5887-mailAlias_refactor #1659
|
@ -0,0 +1,68 @@
|
||||||
|
const UserError = require('vn-loopback/util/user-error');
|
||||||
|
|
||||||
|
module.exports = Self => {
|
||||||
|
Self.remoteMethod('addAlias', {
|
||||||
|
description: 'Add an alias if the user has the grant',
|
||||||
vicent marked this conversation as resolved
Outdated
|
|||||||
|
accessType: 'WRITE',
|
||||||
|
accepts: [
|
||||||
|
{
|
||||||
|
arg: 'ctx',
|
||||||
|
type: 'Object',
|
||||||
|
http: {source: 'context'}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
arg: 'id',
|
||||||
|
type: 'number',
|
||||||
|
required: true,
|
||||||
|
description: 'The user id',
|
||||||
|
http: {source: 'path'}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
arg: 'mailAlias',
|
||||||
|
type: 'number',
|
||||||
|
description: 'The new alias for user',
|
||||||
|
required: true
|
||||||
|
}
|
||||||
|
],
|
||||||
|
http: {
|
||||||
|
path: `/:id/addAlias`,
|
||||||
|
verb: 'POST'
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
Self.addAlias = async function(ctx, id, mailAlias, options) {
|
||||||
|
const models = Self.app.models;
|
||||||
|
const userId = ctx.req.accessToken.userId;
|
||||||
|
|
||||||
|
const myOptions = {};
|
||||||
|
|
||||||
|
if (typeof options == 'object')
|
||||||
|
Object.assign(myOptions, options);
|
||||||
|
|
||||||
|
const user = await Self.findById(userId, {fields: ['hasGrant']}, myOptions);
|
||||||
|
|
||||||
|
if (!user.hasGrant)
|
||||||
|
throw new UserError(`You don't have grant privilege`);
|
||||||
|
|
||||||
|
const account = await models.Account.findById(userId, {
|
||||||
|
fields: ['id'],
|
||||||
|
include: {
|
||||||
|
relation: 'aliases',
|
||||||
|
scope: {
|
||||||
|
fields: ['mailAlias']
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}, myOptions);
|
||||||
|
|
||||||
|
const aliases = account.aliases().map(alias => alias.mailAlias);
|
||||||
|
|
||||||
|
const hasAlias = aliases.includes(mailAlias);
|
||||||
|
if (!hasAlias)
|
||||||
|
throw new UserError(`You cannot assign an alias that you are not assigned to`);
|
||||||
|
|
||||||
|
return models.MailAliasAccount.create({
|
||||||
|
mailAlias: mailAlias,
|
||||||
|
account: id
|
||||||
|
}, myOptions);
|
||||||
|
};
|
||||||
|
};
|
|
@ -0,0 +1,55 @@
|
||||||
|
const UserError = require('vn-loopback/util/user-error');
|
||||||
|
|
||||||
|
module.exports = Self => {
|
||||||
|
Self.remoteMethod('removeAlias', {
|
||||||
|
description: 'Remove alias if the user has the grant',
|
||||||
|
accessType: 'WRITE',
|
||||||
|
accepts: [
|
||||||
|
{
|
||||||
|
arg: 'ctx',
|
||||||
|
type: 'Object',
|
||||||
|
http: {source: 'context'}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
arg: 'id',
|
||||||
|
type: 'number',
|
||||||
|
required: true,
|
||||||
|
description: 'The user id',
|
||||||
|
http: {source: 'path'}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
arg: 'mailAlias',
|
||||||
|
type: 'number',
|
||||||
|
description: 'The alias to delete',
|
||||||
|
required: true
|
||||||
|
}
|
||||||
|
],
|
||||||
|
http: {
|
||||||
|
path: `/:id/removeAlias`,
|
||||||
|
verb: 'POST'
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
Self.removeAlias = async function(ctx, id, mailAlias, options) {
|
||||||
|
const models = Self.app.models;
|
||||||
|
const userId = ctx.req.accessToken.userId;
|
||||||
|
|
||||||
|
const myOptions = {};
|
||||||
|
|
||||||
|
if (typeof options == 'object')
|
||||||
|
Object.assign(myOptions, options);
|
||||||
|
|
||||||
|
const canRemoveAlias = await models.ACL.checkAccessAcl(ctx, 'VnUser', 'canRemoveAlias', 'WRITE');
|
||||||
|
|
||||||
|
if (userId != id && !canRemoveAlias) throw new UserError(`You don't have grant privilege`);
|
||||||
|
|
||||||
|
const mailAliasAccount = await models.MailAliasAccount.findOne({
|
||||||
|
where: {
|
||||||
|
mailAlias: mailAlias,
|
||||||
|
account: id
|
||||||
|
}
|
||||||
|
}, myOptions);
|
||||||
|
|
||||||
|
await mailAliasAccount.destroy(myOptions);
|
||||||
|
};
|
||||||
|
};
|
|
@ -0,0 +1,68 @@
|
||||||
|
const {models} = require('vn-loopback/server/server');
|
||||||
|
|
||||||
|
describe('VnUser addAlias()', () => {
|
||||||
|
const employeeId = 1;
|
||||||
|
const sysadminId = 66;
|
||||||
|
const developerId = 9;
|
||||||
|
const customerId = 2;
|
||||||
|
const mailAlias = 1;
|
||||||
|
it('should throw an error when user not has privileges', async() => {
|
||||||
|
const ctx = {req: {accessToken: {userId: employeeId}}};
|
||||||
|
const tx = await models.VnUser.beginTransaction({});
|
||||||
|
|
||||||
|
let error;
|
||||||
|
try {
|
||||||
|
const options = {transaction: tx};
|
||||||
|
|
||||||
|
await models.VnUser.addAlias(ctx, employeeId, mailAlias, options);
|
||||||
|
|
||||||
|
await tx.rollback();
|
||||||
|
} catch (e) {
|
||||||
|
error = e;
|
||||||
|
await tx.rollback();
|
||||||
|
}
|
||||||
|
|
||||||
|
expect(error.message).toContain(`You don't have grant privilege`);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should throw an error when user has privileges but not has the role from user', async() => {
|
||||||
|
const ctx = {req: {accessToken: {userId: sysadminId}}};
|
||||||
|
const tx = await models.VnUser.beginTransaction({});
|
||||||
|
|
||||||
|
let error;
|
||||||
|
try {
|
||||||
|
const options = {transaction: tx};
|
||||||
|
|
||||||
|
await models.VnUser.addAlias(ctx, employeeId, mailAlias, options);
|
||||||
|
|
||||||
|
await tx.rollback();
|
||||||
|
} catch (e) {
|
||||||
|
error = e;
|
||||||
|
await tx.rollback();
|
||||||
|
}
|
||||||
|
|
||||||
|
expect(error.message).toContain(`You cannot assign an alias that you are not assigned to`);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should add an alias', async() => {
|
||||||
|
const ctx = {req: {accessToken: {userId: developerId}}};
|
||||||
|
const tx = await models.VnUser.beginTransaction({});
|
||||||
|
|
||||||
|
let result;
|
||||||
|
try {
|
||||||
|
const options = {transaction: tx};
|
||||||
|
|
||||||
|
const user = await models.VnUser.findById(developerId, null, options);
|
||||||
|
await user.updateAttribute('hasGrant', true, options);
|
||||||
|
|
||||||
|
result = await models.VnUser.addAlias(ctx, customerId, mailAlias, options);
|
||||||
|
|
||||||
|
await tx.rollback();
|
||||||
|
} catch (e) {
|
||||||
|
await tx.rollback();
|
||||||
|
}
|
||||||
|
|
||||||
|
expect(result.mailAlias).toBe(mailAlias);
|
||||||
|
expect(result.account).toBe(customerId);
|
||||||
|
});
|
||||||
|
});
|
|
@ -11,6 +11,8 @@ module.exports = function(Self) {
|
||||||
require('../methods/vn-user/validate-token')(Self);
|
require('../methods/vn-user/validate-token')(Self);
|
||||||
require('../methods/vn-user/privileges')(Self);
|
require('../methods/vn-user/privileges')(Self);
|
||||||
require('../methods/vn-user/renew-token')(Self);
|
require('../methods/vn-user/renew-token')(Self);
|
||||||
|
require('../methods/vn-user/addAlias')(Self);
|
||||||
|
require('../methods/vn-user/removeAlias')(Self);
|
||||||
|
|
||||||
Self.definition.settings.acls = Self.definition.settings.acls.filter(acl => acl.property !== 'create');
|
Self.definition.settings.acls = Self.definition.settings.acls.filter(acl => acl.property !== 'create');
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,11 @@
|
||||||
|
INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId)
|
||||||
|
VALUES
|
||||||
|
('VnUser', 'addAlias', 'WRITE', 'ALLOW', 'ROLE', 'employee');
|
||||||
|
|
||||||
|
INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId)
|
||||||
|
VALUES
|
||||||
|
('VnUser', 'removeAlias', 'WRITE', 'ALLOW', 'ROLE', 'employee');
|
||||||
|
|
||||||
|
INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId)
|
||||||
|
VALUES
|
||||||
|
('VnUser', 'canRemoveAlias', 'WRITE', 'ALLOW', 'ROLE', 'itManagement');
|
|
@ -296,7 +296,8 @@
|
||||||
"Fecha fuera de rango": "Fecha fuera de rango",
|
"Fecha fuera de rango": "Fecha fuera de rango",
|
||||||
"Error while generating PDF": "Error al generar PDF",
|
"Error while generating PDF": "Error al generar PDF",
|
||||||
"Error when sending mail to client": "Error al enviar el correo al cliente",
|
"Error when sending mail to client": "Error al enviar el correo al cliente",
|
||||||
"Mail not sent": "Se ha producido un fallo al enviar la factura al cliente [{{clientId}}]({{{clientUrl}}}), por favor revisa la dirección de correo electrónico",
|
"Mail not sent": "Se ha producido un fallo al enviar la factura al cliente [{{clientId}}]({{{clientUrl}}}), por favor revisa la dirección de correo electrónico",
|
||||||
"The renew period has not been exceeded": "El periodo de renovación no ha sido superado",
|
"The renew period has not been exceeded": "El periodo de renovación no ha sido superado",
|
||||||
"Negative basis of tickets": "Base negativa para los tickets: {{ticketsIds}}"
|
"Negative basis of tickets": "Base negativa para los tickets: {{ticketsIds}}",
|
||||||
|
"You cannot assign an alias that you are not assigned to": "No puede asignar un alias que no tenga asignado"
|
||||||
vicent marked this conversation as resolved
Outdated
jgallego
commented
"You cannot assign an alias that you are not assigned to": "No puedes asignar un alias que no tienes asignado" "You cannot assign an alias that you are not assigned to": "No puedes asignar un alias que no tienes asignado"
|
|||||||
}
|
}
|
||||||
|
|
|
@ -17,9 +17,7 @@
|
||||||
<vn-icon-button
|
<vn-icon-button
|
||||||
icon="delete"
|
icon="delete"
|
||||||
translate-attr="{title: 'Unsubscribe'}"
|
translate-attr="{title: 'Unsubscribe'}"
|
||||||
ng-click="removeConfirm.show(row)"
|
ng-click="removeConfirm.show(row)">
|
||||||
vn-acl="itManagement"
|
|
||||||
vn-acl-action="remove">
|
|
||||||
</vn-icon-button>
|
</vn-icon-button>
|
||||||
</vn-item-section>
|
</vn-item-section>
|
||||||
</vn-item>
|
</vn-item>
|
||||||
|
@ -32,9 +30,7 @@
|
||||||
translate-attr="{title: 'Add'}"
|
translate-attr="{title: 'Add'}"
|
||||||
vn-bind="+"
|
vn-bind="+"
|
||||||
ng-click="$ctrl.onAddClick()"
|
ng-click="$ctrl.onAddClick()"
|
||||||
fixed-bottom-right
|
fixed-bottom-right>
|
||||||
vn-acl="itManagement"
|
|
||||||
vn-acl-action="remove">
|
|
||||||
</vn-float-button>
|
</vn-float-button>
|
||||||
<vn-dialog
|
<vn-dialog
|
||||||
vn-id="dialog"
|
vn-id="dialog"
|
||||||
|
|
|
@ -21,12 +21,11 @@ export default class Controller extends Section {
|
||||||
}
|
}
|
||||||
|
|
||||||
onAddClick() {
|
onAddClick() {
|
||||||
this.addData = {account: this.$params.id};
|
|
||||||
this.$.dialog.show();
|
this.$.dialog.show();
|
||||||
}
|
}
|
||||||
|
|
||||||
onAddSave() {
|
onAddSave() {
|
||||||
return this.$http.post(`MailAliasAccounts`, this.addData)
|
return this.$http.post(`VnUsers/${this.$params.id}/addAlias`, this.addData)
|
||||||
.then(() => this.refresh())
|
.then(() => this.refresh())
|
||||||
.then(() => this.vnApp.showSuccess(
|
.then(() => this.vnApp.showSuccess(
|
||||||
this.$t('Subscribed to alias!'))
|
this.$t('Subscribed to alias!'))
|
||||||
|
@ -34,11 +33,12 @@ export default class Controller extends Section {
|
||||||
}
|
}
|
||||||
|
|
||||||
onRemove(row) {
|
onRemove(row) {
|
||||||
return this.$http.delete(`MailAliasAccounts/${row.id}`)
|
const params = {
|
||||||
.then(() => {
|
mailAlias: row.mailAlias
|
||||||
this.$.data.splice(this.$.data.indexOf(row), 1);
|
};
|
||||||
this.vnApp.showSuccess(this.$t('Unsubscribed from alias!'));
|
return this.$http.post(`VnUsers/${this.$params.id}/removeAlias`, params)
|
||||||
});
|
.then(() => this.refresh())
|
||||||
|
.then(() => this.vnApp.showSuccess(this.$t('Data saved!')));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -25,8 +25,9 @@ describe('component vnUserAliases', () => {
|
||||||
describe('onAddSave()', () => {
|
describe('onAddSave()', () => {
|
||||||
it('should add the new row', () => {
|
it('should add the new row', () => {
|
||||||
controller.addData = {account: 1};
|
controller.addData = {account: 1};
|
||||||
|
controller.$params = {id: 1};
|
||||||
|
|
||||||
$httpBackend.expectPOST('MailAliasAccounts').respond();
|
$httpBackend.expectPOST('VnUsers/1/addAlias').respond();
|
||||||
$httpBackend.expectGET('MailAliasAccounts').respond('foo');
|
$httpBackend.expectGET('MailAliasAccounts').respond('foo');
|
||||||
controller.onAddSave();
|
controller.onAddSave();
|
||||||
$httpBackend.flush();
|
$httpBackend.flush();
|
||||||
|
@ -41,12 +42,14 @@ describe('component vnUserAliases', () => {
|
||||||
{id: 1, alias: 'foo'},
|
{id: 1, alias: 'foo'},
|
||||||
{id: 2, alias: 'bar'}
|
{id: 2, alias: 'bar'}
|
||||||
];
|
];
|
||||||
|
controller.$params = {id: 1};
|
||||||
|
|
||||||
$httpBackend.expectDELETE('MailAliasAccounts/1').respond();
|
$httpBackend.expectPOST('VnUsers/1/removeAlias').respond();
|
||||||
|
$httpBackend.expectGET('MailAliasAccounts').respond(controller.$.data[1]);
|
||||||
controller.onRemove(controller.$.data[0]);
|
controller.onRemove(controller.$.data[0]);
|
||||||
$httpBackend.flush();
|
$httpBackend.flush();
|
||||||
|
|
||||||
expect(controller.$.data).toEqual([{id: 2, alias: 'bar'}]);
|
expect(controller.$.data).toEqual({id: 2, alias: 'bar'});
|
||||||
expect(controller.vnApp.showSuccess).toHaveBeenCalled();
|
expect(controller.vnApp.showSuccess).toHaveBeenCalled();
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
Loading…
Reference in New Issue
Add an alias if the user has the grant