#6744 fix worker setPassword #2027
|
@ -2,42 +2,49 @@ const UserError = require('vn-loopback/util/user-error');
|
||||||
module.exports = Self => {
|
module.exports = Self => {
|
||||||
Self.remoteMethodCtx('setPassword', {
|
Self.remoteMethodCtx('setPassword', {
|
||||||
description: 'Set a new password',
|
description: 'Set a new password',
|
||||||
accepts: [
|
accepts: [{
|
||||||
{
|
|
||||||
arg: 'workerFk',
|
arg: 'workerFk',
|
||||||
type: 'number',
|
type: 'number',
|
||||||
required: true,
|
required: true,
|
||||||
description: 'The worker id',
|
description: 'The worker id',
|
||||||
},
|
}, {
|
||||||
{
|
|
||||||
arg: 'newPass',
|
arg: 'newPass',
|
||||||
type: 'String',
|
type: 'String',
|
||||||
required: true,
|
required: true,
|
||||||
description: 'The new worker password'
|
description: 'The new worker password'
|
||||||
}
|
}, {
|
||||||
|
arg: 'emailVerified',
|
||||||
|
type: 'Boolean',
|
||||||
|
required: true,
|
||||||
|
},
|
||||||
],
|
],
|
||||||
http: {
|
http: {
|
||||||
path: `/:id/setPassword`,
|
path: `/:id/setPassword`,
|
||||||
verb: 'PATCH'
|
verb: 'PATCH'
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
Self.setPassword = async(ctx, options) => {
|
Self.setPassword = async(ctx, workerFk, newPass, emailVerified, options) => {
|
||||||
|
const userId = ctx.req.accessToken.userId;
|
||||||
const models = Self.app.models;
|
const models = Self.app.models;
|
||||||
const myOptions = {};
|
const myOptions = {};
|
||||||
const {args} = ctx;
|
|
||||||
let tx;
|
let tx;
|
||||||
|
|
||||||
if (typeof options == 'object')
|
if (typeof options == 'object')
|
||||||
Object.assign(myOptions, options);
|
Object.assign(myOptions, options);
|
||||||
if (!myOptions.transaction) {
|
if (!myOptions.transaction) {
|
||||||
tx = await Self.beginTransaction({});
|
tx = await Self.beginTransaction({});
|
||||||
myOptions.transaction = tx;
|
myOptions.transaction = tx;
|
||||||
}
|
}
|
||||||
jorgep marked this conversation as resolved
|
|||||||
try {
|
|
||||||
const isSubordinate = await models.Worker.isSubordinate(ctx, args.workerFk, myOptions);
|
|
||||||
if (!isSubordinate) throw new UserError('You don\'t have enough privileges.');
|
|
||||||
|
|
||||||
await models.VnUser.setPassword(args.workerFk, args.newPass, myOptions);
|
try {
|
||||||
await models.VnUser.updateAll({id: args.workerFk}, {emailVerified: true}, myOptions);
|
const ishimself = userId === workerFk;
|
||||||
|
const isSubordinate = await models.Worker.isSubordinate(ctx, workerFk, myOptions);
|
||||||
|
|
||||||
|
if (ishimself || (isSubordinate && !emailVerified)) {
|
||||||
|
await models.VnUser.setPassword(workerFk, newPass, myOptions);
|
||||||
|
await models.VnUser.updateAll({id: workerFk}, {emailVerified: true}, myOptions);
|
||||||
|
} else
|
||||||
|
throw new UserError('You don\'t have enough privileges.');
|
||||||
|
|
||||||
if (tx) await tx.commit();
|
if (tx) await tx.commit();
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
? 'Click to allow the user to be disabled'
|
? 'Click to allow the user to be disabled'
|
||||||
: 'Click to exclude the user from getting disabled'}}
|
: 'Click to exclude the user from getting disabled'}}
|
||||||
</vn-item>
|
</vn-item>
|
||||||
<vn-item ng-if="!$ctrl.worker.user.emailVerified" ng-click="setPassword.show()" translate>
|
<vn-item ng-if="!$ctrl.worker.user.emailVerified || $ctrl.id == $ctrl.userFk" ng-click="setPassword.show()" translate>
|
||||||
jgallego
commented
creo que esta mal esta comprobación, en que casos quieres que se muestre? creo que esta mal esta comprobación, en que casos quieres que se muestre?
jorgep
commented
Solo si el email no está verificado y no es el mismo. Tras lo hablado con Juan, si eres tú mismo, te cambiarás la contraseña desde otro lado. @jgallego Solo si el email no está verificado y no es el mismo. Tras lo hablado con Juan, si eres tú mismo, te cambiarás la contraseña desde otro lado. @jgallego
|
|||||||
Change password
|
Change password
|
||||||
</vn-item>
|
</vn-item>
|
||||||
</slot-menu>
|
</slot-menu>
|
||||||
|
|
|
@ -15,6 +15,8 @@ class Controller extends Descriptor {
|
||||||
this.entity = value;
|
this.entity = value;
|
||||||
if (value)
|
if (value)
|
||||||
this.getIsExcluded();
|
this.getIsExcluded();
|
||||||
|
this.$http.get(`UserConfigs/getUserConfig`)
|
||||||
|
.then(res => this.userFk = res.data.userFk);
|
||||||
|
|
||||||
if (this.entity && !this.entity.user.emailVerified)
|
if (this.entity && !this.entity.user.emailVerified)
|
||||||
this.getPassRequirements();
|
this.getPassRequirements();
|
||||||
|
@ -69,6 +71,7 @@ class Controller extends Descriptor {
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
};
|
};
|
||||||
|
|
||||||
return this.getData(`Workers/${this.id}`, {filter})
|
return this.getData(`Workers/${this.id}`, {filter})
|
||||||
.then(res => this.entity = res.data);
|
.then(res => this.entity = res.data);
|
||||||
}
|
}
|
||||||
|
@ -87,7 +90,7 @@ class Controller extends Descriptor {
|
||||||
throw new UserError(`Passwords don't match`);
|
throw new UserError(`Passwords don't match`);
|
||||||
this.$http.patch(
|
this.$http.patch(
|
||||||
`Workers/${this.entity.id}/setPassword`,
|
`Workers/${this.entity.id}/setPassword`,
|
||||||
{workerFk: this.entity.id, newPass: this.newPassword}
|
{workerFk: this.entity.id, newPass: this.newPassword, emailVerified: !!this.entity.user.emailVerified}
|
||||||
) .then(() => {
|
) .then(() => {
|
||||||
this.vnApp.showSuccess(this.$translate.instant('Password changed!'));
|
this.vnApp.showSuccess(this.$translate.instant('Password changed!'));
|
||||||
});
|
});
|
||||||
|
|
Loading…
Reference in New Issue
no podemos poner aquí el contenido de setUnverifiedPassword?
es necesario crear ese método?
me lo pidio exprasemente @juan