

@ -59,7 +59,7 @@ module.exports = Self => {
const landedPlusWeek = new Date(ticket.landed); const landedPlusWeek = new Date(ticket.landed);
landedPlusWeek.setDate(landedPlusWeek.getDate() + 7); landedPlusWeek.setDate(landedPlusWeek.getDate() + 7);
const hasClaimManagerRole = await models.Account.hasRole(userId, 'claimManager', myOptions); const hasClaimManagerRole = await models.VnUser.hasRole(userId, 'claimManager', myOptions);
const isClaimable = landedPlusWeek >= new Date(); const isClaimable = landedPlusWeek >= new Date();
if (ticket.isDeleted) if (ticket.isDeleted)

2
modules/claim/back/methods/claim/isEditable.js
View File

@ -26,7 +26,7 @@ module.exports = Self => {
if (typeof options == 'object') if (typeof options == 'object')
Object.assign(myOptions, options); Object.assign(myOptions, options);
const isClaimManager = await Self.app.models.Account.hasRole(userId, 'claimManager', myOptions); const isClaimManager = await Self.app.models.VnUser.hasRole(userId, 'claimManager', myOptions);
const claim = await Self.app.models.Claim.findById(id, { const claim = await Self.app.models.Claim.findById(id, {
fields: ['claimStateFk'], fields: ['claimStateFk'],

4
modules/claim/back/methods/claim/updateClaim.js
View File

@ -80,7 +80,7 @@ module.exports = Self => {
if (args.claimStateFk) { if (args.claimStateFk) {
const canUpdate = await canChangeState(ctx, claim.claimStateFk, myOptions); const canUpdate = await canChangeState(ctx, claim.claimStateFk, myOptions);
const hasRights = await canChangeState(ctx, args.claimStateFk, myOptions); const hasRights = await canChangeState(ctx, args.claimStateFk, myOptions);
const isClaimManager = await models.Account.hasRole(userId, 'claimManager', myOptions); const isClaimManager = await models.VnUser.hasRole(userId, 'claimManager', myOptions);
if (!canUpdate || !hasRights || changedHasToPickUp && !isClaimManager) if (!canUpdate || !hasRights || changedHasToPickUp && !isClaimManager)
throw new UserError(`You don't have enough privileges to change that field`); throw new UserError(`You don't have enough privileges to change that field`);
@ -123,7 +123,7 @@ module.exports = Self => {
} }
}, options); }, options);
let stateRole = state.writeRole().name; let stateRole = state.writeRole().name;
let canUpdate = await models.Account.hasRole(userId, stateRole, options); let canUpdate = await models.VnUser.hasRole(userId, stateRole, options);
return canUpdate; return canUpdate;
} }

2
modules/client/back/methods/client/createWithUser.js
View File

@ -37,7 +37,7 @@ module.exports = function(Self) {
}; };
try { try {
const account = await models.Account.create(user, myOptions); const account = await models.VnUser.create(user, myOptions);
const client = await Self.create({ const client = await Self.create({
id: account.id, id: account.id,
name: data.name, name: data.name,

2
modules/client/back/methods/client/setPassword.js
View File

@ -28,7 +28,7 @@ module.exports = Self => {
const isUserAccount = await models.UserAccount.findById(id, null); const isUserAccount = await models.UserAccount.findById(id, null);
if (isClient && !isUserAccount) if (isClient && !isUserAccount)
await models.Account.setPassword(id, newPassword); await models.VnUser.setPassword(id, newPassword);
else else
throw new UserError(`Modifiable password only via recovery or by an administrator`); throw new UserError(`Modifiable password only via recovery or by an administrator`);
}; };

4
modules/client/back/methods/client/specs/createWithUser.spec.js
View File

@ -34,7 +34,7 @@ describe('Client Create', () => {
try { try {
const options = {transaction: tx}; const options = {transaction: tx};
const account = await models.Account.findOne({where: {name: newAccount.userName}}, options); const account = await models.VnUser.findOne({where: {name: newAccount.userName}}, options);
const client = await models.Client.findOne({where: {name: newAccount.name}}, options); const client = await models.Client.findOne({where: {name: newAccount.name}}, options);
expect(account).toEqual(null); expect(account).toEqual(null);
@ -54,7 +54,7 @@ describe('Client Create', () => {
const options = {transaction: tx}; const options = {transaction: tx};
const client = await models.Client.createWithUser(newAccount, options); const client = await models.Client.createWithUser(newAccount, options);
const account = await models.Account.findOne({where: {name: newAccount.userName}}, options); const account = await models.VnUser.findOne({where: {name: newAccount.userName}}, options);
expect(account.name).toEqual(newAccount.userName); expect(account.name).toEqual(newAccount.userName);
expect(client.id).toEqual(account.id); expect(client.id).toEqual(account.id);

2
modules/client/back/methods/client/specs/updateUser.spec.js
View File

@ -61,7 +61,7 @@ describe('Client updateUser', () => {
const clientID = 1105; const clientID = 1105;
await models.Client.updateUser(ctx, clientID, options); await models.Client.updateUser(ctx, clientID, options);
const client = await models.Account.findById(clientID, null, options); const client = await models.VnUser.findById(clientID, null, options);
expect(client.name).toEqual('test'); expect(client.name).toEqual('test');

2
modules/client/back/methods/client/updateAddress.js
View File

@ -93,7 +93,7 @@ module.exports = function(Self) {
if (typeof options == 'object') if (typeof options == 'object')
Object.assign(myOptions, options); Object.assign(myOptions, options);
const isSalesAssistant = await models.Account.hasRole(userId, 'salesAssistant', myOptions); const isSalesAssistant = await models.VnUser.hasRole(userId, 'salesAssistant', myOptions);
if (args.isLogifloraAllowed && !isSalesAssistant) if (args.isLogifloraAllowed && !isSalesAssistant)
throw new UserError(`You don't have enough privileges`); throw new UserError(`You don't have enough privileges`);

2
modules/client/back/methods/client/updateFiscalData.js
View File

@ -131,7 +131,7 @@ module.exports = Self => {
myOptions.transaction = tx; myOptions.transaction = tx;
} }
try { try {
const isSalesAssistant = await models.Account.hasRole(userId, 'salesAssistant', myOptions); const isSalesAssistant = await models.VnUser.hasRole(userId, 'salesAssistant', myOptions);
const client = await models.Client.findById(clientId, null, myOptions); const client = await models.Client.findById(clientId, null, myOptions);
if (!isSalesAssistant && client.isTaxDataChecked) if (!isSalesAssistant && client.isTaxDataChecked)
throw new UserError(`Not enough privileges to edit a client with verified data`); throw new UserError(`Not enough privileges to edit a client with verified data`);

6
modules/client/back/methods/client/updateUser.js
View File

@ -40,12 +40,12 @@ module.exports = Self => {
Object.assign(myOptions, options); Object.assign(myOptions, options);
if (!myOptions.transaction) { if (!myOptions.transaction) {
tx = await models.Account.beginTransaction({}); tx = await models.VnUser.beginTransaction({});
myOptions.transaction = tx; myOptions.transaction = tx;
} }
try { try {
const isSalesPerson = await models.Account.hasRole(userId, 'salesPerson', myOptions); const isSalesPerson = await models.VnUser.hasRole(userId, 'salesPerson', myOptions);
if (!isSalesPerson) if (!isSalesPerson)
throw new UserError(`Not enough privileges to edit a client`); throw new UserError(`Not enough privileges to edit a client`);
@ -54,7 +54,7 @@ module.exports = Self => {
const isUserAccount = await models.UserAccount.findById(id, null, myOptions); const isUserAccount = await models.UserAccount.findById(id, null, myOptions);
if (isClient && !isUserAccount) { if (isClient && !isUserAccount) {
const user = await models.Account.findById(id, null, myOptions); const user = await models.VnUser.findById(id, null, myOptions);
await user.updateAttributes(ctx.args, myOptions); await user.updateAttributes(ctx.args, myOptions);
} else } else
throw new UserError(`Modifiable user details only by an administrator`); throw new UserError(`Modifiable user details only by an administrator`);

14
modules/client/back/models/client.js
View File

@ -209,7 +209,7 @@ module.exports = Self => {
const loopBackContext = LoopBackContext.getCurrentContext(); const loopBackContext = LoopBackContext.getCurrentContext();
const userId = loopBackContext.active.accessToken.userId; const userId = loopBackContext.active.accessToken.userId;
const isSalesAssistant = await models.Account.hasRole(userId, 'salesAssistant', ctx.options); const isSalesAssistant = await models.VnUser.hasRole(userId, 'salesAssistant', ctx.options);
const hasChanges = orgData && changes; const hasChanges = orgData && changes;
const isTaxDataChecked = hasChanges && (changes.isTaxDataChecked || orgData.isTaxDataChecked); const isTaxDataChecked = hasChanges && (changes.isTaxDataChecked || orgData.isTaxDataChecked);
@ -375,7 +375,7 @@ module.exports = Self => {
const models = Self.app.models; const models = Self.app.models;
const userId = ctx.options.accessToken.userId; const userId = ctx.options.accessToken.userId;
const isFinancialBoss = await models.Account.hasRole(userId, 'financialBoss', ctx.options); const isFinancialBoss = await models.VnUser.hasRole(userId, 'financialBoss', ctx.options);
if (!isFinancialBoss) { if (!isFinancialBoss) {
const lastCredit = await models.ClientCredit.findOne({ const lastCredit = await models.ClientCredit.findOne({
where: { where: {
@ -386,7 +386,7 @@ module.exports = Self => {
const lastAmount = lastCredit && lastCredit.amount; const lastAmount = lastCredit && lastCredit.amount;
const lastWorkerId = lastCredit && lastCredit.workerFk; const lastWorkerId = lastCredit && lastCredit.workerFk;
const lastWorkerIsFinancialBoss = await models.Account.hasRole(lastWorkerId, 'financialBoss', ctx.options); const lastWorkerIsFinancialBoss = await models.VnUser.hasRole(lastWorkerId, 'financialBoss', ctx.options);
if (lastAmount == 0 && lastWorkerIsFinancialBoss) if (lastAmount == 0 && lastWorkerIsFinancialBoss)
throw new UserError(`You can't change the credit set to zero from a financialBoss`); throw new UserError(`You can't change the credit set to zero from a financialBoss`);
@ -421,15 +421,15 @@ module.exports = Self => {
const app = require('vn-loopback/server/server'); const app = require('vn-loopback/server/server');
app.on('started', function() { app.on('started', function() {
const account = app.models.Account; const VnUser = app.models.VnUser;
account.observe('before save', async ctx => { VnUser.observe('before save', async ctx => {
if (ctx.isNewInstance) return; if (ctx.isNewInstance) return;
if (ctx.currentInstance) if (ctx.currentInstance)
ctx.hookState.oldInstance = JSON.parse(JSON.stringify(ctx.currentInstance)); ctx.hookState.oldInstance = JSON.parse(JSON.stringify(ctx.currentInstance));
}); });
account.observe('after save', async ctx => { VnUser.observe('after save', async ctx => {
const changes = ctx.data || ctx.instance; const changes = ctx.data || ctx.instance;
if (!ctx.isNewInstance && changes) { if (!ctx.isNewInstance && changes) {
const oldData = ctx.hookState.oldInstance; const oldData = ctx.hookState.oldInstance;
@ -448,7 +448,7 @@ module.exports = Self => {
originFk: oldData.id, originFk: oldData.id,
userFk: userId, userFk: userId,
action: 'update', action: 'update',
changedModel: 'Account', changedModel: 'VnUser',
oldInstance: {name: oldData.name, active: oldData.active}, oldInstance: {name: oldData.name, active: oldData.active},
newInstance: {name: changes.name, active: changes.active} newInstance: {name: changes.name, active: changes.active}
}; };

6
modules/client/back/models/specs/client.spec.js
View File

@ -63,14 +63,14 @@ describe('Client Model', () => {
const context = {options}; const context = {options};
// Set credit to zero by a financialBoss // Set credit to zero by a financialBoss
const financialBoss = await models.Account.findOne({ const financialBoss = await models.VnUser.findOne({
where: {name: 'financialBoss'} where: {name: 'financialBoss'}
}, options); }, options);
context.options.accessToken = {userId: financialBoss.id}; context.options.accessToken = {userId: financialBoss.id};
await models.Client.changeCredit(context, instance, {credit: 0}); await models.Client.changeCredit(context, instance, {credit: 0});
const salesAssistant = await models.Account.findOne({ const salesAssistant = await models.VnUser.findOne({
where: {name: 'salesAssistant'} where: {name: 'salesAssistant'}
}, options); }, options);
context.options.accessToken = {userId: salesAssistant.id}; context.options.accessToken = {userId: salesAssistant.id};
@ -95,7 +95,7 @@ describe('Client Model', () => {
const options = {transaction: tx}; const options = {transaction: tx};
const context = {options}; const context = {options};
const salesAssistant = await models.Account.findOne({ const salesAssistant = await models.VnUser.findOne({
where: {name: 'salesAssistant'} where: {name: 'salesAssistant'}
}, options); }, options);
context.options.accessToken = {userId: salesAssistant.id}; context.options.accessToken = {userId: salesAssistant.id};

2
modules/client/back/models/specs/clientCredit.spec.js
View File

@ -15,7 +15,7 @@ describe('Client Credit', () => {
try { try {
const options = {transaction: tx}; const options = {transaction: tx};
const salesAssistant = await models.Account.findOne({ const salesAssistant = await models.VnUser.findOne({
where: {name: 'salesAssistant'} where: {name: 'salesAssistant'}
}, options); }, options);

2
modules/invoiceOut/back/methods/invoiceOut/createPdf.js
View File

@ -43,7 +43,7 @@ module.exports = Self => {
try { try {
const invoiceOut = await Self.findById(id, null, myOptions); const invoiceOut = await Self.findById(id, null, myOptions);
const hasInvoicing = await models.Account.hasRole(userId, 'invoicing', myOptions); const hasInvoicing = await models.VnUser.hasRole(userId, 'invoicing', myOptions);
if (invoiceOut.hasPdf && !hasInvoicing) if (invoiceOut.hasPdf && !hasInvoicing)
throw new UserError(`You don't have enough privileges`); throw new UserError(`You don't have enough privileges`);

2
modules/supplier/back/models/supplier.js
View File

@ -107,7 +107,7 @@ module.exports = Self => {
const orgData = ctx.currentInstance; const orgData = ctx.currentInstance;
const userId = loopbackContext.active.accessToken.userId; const userId = loopbackContext.active.accessToken.userId;
const isNotFinancial = !await Self.app.models.Account.hasRole(userId, 'financial'); const isNotFinancial = !await Self.app.models.VnUser.hasRole(userId, 'financial');
const isPayMethodChecked = changes.isPayMethodChecked || orgData.isPayMethodChecked; const isPayMethodChecked = changes.isPayMethodChecked || orgData.isPayMethodChecked;
const hasChanges = orgData && changes; const hasChanges = orgData && changes;
const isPayMethodCheckedChanged = hasChanges const isPayMethodCheckedChanged = hasChanges

6
modules/ticket/back/methods/state/editableStates.js
View File

@ -25,9 +25,9 @@ module.exports = Self => {
Object.assign(myOptions, options); Object.assign(myOptions, options);
let statesList = await models.State.find({where: filter.where}, myOptions); let statesList = await models.State.find({where: filter.where}, myOptions);
const isProduction = await models.Account.hasRole(userId, 'production', myOptions); const isProduction = await models.VnUser.hasRole(userId, 'production', myOptions);
const isSalesPerson = await models.Account.hasRole(userId, 'salesPerson', myOptions); const isSalesPerson = await models.VnUser.hasRole(userId, 'salesPerson', myOptions);
const isAdministrative = await models.Account.hasRole(userId, 'administrative', myOptions); const isAdministrative = await models.VnUser.hasRole(userId, 'administrative', myOptions);
if (isProduction || isAdministrative) if (isProduction || isAdministrative)
return statesList; return statesList;

6
modules/ticket/back/methods/state/isEditable.js
View File

@ -27,9 +27,9 @@ module.exports = Self => {
if (typeof options == 'object') if (typeof options == 'object')
Object.assign(myOptions, options); Object.assign(myOptions, options);
const isProduction = await models.Account.hasRole(userId, 'production', myOptions); const isProduction = await models.VnUser.hasRole(userId, 'production', myOptions);
const isSalesPerson = await models.Account.hasRole(userId, 'salesPerson', myOptions); const isSalesPerson = await models.VnUser.hasRole(userId, 'salesPerson', myOptions);
const isAdministrative = await models.Account.hasRole(userId, 'administrative', myOptions); const isAdministrative = await models.VnUser.hasRole(userId, 'administrative', myOptions);
const state = await models.State.findById(stateId, null, myOptions); const state = await models.State.findById(stateId, null, myOptions);
const salesPersonAllowed = (isSalesPerson && (state.code == 'PICKER_DESIGNED' || state.code == 'PRINTED')); const salesPersonAllowed = (isSalesPerson && (state.code == 'PICKER_DESIGNED' || state.code == 'PRINTED'));

2
modules/ticket/back/methods/ticket/componentUpdate.js
View File

@ -116,7 +116,7 @@ module.exports = Self => {
if (!isEditable) if (!isEditable)
throw new UserError(`The sales of this ticket can't be modified`); throw new UserError(`The sales of this ticket can't be modified`);
const isDeliveryBoss = await models.Account.hasRole(userId, 'deliveryBoss', myOptions); const isDeliveryBoss = await models.VnUser.hasRole(userId, 'deliveryBoss', myOptions);
if (!isDeliveryBoss) { if (!isDeliveryBoss) {
const zoneShipped = await models.Agency.getShipped( const zoneShipped = await models.Agency.getShipped(
args.landed, args.landed,

8
modules/ticket/back/methods/ticket/isRoleAdvanced.js
View File

@ -20,10 +20,10 @@ module.exports = Self => {
if (typeof options == 'object') if (typeof options == 'object')
Object.assign(myOptions, options); Object.assign(myOptions, options);
const isSalesAssistant = await models.Account.hasRole(userId, 'salesAssistant', myOptions); const isSalesAssistant = await models.VnUser.hasRole(userId, 'salesAssistant', myOptions);
const isDeliveryBoss = await models.Account.hasRole(userId, 'deliveryBoss', myOptions); const isDeliveryBoss = await models.VnUser.hasRole(userId, 'deliveryBoss', myOptions);
const isBuyer = await models.Account.hasRole(userId, 'buyer', myOptions); const isBuyer = await models.VnUser.hasRole(userId, 'buyer', myOptions);
const isClaimManager = await models.Account.hasRole(userId, 'claimManager', myOptions); const isClaimManager = await models.VnUser.hasRole(userId, 'claimManager', myOptions);
const isRoleAdvanced = isSalesAssistant || isDeliveryBoss || isBuyer || isClaimManager; const isRoleAdvanced = isSalesAssistant || isDeliveryBoss || isBuyer || isClaimManager;

2
modules/ticket/back/methods/ticket/priceDifference.js
View File

@ -78,7 +78,7 @@ module.exports = Self => {
if (!isEditable) if (!isEditable)
throw new UserError(`The sales of this ticket can't be modified`); throw new UserError(`The sales of this ticket can't be modified`);
const isDeliveryBoss = await models.Account.hasRole(userId, 'deliveryBoss', myOptions); const isDeliveryBoss = await models.VnUser.hasRole(userId, 'deliveryBoss', myOptions);
if (!isDeliveryBoss) { if (!isDeliveryBoss) {
const zoneShipped = await models.Agency.getShipped( const zoneShipped = await models.Agency.getShipped(
args.landed, args.landed,

2
modules/ticket/back/methods/ticket/setDeleted.js
View File

@ -43,7 +43,7 @@ module.exports = Self => {
throw new UserError(`The sales of this ticket can't be modified`); throw new UserError(`The sales of this ticket can't be modified`);
// Check if has sales with shelving // Check if has sales with shelving
const isSalesAssistant = await models.Account.hasRole(userId, 'salesAssistant', myOptions); const isSalesAssistant = await models.VnUser.hasRole(userId, 'salesAssistant', myOptions);
const sales = await models.Sale.find({ const sales = await models.Sale.find({
include: {relation: 'itemShelvingSale'}, include: {relation: 'itemShelvingSale'},
where: {ticketFk: id} where: {ticketFk: id}

2
modules/ticket/back/methods/ticket/transferSales.js
View File

@ -77,7 +77,7 @@ module.exports = Self => {
const saleIds = sales.map(sale => sale.id); const saleIds = sales.map(sale => sale.id);
const isClaimManager = await models.Account.hasRole(userId, 'claimManager'); const isClaimManager = await models.VnUser.hasRole(userId, 'claimManager');
const hasClaimedSales = await models.ClaimBeginning.findOne({where: {saleFk: {inq: saleIds}}}); const hasClaimedSales = await models.ClaimBeginning.findOne({where: {saleFk: {inq: saleIds}}});
if (hasClaimedSales && !isClaimManager) if (hasClaimedSales && !isClaimManager)
throw new UserError(`Can't transfer claimed sales`); throw new UserError(`Can't transfer claimed sales`);

2
modules/ticket/back/methods/ticket/updateDiscount.js
View File

@ -85,7 +85,7 @@ module.exports = Self => {
const userId = ctx.req.accessToken.userId; const userId = ctx.req.accessToken.userId;
const isLocked = await models.Ticket.isLocked(id, myOptions); const isLocked = await models.Ticket.isLocked(id, myOptions);
const roles = await models.Account.getRoles(userId, myOptions); const roles = await models.VnUser.getRoles(userId, myOptions);
const hasAllowedRoles = roles.filter(role => const hasAllowedRoles = roles.filter(role =>
role == 'salesPerson' || role == 'claimManager' role == 'salesPerson' || role == 'claimManager'
); );

2
modules/worker/back/methods/worker-dms/filter.js
View File

@ -26,7 +26,7 @@ module.exports = Self => {
const conn = Self.dataSource.connector; const conn = Self.dataSource.connector;
const userId = ctx.req.accessToken.userId; const userId = ctx.req.accessToken.userId;
const account = await Self.app.models.Account.findById(userId); const account = await Self.app.models.VnUser.findById(userId);
const stmt = new ParameterizedSQL( const stmt = new ParameterizedSQL(
`SELECT d.id dmsFk, d.reference, d.description, d.file, d.created, d.hardCopyNumber, d.hasFile `SELECT d.id dmsFk, d.reference, d.description, d.file, d.created, d.hardCopyNumber, d.hasFile
FROM workerDocument wd FROM workerDocument wd

2
modules/worker/back/methods/worker-time-control/addTimeEntry.js
View File

@ -40,7 +40,7 @@ module.exports = Self => {
Object.assign(myOptions, options); Object.assign(myOptions, options);
const isSubordinate = await models.Worker.isSubordinate(ctx, workerId, myOptions); const isSubordinate = await models.Worker.isSubordinate(ctx, workerId, myOptions);
const isTeamBoss = await models.Account.hasRole(currentUserId, 'teamBoss', myOptions); const isTeamBoss = await models.VnUser.hasRole(currentUserId, 'teamBoss', myOptions);
const isHimself = currentUserId == workerId; const isHimself = currentUserId == workerId;
if (isSubordinate === false || (isSubordinate && isHimself && !isTeamBoss)) if (isSubordinate === false || (isSubordinate && isHimself && !isTeamBoss))

2
modules/worker/back/methods/worker-time-control/deleteTimeEntry.js
View File

@ -32,7 +32,7 @@ module.exports = Self => {
const targetTimeEntry = await Self.findById(id, null, myOptions); const targetTimeEntry = await Self.findById(id, null, myOptions);
const isSubordinate = await models.Worker.isSubordinate(ctx, targetTimeEntry.userFk, myOptions); const isSubordinate = await models.Worker.isSubordinate(ctx, targetTimeEntry.userFk, myOptions);
const isTeamBoss = await models.Account.hasRole(currentUserId, 'teamBoss', myOptions); const isTeamBoss = await models.VnUser.hasRole(currentUserId, 'teamBoss', myOptions);
const isHimself = currentUserId == targetTimeEntry.userFk; const isHimself = currentUserId == targetTimeEntry.userFk;
if (isSubordinate === false || (isSubordinate && isHimself && !isTeamBoss)) if (isSubordinate === false || (isSubordinate && isHimself && !isTeamBoss))

2
modules/worker/back/methods/worker-time-control/updateTimeEntry.js
View File

@ -38,7 +38,7 @@ module.exports = Self => {
const targetTimeEntry = await Self.findById(id, null, myOptions); const targetTimeEntry = await Self.findById(id, null, myOptions);
const isSubordinate = await models.Worker.isSubordinate(ctx, targetTimeEntry.userFk, myOptions); const isSubordinate = await models.Worker.isSubordinate(ctx, targetTimeEntry.userFk, myOptions);
const isTeamBoss = await models.Account.hasRole(currentUserId, 'teamBoss', myOptions); const isTeamBoss = await models.VnUser.hasRole(currentUserId, 'teamBoss', myOptions);
const isHimself = currentUserId == targetTimeEntry.userFk; const isHimself = currentUserId == targetTimeEntry.userFk;
const notAllowed = isSubordinate === false || (isSubordinate && isHimself && !isTeamBoss); const notAllowed = isSubordinate === false || (isSubordinate && isHimself && !isTeamBoss);

6
modules/worker/back/methods/worker/createAbsence.js
View File

@ -53,7 +53,7 @@ module.exports = Self => {
try { try {
const isSubordinate = await models.Worker.isSubordinate(ctx, id, myOptions); const isSubordinate = await models.Worker.isSubordinate(ctx, id, myOptions);
const isTeamBoss = await models.Account.hasRole(userId, 'teamBoss', myOptions); const isTeamBoss = await models.VnUser.hasRole(userId, 'teamBoss', myOptions);
if (!isSubordinate || (isSubordinate && userId == id && !isTeamBoss)) if (!isSubordinate || (isSubordinate && userId == id && !isTeamBoss))
throw new UserError(`You don't have enough privileges`); throw new UserError(`You don't have enough privileges`);
@ -107,8 +107,8 @@ module.exports = Self => {
const department = labour.department(); const department = labour.department();
if (department && department.notificationEmail) { if (department && department.notificationEmail) {
const absenceType = await models.AbsenceType.findById(args.absenceTypeId, null, myOptions); const absenceType = await models.AbsenceType.findById(args.absenceTypeId, null, myOptions);
const account = await models.Account.findById(userId, null, myOptions); const account = await models.VnUser.findById(userId, null, myOptions);
const subordinated = await models.Account.findById(id, null, myOptions); const subordinated = await models.VnUser.findById(id, null, myOptions);
const origin = ctx.req.headers.origin; const origin = ctx.req.headers.origin;
const body = $t('Created absence', { const body = $t('Created absence', {
author: account.nickname, author: account.nickname,

6
modules/worker/back/methods/worker/deleteAbsence.js
View File

@ -40,7 +40,7 @@ module.exports = Self => {
try { try {
const isSubordinate = await models.Worker.isSubordinate(ctx, id, myOptions); const isSubordinate = await models.Worker.isSubordinate(ctx, id, myOptions);
const isTeamBoss = await models.Account.hasRole(userId, 'teamBoss', myOptions); const isTeamBoss = await models.VnUser.hasRole(userId, 'teamBoss', myOptions);
if (!isSubordinate || (isSubordinate && userId == id && !isTeamBoss)) if (!isSubordinate || (isSubordinate && userId == id && !isTeamBoss))
throw new UserError(`You don't have enough privileges`); throw new UserError(`You don't have enough privileges`);
@ -58,8 +58,8 @@ module.exports = Self => {
const department = labour && labour.department(); const department = labour && labour.department();
if (department && department.notificationEmail) { if (department && department.notificationEmail) {
const absenceType = await models.AbsenceType.findById(absence.dayOffTypeFk, null, myOptions); const absenceType = await models.AbsenceType.findById(absence.dayOffTypeFk, null, myOptions);
const account = await models.Account.findById(userId, null, myOptions); const account = await models.VnUser.findById(userId, null, myOptions);
const subordinated = await models.Account.findById(labour.workerFk, null, myOptions); const subordinated = await models.VnUser.findById(labour.workerFk, null, myOptions);
const origin = ctx.req.headers.origin; const origin = ctx.req.headers.origin;
const body = $t('Deleted absence', { const body = $t('Deleted absence', {
author: account.nickname, author: account.nickname,

2
modules/worker/back/methods/worker/isSubordinate.js
View File

@ -37,7 +37,7 @@ module.exports = Self => {
return subordinate.workerFk == id; return subordinate.workerFk == id;
}); });
const isHr = await models.Account.hasRole(myUserId, 'hr', myOptions); const isHr = await models.VnUser.hasRole(myUserId, 'hr', myOptions);
if (isHr || isSubordinate) if (isHr || isSubordinate)
return true; return true;

4
modules/worker/back/methods/worker/new.js
View File

@ -144,7 +144,7 @@ module.exports = Self => {
'SELECT account.passwordGenerate() as password;' 'SELECT account.passwordGenerate() as password;'
); );
const user = await models.Account.create( const user = await models.VnUser.create(
{ {
name: args.name, name: args.name,
nickname, nickname,
@ -210,7 +210,7 @@ module.exports = Self => {
); );
} }
const user = await models.Account.findById(client.id, null, myOptions); const user = await models.VnUser.findById(client.id, null, myOptions);
await user.updateAttribute('email', args.email, myOptions); await user.updateAttribute('email', args.email, myOptions);
await models.Worker.rawSql( await models.Worker.rawSql(

4
modules/worker/back/methods/worker/specs/activeWithInheritedRole.spec.js
View File

@ -13,7 +13,7 @@ describe('Worker activeWithInheritedRole', () => {
const randomIndex = Math.floor(Math.random() * result.length); const randomIndex = Math.floor(Math.random() * result.length);
const worker = result[randomIndex]; const worker = result[randomIndex];
const isSalesPerson = await app.models.Account.hasRole(worker.id, 'salesPerson'); const isSalesPerson = await app.models.VnUser.hasRole(worker.id, 'salesPerson');
expect(result.length).toBeGreaterThan(1); expect(result.length).toBeGreaterThan(1);
expect(result.length).toBeLessThan(allRolesCount); expect(result.length).toBeLessThan(allRolesCount);
@ -27,7 +27,7 @@ describe('Worker activeWithInheritedRole', () => {
const randomIndex = Math.floor(Math.random() * result.length); const randomIndex = Math.floor(Math.random() * result.length);
const worker = result[randomIndex]; const worker = result[randomIndex];
const isBuyer = await app.models.Account.hasRole(worker.id, 'buyer'); const isBuyer = await app.models.VnUser.hasRole(worker.id, 'buyer');
expect(result.length).toBeGreaterThan(1); expect(result.length).toBeGreaterThan(1);
expect(result.length).toBeLessThan(allRolesCount); expect(result.length).toBeLessThan(allRolesCount);

4
modules/worker/back/methods/worker/specs/new.spec.js
View File

@ -38,7 +38,7 @@ describe('Worker new', () => {
}; };
it('should return error if personal mail already exists', async() => { it('should return error if personal mail already exists', async() => {
const user = await models.Account.findById(employeeId, {fields: ['email']}); const user = await models.VnUser.findById(employeeId, {fields: ['email']});
const tx = await models.Worker.beginTransaction({}); const tx = await models.Worker.beginTransaction({});
@ -112,7 +112,7 @@ describe('Worker new', () => {
await models.Address.destroyAll({clientFk: newWorker.id}); await models.Address.destroyAll({clientFk: newWorker.id});
await models.Mandate.destroyAll({clientFk: newWorker.id}); await models.Mandate.destroyAll({clientFk: newWorker.id});
await models.Client.destroyById(newWorker.id); await models.Client.destroyById(newWorker.id);
await models.Account.destroyById(newWorker.id); await models.VnUser.destroyById(newWorker.id);
expect(newWorker.id).toBeDefined(); expect(newWorker.id).toBeDefined();
}); });

2
modules/worker/back/methods/worker/updateAbsence.js
View File

@ -30,7 +30,7 @@ module.exports = Self => {
const models = Self.app.models; const models = Self.app.models;
const userId = ctx.req.accessToken.userId; const userId = ctx.req.accessToken.userId;
const isSubordinate = await models.Worker.isSubordinate(ctx, id); const isSubordinate = await models.Worker.isSubordinate(ctx, id);
const isTeamBoss = await models.Account.hasRole(userId, 'teamBoss'); const isTeamBoss = await models.VnUser.hasRole(userId, 'teamBoss');
if (!isSubordinate || (isSubordinate && userId == id && !isTeamBoss)) if (!isSubordinate || (isSubordinate && userId == id && !isTeamBoss))
throw new UserError(`You don't have enough privileges`); throw new UserError(`You don't have enough privileges`);

2
modules/worker/front/account/index.html
View File

@ -1,5 +1,5 @@
<mg-ajax <mg-ajax
path="Accounts/{{$ctrl.worker.userFk}}" path="VnUsers/{{$ctrl.worker.userFk}}"
actions="user = edit.model" actions="user = edit.model"
options="mgEdit"> options="mgEdit">
</mg-ajax> </mg-ajax>

2
modules/zone/back/methods/agency/getLanded.js
View File

@ -42,7 +42,7 @@ module.exports = Self => {
const userId = ctx.req.accessToken.userId; const userId = ctx.req.accessToken.userId;
const models = Self.app.models; const models = Self.app.models;
const roles = await models.Account.getRoles(userId); const roles = await models.VnUser.getRoles(userId);
const canSeeExpired = roles.filter(role => const canSeeExpired = roles.filter(role =>
role == 'productionBoss' || role == 'administrative' role == 'productionBoss' || role == 'administrative'
); );

2
modules/zone/back/methods/zone/includingExpired.js
View File

@ -36,7 +36,7 @@ module.exports = Self => {
&& where.agencyModeFk && where.warehouseFk; && where.agencyModeFk && where.warehouseFk;
if (filterByAvailability) { if (filterByAvailability) {
const roles = await models.Account.getRoles(userId, myOptions); const roles = await models.VnUser.getRoles(userId, myOptions);
const canSeeExpired = roles.filter(role => const canSeeExpired = roles.filter(role =>
role == 'productionBoss' || role == 'administrative' role == 'productionBoss' || role == 'administrative'
); );