sumba 2.23.0 → 2.25.0

package/extend/dobo/model/x-route-guard.js

@@ -0,0 +1,13 @@
+import { properties, features } from './route-guard.js'
+import { options } from './model-guard.js'
+
+async function xRouteGuard () {
+  const { isString } = this.app.lib._
+  return {
+    properties: properties.filter(prop => !isString(prop) || (isString(prop) && !prop.startsWith('teamIds'))),
+    features: features.filter(feat => !isString(feat) || (isString(feat) && !['sumba:siteId', 'dobo:updatedAt'].includes(feat))).concat('sumba:siteIds', 'dobo:updatedAt'),
+    options
+  }
+}
+
+export default xRouteGuard

package/extend/waibuDb/schema/attrib-guard.js

@@ -0,0 +1,15 @@
+async function attribGuard () {
+  return {
+    common: {
+      widget: {
+        teamIds: {
+          attr: {
+            refUrl: 'waibuAdmin:/{prefix}/team/details?id={id}'
+          }
+        }
+      }
+    }
+  }
+}
+
+export default attribGuard

package/extend/waibuDb/schema/model-guard.js

@@ -0,0 +1,15 @@
+async function modelGuard () {
+  return {
+    common: {
+      widget: {
+        teamIds: {
+          attr: {
+            refUrl: 'waibuAdmin:/{prefix}/team/details?id={id}'
+          }
+        }
+      }
+    }
+  }
+}
+
+export default modelGuard

package/extend/waibuDb/schema/route-guard.js

@@ -2,7 +2,7 @@ async function routeGuard () {
   return {
     common: {
       widget: {
-        teams: {
+        teamIds: {
           attr: {
             refUrl: 'waibuAdmin:/{prefix}/team/details?id={id}'
           }

package/extend/waibuDb/schema/user.js

@@ -1,9 +1,23 @@
 async function user ({ req } = {}) {
+  const { merge } = this.app.lib._
+  const details = {
+    forceVisible: ['password', 'token'],
+    format: {
+      password: function (val, rec) {
+        return `<a href="waibuAdmin:/site/reset-user-password?username=${rec.username}">${req.t('resetPassword')}</a>`
+      }
+    },
+    widget: {
+      password: {
+        component: 'form-plaintext'
+      }
+    }
+  }
   return {
     common: {
       layout: [
         { name: 'meta', fields: ['id:3', 'createdAt:3', 'updatedAt:3', 'status:3'] },
-        { name: 'account', fields: ['username:3', 'email:3', 'provider:3', 'password:3', 'firstName:3', 'lastName:3', 'apiKey:6'] },
+        { name: 'account', fields: ['username:3', 'email:3', 'provider:3', 'password:3', 'firstName:3', 'lastName:3'] },
         { name: 'address', fields: ['address1:12', 'address2:12', 'city:6-md 8-sm', 'zipCode:2-md 4-sm', 'provinceState:4-md', 'country:6-md', 'phone:6-md', 'website:12'] },
         { name: 'socialMedia', fields: ['socX:3-md 6-sm', 'socInstagram:3-md 6-sm', 'socFacebook:3-md 6-sm', 'socLinkedIn:3-md 6-sm'] }
       ],
@@ -19,7 +33,7 @@ async function user ({ req } = {}) {
           sort: 'username:1',
           limit: 10
         },
-        fields: ['createdAt', 'status', 'username', 'provider', 'email', 'firstName', 'lastName', 'city', 'zipCode', 'provinceState', 'country', 'phone', 'apiKey'],
+        fields: ['createdAt', 'status', 'username', 'provider', 'email', 'firstName', 'lastName', 'city', 'zipCode', 'provinceState', 'country', 'phone'],
         stat: {
           aggregate: [
             { fields: ['status'], group: 'status', aggregate: ['count'] },
@@ -28,35 +42,14 @@ async function user ({ req } = {}) {
           ]
         }
       },
-      details: {
-        forceVisible: ['password', 'token'],
-        widget: {
-          password: {
-            component: 'form-plaintext',
-            attr: {
-              href: 'waibuAdmin:/site/reset-user-password?username={username}',
-              value: req.t('resetPassword')
-            }
-          }
-        }
-      },
+      details,
       add: {
         forceVisible: ['password'],
         hidden: ['id', 'createdAt', 'updatedAt', 'provider']
       },
-      edit: {
-        forceVisible: ['password', 'token'],
-        widget: {
-          password: {
-            component: 'form-plaintext',
-            attr: {
-              href: 'waibuAdmin:/site/reset-user-password?username={username}',
-              value: req.t('resetPassword')
-            }
-          }
-        },
+      edit: merge({}, details, {
         readonly: ['id', 'createdAt', 'updatedAt', 'username', 'provider']
-      }
+      })
     }
   }
 }

package/extend/waibuDb/schema/x-attrib-guard.js

@@ -0,0 +1,15 @@
+async function xAttribGuard () {
+  return {
+    common: {
+      widget: {
+        siteIds: {
+          attr: {
+            refUrl: 'waibuAdmin:/{prefix}/site/details?id={id}'
+          }
+        }
+      }
+    }
+  }
+}
+
+export default xAttribGuard

package/extend/waibuDb/schema/x-model-guard.js

@@ -0,0 +1,15 @@
+async function xModelGuard () {
+  return {
+    common: {
+      widget: {
+        siteIds: {
+          attr: {
+            refUrl: 'waibuAdmin:/{prefix}/site/details?id={id}'
+          }
+        }
+      }
+    }
+  }
+}
+
+export default xModelGuard

package/extend/waibuDb/schema/x-route-guard.js

@@ -0,0 +1,15 @@
+async function xRouteGuard () {
+  return {
+    common: {
+      widget: {
+        siteIds: {
+          attr: {
+            refUrl: 'waibuAdmin:/{prefix}/site/details?id={id}'
+          }
+        }
+      }
+    }
+  }
+}
+
+export default xRouteGuard

package/extend/waibuMpa/extend/waibuAdmin/route/attrib-guard/@action.js

@@ -0,0 +1,11 @@
+const action = {
+  method: ['GET', 'POST'],
+  title: 'attribGuard',
+  handler: async function (req, reply) {
+    const { importModule } = this.app.bajo
+    const crudSkel = await importModule('waibuAdmin:/lib/crud-skel.js')
+    return await crudSkel.call(this, 'SumbaAttribGuard', req, reply)
+  }
+}
+
+export default action

package/extend/waibuMpa/extend/waibuAdmin/route/model-guard/@action.js

@@ -0,0 +1,11 @@
+const action = {
+  method: ['GET', 'POST'],
+  title: 'modelGuard',
+  handler: async function (req, reply) {
+    const { importModule } = this.app.bajo
+    const crudSkel = await importModule('waibuAdmin:/lib/crud-skel.js')
+    return await crudSkel.call(this, 'SumbaModelGuard', req, reply)
+  }
+}
+
+export default action

package/extend/waibuMpa/extend/waibuAdmin/route/reset-user-password.js

@@ -4,13 +4,14 @@ const resetUserPassword = {
   handler: async function (req, reply) {
     const { importPkg } = this.app.bajo
     const { defaultsDeep } = this.app.lib.aneka
+    const { passwordRule } = this.app.sumba
     const Joi = await importPkg('dobo:joi')
     const model = this.app.dobo.getModel('SumbaUser')
     const form = defaultsDeep(req.body, { username: req.query.username })
     let error
     if (req.method === 'POST') {
       try {
-        const password = await this.passwordRule(req)
+        const password = await passwordRule(req)
         const schema = Joi.object({
           username: Joi.string().max(50).required(),
           password,

package/extend/waibuMpa/extend/waibuAdmin/route/x/attrib-guard/@action.js

@@ -0,0 +1,12 @@
+const action = {
+  method: ['GET', 'POST'],
+  title: 'xAttribGuard',
+  xSite: true,
+  handler: async function (req, reply) {
+    const { importModule } = this.app.bajo
+    const crudSkel = await importModule('waibuAdmin:/lib/crud-skel.js')
+    return await crudSkel.call(this, 'SumbaXAttribGuard', req, reply)
+  }
+}
+
+export default action

package/extend/waibuMpa/extend/waibuAdmin/route/{cache → x/cache}/@action.js

@@ -1,7 +1,7 @@
 const action = {
   method: ['GET', 'POST'],
   title: 'cacheStorage',
-  interSite: true,
+  xSite: true,
   handler: async function (req, reply) {
     if (!this.app.bajoCache) throw this.error('_notFound')
     const { importModule } = this.app.bajo

package/extend/waibuMpa/extend/waibuAdmin/route/x/model-guard/@action.js

@@ -0,0 +1,12 @@
+const action = {
+  method: ['GET', 'POST'],
+  title: 'xModelGuard',
+  xSite: true,
+  handler: async function (req, reply) {
+    const { importModule } = this.app.bajo
+    const crudSkel = await importModule('waibuAdmin:/lib/crud-skel.js')
+    return await crudSkel.call(this, 'SumbaXModelGuard', req, reply)
+  }
+}
+
+export default action

package/extend/waibuMpa/extend/waibuAdmin/route/x/route-guard/@action.js

@@ -0,0 +1,12 @@
+const action = {
+  method: ['GET', 'POST'],
+  title: 'xRouteGuard',
+  xSite: true,
+  handler: async function (req, reply) {
+    const { importModule } = this.app.bajo
+    const crudSkel = await importModule('waibuAdmin:/lib/crud-skel.js')
+    return await crudSkel.call(this, 'SumbaXRouteGuard', req, reply)
+  }
+}
+
+export default action

package/extend/waibuMpa/extend/waibuAdmin/route/{session → x/session}/@action.js

@@ -1,7 +1,7 @@
 const action = {
   method: ['GET', 'POST'],
   title: 'userSession',
-  interSite: true,
+  xSite: true,
   handler: async function (req, reply) {
     const { importModule } = this.app.bajo
     const crudSkel = await importModule('waibuAdmin:/lib/crud-skel.js')

package/extend/waibuMpa/extend/waibuAdmin/route/{all-sites → x/site}/@action.js

@@ -1,7 +1,7 @@
 const action = {
   method: ['GET', 'POST'],
   title: 'manageAllSite',
-  interSite: true,
+  xSite: true,
   handler: async function (req, reply) {
     const { importModule } = this.app.bajo
     const crudSkel = await importModule('waibuAdmin:/lib/crud-skel.js')

package/index.js

@@ -20,7 +20,7 @@ const defMultiSite = {
 async function factory (pkgName) {
   const me = this
   const { getModel } = this.app.dobo
-  const { cloneDeep } = this.app.lib._
+  const { cloneDeep, uniq, isEmpty } = this.app.lib._
 
   /**
    * Sumba class
@@ -32,11 +32,14 @@ async function factory (pkgName) {
       super(pkgName, me.app)
       this.config = {
         multiSite: cloneDeep(defMultiSite),
-        interSiteAdmins: [],
+        crossSiteAdmins: [], // format: "<siteAlias>:<username>"
         waibu: {
           title: 'site',
           prefix: 'site'
         },
+        dobo: {
+          model: {}
+        },
         waibuMpa: {
           home: 'sumba:/your-stuff/profile',
           icon: 'globe',
@@ -152,8 +155,10 @@ async function factory (pkgName) {
           getUserByTokenDur: '1m'
         }
       }
-      this.userGuards = []
-      this.teamGuards = []
+      this.routeGuards = { local: [], global: [] }
+      this.modelGuards = { local: [], global: [] }
+      this.attribGuards = { local: [], global: [] }
+
       this.unsafeUserFields = ['password']
       this.selfBind(['createNewSite', 'removeSite', 'getSite', 'getUserById', 'getUserByToken', 'getUserByUsernamePassword'])
     }
@@ -170,10 +175,10 @@ async function factory (pkgName) {
 
     start = async () => {
       const { getModel } = this.app.dobo
-      if (this.config.interSiteAdmins.length === 0) {
+      if (this.config.crossSiteAdmins.length === 0) {
         const site = await getModel('SumbaSite').findOneRecord({ query: { alias: 'default' } }, { noMagic: true })
         const user = await getModel('SumbaUser').findOneRecord({ query: { username: 'admin', siteId: site.id } }, { noMagic: true })
-        this.config.interSiteAdmins.push(user.id)
+        this.config.crossSiteAdmins.push(`${site.alias}:${user.username}`)
       }
     }
 
@@ -204,50 +209,60 @@ async function factory (pkgName) {
       if (!this.app.waibuAdmin) return
       const { getPluginPrefix } = this.app.waibu
       const prefix = getPluginPrefix(this.ns)
+      const params = { action: 'list' }
       const items = [{
+        title: 'xSite',
+        children: [
+          { title: 'allSites', href: `waibuAdmin:/${prefix}/x/site/:action`, params },
+          { title: 'xRouteGuard', href: `waibuAdmin:/${prefix}/x/route-guard/:action`, params },
+          { title: 'xModelGuard', href: `waibuAdmin:/${prefix}/x/model-guard/:action`, params },
+          { title: 'xAttribGuard', href: `waibuAdmin:/${prefix}/x/attrib-guard/:action`, params },
+          { title: 'userSession', href: `waibuAdmin:/${prefix}/x/session/:action`, params }
+        ]
+      }, {
         title: 'manageSite',
         children: [
           { title: 'siteProfile', href: `waibuAdmin:/${prefix}/site` },
-          { title: 'siteSetting', href: `waibuAdmin:/${prefix}/site-setting/list` },
-          { title: 'allSites', href: `waibuAdmin:/${prefix}/all-sites/list` }
+          { title: 'siteSetting', href: `waibuAdmin:/${prefix}/site-setting/:action`, params }
         ]
       }, {
         title: 'manageUser',
         children: [
-          { title: 'userProfile', href: `waibuAdmin:/${prefix}/user/list` },
-          { title: 'userSetting', href: `waibuAdmin:/${prefix}/user-setting/list` },
+          { title: 'userProfile', href: `waibuAdmin:/${prefix}/user/:action`, params },
+          { title: 'userSetting', href: `waibuAdmin:/${prefix}/user-setting/:action`, params },
           { title: 'resetUserPassword', href: `waibuAdmin:/${prefix}/reset-user-password` }
         ]
       }, {
         title: 'manageTeam',
         children: [
-          { title: 'teamProfile', href: `waibuAdmin:/${prefix}/team/list` },
-          { title: 'teamUser', href: `waibuAdmin:/${prefix}/team-user/list` },
-          { title: 'teamSetting', href: `waibuAdmin:/${prefix}/team-setting/list` }
+          { title: 'teamProfile', href: `waibuAdmin:/${prefix}/team/:action`, params },
+          { title: 'teamUser', href: `waibuAdmin:/${prefix}/team-user/:action`, params },
+          { title: 'teamSetting', href: `waibuAdmin:/${prefix}/team-setting/:action`, params }
         ]
       }, {
         title: 'permission',
         children: [
-          { title: 'routeGuard', href: `waibuAdmin:/${prefix}/route-guard/list` }
+          { title: 'routeGuard', href: `waibuAdmin:/${prefix}/route-guard/:action`, params },
+          { title: 'modelGuard', href: `waibuAdmin:/${prefix}/model-guard/:action`, params },
+          { title: 'attribGuard', href: `waibuAdmin:/${prefix}/attrib-guard/:action`, params }
         ]
       }, {
         title: 'supportSystem',
         children: [
-          { title: 'contactForm', href: `waibuAdmin:/${prefix}/contact-form/list` },
-          { title: 'contactFormCat', href: `waibuAdmin:/${prefix}/contact-form-cat/list` },
-          { title: 'ticket', href: `waibuAdmin:/${prefix}/ticket/list` },
-          { title: 'ticketCat', href: `waibuAdmin:/${prefix}/ticket-cat/list` }
+          { title: 'contactForm', href: `waibuAdmin:/${prefix}/contact-form/:action`, params },
+          { title: 'contactFormCat', href: `waibuAdmin:/${prefix}/contact-form-cat/:action`, params },
+          { title: 'ticket', href: `waibuAdmin:/${prefix}/ticket/:action`, params },
+          { title: 'ticketCat', href: `waibuAdmin:/${prefix}/ticket-cat/:action`, params }
         ]
       }, {
         title: 'misc',
         children: [
-          { title: 'manageDownload', href: `waibuAdmin:/${prefix}/download/list` },
-          { title: 'userSession', href: `waibuAdmin:/${prefix}/session/list` }
+          { title: 'manageDownload', href: `waibuAdmin:/${prefix}/download/:action`, params }
         ]
       }]
       if (this.app.bajoCache) {
-        const item = items.find(i => i.title === 'misc')
-        if (item) item.children.push({ title: 'cacheStorage', href: `waibuAdmin:/${prefix}/cache/list` })
+        const item = items.find(i => i.title === 'xSite')
+        item.children.push({ title: 'cacheStorage', href: `waibuAdmin:/${prefix}/x/cache/:action`, params })
       }
       return items
     }
@@ -272,13 +287,14 @@ async function factory (pkgName) {
 
     verifySession = async (req, reply, source, payload) => {
       const { routePath } = this.app.waibu
+      const { query, params } = req
 
       if (!req.session) return false
       if (req.session.userId) {
         req.user = await this.getUserById(req.session.userId, req)
         return true
       }
-      const redir = routePath(this.config.redirect.signin, req)
+      const redir = routePath(this.config.redirect.signin, { query, params })
       req.session.ref = req.url
       throw this.error('_redirect', { redirect: redir })
     }
@@ -361,7 +377,7 @@ async function factory (pkgName) {
       return true
     }
 
-    checkPathsByRoute = ({ paths = [], method = 'GET', teams = [], guards = [] }) => {
+    checkPathsByRoute = ({ paths = [], teamIds = [], guards = [] }) => {
       const { includes } = this.app.lib.aneka
       const { outmatch } = this.app.lib
 
@@ -369,10 +385,8 @@ async function factory (pkgName) {
         const matchPath = outmatch(item.path)
         for (const path of paths) {
           if (matchPath(path)) {
-            if (item.methods.includes(method)) {
-              if (teams.length === 0) return item
-              if (includes(teams, item.teams)) return item
-            }
+            if (includes(teamIds, item.teamIds)) return item
+            if (teamIds.length === 0) return item
           }
         }
       }
@@ -529,20 +543,85 @@ async function factory (pkgName) {
       return await hash(item, this.config.auth.common.apiKey.algo)
     }
 
-    getRouteGuards = async (reread) => {
+    _fetchGuards = async (type = 'Route') => {
       const { getModel } = this.app.dobo
+      const options = { noMagic: true, noCache: true, noDriverHook: true, dataOnly: true }
+      const filter = { query: { status: 'ACTIVE' } }
+      return {
+        global: await getModel(`SumbaX${type}Guard`).findAllRecord(filter, options),
+        local: await getModel(`Sumba${type}Guard`).findAllRecord(filter, options),
+        siteIds: (await getModel('SumbaSite').findAllRecord(filter.options)).map(item => item.id + '')
+      }
+    }
+
+    getRouteGuards = async (reread) => {
       const { routePath } = this.app.waibu
       const { map, orderBy } = this.app.lib._
+      const { isSet } = this.app.lib.aneka
       if (!reread) return this.routeGuards
-      const model = getModel('SumbaRouteGuard')
-      const results = await model.findAllRecord({ query: { status: 'ACTIVE' } }, { noMagic: true, dataOnly: true })
-      this.routeGuards = orderBy(map(results, item => {
-        item.path = routePath(item.path)
-        return item
-      }), ['weight', 'path'])
+
+      const result = await this._fetchGuards('Route')
+      for (const type of ['global', 'local']) {
+        result[type] = result[type].map(item => {
+          item.siteIds = item.siteIds ?? []
+          if (item.siteIds.length === 0) item.siteIds = [...result.siteIds]
+          if (item.siteId) item.siteIds = uniq([...item.siteIds, item.siteId].filter(i => isSet(i)).map(i => i + ''))
+          item.teamIds = (item.teamIds ?? []).filter(i => isSet(i)).map(i => i + '')
+          item.methods = item.methods ?? []
+          delete item.siteId
+          return item
+        })
+        this.routeGuards[type] = orderBy(map(result[type], item => {
+          item.path = routePath(item.path)
+          return item
+        }), ['weight', 'path'], ['desc', 'asc'])
+      }
       return this.routeGuards
     }
 
+    getModelGuards = async (reread) => {
+      const { isSet } = this.app.lib.aneka
+      if (!reread) return this.modelGuards
+
+      const result = await this._fetchGuards('Model')
+      for (const type of ['global', 'local']) {
+        this.modelGuards[type] = result[type].filter(item => (!isEmpty(item.value)) && (!isEmpty(item.models))).map(item => {
+          item.siteIds = item.siteIds ?? []
+          if (item.siteIds.length === 0) item.siteIds = [...result.siteIds]
+          if (item.siteId) item.siteIds = uniq([...item.siteIds, item.siteId].filter(i => isSet(i)).map(i => i + ''))
+          item.teamIds = (item.teamIds ?? []).filter(i => isSet(i)).map(i => i + '')
+          delete item.siteId
+          return item
+        })
+      }
+      return this.modelGuards
+    }
+
+    getAttribGuards = async (reread) => {
+      const { isSet } = this.app.lib.aneka
+      if (!reread) return this.attribGuards
+
+      const result = await this._fetchGuards('Attrib')
+      for (const type of ['global', 'local']) {
+        this.attribGuards[type] = result[type].map(item => {
+          item.siteIds = item.siteIds ?? []
+          if (item.siteIds.length === 0) item.siteIds = [...result.siteIds]
+          if (item.siteId) item.siteIds = uniq([...item.siteIds, item.siteId].filter(i => isSet(i)).map(i => i + ''))
+          item.teamIds = (item.teamIds ?? []).filter(i => isSet(i)).map(i => i + '')
+          item.models = item.models ?? []
+          item.hiddenCols = item.hiddenCols ?? []
+          delete item.siteId
+          return item
+        })
+      }
+      return this.attribGuards
+    }
+
+    getModelNames = (asValue) => {
+      const values = this.app.dobo.models.map(item => item.name).sort()
+      return asValue ? values.map(item => ({ value: item, text: item })) : values
+    }
+
     createNewSite = createNewSite
     removeSite = removeSite
     getSite = getSite

package/lib/get-user.js

@@ -1,9 +1,8 @@
 import { parseNsSettings } from './util.js'
 
-export async function mergeTeam (user) {
+export async function mergeTeam (user, req) {
   const { map, pick } = this.app.lib._
   const { getModel } = this.app.dobo
-  user.interSiteAdmin = this.config.interSiteAdmins.includes(user.id)
   user.teams = []
   const query = { userId: user.id, siteId: user.siteId }
   let mdl = getModel('SumbaTeamUser')
@@ -31,6 +30,8 @@ export async function mergeTeam (user) {
       user.teams.push(item)
     }
   }
+  user.isXSiteAdmin = this.config.crossSiteAdmins.includes(`${req.site.alias}:${user.username}`)
+  user.isAdmin = user.teams.some(t => t.alias === 'administrator')
   for (const field of this.unsafeUserFields) {
     delete user[field]
   }
@@ -45,9 +46,9 @@ export async function getUserById (id, req) {
     user = await getCache({ key })
     if (user) return JSON.parse(user)
   }
-  user = await getModel('SumbaUser').getRecord(id, { noHook: true, throwNotFound: false, req })
+  user = await getModel('SumbaUser').getRecord(id, { noHook: true, noDriverHook: true, throwNotFound: false, req })
   if (!user) return
-  await mergeTeam.call(this, user)
+  await mergeTeam.call(this, user, req)
   if (setCache) {
     await setCache({ key, value: JSON.stringify(user), ttl: this.config.cacheTtl.getUserByIdDur })
   }
@@ -63,9 +64,9 @@ export async function getUserByToken (token, req) {
     user = await getCache({ key })
     if (user) return JSON.parse(user)
   }
-  user = await getModel('SumbaUser').findOneRecord({ query: { token } }, { noHook: true, throwNotFound: false, req })
+  user = await getModel('SumbaUser').findOneRecord({ query: { token } }, { noHook: true, noDriverHook: true, throwNotFound: false, req })
   if (!user) return
-  await mergeTeam.call(this, user)
+  await mergeTeam.call(this, user, req)
   if (setCache) {
     await setCache({ key, value: JSON.stringify(user), ttl: this.config.cacheTtl.getUserByTokenDur })
   }
@@ -80,11 +81,11 @@ export async function getUserByUsernamePassword (username = '', password = '', r
   const bcrypt = await importPkg('bajoExtra:bcrypt')
 
   const query = { username, provider: 'local', siteId: req.site.id }
-  const user = await model.findOneRecord({ query }, { req, forceNoHidden: true, noHook: true })
+  const user = await model.findOneRecord({ query }, { req, forceNoHidden: true, noHook: true, noDriverHook: true })
   if (!user) throw this.error('validationError', { details: [{ field: 'username', error: 'Unknown username' }], statusCode: 401 })
   if (user.status !== 'ACTIVE') throw this.error('validationError', { details: ['User is inactive or temporarily disabled'], statusCode: 401 })
   const verified = await bcrypt.compare(password, user.password)
   if (!verified) throw this.error('validationError', { details: [{ field: 'password', error: 'invalidPassword' }], statusCode: 401 })
-  await mergeTeam.call(this, user)
+  await mergeTeam.call(this, user, req)
   return user
 }