refactor(vnUser): refs #7792 use twoFactorFk and add foreignKey #2937

Merged
alexm merged 6 commits from 7792-twoFactorFk into dev 2024-09-18 10:41:41 +00:00
13 changed files with 26 additions and 58 deletions
Showing only changes of commit 829ecba2ef - Show all commits

View File

@ -33,7 +33,7 @@ module.exports = Self => {
const where = Self.userUses(user);
const vnUser = await Self.findOne({
fields: ['id', 'name', 'password', 'active', 'email', 'passExpired', 'twoFactorFk'],
fields: ['id', 'name', 'password', 'active', 'email', 'passExpired', 'twoFactor'],
where
}, myOptions);
@ -46,7 +46,7 @@ module.exports = Self => {
await Self.sendTwoFactor(ctx, vnUser, myOptions);
await Self.passExpired(vnUser, myOptions);
if (vnUser.twoFactorFk)
if (vnUser.twoFactor)
throw new ForbiddenError(null, 'REQUIRES_2FA');
}
return Self.validateLogin(user, password, ctx);
@ -58,13 +58,13 @@ module.exports = Self => {
if (vnUser.passExpired && vnUser.passExpired.getTime() <= today.getTime()) {
const err = new UserError('Pass expired', 'passExpired');
err.details = {userId: vnUser.id, twoFactorFk: vnUser.twoFactorFk ? true : false};
err.details = {userId: vnUser.id, twoFactor: vnUser.twoFactor ? true : false};
throw err;
}
};
Self.sendTwoFactor = async(ctx, vnUser, myOptions) => {
if (vnUser.twoFactorFk === 'email') {
if (vnUser.twoFactor === 'email') {
const $ = Self.app.models;
const min = 100000;

View File

@ -70,7 +70,7 @@ describe('VnUser Sign-in()', () => {
let error;
try {
const options = {transaction: tx};
await employee.updateAttribute('twoFactorFk', 'email', options);
await employee.updateAttribute('twoFactor', 'email', options);
await VnUser.signIn(unAuthCtx, 'employee', 'nightmare', options);
await tx.rollback();

View File

@ -25,8 +25,8 @@ module.exports = Self => {
type: 'string',
description: 'The user lang'
}, {
arg: 'twoFactorFk',
type: 'any',
arg: 'twoFactor',
type: 'string',
description: 'The user twoFactor'
}
],
@ -36,8 +36,8 @@ module.exports = Self => {
}
});
Self.updateUser = async(ctx, id, name, nickname, email, lang, twoFactorFk) => {
Self.updateUser = async(ctx, id, name, nickname, email, lang, twoFactor) => {
await Self.userSecurity(ctx, id);
await Self.upsertWithWhere({id}, {name, nickname, email, lang, twoFactorFk});
await Self.upsertWithWhere({id}, {name, nickname, email, lang, twoFactor});
};
};

View File

@ -55,7 +55,7 @@ module.exports = Self => {
throw new UserError('Invalid or expired verification code');
const user = await Self.findById(authCode.userFk, {
fields: ['name', 'twoFactorFk']
fields: ['name', 'twoFactor']
}, myOptions);
if (user.name.toLowerCase() !== username.toLowerCase())

View File

@ -58,6 +58,9 @@
},
"passExpired": {
"type": "date"
},
"twoFactor": {
"type": "string"
}
},
"relations": {
@ -86,11 +89,6 @@
"type": "hasOne",
"model": "UserConfig",
"foreignKey": "userFk"
},
"twoFactor": {
"type": "belongsTo",
"model": "TwoFactorType",
"foreignKey": "twoFactorFk"
}
},
"acls": [
@ -168,7 +166,7 @@
"realm",
"email",
"emailVerified",
"twoFactorFk"
"twoFactor"
]
}
}

View File

@ -7,10 +7,10 @@ BEGIN
UPDATE vn.department_recalc SET isChanged = TRUE;
END IF;
IF !(OLD.twoFactorFk <=> NEW.twoFactorFk) THEN
IF !(OLD.twoFactor <=> NEW.twoFactor) THEN
UPDATE account.user u
JOIN vn.workerDepartment wd ON wd.workerFk = u.id
SET u.twoFactorFk = NEW.twoFactorFk
SET u.twoFactor = NEW.twoFactor
WHERE wd.departmentFk = NEW.id;
END IF;
END$$

View File

@ -4,23 +4,23 @@ CREATE OR REPLACE TABLE account.twoFactorType (
PRIMARY KEY (`code`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
ALTER TABLE account.user ADD twoFactorFk varchar(20) NULL;
ALTER TABLE account.user ADD CONSTRAINT user_twoFactor_fk FOREIGN KEY (twoFactorFk) REFERENCES account.twoFactorType(code) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE account.user ADD twoFactor varchar(20) NULL;
ALTER TABLE account.user ADD CONSTRAINT user_twoFactor_fk FOREIGN KEY (twoFactor) REFERENCES account.twoFactorType(code) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE vn.department ADD twoFactorFk varchar(20) NULL;
ALTER TABLE vn.department ADD CONSTRAINT department_twoFactor_fk FOREIGN KEY (twoFactorFk) REFERENCES account.twoFactorType(code) ON DELETE CASCADE ON UPDATE CASCADE;
ALTER TABLE vn.department ADD twoFactor varchar(20) NULL;
ALTER TABLE vn.department ADD CONSTRAINT department_twoFactor_fk FOREIGN KEY (twoFactor) REFERENCES account.twoFactorType(code) ON DELETE CASCADE ON UPDATE CASCADE;
INSERT INTO account.twoFactorType (code, description)
VALUES('email', 'Envia un código por email');
UPDATE account.`user` u
JOIN account.`user` u2 ON u.id = u2.id
SET u.twoFactorFk = u.twoFactor
SET u.twoFactor = u.twoFactor
WHERE u2.twoFactor IS NOT NULL;
UPDATE vn.`department` d
JOIN vn.`department` d2 ON d.id = d2.id
SET d.twoFactorFk = d.twoFactor
SET d.twoFactor = d.twoFactor
WHERE d2.twoFactor IS NOT NULL;
ALTER TABLE account.user CHANGE twoFactor twoFactor__ enum('email') CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci DEFAULT NULL NULL COMMENT 'Deprecated 2024-09-09';

View File

@ -22,7 +22,7 @@
autocomplete="false">
</vn-textfield>
<vn-textfield
ng-if="$ctrl.$state.params.twoFactorFk == 'true'"
ng-if="$ctrl.$state.params.twoFactor == 'true'"
label="Verification code"
ng-model="$ctrl.code"
vn-name="code"

View File

@ -37,13 +37,13 @@ module.exports = Self => {
Object.assign(myOptions, options);
const {VnUser} = Self.app.models;
const user = await VnUser.findById(userId, {fields: ['name', 'twoFactorFk']}, myOptions);
const user = await VnUser.findById(userId, {fields: ['name', 'twoFactor']}, myOptions);
await user.hasPassword(oldPassword);
if (oldPassword == newPassword)
throw new UserError(`You can not use the same password`);
if (user.twoFactorFk)
if (user.twoFactor)
await VnUser.validateCode(user.name, code, myOptions);
await VnUser.changePassword(userId, oldPassword, newPassword, myOptions);

View File

@ -75,7 +75,7 @@ describe('account changePassword()', () => {
await models.VnUser.updateAll(
{id: 70},
{
twoFactorFk: 'email',
twoFactor: 'email',
passExpired: yesterday
}
, options);

View File

@ -50,9 +50,6 @@
"SipConfig": {
"dataSource": "vn"
},
"TwoFactorType": {
"dataSource": "vn"
},
"UserLog": {
"dataSource": "vn"
},

View File

@ -1,26 +0,0 @@
{
"name": "TwoFactorType",
"base": "VnModel",
"options": {
"mysql": {
"table": "account.twoFactorType"
}
},
"properties": {
"code": {
"type": "string",
"id": true
},
"description": {
"type": "string"
}
},
"acls": [
{
"accessType": "READ",
"principalType": "ROLE",
"principalId": "$everyone",
"permission": "ALLOW"
}
]
}

View File

@ -38,7 +38,6 @@ fixtures:
- userPassword
- accountConfig
- mailConfig
- twoFactorType
salix:
- ACL
- fieldAcl