From 452745b04a34dfebbd8ea03b4c018d2f34b53f91 Mon Sep 17 00:00:00 2001 From: Pau Navarro Date: Mon, 10 Oct 2022 09:01:52 +0200 Subject: [PATCH 1/2] Added webp to the list of allowed images --- loopback/server/datasources.json | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/loopback/server/datasources.json b/loopback/server/datasources.json index 5dade9c2e..4db642058 100644 --- a/loopback/server/datasources.json +++ b/loopback/server/datasources.json @@ -40,6 +40,7 @@ "image/png", "image/jpeg", "image/jpg", + "image/webp", "video/mp4" ] }, @@ -60,7 +61,8 @@ "multipart/x-zip", "image/png", "image/jpeg", - "image/jpg" + "image/jpg", + "image/webp" ] }, "imageStorage": { @@ -72,7 +74,8 @@ "allowedContentTypes": [ "image/png", "image/jpeg", - "image/jpg" + "image/jpg", + "image/webp" ] }, "invoiceStorage": { @@ -96,6 +99,7 @@ "image/png", "image/jpeg", "image/jpg", + "image/webp", "video/mp4" ] }, From a5ceee07e94bd012cfdf256f4e3e38cd7c78c570 Mon Sep 17 00:00:00 2001 From: alexm Date: Tue, 18 Oct 2022 11:50:16 +0200 Subject: [PATCH 2/2] use loopback --- back/methods/account/hasFuncionalityAcl.js | 47 ------------------- back/models/account.js | 1 - db/changes/10491-august/00-editTrackedACL.sql | 3 ++ .../10491-august/00-funcionalityAcl.sql | 15 ------ modules/ticket/back/methods/sale/canEdit.js | 28 +++++++++-- .../back/methods/sale/specs/canEdit.spec.js | 12 ++--- .../back/methods/sale/specs/reserve.spec.js | 6 +-- 7 files changed, 36 insertions(+), 76 deletions(-) delete mode 100644 back/methods/account/hasFuncionalityAcl.js create mode 100644 db/changes/10491-august/00-editTrackedACL.sql delete mode 100644 db/changes/10491-august/00-funcionalityAcl.sql diff --git a/back/methods/account/hasFuncionalityAcl.js b/back/methods/account/hasFuncionalityAcl.js deleted file mode 100644 index d6224fffc..000000000 --- a/back/methods/account/hasFuncionalityAcl.js +++ /dev/null @@ -1,47 +0,0 @@ -module.exports = Self => { - Self.remoteMethod('hasFuncionalityAcl', { - description: 'Return if user has permissions', - accepts: [ - { - arg: 'model', - type: 'String', - description: 'The model', - required: true - }, - { - arg: 'property', - type: 'String', - description: 'The property', - required: true - } - ], - returns: { - type: 'Object', - root: true - }, - http: { - path: `/hasFuncionalityAcl`, - verb: 'GET' - } - }); - - Self.hasFuncionalityAcl = async function(ctx, model, property) { - const userId = ctx.req.accessToken.userId; - const models = Self.app.models; - - const acls = await models.FuncionalityAcl.find({ - where: { - model: model, - property: property - } - }); - - let hasPermissions; - for (let acl of acls) - if (!hasPermissions) hasPermissions = await models.Account.hasRole(userId, acl.role); - - if (hasPermissions) - return true; - return false; - }; -}; diff --git a/back/models/account.js b/back/models/account.js index 7d7fa9fe3..f74052b5c 100644 --- a/back/models/account.js +++ b/back/models/account.js @@ -7,7 +7,6 @@ module.exports = Self => { require('../methods/account/change-password')(Self); require('../methods/account/set-password')(Self); require('../methods/account/validate-token')(Self); - require('../methods/account/hasFuncionalityAcl')(Self); require('../methods/account/privileges')(Self); // Validations diff --git a/db/changes/10491-august/00-editTrackedACL.sql b/db/changes/10491-august/00-editTrackedACL.sql new file mode 100644 index 000000000..37d24ac81 --- /dev/null +++ b/db/changes/10491-august/00-editTrackedACL.sql @@ -0,0 +1,3 @@ +INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`) + VALUES + ('Sale', 'editTracked', 'READ', 'ALLOW', 'ROLE', 'production'); diff --git a/db/changes/10491-august/00-funcionalityAcl.sql b/db/changes/10491-august/00-funcionalityAcl.sql deleted file mode 100644 index 02f3dbcc4..000000000 --- a/db/changes/10491-august/00-funcionalityAcl.sql +++ /dev/null @@ -1,15 +0,0 @@ -CREATE TABLE `salix`.`funcionalityAcl` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `model` varchar(255) COLLATE utf8mb3_unicode_ci DEFAULT NULL, - `property` varchar(255) COLLATE utf8mb3_unicode_ci DEFAULT NULL, - `role` varchar(45) COLLATE utf8mb3_unicode_ci DEFAULT NULL, - PRIMARY KEY (`id`), - CONSTRAINT `role_FK` FOREIGN KEY (`role`) REFERENCES `account`.`role` (`name`) ON UPDATE CASCADE -) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci; - - -INSERT INTO `salix`.`funcionalityAcl` (`model`, `property`, `role`) - VALUES - ('Sale', 'editTracked', 'production'), - ('Sale', 'editCloned', 66); - ('Sale', 'editWeekly', 66); diff --git a/modules/ticket/back/methods/sale/canEdit.js b/modules/ticket/back/methods/sale/canEdit.js index c0cd4b701..b1dab82a5 100644 --- a/modules/ticket/back/methods/sale/canEdit.js +++ b/modules/ticket/back/methods/sale/canEdit.js @@ -40,16 +40,36 @@ module.exports = Self => { const isTicketWeekly = await models.TicketWeekly.findOne({where: {ticketFk: firstSale.ticketFk}}, myOptions); - const canEditTracked = await models.Account.hasFuncionalityAcl(ctx, 'Sale', 'editTracked'); - const canEditCloned = await models.Account.hasFuncionalityAcl(ctx, 'Sale', 'editCloned'); - const canEditWeekly = await models.Account.hasFuncionalityAcl(ctx, 'Ticket', 'editWeekly'); + // (principalType, principalId,model, property, accessType,callback); + // let canEditTracked = await models.ACL.checkPermission('ROLE', 'employee', 'Sale', 'updateConcept', '*'); + // let canEditTracked2 = await models.ACL.checkPermission('USER', 'developer', 'Sale', 'editTracked', 'READ'); + const array = ['editTracked']; + let canEditTracked3 = await models.ACL.checkAccessForContext({ + principals: [{ + type: 'ROLE', + id: 'employee' + }], + model: 'Sale', + property: 'editTracked', + methodNames: array, + accessType: 'READ' + }); + console.log(canEditTracked3); + // canEditTracked = await models.ACL.resolvePermission(canEditTracked); + // let canEditCloned = await models.ACL.checkPermission('ROLE', 'employee', 'Sale', 'editCloned', '*'); + // let canEditWeekly = await models.ACL.checkPermission('ROLE', 'employee', 'Ticket', 'editWeekly', '*'); + // console.log(canEditTracked, canEditTracked2); + console.log(canEditTracked3); const shouldEditTracked = canEditTracked || !hasSaleTracking; const shouldEditCloned = canEditCloned || !hasSaleCloned; const shouldEditWeekly = canEditWeekly || !isTicketWeekly; const canEdit = shouldEditTracked && shouldEditCloned && shouldEditWeekly; - return canEdit; + if (canEdit) + return true; + + return false; }; }; diff --git a/modules/ticket/back/methods/sale/specs/canEdit.spec.js b/modules/ticket/back/methods/sale/specs/canEdit.spec.js index 7d89471f6..1522ee7a3 100644 --- a/modules/ticket/back/methods/sale/specs/canEdit.spec.js +++ b/modules/ticket/back/methods/sale/specs/canEdit.spec.js @@ -91,20 +91,20 @@ describe('sale canEdit()', () => { it('should return true if any of the sales is cloned and has the correct role', async() => { const tx = await models.Sale.beginTransaction({}); - const roleEnabled = await models.FuncionalityAcl.findOne({ + const roleEnabled = await models.ACL.findOne({ where: { model: 'Sale', property: 'editCloned' } }); - if (!roleEnabled || !roleEnabled.role) return; + if (!roleEnabled || !roleEnabled.principalId) return; try { const options = {transaction: tx}; const roleId = await models.Role.findOne({ where: { - name: roleEnabled.role + name: roleEnabled.principalId } }); const ctx = {req: {accessToken: {userId: roleId}}}; @@ -146,20 +146,20 @@ describe('sale canEdit()', () => { it('should return true if any of the sales is of ticketWeekly and has the correct role', async() => { const tx = await models.Sale.beginTransaction({}); - const roleEnabled = await models.FuncionalityAcl.findOne({ + const roleEnabled = await models.ACL.findOne({ where: { model: 'Sale', property: 'editWeekly' } }); - if (!roleEnabled || !roleEnabled.role) return; + if (!roleEnabled || !roleEnabled.principalId) return; try { const options = {transaction: tx}; const roleId = await models.Role.findOne({ where: { - name: roleEnabled.role + name: roleEnabled.principalId } }); const ctx = {req: {accessToken: {userId: roleId}}}; diff --git a/modules/ticket/back/methods/sale/specs/reserve.spec.js b/modules/ticket/back/methods/sale/specs/reserve.spec.js index c4b3b4e5d..7c2d43715 100644 --- a/modules/ticket/back/methods/sale/specs/reserve.spec.js +++ b/modules/ticket/back/methods/sale/specs/reserve.spec.js @@ -1,9 +1,9 @@ const models = require('vn-loopback/server/server').models; -describe('sale reserve()', () => { +fdescribe('sale reserve()', () => { const ctx = { req: { - accessToken: {userId: 9}, + accessToken: {userId: 1}, headers: {origin: 'localhost:5000'}, __: () => {} } @@ -31,7 +31,7 @@ describe('sale reserve()', () => { expect(error).toEqual(new Error(`The sales of this ticket can't be modified`)); }); - it('should update the given sales of a ticket to reserved', async() => { + fit('should update the given sales of a ticket to reserved', async() => { const tx = await models.Sale.beginTransaction({}); try {