feat(component-user): fix token issue and allow user to authenticate himself

470e60cf · Alexandru Munteanu · 64412045 · 470e60cf · 470e60cf · 470e60cf
Commit 470e60cf authored 6 years ago by Alexandru Munteanu
--- a/packages/component-user/app/components/AdminUserForm.js
+++ b/packages/component-user/app/components/AdminUserForm.js
@@ -27,6 +27,7 @@ import {
 } from 'pubsweet-component-faraday-ui'

 const FormModal = ({
+  edit,
  roles,
  title,
  titles,
@@ -39,10 +40,16 @@ const FormModal = ({
  initialValues,
  confirmText = 'OK',
  cancelText = 'Cancel',
+  user,
 }) => (
  <Root>
    <IconButton icon="x" onClick={onClose} right={5} secondary top={5} />
    <H2>{title}</H2>
+    {edit && (
+      <Text mb={1} secondary>
+        {get(user, 'email', '')}
+      </Text>
+    )}
    <Formik
      initialValues={initialValues}
      onSubmit={onSubmit}
@@ -53,30 +60,28 @@ const FormModal = ({
          errors.email = 'Required'
        }

-        if (get(values, 'affiliation', '') === '') {
-          errors.affiliation = 'Required'
-        }
-
        return errors
      }}
    >
      {({ handleSubmit, ...rest }) => (
        <Fragment>
-          <Row alignItems="baseline" mb={1} mt={1}>
-            <ItemOverrideAlert mr={1} vertical>
-              <Label required>Email</Label>
-              <ValidatedFieldFormik
-                component={TextField}
-                inline
-                name="email"
-                validate={[required]}
-              />
-            </ItemOverrideAlert>
-            <ItemOverrideAlert ml={1} vertical>
-              <Label required>Role</Label>
-              <ValidatedMenuField name="role" options={roles} />
-            </ItemOverrideAlert>
-          </Row>
+          {!edit && (
+            <Row alignItems="baseline" mb={1} mt={1}>
+              <ItemOverrideAlert mr={1} vertical>
+                <Label required>Email</Label>
+                <ValidatedFieldFormik
+                  component={TextField}
+                  inline
+                  name="email"
+                  validate={[required]}
+                />
+              </ItemOverrideAlert>
+              <ItemOverrideAlert ml={1} vertical>
+                <Label required>Role</Label>
+                <ValidatedMenuField name="role" options={roles} />
+              </ItemOverrideAlert>
+            </Row>
+          )}

          <Row mb={2}>
            <Item mr={1} vertical>
@@ -109,8 +114,14 @@ const FormModal = ({
          </RowOverrideAlert>

          <Row mb={3}>
-            <Item vertical>
-              <Label required>Affiliation</Label>
+            {edit && (
+              <ItemOverrideAlert mr={1} vertical>
+                <Label required>Role</Label>
+                <ValidatedMenuField name="role" options={roles} />
+              </ItemOverrideAlert>
+            )}
+            <Item ml={edit && 1} vertical>
+              <Label>Affiliation</Label>
              <ValidatedFieldFormik
                component={TextField}
                inline

--- a/packages/component-user/server/user.js
+++ b/packages/component-user/server/user.js
@@ -26,7 +26,7 @@ module.exports = {
        },
      },
      accessTokens: {
-        confirmation: chance.hash(),
+        passwordReset: chance.hash(),
        unsubscribe: chance.hash(),
      },
    }

--- a/packages/xpub-faraday/config/authsome-mode.js
+++ b/packages/xpub-faraday/config/authsome-mode.js
@@ -206,6 +206,14 @@ async function applyAuthenticatedUserPolicy(user, operation, object, context) {
    ) {
      return helpers.isOwner({ user, object: object.fragment })
    }
+
+    // allow user to authenticate itself
+    if (
+      get(object, 'type') === 'user' &&
+      get(object, 'id') === get(user, 'id')
+    ) {
+      return true
+    }
  }

  if (operation === 'PATCH') {