From 470e60cfea6ac6a8b3762d22a349e1fd68807b24 Mon Sep 17 00:00:00 2001
From: malexsan <alexandru.munt@gmail.com>
Date: Thu, 13 Dec 2018 17:28:30 +0200
Subject: [PATCH] feat(component-user): fix token issue and allow user to
authenticate himself
---
.../app/components/AdminUserForm.js | 53 +++++++++++--------
packages/component-user/server/user.js | 2 +-
packages/xpub-faraday/config/authsome-mode.js | 8 +++
3 files changed, 41 insertions(+), 22 deletions(-)
diff --git a/packages/component-user/app/components/AdminUserForm.js b/packages/component-user/app/components/AdminUserForm.js
index 6b29d7dc0..272798dba 100644
--- a/packages/component-user/app/components/AdminUserForm.js
+++ b/packages/component-user/app/components/AdminUserForm.js
@@ -27,6 +27,7 @@ import {
} from 'pubsweet-component-faraday-ui'
const FormModal = ({
+ edit,
roles,
title,
titles,
@@ -39,10 +40,16 @@ const FormModal = ({
initialValues,
confirmText = 'OK',
cancelText = 'Cancel',
+ user,
}) => (
<Root>
<IconButton icon="x" onClick={onClose} right={5} secondary top={5} />
<H2>{title}</H2>
+ {edit && (
+ <Text mb={1} secondary>
+ {get(user, 'email', '')}
+ </Text>
+ )}
<Formik
initialValues={initialValues}
onSubmit={onSubmit}
@@ -53,30 +60,28 @@ const FormModal = ({
errors.email = 'Required'
}
- if (get(values, 'affiliation', '') === '') {
- errors.affiliation = 'Required'
- }
-
return errors
}}
>
{({ handleSubmit, ...rest }) => (
<Fragment>
- <Row alignItems="baseline" mb={1} mt={1}>
- <ItemOverrideAlert mr={1} vertical>
- <Label required>Email</Label>
- <ValidatedFieldFormik
- component={TextField}
- inline
- name="email"
- validate={[required]}
- />
- </ItemOverrideAlert>
- <ItemOverrideAlert ml={1} vertical>
- <Label required>Role</Label>
- <ValidatedMenuField name="role" options={roles} />
- </ItemOverrideAlert>
- </Row>
+ {!edit && (
+ <Row alignItems="baseline" mb={1} mt={1}>
+ <ItemOverrideAlert mr={1} vertical>
+ <Label required>Email</Label>
+ <ValidatedFieldFormik
+ component={TextField}
+ inline
+ name="email"
+ validate={[required]}
+ />
+ </ItemOverrideAlert>
+ <ItemOverrideAlert ml={1} vertical>
+ <Label required>Role</Label>
+ <ValidatedMenuField name="role" options={roles} />
+ </ItemOverrideAlert>
+ </Row>
+ )}
<Row mb={2}>
<Item mr={1} vertical>
@@ -109,8 +114,14 @@ const FormModal = ({
</RowOverrideAlert>
<Row mb={3}>
- <Item vertical>
- <Label required>Affiliation</Label>
+ {edit && (
+ <ItemOverrideAlert mr={1} vertical>
+ <Label required>Role</Label>
+ <ValidatedMenuField name="role" options={roles} />
+ </ItemOverrideAlert>
+ )}
+ <Item ml={edit && 1} vertical>
+ <Label>Affiliation</Label>
<ValidatedFieldFormik
component={TextField}
inline
diff --git a/packages/component-user/server/user.js b/packages/component-user/server/user.js
index 1ad3234a4..83e107959 100644
--- a/packages/component-user/server/user.js
+++ b/packages/component-user/server/user.js
@@ -26,7 +26,7 @@ module.exports = {
},
},
accessTokens: {
- confirmation: chance.hash(),
+ passwordReset: chance.hash(),
unsubscribe: chance.hash(),
},
}
diff --git a/packages/xpub-faraday/config/authsome-mode.js b/packages/xpub-faraday/config/authsome-mode.js
index df9ecde41..27a22b8b8 100644
--- a/packages/xpub-faraday/config/authsome-mode.js
+++ b/packages/xpub-faraday/config/authsome-mode.js
@@ -206,6 +206,14 @@ async function applyAuthenticatedUserPolicy(user, operation, object, context) {
) {
return helpers.isOwner({ user, object: object.fragment })
}
+
+ // allow user to authenticate itself
+ if (
+ get(object, 'type') === 'user' &&
+ get(object, 'id') === get(user, 'id')
+ ) {
+ return true
+ }
}
if (operation === 'PATCH') {
--
GitLab