verdnatura/salix
verdnatura
/
salix
3
4
Fork 0
Code Issues Pull Requests 67 Releases Wiki Activity

hotfix_mailAlias #1664

Merged
vicent merged 9 commits from hotfix_mailAlias into master 2023-07-13 06:43:34 +00:00
Conversation 0 Commits 9 Files Changed 11 +83 -65
10 changed files with 83 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 551d06ee83 - Show all commits

8
back/methods/vn-user/specs/addAlias.spec.js
View File

@ -14,7 +14,7 @@ describe('VnUser addAlias()', () => {
try { try {
const options = {transaction: tx}; const options = {transaction: tx};
await models.VnUser.addAlias(ctx, employeeId, mailAlias, options); await models.MailAliasAccount.addAlias(ctx, employeeId, mailAlias, options);
await tx.rollback(); await tx.rollback();
} catch (e) { } catch (e) {
@ -33,7 +33,7 @@ describe('VnUser addAlias()', () => {
try { try {
const options = {transaction: tx}; const options = {transaction: tx};
await models.VnUser.addAlias(ctx, employeeId, mailAlias, options); await models.MailAliasAccount.addAlias(ctx, employeeId, mailAlias, options);
await tx.rollback(); await tx.rollback();
} catch (e) { } catch (e) {
@ -41,7 +41,7 @@ describe('VnUser addAlias()', () => {
await tx.rollback(); await tx.rollback();
} }
expect(error.message).toContain(`You cannot assign an alias that you are not assigned to`); expect(error.message).toContain(`You cannot assign/remove an alias that you are not assigned to`);
}); });
it('should add an alias', async() => { it('should add an alias', async() => {
@ -55,7 +55,7 @@ describe('VnUser addAlias()', () => {
const user = await models.VnUser.findById(developerId, null, options); const user = await models.VnUser.findById(developerId, null, options);
await user.updateAttribute('hasGrant', true, options); await user.updateAttribute('hasGrant', true, options);
result = await models.VnUser.addAlias(ctx, customerId, mailAlias, options); result = await models.MailAliasAccount.addAlias(ctx, customerId, mailAlias, options);
await tx.rollback(); await tx.rollback();
} catch (e) { } catch (e) {

2
back/models/vn-user.js
View File

@ -11,8 +11,6 @@ module.exports = function(Self) {
require('../methods/vn-user/validate-token')(Self); require('../methods/vn-user/validate-token')(Self);
require('../methods/vn-user/privileges')(Self); require('../methods/vn-user/privileges')(Self);
require('../methods/vn-user/renew-token')(Self); require('../methods/vn-user/renew-token')(Self);
require('../methods/vn-user/addAlias')(Self);
require('../methods/vn-user/removeAlias')(Self);
Self.definition.settings.acls = Self.definition.settings.acls.filter(acl => acl.property !== 'create'); Self.definition.settings.acls = Self.definition.settings.acls.filter(acl => acl.property !== 'create');

32
db/changes/232402/00-hotFix_travelConfig.sql
View File

@ -1,19 +1,19 @@
CREATE TABLE `vn`.`travelConfig` ( -- CREATE TABLE `vn`.`travelConfig` (
`id` int(11) unsigned NOT NULL AUTO_INCREMENT, -- `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`warehouseInFk` smallint(6) unsigned NOT NULL DEFAULT 8 COMMENT 'Warehouse de origen', -- `warehouseInFk` smallint(6) unsigned NOT NULL DEFAULT 8 COMMENT 'Warehouse de origen',
`warehouseOutFk` smallint(6) unsigned NOT NULL DEFAULT 60 COMMENT 'Warehouse destino', -- `warehouseOutFk` smallint(6) unsigned NOT NULL DEFAULT 60 COMMENT 'Warehouse destino',
`agencyFk` int(11) NOT NULL DEFAULT 1378 COMMENT 'Agencia por defecto', -- `agencyFk` int(11) NOT NULL DEFAULT 1378 COMMENT 'Agencia por defecto',
`companyFk` int(10) unsigned NOT NULL DEFAULT 442 COMMENT 'Compañía por defecto', -- `companyFk` int(10) unsigned NOT NULL DEFAULT 442 COMMENT 'Compañía por defecto',
PRIMARY KEY (`id`), -- PRIMARY KEY (`id`),
KEY `travelConfig_FK` (`warehouseInFk`), -- KEY `travelConfig_FK` (`warehouseInFk`),
KEY `travelConfig_FK_1` (`warehouseOutFk`), -- KEY `travelConfig_FK_1` (`warehouseOutFk`),
KEY `travelConfig_FK_2` (`agencyFk`), -- KEY `travelConfig_FK_2` (`agencyFk`),
KEY `travelConfig_FK_3` (`companyFk`), -- KEY `travelConfig_FK_3` (`companyFk`),
CONSTRAINT `travelConfig_FK` FOREIGN KEY (`warehouseInFk`) REFERENCES `warehouse` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, -- CONSTRAINT `travelConfig_FK` FOREIGN KEY (`warehouseInFk`) REFERENCES `warehouse` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
CONSTRAINT `travelConfig_FK_1` FOREIGN KEY (`warehouseOutFk`) REFERENCES `warehouse` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, -- CONSTRAINT `travelConfig_FK_1` FOREIGN KEY (`warehouseOutFk`) REFERENCES `warehouse` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
CONSTRAINT `travelConfig_FK_2` FOREIGN KEY (`agencyFk`) REFERENCES `agencyMode` (`id`) ON DELETE CASCADE ON UPDATE CASCADE, -- CONSTRAINT `travelConfig_FK_2` FOREIGN KEY (`agencyFk`) REFERENCES `agencyMode` (`id`) ON DELETE CASCADE ON UPDATE CASCADE,
CONSTRAINT `travelConfig_FK_3` FOREIGN KEY (`companyFk`) REFERENCES `company` (`id`) ON DELETE CASCADE ON UPDATE CASCADE -- CONSTRAINT `travelConfig_FK_3` FOREIGN KEY (`companyFk`) REFERENCES `company` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci; -- ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`) INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`)
VALUES VALUES

12
db/changes/232601/00-aclAddAlias.sql
View File

@ -1,11 +1,5 @@
INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId) INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId)
VALUES VALUES
('VnUser', 'addAlias', 'WRITE', 'ALLOW', 'ROLE', 'employee'); ('MailAliasAccount', 'addAlias', 'WRITE', 'ALLOW', 'ROLE', 'employee'),
('MailAliasAccount', 'removeAlias', 'WRITE', 'ALLOW', 'ROLE', 'employee'),
INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId) ('MailAliasAccount', 'canEditAlias', 'WRITE', 'ALLOW', 'ROLE', 'itManagement');
VALUES
('VnUser', 'removeAlias', 'WRITE', 'ALLOW', 'ROLE', 'employee');
INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId)
VALUES
('VnUser', 'canRemoveAlias', 'WRITE', 'ALLOW', 'ROLE', 'itManagement');

2
loopback/locale/es.json
View File

@ -299,5 +299,5 @@
"Mail not sent": "Se ha producido un fallo al enviar la factura al cliente [{{clientId}}]({{{clientUrl}}}), por favor revisa la dirección de correo electrónico", "Mail not sent": "Se ha producido un fallo al enviar la factura al cliente [{{clientId}}]({{{clientUrl}}}), por favor revisa la dirección de correo electrónico",
"The renew period has not been exceeded": "El periodo de renovación no ha sido superado", "The renew period has not been exceeded": "El periodo de renovación no ha sido superado",
"Negative basis of tickets": "Base negativa para los tickets: {{ticketsIds}}", "Negative basis of tickets": "Base negativa para los tickets: {{ticketsIds}}",
"You cannot assign an alias that you are not assigned to": "No puede asignar un alias que no tenga asignado" "You cannot assign/remove an alias that you are not assigned to": "No puede asignar/eliminar un alias que no tenga asignado"
} }

25
back/methods/vn-user/addAlias.js → modules/account/back/methods/mail-alias-account/addAlias.js
View File

@ -1,5 +1,3 @@
const UserError = require('vn-loopback/util/user-error');
module.exports = Self => { module.exports = Self => {
Self.remoteMethod('addAlias', { Self.remoteMethod('addAlias', {
description: 'Add an alias if the user has the grant', description: 'Add an alias if the user has the grant',
@ -32,33 +30,12 @@ module.exports = Self => {
Self.addAlias = async function(ctx, id, mailAlias, options) { Self.addAlias = async function(ctx, id, mailAlias, options) {
const models = Self.app.models; const models = Self.app.models;
const userId = ctx.req.accessToken.userId;
const myOptions = {}; const myOptions = {};
if (typeof options == 'object') if (typeof options == 'object')
Object.assign(myOptions, options); Object.assign(myOptions, options);
const user = await Self.findById(userId, {fields: ['hasGrant']}, myOptions); await Self.hasGrant(ctx, mailAlias, myOptions);
if (!user.hasGrant)
throw new UserError(`You don't have grant privilege`);
const account = await models.Account.findById(userId, {
fields: ['id'],
include: {
relation: 'aliases',
scope: {
fields: ['mailAlias']
}
}
}, myOptions);
const aliases = account.aliases().map(alias => alias.mailAlias);
const hasAlias = aliases.includes(mailAlias);
if (!hasAlias)
throw new UserError(`You cannot assign an alias that you are not assigned to`);
return models.MailAliasAccount.create({ return models.MailAliasAccount.create({
mailAlias: mailAlias, mailAlias: mailAlias,

6
back/methods/vn-user/removeAlias.js → modules/account/back/methods/mail-alias-account/removeAlias.js
View File

@ -32,16 +32,12 @@ module.exports = Self => {
Self.removeAlias = async function(ctx, id, mailAlias, options) { Self.removeAlias = async function(ctx, id, mailAlias, options) {
const models = Self.app.models; const models = Self.app.models;
const userId = ctx.req.accessToken.userId;
const myOptions = {}; const myOptions = {};
if (typeof options == 'object') if (typeof options == 'object')
Object.assign(myOptions, options); Object.assign(myOptions, options);
const canRemoveAlias = await models.ACL.checkAccessAcl(ctx, 'VnUser', 'canRemoveAlias', 'WRITE'); await Self.hasGrant(ctx, mailAlias, myOptions);
if (userId != id && !canRemoveAlias) throw new UserError(`You don't have grant privilege`);
const mailAliasAccount = await models.MailAliasAccount.findOne({ const mailAliasAccount = await models.MailAliasAccount.findOne({
where: { where: {

53
modules/account/back/models/mail-alias-account.js Normal file
View File

@ -0,0 +1,53 @@
const UserError = require('vn-loopback/util/user-error');
module.exports = Self => {
require('../methods/account/sync')(Self);
require('../methods/account/sync-by-id')(Self);
require('../methods/account/sync-all')(Self);
require('../methods/account/login')(Self);
require('../methods/account/logout')(Self);
require('../methods/account/change-password')(Self);
require('../methods/account/set-password')(Self);
require('../methods/mail-alias-account/addAlias')(Self);
require('../methods/mail-alias-account/removeAlias')(Self);
/**
* Checks if current user has
* read privileges over a dms
*
* @param {Object} ctx - Request context
* @param {Interger} mailAlias - mailAlias id
* @param {Object} options - Query options
* @return {Boolean} True for user with grant
*/
Self.hasGrant = async function(ctx, mailAlias, options) {
const models = Self.app.models;
const userId = ctx.req.accessToken.userId;
const canEditAlias = await models.ACL.checkAccessAcl(ctx, 'MailAliasAccount', 'canEditAlias', 'WRITE');
if (canEditAlias) return true;
const user = await models.VnUser.findById(userId, {fields: ['hasGrant']}, options);
if (!user.hasGrant)
throw new UserError(`You don't have grant privilege`);
const account = await models.Account.findById(userId, {
fields: ['id'],
include: {
relation: 'aliases',
scope: {
fields: ['mailAlias']
}
}
}, options);
const aliases = account.aliases().map(alias => alias.mailAlias);
const hasAlias = aliases.includes(mailAlias);
if (!hasAlias)
throw new UserError(`You cannot assign/remove an alias that you are not assigned to`);
return true;
};
};

4
modules/account/front/aliases/index.js
View File

@ -25,7 +25,7 @@ export default class Controller extends Section {
} }
onAddSave() { onAddSave() {
return this.$http.post(`VnUsers/${this.$params.id}/addAlias`, this.addData) return this.$http.post(`MailAliasAccounts/${this.$params.id}/addAlias`, this.addData)
.then(() => this.refresh()) .then(() => this.refresh())
.then(() => this.vnApp.showSuccess( .then(() => this.vnApp.showSuccess(
this.$t('Subscribed to alias!')) this.$t('Subscribed to alias!'))
@ -36,7 +36,7 @@ export default class Controller extends Section {
const params = { const params = {
mailAlias: row.mailAlias mailAlias: row.mailAlias
}; };
return this.$http.post(`VnUsers/${this.$params.id}/removeAlias`, params) return this.$http.post(`MailAliasAccounts/${this.$params.id}/removeAlias`, params)
.then(() => this.refresh()) .then(() => this.refresh())
.then(() => this.vnApp.showSuccess(this.$t('Data saved!'))); .then(() => this.vnApp.showSuccess(this.$t('Data saved!')));
} }

4
modules/account/front/aliases/index.spec.js
View File

@ -27,7 +27,7 @@ describe('component vnUserAliases', () => {
controller.addData = {account: 1}; controller.addData = {account: 1};
controller.$params = {id: 1}; controller.$params = {id: 1};
$httpBackend.expectPOST('VnUsers/1/addAlias').respond(); $httpBackend.expectPOST('MailAliasAccounts/1/addAlias').respond();
$httpBackend.expectGET('MailAliasAccounts').respond('foo'); $httpBackend.expectGET('MailAliasAccounts').respond('foo');
controller.onAddSave(); controller.onAddSave();
$httpBackend.flush(); $httpBackend.flush();
@ -44,7 +44,7 @@ describe('component vnUserAliases', () => {
]; ];
controller.$params = {id: 1}; controller.$params = {id: 1};
$httpBackend.expectPOST('VnUsers/1/removeAlias').respond(); $httpBackend.expectPOST('MailAliasAccounts/1/removeAlias').respond();
$httpBackend.expectGET('MailAliasAccounts').respond(controller.$.data[1]); $httpBackend.expectGET('MailAliasAccounts').respond(controller.$.data[1]);
controller.onRemove(controller.$.data[0]); controller.onRemove(controller.$.data[0]);
$httpBackend.flush(); $httpBackend.flush();