free-be-account 0.0.1

package/package.json

@@ -0,0 +1,15 @@
+{
+  "name": "free-be-account",
+  "version": "0.0.1",
+  "main": "index.js",
+  "license": "UNLICENSED",
+  "dependencies": {
+    "@alicloud/pop-core": "^1.7.9",
+    "bcrypt": "^5.0.1",
+    "crypto-js": "^4.0.0",
+    "js-md5": "^0.7.3",
+    "passport": "^0.5.0",
+    "passport-local": "^1.0.0",
+    "uuid": "^8.3.2"
+  }
+}

package/routers/index.js

@@ -0,0 +1,4 @@
+module.exports = {
+    title: 'module-title',
+    description: 'module-description',
+};

package/routers/label/index.js

@@ -0,0 +1,4 @@
+module.exports = {
+    title: 'module-label-title',
+    description: 'module-label-description',
+};

package/routers/label/route.js

@@ -0,0 +1,33 @@
+const path = require('path');
+const express = require(path.resolve('./') + "/node_modules/express");
+const router = express.Router();
+
+router.get('/',
+    (req, res, next) => {
+        res.locals = res.locals || {};
+        res.locals.fields = [
+            'id',
+            'Name',
+            'Index',
+            'Enabled',
+            'Permission'
+        ];
+        res.locals.filter = {
+            Parent: req.query.Parent || {
+                $exists: false,
+                $eq: null
+            }
+        }
+
+        return next();
+    },
+    router.FindAllDocuments('plabel')
+);
+
+router.post('/', router.CreateDocument('plabel'));
+
+router.put('/', router.UpdateDocument('plabel'));
+
+router.delete('/', router.DeleteDocument('plabel'));
+
+module.exports = router;

package/routers/mgmt/index.js

@@ -0,0 +1,4 @@
+module.exports = {
+    title: 'module-mgmt-title',
+    description: 'module-mgmt-description',
+};

package/routers/mgmt/route.js

@@ -0,0 +1,279 @@
+const path = require('path');
+const express = require(path.resolve('./') + "/node_modules/express");
+const router = express.Router();
+const { AccountAuditStatus } = require('../../enum');
+const { clearPermission, encryptPwd, crypto } = require('../../utils');
+
+// TODO: i18n translate
+const accountFilters = [
+    {
+        Name: 'LastUpdateDate',
+        Type: 'DateRange',
+        Label: '更新日期',
+        Placeholder: '请选择',
+    },
+    {
+        Name: 'Enabled',
+        Type: 'Select',
+        Label: '激活状态',
+        Placeholder: '请选择',
+        Options: [
+            {
+                Label: '已激活',
+                Value: true,
+            },
+            {
+                Label: '未激活',
+                Value: false,
+            },
+        ],
+    },
+    {
+        Name: 'Profile.Name',
+        Type: 'String',
+        Label: '姓名',
+    },
+    {
+        Name: 'Profile.Title',
+        Type: 'String',
+        Label: '职务',
+    },
+    {
+        Name: 'PhoneNumber',
+        Type: 'String',
+        Label: '手机号',
+    },
+    {
+        Name: 'UserName',
+        Type: 'String',
+        Label: '用户名',
+    },
+];
+
+router.get('/', async (req, res, next) => {
+    res.locals.fields = [
+        'id',
+        'LastUpdateDate',
+        'Profile',
+        'PhoneNumber',
+        'Enabled',
+        'Org',
+        'Labels',
+    ];
+
+    res.locals.filter = Object.assign({ Saved: true }, res.app.modules['core-modules'].generateQueryFilter(accountFilters, req.query), res.locals.filter);
+
+    res.locals.data.summary = {};
+    res.locals.data.summary.auditing = await res.app.models['account'].countDocuments({...res.locals.filter, Status: AccountAuditStatus.Auditing });
+    res.locals.data.summary.passed = await res.app.models['account'].countDocuments({...res.locals.filter, Status: AccountAuditStatus.Passed });
+    res.locals.data.summary.failed = await res.app.models['account'].countDocuments({...res.locals.filter, Status: AccountAuditStatus.Failed });
+
+    return next();
+
+}, router.FindDocuments('account', false, async (req, res) => {
+    res.locals.data.Filters = accountFilters;
+
+    if (res.locals.data && res.locals.data.total) {
+        for (let i = 0; i < res.locals.data.docs.length; i += 1) {
+            const doc = res.locals.data.docs[i];
+            if (doc && doc.Org) {
+                const org = await app.models.organization.findOne({ id: doc.Org });
+                if (org) {
+                    doc.Org = {
+                        id: org.id,
+                        Name: org.Name
+                    }
+                }
+            }
+        }
+    }
+}));
+
+router.get('/:id',
+    (req, res, next) => {
+        if (req.params.id === 'sl') return next('route');
+
+        res.locals.filter = { id: req.params.id };
+
+        res.locals.fields = [
+            'id',
+            'LastUpdateDate',
+            'Profile',
+            'PhoneNumber',
+            'UserName',
+            'Enabled',
+            'Org',
+            'Status',
+            'Permission',
+            'Labels'
+        ];
+        
+        return next();
+    },
+    router.FindDocuments('account', false, (req, res) => {
+        if (res.locals.data && res.locals.data.total) {
+            res.locals.data = res.locals.data.docs[0];
+        } else {
+            res.locals.data = {};
+        }
+    })
+);
+
+router.post('/', 
+    (req, res, next) => {
+        req.body.Status = AccountAuditStatus.Passed;
+
+        if (req.body.Permission) {
+            if (!clearPermission(req.body.Permission)) {
+                req.body.Permission = {};
+            }
+        }
+
+        // pwd
+        if (req.body.Password) {
+            const password = crypto.encoder.desDecode(req.body.Password, router.mdl.config.desKey);
+            req.body.Password = encryptPwd(password, router.mdl.config.pwdEncryptMethod || 'md5');
+        }
+
+        return next();
+    },
+    router.CreateDocument('account')
+);
+
+router.post('/audit',
+    async (req, res, next) => {
+        if (typeof req.body.Status === 'undefined' ||
+            typeof req.body.id === 'undefined' ||
+            [
+                AccountAuditStatus.Passed,
+                AccountAuditStatus.Auditing,
+                AccountAuditStatus.Failed
+            ].indexOf(req.body.Status) < 0) {
+            await res.endWithErr(400);
+            return;
+        }
+
+        res.locals.body = res.locals.body || {};
+        res.locals.body.Status = req.body.Status;
+
+        // set to default permission if change audit status back to auditing
+        if (req.body.Status === AccountAuditStatus.Failed) {
+            res.locals.body.Permission = {};
+        } else if (req.body.Status === AccountAuditStatus.Auditing) {
+            res.locals.body.Permission = router.mdl.config.accountDefaultPermissions;
+        }
+
+        if (res.locals.body.Permission)
+            clearPermission(res.locals.body.Permission);
+
+        res.locals.filter = res.locals.filter || {};
+        res.locals.filter.id = req.body.id;
+
+        // set permission 
+        // try to use default account permission in the config first
+        // if not found use the permission of the org of the account (if have org module loaded)
+        if (req.body.Status === app.modules.account.AccountAuditStatus.Passed && req.body.id) {
+            const account = await app.models.account.findOne({ id: req.body.id });
+            if (account && account.Org) {
+                const accountOrg = await app.models.organization.findOne({ id: account.Org });
+                if (accountOrg && accountOrg.Permission) {
+                    const p = Object.assign({}, accountOrg.Permission);
+                    if (app.modules.account.utils.clearPermission(p)) {
+                        const op = res.locals.CURD.find(op => op.method === 'U' && op.model === 'account');
+                        if (op) {
+                            op.ctx.body.Permission = p;
+                        }
+                    }
+                }
+            }
+        }
+
+        return next();
+    },
+    router.UpdateDocument('account'),
+);
+
+router.put('/',
+    router.UpdateDocument('account', false, (req, res) => {
+        // clear return data
+        if (res.locals.data && res.locals.data.id) {
+            res.locals.data = { id: res.locals.data.id };
+        }
+    })
+);
+
+router.post('/:id/resetpwd',
+    (req, res, next) => {
+        if (!req.params.id) {
+            res.makeError(401, 'Please specify which account you want to reset!');
+            return next('route');
+        }
+
+        res.locals.filter = { id: req.params.id };
+
+        res.locals.fields = [
+            'Password'
+        ];
+
+        res.locals.body = {
+            Password: router.mdl.config.defaultPassword
+        };
+
+        res.locals.newPwd = router.mdl.config.defaultPassword;
+
+        // set default password
+        let clearPwd = router.mdl.config.accountDefaultPasswordRandom ?
+            crypto.randomPassword(router.mdl.config.accountDefaultPasswordRandomLength || 6) :
+            router.mdl.config.accountDefaultPassword;
+            
+        clearPwd = clearPwd || res.app.modules.account.config.defaultPassword;
+        res.locals.newPwd = clearPwd;
+
+        res.locals.body.Password = res.app.modules.account.utils.encryptPwd(clearPwd, router.mdl.config.pwdEncryptMethod || 'md5');
+        
+        return next();
+    },
+    router.UpdateDocument('account', false, (req, res) => {
+        // return the new pwd
+        if (res.locals.newPwd) {
+            res.locals.data = {
+                newPwd: res.locals.newPwd
+            };
+        }
+    })
+);
+
+router.delete('/', router.DeleteDocument('account'));
+
+router.get(`/search`,
+    async (req, res, next) => {
+        res.locals = res.locals || {};
+
+        res.locals.filter = {};
+        if (req.query.id) {
+            res.locals.filter.id = req.query.id;
+        }
+        else if (req.query.search) {
+            let keyword = RegExp.quote(req.query.search);
+            res.locals.filter.$or = [
+                { Name: keyword },
+            ];
+        } else {
+            await res.endWithErr(400);
+            return;
+        }
+
+        res.locals.fields = [
+            'id',
+            'Name',
+            'Index',
+            'IsVirtual',
+            'LastUpdateDate'
+        ];
+
+        return next();
+    },
+    router.FindDocuments('organization')
+);
+
+module.exports = router;

package/routers/org/export/index.js

@@ -0,0 +1,4 @@
+module.exports = {
+    title: 'module-org-export-title',
+    description: 'module-org-export-description',
+};

package/routers/org/export/route.js

@@ -0,0 +1,11 @@
+const express = require(require('path').resolve('./') + "/node_modules/express");
+const router = express.Router();
+
+/**
+ * get all the dicts
+ */
+router.get('/',
+    router.FindAllDocuments('organization')
+)
+
+module.exports = router;

package/routers/org/index.js

@@ -0,0 +1,4 @@
+module.exports = {
+    title: 'module-org-title',
+    description: 'module-org-description',
+};

package/routers/org/route.js

@@ -0,0 +1,67 @@
+const express = require(require('path').resolve('./') + "/node_modules/express");
+const router = express.Router();
+
+router.get('/',
+    (req, res, next) => {
+        res.locals = res.locals || {};
+        res.locals.fields = [
+            'id',
+            'Name',
+            'Index',
+            'IsVirtual',
+            'Permission'
+        ];
+        res.locals.filter = {
+            Parent: req.query.Parent || {
+                $exists: false,
+                $eq: null
+            }
+        }
+
+        return next();
+    },
+    router.FindAllDocuments('organization')
+);
+
+// router.get('/search',
+//     (req, res, next) => {
+//         res.locals = res.locals || {};
+
+//         res.locals.filter = {};
+//         if (req.query.id) {
+//             res.locals.filter.id = req.query.id;
+//         }
+//         else if (req.query.search) {
+//             // TODO: search with regexp not working!!!
+//             // let keyword = new RegExp(req.query.search);
+//             res.locals.filter.$or = [
+//                 { Name: req.query.search },
+//             ];
+//         } else {
+//             await res.endWithErr(400);
+//             return;
+//         }
+
+//         res.locals.fields = [
+//             'id',
+//             'Name',
+//             'Index',
+//             'IsVirtual',
+//             'LastUpdateDate'
+//         ];
+
+//         return next();
+//     },
+//     router.FindDocuments('organization')
+// );
+
+// TODO: org name should be unqiue in the same parent
+router.post('/', router.CreateDocument('organization'));
+
+// TODO: org name should be unqiue in the same parent
+router.put('/', router.UpdateDocument('organization'));
+
+// TODO: should delete recursively
+router.delete('/', router.DeleteDocument('organization'));
+
+module.exports = router;

package/routers/perm/index.js

@@ -0,0 +1,4 @@
+module.exports = {
+    title: 'module-perm-title',
+    description: 'module-perm-description',
+};

package/routers/perm/route.js

@@ -0,0 +1,94 @@
+const path = require('path');
+const express = require(path.resolve('./') + "/node_modules/express");
+const router = express.Router();
+const utils = require('../../utils');
+
+router.get('/',
+    async (req, res, next) => {
+        res.locals.filter = {
+            Parent: req.query.Parent || {
+                $exists: false,
+                $eq: null
+            },
+        };
+
+        // add app.serviceList into db if not yet
+        // TODO: we force clean up all built-in permissions here, any problems?
+        // it will remove all the data scope!!!!!!!!!
+        await utils.saveServiceList(res.app, false);
+
+        // add form fields
+        const Fields = Object.assign([], router.mdl.config.permFields);
+        Fields.push(
+            {
+                Name: 'Scope',
+                Label: router.mdl.t('scope-field-label'),
+                Type: 'DynamicList',
+                Options: {
+                    Columns: [
+                        {
+                            Name: 'Name',
+                            Label: router.mdl.t('scope-params-header-label'),
+                            Type: 'Select',
+                            Options: res.app.getContainerContent('DataScope').map(ds => {
+                                const ret = {
+                                    Label: ds.Label,
+                                    Value: ds.Name,
+                                };
+
+                                if (ds && ds.Params && ds.Params.length > 0) {
+                                    ret.Extra = {
+                                        Label: router.mdl.t('scope-params-label'),
+                                        Name: 'Params',
+                                        Type: 'FixedList',
+                                        Options: {
+                                            Columns: ds.Params,
+                                            Default: [{}]
+                                        }
+                                    }
+                                }
+
+                                return ret;
+                            }),
+                        },
+                    ],
+                },
+            }
+        );
+
+        res.addData({ Fields }, false)
+
+        return next();
+    },
+    router.FindAllDocuments('permission')
+);
+
+router.post('/',
+    async (req, res, next) => {
+        if (!req.body.Name || !req.body.Title) {
+            res.makeError(201, router.mdl);
+            return;
+        }
+
+        let parent;
+        if (req.body.Parent) {
+            parent = await res.app.models.permission.findOne({ id: req.body.Parent });
+            if (!parent || !parent.Path) {
+                res.makeError(211, router.mdl);
+                return;
+            }
+        }
+
+        req.body.Path = `${parent ? parent.Path + '/' : ''}${req.body.Name}`
+        req.body.BuiltIn = false;
+
+        return next();
+    },
+    router.CreateDocument('permission')
+);
+
+router.put('/', router.UpdateDocument('permission'));
+
+router.delete('/', router.DeleteDocument('permission'));
+
+module.exports = router;

package/routers/uc/index.js

@@ -0,0 +1,4 @@
+module.exports = {
+    title: 'module-uc-title',
+    description: 'module-uc-description',
+};

package/routers/uc/info/index.js

@@ -0,0 +1,4 @@
+module.exports = {
+    title: '账号信息',
+    description: '',
+};

package/routers/uc/info/route.js

@@ -0,0 +1,95 @@
+const express = require(require('path').resolve('./') + "/node_modules/express");
+const router = express.Router();
+
+router.get('/', (req, res, next) => {
+    const user = req.user;
+
+    const StepsDefinition = Object.clone(router.mdl.config.infoStepsDefinition || []);
+
+    const extraFields = {};
+    if (StepsDefinition[0]) {
+        StepsDefinition[0].Fields = StepsDefinition[0].Fields || [];
+
+        for (let i = 0; i < StepsDefinition[0].Fields.length; i += 1) {
+            const field = StepsDefinition[0].Fields[i];
+
+            if (field && field.Name) {
+                Object.setValue(extraFields, field.Name, Object.nestValue(user, field.Name));
+            }
+        }
+
+    }
+
+    res.addData({
+        ...extraFields,
+
+        PhoneNumber: user.PhoneNumber,
+        Org: user.Org,
+        Profile: user.Profile,
+        Status: user.Status,
+
+        StepsDefinition,
+    });
+
+    return next();
+});
+
+router.put('/', async (req, res, next) => {
+    const user = req.user;
+
+    res.locals.filter = { id: user.id };
+    // get new data from request (now only profile can be updated in uc)
+    if (req.body.Profile) {
+        res.locals.body = { Profile: req.body.Profile };
+    } else {
+        res.locals.body = { Enabled: user.Enabled };
+    }
+
+    return next();
+}, router.UpdateDocument('account', false, (req, res) => {
+    if (res.locals.data) {
+
+        // only return necessary info
+        res.addData({});
+    }
+}));
+
+// change to editing status
+router.post('/edit', async (req, res, next) => {
+    // set to default permission 
+    const p = res.app.modules.account.config.accountDefaultPermissions;
+    res.app.modules.account.utils.clearPermission(p);
+
+    // TODO: should not use mongoose directly
+    await res.app.models['account'].update({ id: req.user.id }, { $unset: { Status: 0 }, $set: { Permission: p } });
+
+    res.addData({});
+
+    return next();
+});
+
+// submit to audit
+router.post('/submit', async (req, res, next) => {
+    const user = req.user;
+
+    // save changes first
+    if (req.body.Profile) {
+        user.Profile = Object.assign(user.Profile, req.body.Profile);
+    }
+
+    user.Status = res.app.modules.account.AccountAuditStatus.Auditing;
+
+    // set to default permission 
+    const p = res.app.modules.account.config.accountDefaultPermissions;
+    res.app.modules.account.utils.clearPermission(p);
+    user.Permission = p;
+
+    // save
+    await user.save();
+
+    res.addData({});
+
+    return next();
+});
+
+module.exports = router;

package/routers/uc/phone/index.js

@@ -0,0 +1,5 @@
+
+module.exports = {
+    title: '修改手机号',
+    description: '',
+};