salix/back/models/account.js

const md5 = require('md5');

module.exports = Self => {
    require('../methods/account/login')(Self);
    require('../methods/account/logout')(Self);
    require('../methods/account/acl')(Self);
    require('../methods/account/change-password')(Self);
    require('../methods/account/set-password')(Self);
    require('../methods/account/validate-token')(Self);
    require('../methods/account/privileges')(Self);

    // Validations

    Self.validatesFormatOf('email', {
        message: 'Invalid email',
        allowNull: true,
        allowBlank: true,
        with: /^[\w|.|-]+@[\w|-]+(\.[\w|-]+)*(,[\w|.|-]+@[\w|-]+(\.[\w|-]+)*)*$/
    });

    Self.validatesUniquenessOf('name', {
        message: `A client with that Web User name already exists`
    });

    Self.observe('before save', async function(ctx) {
        if (ctx.currentInstance && ctx.currentInstance.id && ctx.data && ctx.data.password)
            ctx.data.password = md5(ctx.data.password);
    });

    Self.remoteMethod('getCurrentUserData', {
        description: 'Gets the current user data',
        accepts: [
            {
                arg: 'ctx',
                type: 'Object',
                http: {source: 'context'}
            }
        ],
        returns: {
            type: 'Object',
            root: true
        },
        http: {
            verb: 'GET',
            path: '/getCurrentUserData'
        }
    });

    Self.getCurrentUserData = async function(ctx) {
        let userId = ctx.req.accessToken.userId;
        return await Self.findById(userId, {
            fields: ['id', 'name', 'nickname']
        });
    };

    /**
     * Checks if user has a role.
     *
     * @param {Integer} userId The user id
     * @param {String} name The role name
     * @param {Object} options Options
     * @return {Boolean} %true if user has the role, %false otherwise
     */
    Self.hasRole = async function(userId, name, options) {
        let roles = await Self.getRoles(userId, options);
        return roles.some(role => role == name);
    };

    /**
     * Get all user roles.
     *
     * @param {Integer} userId The user id
     * @param {Object} options Options
     * @return {Object} User role list
     */
    Self.getRoles = async(userId, options) => {
        let result = await Self.rawSql(
            `SELECT r.name
                FROM account.user u
                    JOIN account.roleRole rr ON rr.role = u.role
                    JOIN account.role r ON r.id = rr.inheritsFrom
                WHERE u.id = ?`, [userId], options);

        let roles = [];
        for (role of result)
            roles.push(role.name);

        return roles;
    };
};