56 lines
1.7 KiB
JavaScript
56 lines
1.7 KiB
JavaScript
|
|
const UserError = require('vn-loopback/util/user-error');
|
|
|
|
module.exports = Self => {
|
|
Self.rewriteDbError(function(err) {
|
|
if (err.code === 'ER_DUP_ENTRY')
|
|
return new UserError(`You already have the mailAlias`);
|
|
return err;
|
|
});
|
|
|
|
Self.observe('before save', async ctx => {
|
|
const changes = ctx.currentInstance || ctx.instance;
|
|
|
|
await checkModifyPermission(ctx, changes.mailAlias);
|
|
});
|
|
|
|
Self.observe('before delete', async ctx => {
|
|
const mailAliasAccount = await Self.findById(ctx.where.id);
|
|
|
|
await checkModifyPermission(ctx, mailAliasAccount.mailAlias);
|
|
});
|
|
|
|
async function checkModifyPermission(ctx, mailAliasFk) {
|
|
const userId = ctx.options.accessToken.userId;
|
|
const available = await Self.getAvailable(userId);
|
|
if (!available.has(mailAliasFk))
|
|
throw new UserError('The alias cant be modified');
|
|
}
|
|
|
|
Self.getAvailable = async function(userId, options) {
|
|
const models = Self.app.models;
|
|
|
|
const myOptions = {};
|
|
|
|
if (typeof options == 'object')
|
|
Object.assign(myOptions, options);
|
|
|
|
const roles = await models.RoleMapping.find({
|
|
fields: ['roleId'],
|
|
where: {principalId: userId}
|
|
}, myOptions);
|
|
|
|
const availableMailAlias = await models.MailAliasAcl.find({
|
|
fields: ['mailAliasFk'],
|
|
include: {relation: 'mailAlias'},
|
|
where: {
|
|
roleFk: {
|
|
inq: roles.map(role => role.roleId),
|
|
},
|
|
}
|
|
}, myOptions);
|
|
const mailAliasArray = Array.from(availableMailAlias, alias => alias.mailAliasFk);
|
|
return new Set(mailAliasArray);
|
|
};
|
|
};
|