diff --git a/core/passport.js b/core/passport.js index 97c7daa..4d35633 100644 --- a/core/passport.js +++ b/core/passport.js @@ -111,13 +111,18 @@ passport.use('jwt', new CustomStrategy(async (req, done) => { //recuperamos el usuario de la petición console.log(result); let user = await authService.extraMethods.findUser({ id: result.id }); - if (user){ + if (user) { + console.log('Usuario válido'); return done(null, user, { message: 'Logged in Successfully' }); } - else + else { + console.log('Usuario no econtrado'); return done(null, false, { message: 'Unauthorized. User not found.' }); + } + } else { + console.log('Token no válido'); return done(null, false, { message: 'Unauthorized. Invalid token.' }); } diff --git a/middlewares/accessValidator.js b/middlewares/accessValidator.js index e1b28d6..07f5039 100644 --- a/middlewares/accessValidator.js +++ b/middlewares/accessValidator.js @@ -10,10 +10,10 @@ const isLoggedUser = passport.authenticate('jwt', { session: false }); const isAdministratorUser = compose([isLoggedUser, (req, res, next) => { const user = req.user; - if (user.role >= 8) { + if (user.level >= 8) { next(); } else { - return res.status(httpStatus.UNAUTHORIZED).send('UNAUTHORIZED'); + return res.status(httpStatus.UNAUTHORIZED).send('Unauthorized'); } } ]); diff --git a/modules/auth/user.model.js b/modules/auth/user.model.js index 7fa5790..39c164d 100644 --- a/modules/auth/user.model.js +++ b/modules/auth/user.model.js @@ -48,6 +48,10 @@ module.exports = function (sequelize, DataTypes) { type: DataTypes.STRING, defaultValue: 'active', }, + level: { + type: DataTypes.INTEGER, + defaultValue: 1, + }, lastlogin: { type: DataTypes.DATE, defaultValue: null, @@ -61,7 +65,8 @@ module.exports = function (sequelize, DataTypes) { User.associate = function (models) { User.Roles = User.belongsToMany(models.Rol, { through: models.UserRoles, - foreignKey: 'userId' + foreignKey: 'userId', + as: 'roles' }); User.Entity = User.belongsTo(models.Entity, { foreignKey: 'entityId' }); User.EventsCreates = User.hasMany(models.Event, { foreignKey: 'userId' }); diff --git a/modules/speakers/speaker.model.js b/modules/speakers/speaker.model.js index 7a6df44..951eaf0 100644 --- a/modules/speakers/speaker.model.js +++ b/modules/speakers/speaker.model.js @@ -53,14 +53,10 @@ module.exports = function (sequelize, DataTypes) { timestamps: true, defaultScope: { - where: { - state: 'publish' - }, - include: [ - { + include: [{ model: sequelize.models.SpeakerType, as: 'type' - }, + }, /* { model: sequelize.models.Value, as: 'values', @@ -98,6 +94,13 @@ module.exports = function (sequelize, DataTypes) { }; + Speaker.addScope('onlyPublished', { + where: { + state: 'publish' + }, + }); + + Speaker.addScope('featured', { order: [ ['updatedAt', 'DESC'] diff --git a/modules/speakers/speaker.routes.js b/modules/speakers/speaker.routes.js index 0bb2935..17dac95 100644 --- a/modules/speakers/speaker.routes.js +++ b/modules/speakers/speaker.routes.js @@ -16,14 +16,14 @@ const generalInvalidFields = [ // Todos los ponentes routes.get('/speakers', - //isLoggedUser, + isLoggedUser, FieldMiddleware.middleware({ invalidFields: generalInvalidFields }), PaginateMiddleware.middleware(), SortMiddleware.middleware({ default: "name" }), speakerController.find({ - scopes: ['defaultScope', 'includeValues', 'includeMultimedias'], + scopes: ['defaultScope', 'onlyPublished', 'includeValues', 'includeMultimedias'], }) ); @@ -32,11 +32,11 @@ routes.get('/speakers/featured', isLoggedUser, FieldMiddleware.middleware({ invalidFields: generalInvalidFields - }), + }), PaginateMiddleware.middleware(), //SortMiddleware.middleware({ default: "name" }), speakerController.find({ - scopes: ['defaultScope', 'includeValues', 'featured', 'includeMultimedias'], + scopes: ['defaultScope', 'onlyPublished', 'includeValues', 'featured', 'includeMultimedias'], }) ); @@ -49,7 +49,7 @@ routes.get('/speakers/last', PaginateMiddleware.middleware(), SortMiddleware.middleware({ default: "-createdAt" }), speakerController.find({ - scopes: ['defaultScope', 'last', 'includeMultimedias'], + scopes: ['defaultScope', 'onlyPublished', 'last', 'includeMultimedias'], }) ); @@ -60,10 +60,11 @@ routes.get('/speakers/:id', invalidFields: generalInvalidFields }), speakerController.findOne({ - scopes: ['defaultScope', 'includeValues', 'includeMultimedias', 'includeComments'], + scopes: ['defaultScope', 'onlyPublished', 'includeValues', 'includeMultimedias', 'includeComments'], }) ); + // Dar ponentes similares a uno dado routes.get('/speakers/:id/similar', isLoggedUser, @@ -88,6 +89,80 @@ routes.get('/speakers/:id/:association', +/********************************************************************************************************* + * ADMINISTRACIÓN + ********************************************************************************************************* + */ + +// Todos los ponentes +routes.get('/admin/speakers', + isAdministratorUser, + speakerController.find({ + scopes: ['defaultScope', 'includeValues', 'includeMultimedias'], + }) +); + +// Un ponente +routes.get('/admin/speakers/:id', + isAdministratorUser, + speakerController.findOne({ + scopes: ['defaultScope', 'includeValues', 'includeMultimedias'] + }) +); + +// Comentarios de un ponente +routes.get('/admin/speakers/:id/comments', + isAdministratorUser, + (req, res, next) => { + req.params.association = 'comments'; + next(); + }, + speakerController.find() +); + +/*routes.get('/speakers/:id/values', + isAdministratorUser, + (req, res, next) => { + req.params.association = 'values'; + next(); + }, + speakerController.find() +); + +routes.get('/speakers/:id/questions', + isAdministratorUser, + (req, res, next) => { + req.params.association = 'questions'; + next(); + }, + speakerController.find() +);*/ + + + +// Nuevo ponente +routes.post('/speakers/:id', + isAdministratorUser, + speakerController.create() +); + + // Modificar ponente +routes.put('/speakers/:id', + isAdministratorUser, + speakerController.update() +); + +// Borrar ponente +routes.delete('/speakers/:id', + isAdministratorUser, + speakerController.delete() +); + + + + + + module.exports = routes; \ No newline at end of file