2023-12-06 07:54:14 +00:00
8 changed files with 70 additions and 39 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -7,14 +7,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

 ## [2348.01] - 2023-11-30

-### Added
- (Ticket -> Adelantar) Permite mover lineas sin generar negativos
- (Ticket -> Adelantar) Permite modificar la fecha de los tickets
- (Trabajadores -> Notificaciones) Nueva sección (lilium)
+### Características Añadidas 🆕
+- **Tickets → Adelantar:** Permite mover lineas sin generar negativos
+- **Tickets → Adelantar:** Permite modificar la fecha de los tickets
+- **Trabajadores → Notificaciones:** Nueva sección (lilium)

-### Changed
-### Fixed
- (Ticket -> RocketChat) Arreglada detección de cambios
+### Correcciones 🛠️
+- **Tickets → RocketChat:** Arreglada detección de cambios


 ## [2346.01] - 2023-11-16
--- a/back/methods/vn-user/sign-in.js
+++ b/back/methods/vn-user/sign-in.js
@ -49,13 +49,7 @@ module.exports = Self => {
            if (vnUser.twoFactor)
                throw new ForbiddenError(null, 'REQUIRES_2FA');
        }
-        const validateLogin = await Self.validateLogin(user, password);
-        await Self.app.models.SignInLog.create({
-            token: validateLogin.token,
-            userFk: vnUser.id,
-            ip: ctx.req.ip
-        });
-        return validateLogin;
+        return Self.validateLogin(user, password, ctx);
    };

    Self.passExpired = async vnUser => {
--- a/back/methods/vn-user/specs/sign-in.spec.js
+++ b/back/methods/vn-user/specs/sign-in.spec.js
@ -2,7 +2,7 @@ const {models} = require('vn-loopback/server/server');

 describe('VnUser Sign-in()', () => {
    const employeeId = 1;
-    const unauthCtx = {
+    const unAuthCtx = {
        req: {
            headers: {},
            connection: {
@ -15,20 +15,21 @@ describe('VnUser Sign-in()', () => {
    const {VnUser, AccessToken, SignInLog} = models;
    describe('when credentials are correct', () => {
        it('should return the token if user uses email', async() => {
-            let login = await VnUser.signIn(unauthCtx, 'salesAssistant@mydomain.com', 'nightmare');
+            let login = await VnUser.signIn(unAuthCtx, 'salesAssistant@mydomain.com', 'nightmare');
            let accessToken = await AccessToken.findById(login.token);
            let ctx = {req: {accessToken: accessToken}};
            let signInLog = await SignInLog.find({where: {token: accessToken.id}});

            expect(signInLog.length).toEqual(1);
            expect(signInLog[0].userFk).toEqual(accessToken.userId);
+            expect(signInLog[0].owner).toEqual(true);
            expect(login.token).toBeDefined();

            await VnUser.logout(ctx.req.accessToken.id);
        });

        it('should return the token', async() => {
-            let login = await VnUser.signIn(unauthCtx, 'salesAssistant', 'nightmare');
+            let login = await VnUser.signIn(unAuthCtx, 'salesAssistant', 'nightmare');
            let accessToken = await AccessToken.findById(login.token);
            let ctx = {req: {accessToken: accessToken}};

@ -38,7 +39,7 @@ describe('VnUser Sign-in()', () => {
        });

        it('should return the token if the user doesnt exist but the client does', async() => {
-            let login = await VnUser.signIn(unauthCtx, 'PetterParker', 'nightmare');
+            let login = await VnUser.signIn(unAuthCtx, 'PetterParker', 'nightmare');
            let accessToken = await AccessToken.findById(login.token);
            let ctx = {req: {accessToken: accessToken}};

@ -53,7 +54,7 @@ describe('VnUser Sign-in()', () => {
            let error;

            try {
-                await VnUser.signIn(unauthCtx, 'IDontExist', 'TotallyWrongPassword');
+                await VnUser.signIn(unAuthCtx, 'IDontExist', 'TotallyWrongPassword');
            } catch (e) {
                error = e;
            }
@ -74,7 +75,7 @@ describe('VnUser Sign-in()', () => {
                const options = {transaction: tx};
                await employee.updateAttribute('twoFactor', 'email', options);

-                await VnUser.signIn(unauthCtx, 'employee', 'nightmare', options);
+                await VnUser.signIn(unAuthCtx, 'employee', 'nightmare', options);
                await tx.rollback();
            } catch (e) {
                await tx.rollback();
@ -99,7 +100,7 @@ describe('VnUser Sign-in()', () => {
                const options = {transaction: tx};
                await employee.updateAttribute('passExpired', yesterday, options);

-                await VnUser.signIn(unauthCtx, 'employee', 'nightmare', options);
+                await VnUser.signIn(unAuthCtx, 'employee', 'nightmare', options);
                await tx.rollback();
            } catch (e) {
                await tx.rollback();
--- a/back/models/vn-user.js
+++ b/back/models/vn-user.js
@ -124,20 +124,42 @@ module.exports = function(Self) {

        return email.send();
    });
-    Self.signInValidate = (user, userToken) => {
+
+    /**
+     * Sign-in validate
+     * @param {String} user The user
+     * @param {Object} userToken Options
+     * @param {Object} token accessToken
+     * @param {Object} ctx context
+     */
+    Self.signInValidate = async(user, userToken, token, ctx) => {
        const [[key, value]] = Object.entries(Self.userUses(user));
-        if (userToken[key].toLowerCase().trim() !== value.toLowerCase().trim()) {
-            console.error('ERROR!!! - Signin with other user', userToken, user);
+        const isOwner = Self.rawSql(`SELECT ? = ? `, [userToken[key], value]);
+        await Self.app.models.SignInLog.create({
+            userName: user,
+            token: token.id,
+            userFk: userToken.id,
+            ip: ctx.req.ip,
+            owner: isOwner
+        });
+        if (!isOwner)
            throw new UserError('Try again');
-        }
    };

-    Self.validateLogin = async function(user, password) {
+    /**
+     * Validate login params
+     * @param {String} user The user
+     * @param {String} password
+      * @param {Object} ctx context
+     */
+    Self.validateLogin = async function(user, password, ctx) {
        const loginInfo = Object.assign({password}, Self.userUses(user));
        const token = await Self.login(loginInfo, 'user');

        const userToken = await token.user.get();
-        Self.signInValidate(user, userToken);
+
+        if (ctx)
+            await Self.signInValidate(user, userToken, token, ctx);

        try {
            await Self.app.models.Account.sync(userToken.name, password);
@ -187,8 +209,8 @@ module.exports = function(Self) {
    };

    Self.sharedClass._methods.find(method => method.name == 'changePassword').ctor.settings.acls =
-    Self.sharedClass._methods.find(method => method.name == 'changePassword').ctor.settings.acls
-        .filter(acl => acl.property != 'changePassword');
+        Self.sharedClass._methods.find(method => method.name == 'changePassword').ctor.settings.acls
+            .filter(acl => acl.property != 'changePassword');

    Self.userSecurity = async(ctx, userId, options) => {
        const models = Self.app.models;
@ -226,10 +248,12 @@ module.exports = function(Self) {

        const env = process.env.NODE_ENV;
        const liliumUrl = await Self.app.models.Url.findOne({
-            where: {and: [
-                {appName: 'lilium'},
-                {environment: env}
-            ]}
+            where: {
+                and: [
+                    {appName: 'lilium'},
+                    {environment: env}
+                ]
+            }
        });

        class Mailer {
--- a/db/changes/234802/00-createSignInLogTable.sql
+++ b/db/changes/234802/00-createSignInLogTable.sql
@ -1,5 +1,4 @@

-
 --
 -- Table structure for table `signInLog`
 -- Description: log to debug cross-login error
@ -13,7 +12,9 @@ CREATE TABLE `account`.`signInLog` (
  `token` varchar(255) NOT NULL ,
  `userFk` int(10) unsigned DEFAULT NULL,
  `creationDate` timestamp NULL DEFAULT current_timestamp(),
+  `userName` varchar(30) NOT NULL,
  `ip` varchar(100) CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci NOT NULL,
+  `owner` tinyint(1) DEFAULT 1,
  KEY `userFk` (`userFk`),
  CONSTRAINT `signInLog_ibfk_1` FOREIGN KEY (`userFk`) REFERENCES `user` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
 );
--- a/db/dump/fixtures.sql
+++ b/db/dump/fixtures.sql
@ -1,6 +1,10 @@
 CREATE SCHEMA IF NOT EXISTS `vn2008`;
 CREATE SCHEMA IF NOT EXISTS `tmp`;

+CREATE ROLE 'salix';
+GRANT 'salix' TO 'root'@'%';
+SET DEFAULT ROLE 'salix' FOR 'root'@'%';
+
 UPDATE `util`.`config`
    SET `environment`= 'development';

--- a/modules/account/back/models/sign_in-log.json
+++ b/modules/account/back/models/sign_in-log.json
@ -25,7 +25,15 @@
 			"type": "number"
 		},
        "ip": {
-			"type": "string"
+            "type": "string"
+		},
+        "userName": {
+            "type": "string"
+		},
+        "owner": {
+            "type": "boolean",
+            "required": true,
+            "default": true
 		}
    },
    "relations": {
--- a/modules/worker/front/time-control/index.js
+++ b/modules/worker/front/time-control/index.js
@ -111,8 +111,10 @@ class Controller extends Section {
            dayIndex.setDate(dayIndex.getDate() + 1);
        }

-        this.fetchHours();
-        this.getWeekData();
+        if (this.worker) {
+            this.fetchHours();
+            this.getWeekData();
+        }
    }

    set weekTotalHours(totalHours) {
@ -171,8 +173,6 @@ class Controller extends Section {
            ]}
        };
        this.$.model.applyFilter(filter, params).then(() => {
-            if (!this.card.hasWorkCenter) return;
-
            this.getWorkedHours(this.started, this.ended);
            this.getAbsences();
        });