#6871 create mailAlias back & mailRedirection #2085
|
@ -1,56 +1,108 @@
|
|||
const models = require('vn-loopback/server/server').models;
|
||||
const {models} = require('vn-loopback/server/server');
|
||||
const LoopBackContext = require('loopback-context');
|
||||
|
||||
describe('loopback model MailAliasAccount', () => {
|
||||
it('should add a mail Alias', async() => {
|
||||
const tx = await models.MailAliasAccount.beginTransaction({});
|
||||
let error;
|
||||
const employee = 1;
|
||||
const administrative = 5;
|
||||
const developer = 9;
|
||||
const salesBoss = 19;
|
||||
const developerBoss = 120;
|
||||
|
||||
try {
|
||||
const options = {transaction: tx, accessToken: {userId: 9}};
|
||||
await models.MailAliasAccount.create({mailAlias: 2, account: 5}, options);
|
||||
const salesAlias = 3;
|
||||
const itAlias = 2;
|
||||
|
||||
let ctx;
|
||||
let options;
|
||||
let tx;
|
||||
|
||||
beforeEach(async() => {
|
||||
ctx = {
|
||||
req: {
|
||||
accessToken: {},
|
||||
headers: {origin: 'http://localhost'}
|
||||
},
|
||||
args: {}
|
||||
};
|
||||
|
||||
spyOn(LoopBackContext, 'getCurrentContext').and.returnValue({
|
||||
active: ctx.req
|
||||
});
|
||||
|
||||
options = {transaction: tx};
|
||||
tx = await models.MailAliasAccount.beginTransaction({});
|
||||
options.transaction = tx;
|
||||
});
|
||||
|
||||
afterEach(async() => {
|
||||
await tx.rollback();
|
||||
} catch (e) {
|
||||
await tx.rollback();
|
||||
error = e;
|
||||
}
|
||||
});
|
||||
|
||||
expect(error).toBeUndefined();
|
||||
it('should add a mail alias if they are developerBoss', async() => {
|
||||
ctx.req.accessToken.userId = developerBoss;
|
||||
|
||||
const {mailAlias, account} = await models.MailAliasAccount.create({
|
||||
account: employee,
|
||||
mailAlias: salesAlias
|
||||
}, options);
|
||||
|
||||
expect(mailAlias).toEqual(salesAlias);
|
||||
expect(account).toEqual(employee);
|
||||
});
|
||||
|
||||
it('should add a mail Alias of an inherit role', async() => {
|
||||
const tx = await models.MailAliasAccount.beginTransaction({});
|
||||
let error;
|
||||
|
||||
try {
|
||||
const options = {transaction: tx, accessToken: {userId: 9}};
|
||||
await models.MailAliasAccount.create({mailAlias: 3, account: 5}, options);
|
||||
|
||||
await tx.rollback();
|
||||
ctx.req.accessToken.userId = developer;
|
||||
await models.MailAliasAccount.create({mailAlias: salesAlias, account: administrative}, options);
|
||||
} catch (e) {
|
||||
await tx.rollback();
|
||||
error = e;
|
||||
}
|
||||
|
||||
expect(error).toBeUndefined();
|
||||
});
|
||||
|
||||
it('should add the sales alias if they are teamBoss and have it', async() => {
|
||||
ctx.req.accessToken.userId = salesBoss;
|
||||
const {mailAlias, account} = await models.MailAliasAccount.create({
|
||||
mailAlias: salesAlias,
|
||||
account: employee
|
||||
}, options);
|
||||
|
||||
expect(mailAlias).toEqual(salesAlias);
|
||||
expect(account).toEqual(employee);
|
||||
});
|
||||
|
||||
it('should delete a mail Alias', async() => {
|
||||
const tx = await models.MailAliasAccount.beginTransaction({});
|
||||
let error;
|
||||
|
||||
try {
|
||||
const options = {transaction: tx, accessToken: {userId: 1}};
|
||||
ctx.req.accessToken.userId = employee;
|
||||
const mailAclId = 2;
|
||||
await models.MailAliasAccount.destroyAll({id: mailAclId}, options);
|
||||
|
||||
await tx.rollback();
|
||||
} catch (e) {
|
||||
await tx.rollback();
|
||||
error = e;
|
||||
}
|
||||
|
||||
expect(error).toBeUndefined();
|
||||
});
|
||||
|
||||
it('should throw an error if they cannot edit an alias', async() => {
|
||||
try {
|
||||
ctx.req.accessToken.userId = administrative;
|
||||
await models.MailAliasAccount.create({mailAlias: itAlias, account: employee}, options);
|
||||
} catch (e) {
|
||||
expect(e.message).toEqual('You are not allowed to modify the alias');
|
||||
}
|
||||
});
|
||||
|
||||
it('should throw an error if they are teamBoss but have not got the alias', async() => {
|
||||
try {
|
||||
ctx.req.accessToken.userId = salesBoss;
|
||||
await models.MailAliasAccount.create({mailAlias: itAlias, account: employee}, options);
|
||||
} catch (e) {
|
||||
expect(e.message).toEqual('You are not allowed to modify the alias');
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
|
|
|
@ -146,6 +146,7 @@ INSERT INTO `account`.`mailAliasAccount`(`mailAlias`, `account`)
|
|||
(1, 1),
|
||||
(1, 18),
|
||||
(3, 18),
|
||||
(3, 19),
|
||||
(1, 9),
|
||||
(2, 9);
|
||||
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`)
|
||||
VALUES
|
||||
('MailAliasAccount','canEditOwnAlias','WRITE','ALLOW','ROLE','teamBoss');
|
|
@ -38,8 +38,19 @@ module.exports = Self => {
|
|||
principalType: 'USER',
|
||||
roleId: {inq: allowedRoles.map(x => x.roleFk)}
|
||||
});
|
||||
if (nRoles) return;
|
||||
|
||||
const canEditOwnAlias = await models.ACL.checkAccessAcl(ctx,
|
||||
'MailAliasAccount', 'canEditOwnAlias', 'WRITE');
|
||||
|
||||
if (canEditOwnAlias) {
|
||||
const hasAlias = await Self.count({
|
||||
account: userId,
|
||||
mailAlias: mailAliasFk
|
||||
});
|
||||
if (hasAlias) return;
|
||||
}
|
||||
|
||||
if (!nRoles)
|
||||
throw new ForbiddenError('You are not allowed to modify the alias');
|
||||
}
|
||||
};
|
||||
|
|
Loading…
Reference in New Issue