back/methods/vn-user/update-user.js

@@ -32,10 +32,8 @@ module.exports = Self => {
         }
     });
 
-    Self.updateUser = async(ctx, id) => {
+    Self.updateUser = async(ctx, id, name, nickname, email, lang) => {
         await Self.userSecurity(ctx, id);
-        const user = await Self.app.models.VnUser.findById(id,
-            {fields: ['id', 'name', 'nickname', 'email', 'lang', 'password']});
-        await user.updateAttributes(ctx.args);
+        await Self.upsertWithWhere({id}, {name, nickname, email, lang});
     };
 };

back/models/specs/vn-user.spec.js

@@ -1,4 +1,5 @@
 const models = require('vn-loopback/server/server').models;
+const ForbiddenError = require('vn-loopback/util/forbiddenError');
 
 describe('loopback model VnUser', () => {
     it('should return true if the user has the given role', async() => {
@@ -46,7 +47,7 @@ describe('loopback model VnUser', () => {
             } catch (error) {
                 await tx.rollback();
 
-                expect(error.message).toEqual(`You don't have enough privileges`);
+                expect(error).toEqual(new ForbiddenError());
             }
         });
     });

back/models/vn-user.js

@@ -1,7 +1,7 @@
 const vnModel = require('vn-loopback/common/models/vn-model');
 const LoopBackContext = require('loopback-context');
 const {Email} = require('vn-print');
-const UserError = require('vn-loopback/util/user-error');
+const ForbiddenError = require('vn-loopback/util/forbiddenError');
 
 module.exports = function(Self) {
     vnModel(Self);
@@ -198,11 +198,12 @@ module.exports = function(Self) {
         const user = await models.VnUser.findById(userId, {fields: ['id', 'emailVerified']}, myOptions);
         if (!user.emailVerified && hasMediumPrivileges) return;
 
-        throw new UserError(`You don't have enough privileges`);
+        throw new ForbiddenError();
     };
 
     Self.observe('after save', async ctx => {
-        const newEmail = ctx?.instance?.email;
+        const instance = ctx?.instance;
+        const newEmail = instance?.email;
         const oldEmail = ctx?.hookState?.oldInstance?.email;
         if (!ctx.isNewInstance && (!newEmail || !oldEmail || newEmail == oldEmail)) return;
 
@@ -213,6 +214,21 @@ module.exports = function(Self) {
         const origin = headers.origin;
         const url = origin.split(':');
 
+        const env = process.env.NODE_ENV;
+        const liliumUrl = await Self.app.models.Url.findOne({
+            where: {and: [
+                {appName: 'lilium'},
+                {environment: env}
+            ]}
+        });
+        const hederaUrl = await Self.app.models.Url.findOne({
+            where: {and: [
+                {appName: 'hedera'},
+                {environment: env}
+            ]}
+        });
+
+        const isWorker = instance.isWorker || await Self.app.models.Account.findById(instance.id, null, ctx.options);
         class Mailer {
             async send(verifyOptions, cb) {
                 const params = {
@@ -226,12 +242,11 @@ module.exports = function(Self) {
                 cb(null, verifyOptions.to);
             }
         }
-
         const options = {
             type: 'email',
             to: newEmail,
             from: {},
-            redirect: `${origin}/#!/account/${ctx.instance.id}/basic-data?emailConfirmed`,
+            redirect: `${liliumUrl.url}verifyEmail?isWorker=${!!isWorker}&url=${hederaUrl.url}`,
             template: false,
             mailer: new Mailer,
             host: url[1].split('/')[2],
@@ -240,6 +255,6 @@ module.exports = function(Self) {
             user: Self
         };
 
-        await ctx.instance.verify(options, ctx.options);
+        await instance.verify(options, ctx.options);
     });
 };

db/changes/234201/00-aclUrlHedera.sql

@@ -0,0 +1,4 @@
+INSERT INTO `salix`.`url` (`appName`, `environment`, `url`)
+    VALUES
+        ('hedera', 'test',          'https://test-shop.verdnatura.es/'),
+        ('hedera', 'production',    'https://shop.verdnatura.es/');

db/dump/fixtures.sql

@@ -2869,6 +2869,7 @@ INSERT INTO `vn`.`profileType` (`id`, `name`)
 INSERT INTO `salix`.`url` (`appName`, `environment`, `url`)
     VALUES
         ('lilium', 'development', 'http://localhost:9000/#/'),
+        ('hedera', 'development', 'http://localhost:9090/'),
         ('salix', 'development', 'http://localhost:5000/#!/');
 
 INSERT INTO `vn`.`report` (`id`, `name`, `paperSizeFk`, `method`)

modules/account/back/models/mail-forward.js

@@ -1,10 +0,0 @@
-
-module.exports = Self => {
-    Self.observe('before save', async ctx => {
-        const instance = ctx.currentInstance || ctx.instance;
-        await Self.app.models.VnUser.userSecurity(ctx, instance.account);
-    });
-    Self.observe('before delete', async ctx => {
-        await Self.app.models.VnUser.userSecurity(ctx, ctx.where.account);
-    });
-};

modules/account/back/models/mail-forward.json

@@ -21,5 +21,16 @@
 			"model": "VnUser",
 			"foreignKey": "account"
 		}
-	}
+	},
+    "acls": [{
+        "accessType": "READ",
+        "principalType": "ROLE",
+        "principalId": "$owner",
+        "permission": "ALLOW"
+    }, {
+        "accessType": "WRITE",
+        "principalType": "ROLE",
+        "principalId": "$owner",
+        "permission": "ALLOW"
+    }]
 }

modules/worker/back/methods/worker/new.js

@@ -155,6 +155,7 @@ module.exports = Self => {
                         password: randomPassword.password,
                         email: args.email,
                         roleFk: workerConfig.roleFk,
+                        isWorker: true // to verifyEmail
                     },
                     myOptions
                 );