2023-12-07 08:28:25 +00:00
1 changed files with 27 additions and 39 deletions
--- a/back/methods/vn-user/privileges.js
+++ b/back/methods/vn-user/privileges.js
@ -40,56 +40,44 @@ module.exports = Self => {
        const userId = ctx.req.accessToken.userId;

        const myOptions = {};
-        let tx;

        if (typeof options == 'object')
            Object.assign(myOptions, options);

-        if (!myOptions.transaction) {
-            tx = await Self.beginTransaction({});
-            myOptions.transaction = tx;
-        };
+        const user = await Self.findById(userId, {fields: ['hasGrant']}, myOptions);

-        try {
-            const user = await Self.findById(userId, {fields: ['hasGrant']}, myOptions);
-
-            const userToUpdate = await Self.findById(id, {
-                fields: ['id', 'name', 'hasGrant', 'roleFk', 'password', 'email'],
-                include: {
-                    relation: 'role',
-                    scope: {
-                        fields: ['name']
-                    }
+        const userToUpdate = await Self.findById(id, {
+            fields: ['id', 'name', 'hasGrant', 'roleFk', 'password', 'email'],
+            include: {
+                relation: 'role',
+                scope: {
+                    fields: ['name']
                }
-            }, myOptions);
+            }
+        }, myOptions);

-            if (!user.hasGrant)
-                throw new UserError(`You don't have grant privilege`);
+        if (!user.hasGrant)
+            throw new UserError(`You don't have grant privilege`);

-            const hasRoleFromUser = await Self.hasRole(userId, userToUpdate.role().name, myOptions);
+        const hasRoleFromUser = await Self.hasRole(userId, userToUpdate.role().name, myOptions);

-            if (!hasRoleFromUser)
+        if (!hasRoleFromUser)
+            throw new UserError(`You don't own the role and you can't assign it to another user`);
+
+        if (hasGrant != null)
+            userToUpdate.hasGrant = hasGrant;
+
+        if (roleFk) {
+            const role = await models.Role.findById(roleFk, {fields: ['name']}, myOptions);
+            const hasRole = await Self.hasRole(userId, role.name, myOptions);
+
+            if (!hasRole)
                throw new UserError(`You don't own the role and you can't assign it to another user`);

-            if (hasGrant != null)
-                userToUpdate.hasGrant = hasGrant;
+            userToUpdate.roleFk = roleFk;
+        }

-            if (roleFk) {
-                const role = await models.Role.findById(roleFk, {fields: ['name']}, myOptions);
-                const hasRole = await Self.hasRole(userId, role.name, myOptions);
-
-                if (!hasRole)
-                    throw new UserError(`You don't own the role and you can't assign it to another user`);
-
-                userToUpdate.roleFk = roleFk;
-            }
-
-            await userToUpdate.save(myOptions);
-            await models.Account.sync(userToUpdate.name, null, null, myOptions);
-            if (tx) await tx.commit();
-        } catch (err) {
-            if (tx) await tx.rollback();
-            throw err;
-        };
+        await userToUpdate.save(userToUpdate);
+        await models.Account.sync(userToUpdate.name);
    };
 };