verdnatura/salix
verdnatura
/
salix
3
4
Fork 0
Code Issues Pull Requests 69 Releases Wiki Activity

7691-testToMaster #2703

Merged
alexm merged 268 commits from 7691-testToMaster into master 2024-07-09 05:38:28 +00:00
Conversation 0 Commits 268 Files Changed 185 +89 -86
10 changed files with 89 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 2d876fa1a2 - Show all commits

15
Jenkinsfile vendored
View File

@ -24,6 +24,7 @@ node {
FROM_GIT = env.JOB_NAME.startsWith('gitea/') FROM_GIT = env.JOB_NAME.startsWith('gitea/')
RUN_TESTS = !PROTECTED_BRANCH && FROM_GIT RUN_TESTS = !PROTECTED_BRANCH && FROM_GIT
RUN_BUILD = PROTECTED_BRANCH && FROM_GIT RUN_BUILD = PROTECTED_BRANCH && FROM_GIT
// https://www.jenkins.io/doc/book/pipeline/jenkinsfile/#using-environment-variables // https://www.jenkins.io/doc/book/pipeline/jenkinsfile/#using-environment-variables
echo "NODE_NAME: ${env.NODE_NAME}" echo "NODE_NAME: ${env.NODE_NAME}"
echo "WORKSPACE: ${env.WORKSPACE}" echo "WORKSPACE: ${env.WORKSPACE}"
@ -203,19 +204,23 @@ pipeline {
sh 'npx myt push $NODE_ENV --force --commit' sh 'npx myt push $NODE_ENV --force --commit'
} }
} }
stage('Docker') { stage('Kubernetes') {
when { when {
expression { FROM_GIT } expression { FROM_GIT }
} }
environment {
DOCKER_HOST = "${env.SWARM_HOST}"
}
steps { steps {
script { script {
def packageJson = readJSON file: 'package.json' def packageJson = readJSON file: 'package.json'
env.VERSION = packageJson.version env.VERSION = packageJson.version
} }
sh "docker stack deploy --with-registry-auth --compose-file docker-compose.yml ${env.STACK_NAME}" withKubeConfig([
serverUrl: "$KUBERNETES_API",
credentialsId: 'kubernetes',
namespace: 'salix'
]) {
sh 'kubectl set image deployment/salix-back-$BRANCH_NAME salix-back-$BRANCH_NAME=$REGISTRY/salix-back:$VERSION'
sh 'kubectl set image deployment/salix-front-$BRANCH_NAME salix-front-$BRANCH_NAME=$REGISTRY/salix-front:$VERSION'
}
} }
} }
} }

11
back/methods/vn-user/renew-token.js
View File

@ -18,15 +18,10 @@ module.exports = Self => {
Self.renewToken = async function(ctx) { Self.renewToken = async function(ctx) {
const {accessToken: token} = ctx.req; const {accessToken: token} = ctx.req;
// Check if current token is valid const {courtesyTime} = await models.AccessTokenConfig.findOne({
fields: ['courtesyTime']
const {renewPeriod, courtesyTime} = await models.AccessTokenConfig.findOne({
fields: ['renewPeriod', 'courtesyTime']
}); });
const now = Date.now(); const isNotExceeded = await Self.validateToken(ctx);
const differenceMilliseconds = now - token.created;
const differenceSeconds = Math.floor(differenceMilliseconds / 1000);
const isNotExceeded = differenceSeconds < renewPeriod - courtesyTime;
if (isNotExceeded) if (isNotExceeded)
return token; return token;

30
back/methods/vn-user/validate-token.js Normal file
View File

@ -0,0 +1,30 @@
const {models} = require('vn-loopback/server/server');
module.exports = Self => {
Self.remoteMethodCtx('validateToken', {
description: 'Validates the current logged user token',
accepts: [],
accessType: 'READ',
returns: {
type: 'Boolean',
root: true
},
http: {
path: `/validateToken`,
verb: 'GET'
}
});
Self.validateToken = async function(ctx) {
const {accessToken: token} = ctx.req;
// Check if current token is valid
const {renewPeriod, courtesyTime} = await models.AccessTokenConfig.findOne({
fields: ['renewPeriod', 'courtesyTime']
});
const now = Date.now();
const differenceMilliseconds = now - token.created;
const differenceSeconds = Math.floor(differenceMilliseconds / 1000);
const isNotExceeded = differenceSeconds < renewPeriod - courtesyTime;
return isNotExceeded;
};
};

1
back/models/vn-user.js
View File

@ -15,6 +15,7 @@ module.exports = function(Self) {
require('../methods/vn-user/renew-token')(Self); require('../methods/vn-user/renew-token')(Self);
require('../methods/vn-user/share-token')(Self); require('../methods/vn-user/share-token')(Self);
require('../methods/vn-user/update-user')(Self); require('../methods/vn-user/update-user')(Self);
require('../methods/vn-user/validate-token')(Self);
Self.definition.settings.acls = Self.definition.settings.acls.filter(acl => acl.property !== 'create'); Self.definition.settings.acls = Self.definition.settings.acls.filter(acl => acl.property !== 'create');

7
back/models/vn-user.json
View File

@ -113,6 +113,13 @@
"principalId": "$everyone", "principalId": "$everyone",
"permission": "ALLOW" "permission": "ALLOW"
}, },
{
"property": "validateToken",
"accessType": "EXECUTE",
"principalType": "ROLE",
"principalId": "$authenticated",
"permission": "ALLOW"
},
{ {
"property": "privileges", "property": "privileges",
"accessType": "*", "accessType": "*",

54
docker-compose.yml
View File

@ -4,62 +4,8 @@ services:
image: registry.verdnatura.es/salix-front:${VERSION:?} image: registry.verdnatura.es/salix-front:${VERSION:?}
build: build:
context: front context: front
environment:
- TZ
- NODE_ENV
ports:
- 80
deploy:
replicas: 2
placement:
constraints:
- node.role == worker
resources:
limits:
memory: 1G
back: back:
image: registry.verdnatura.es/salix-back:${VERSION:?} image: registry.verdnatura.es/salix-back:${VERSION:?}
build: build:
context: . context: .
dockerfile: back/Dockerfile dockerfile: back/Dockerfile
environment:
- TZ
- NODE_ENV
- DEBUG
ports:
- 3000
configs:
- source: datasources
target: /etc/salix/datasources.json
- source: datasources_local
target: /etc/salix/datasources.local.json
- source: print
target: /etc/salix/print.json
- source: print_local
target: /etc/salix/print.local.json
volumes:
- /mnt/appdata/pdfs:/var/lib/salix/pdfs
- /mnt/appdata/dms:/var/lib/salix/dms
- /mnt/appdata/image:/var/lib/salix/image
- /mnt/appdata/vn-access:/var/lib/salix/vn-access
deploy:
replicas: ${BACK_REPLICAS:?}
placement:
constraints:
- node.role == worker
resources:
limits:
memory: 8G
configs:
datasources:
external: true
name: salix_datasources
datasources_local:
external: true
name: salix-${BRANCH_NAME:?}_datasources
print:
external: true
name: salix_print
print_local:
external: true
name: salix-${BRANCH_NAME:?}_print

1
front/core/locale/es.yml
View File

@ -69,3 +69,4 @@ Send cau: Enviar cau
By sending this ticket, all the data related to the error, the section, the user, etc., are already sent.: Al enviar este cau ya se envían todos los datos relacionados con el error, la sección, el usuario, etc By sending this ticket, all the data related to the error, the section, the user, etc., are already sent.: Al enviar este cau ya se envían todos los datos relacionados con el error, la sección, el usuario, etc
ExplainReason: Explique el motivo por el que no deberia aparecer este fallo ExplainReason: Explique el motivo por el que no deberia aparecer este fallo
You already have the mailAlias: Ya tienes este alias de correo You already have the mailAlias: Ya tienes este alias de correo
Error loading ACLs: Error al cargar los ACLs

51
front/core/services/auth.js
View File

@ -7,16 +7,17 @@ import UserError from 'core/lib/user-error';
* @property {Boolean} loggedIn Whether the user is currently logged * @property {Boolean} loggedIn Whether the user is currently logged
*/ */
export default class Auth { export default class Auth {
constructor($http, $q, $state, $transitions, $window, vnToken, vnModules, aclService) { constructor($http, $q, vnApp, $translate, $state, $transitions, $window, vnToken, vnModules) {
Object.assign(this, { Object.assign(this, {
$http, $http,
$q, $q,
vnApp,
$translate,
$state, $state,
$transitions, $transitions,
$window, $window,
vnToken, vnToken,
vnModules, vnModules,
aclService,
loggedIn: false loggedIn: false
}); });
} }
@ -39,9 +40,26 @@ export default class Auth {
}; };
if (this.vnToken.token) { if (this.vnToken.token) {
return this.loadAcls() const loadWithRetry = () => {
.then(() => true) return this.validateToken()
.catch(redirectToLogin); .then(() => true)
.catch(err => {
switch (err.status) {
case 400:
case 401:
return redirectToLogin();
default:
return new Promise(resolve => {
setTimeout(() => {
this.vnApp.showMessage(this.$translate.instant('Loading...'));
resolve(loadWithRetry());
}, 2000);
});
}
});
};
return loadWithRetry();
} else } else
return redirectToLogin(); return redirectToLogin();
}); });
@ -87,13 +105,11 @@ export default class Auth {
headers: {Authorization: json.data.token} headers: {Authorization: json.data.token}
}).then(({data}) => { }).then(({data}) => {
this.vnToken.set(json.data.token, data.multimediaToken.id, now, json.data.ttl, remember); this.vnToken.set(json.data.token, data.multimediaToken.id, now, json.data.ttl, remember);
this.loadAcls().then(() => { let continueHash = this.$state.params.continue;
let continueHash = this.$state.params.continue; if (continueHash)
if (continueHash) this.$window.location = continueHash;
this.$window.location = continueHash; else
else this.$state.go('home');
this.$state.go('home');
});
}).catch(() => {}); }).catch(() => {});
} }
@ -107,24 +123,25 @@ export default class Auth {
this.vnToken.unset(); this.vnToken.unset();
this.loggedIn = false; this.loggedIn = false;
this.vnModules.reset(); this.vnModules.reset();
this.aclService.reset(); this.vnModules.aclService.reset();
this.$state.go('login'); this.$state.go('login');
return promise; return promise;
} }
loadAcls() { validateToken() {
return this.aclService.load() return this.$http.get('VnUsers/validateToken')
.then(() => { .then(() => {
this.loggedIn = true; this.loggedIn = true;
this.vnModules.reset(); this.vnModules.reset();
}) })
.catch(err => { .catch(err => {
this.vnToken.unset();
throw err; throw err;
}); });
} }
} }
Auth.$inject = ['$http', '$q', '$state', '$transitions', '$window', 'vnToken', 'vnModules', 'aclService']; Auth.$inject = [
'$http', '$q', 'vnApp', '$translate', '$state',
'$transitions', '$window', 'vnToken', 'vnModules'];
ngModule.service('vnAuth', Auth); ngModule.service('vnAuth', Auth);

3
front/salix/routes.js
View File

@ -12,7 +12,8 @@ function config($stateProvider, $urlRouterProvider) {
template: '<vn-layout></vn-layout>', template: '<vn-layout></vn-layout>',
resolve: { resolve: {
config: ['vnConfig', vnConfig => vnConfig.initialize()], config: ['vnConfig', vnConfig => vnConfig.initialize()],
token: ['vnToken', vnToken => vnToken.fetchConfig()] token: ['vnToken', vnToken => vnToken.fetchConfig()],
acl: ['aclService', aclService => aclService.load()]
} }
}) })
.state('outLayout', { .state('outLayout', {

2
package.json
View File

@ -1,6 +1,6 @@
{ {
"name": "salix-back", "name": "salix-back",
"version": "24.24.0", "version": "24.24.1",
"author": "Verdnatura Levante SL", "author": "Verdnatura Levante SL",
"description": "Salix backend", "description": "Salix backend",
"license": "GPL-3.0", "license": "GPL-3.0",