UNPKG

flexbiz-server

Version:

Flexible Server

51 lines (50 loc) 23.3 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
'use strict';const right=global.getModel("right"),App=global.getModel("app"),Participant=global.getModel("participant"),UserGroup=global.getModel("usergroup"),underscore=require("underscore"),moment=require("moment"),trangthai=global.getModel("trangthai"),async=require("async"),_=require("lodash"),not_need_right_models="parameter rpt label labelinfo templaterpt templatestore templatevoucher listinfo reportinfo shortcut rptobject rptform forminfo importexceltemplate options".split(" "); exports.dsChildrenGroups=async($id_app$$,$group_id$$)=>{let $childrenGroups$$=(await UserGroup.find({group_mother:$group_id$$,id_app:$id_app$$},{_id:1}).lean()).map($g$$=>$g$$._id.toString());0<$childrenGroups$$.length&&await Promise.all($childrenGroups$$.map($c$$=>(async()=>{let $gs$$=await exports.dsChildrenGroups($id_app$$,$c$$);$childrenGroups$$.push(...$gs$$)})()));return $childrenGroups$$}; exports.dsDangPhuTrach=async($id_app$$,$ds_phu_trach_email$$)=>{if(!$id_app$$)return[];let $key_cache$$=`userdangphutrach::${$id_app$$}::${$ds_phu_trach_email$$}`,$time_cache$$="public"===$ds_phu_trach_email$$?10080:1;if(global.cacheDatas[$key_cache$$]&&moment().diff(moment(global.cacheDatas[$key_cache$$].time),"minutes")<$time_cache$$)return global.cacheDatas[$key_cache$$].data;let $groups$$=(await UserGroup.find({ds_phu_trach:$ds_phu_trach_email$$,id_app:$id_app$$},{_id:1}).lean()).map($g$$=>$g$$._id.toString()); await Promise.all([...$groups$$].map($group_id$$=>(async()=>{let $childrenGroups$$=await exports.dsChildrenGroups($id_app$$,$group_id$$);$groups$$.push(...$childrenGroups$$)})()));$groups$$=[...(new Set($groups$$))];$ds_phu_trach_email$$=(await Participant.find({id_app:$id_app$$,group_id:{$in:$groups$$}},{email:1}).lean()).map($p$$=>$p$$.email);global.cacheDatas[$key_cache$$]={time:new Date,data:_.cloneDeep($ds_phu_trach_email$$)};return $ds_phu_trach_email$$}; exports.dsKhDangPhuTrach=async($data_id_app$$,$phu_trach$$)=>{if(!$data_id_app$$)return[];let $key_cache$$=`khdangphutrach::${$data_id_app$$}::${"object"==typeof $phu_trach$$?JSON.stringify($phu_trach$$):$phu_trach$$}`;if(global.cacheDatas[$key_cache$$]&&1>moment().diff(moment(global.cacheDatas[$key_cache$$].time),"minutes"))return console.log("lay danh sach khach hang dang phu trach tu cache",$key_cache$$),global.cacheDatas[$key_cache$$].data;$data_id_app$$=(await global.getModel("customer").find({id_app:$data_id_app$$, phu_trach:$phu_trach$$},{ma_kh:1}).lean()).map($p$$=>$p$$.ma_kh);global.cacheDatas[$key_cache$$]={time:new Date,data:_.cloneDeep($data_id_app$$)};return $data_id_app$$}; exports.isAdmin=function($current_id_app$$,$email$$,$callback$$){if(!$current_id_app$$)return $callback$$(null,!0);App.findOne({_id:$current_id_app$$}).lean().exec(async($error$$,$app$$)=>{if($error$$)return $callback$$($error$$,!1);if(!$app$$)return $callback$$({error:"ID app: "+$current_id_app$$+" kh\u00f4ng t\u1ed3n t\u1ea1i",code:-7},!1);if("9"==$app$$.trang_thai)return $callback$$({error:"C\u00f4ng ty n\u00e0y \u0111\u00e3 ng\u1eebng s\u1eed d\u1ee5ng",code:-9},!1);if(global.configs.check_expire_date&& $app$$.expire_date&&(new Date($app$$.expire_date)).getTime()<(new Date).getTime())return $callback$$({error:"C\u00f4ng ty n\u00e0y \u0111\u00e3 h\u1ebft h\u1ea1n s\u1eed d\u1ee5ng",code:-8},!1);$error$$=await Participant.findOne({id_app:$current_id_app$$,email:$email$$}).lean();if(!$error$$)return $callback$$({error:"B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n truy c\u1eadp c\u00f4ng ty n\u00e0y",code:-2},!1);if(!$error$$.admin&&!$error$$.active&&"public"!==$email$$)return $callback$$({error:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e1c nh\u1eadn", code:-1},!1);$callback$$(null,$error$$.admin,$app$$,$error$$)})}; exports.hasRight=async function($current_id_app$$,$email$$,$module$$,$action$$,$callbackMain$$,$options$$={}){if(!$current_id_app$$||$options$$.notNeedRight)return $callbackMain$$(null,!0);const $model$$=global.controllers[$module$$]?global.controllers[$module$$].model:void 0;if($model$$&&$model$$.schema&&!underscore.has($model$$.schema.paths,"id_app"))return $callbackMain$$(null,!0);$options$$.data&&($options$$.data.trang_thai||0==$options$$.data.trang_thai)&&($options$$.data.trang_thai=$options$$.data.trang_thai.toString()); $options$$.obj&&($options$$.obj.trang_thai||0==$options$$.obj.trang_thai)&&($options$$.obj.trang_thai=$options$$.obj.trang_thai.toString());$action$$=($action$$||"").toLowerCase();var $data$$=$options$$.data||$options$$.obj||{};const $ma_ct$$=$model$$&&underscore.has($model$$.schema.paths,"ma_ct")&&(($options$$.obj||{}).ma_ct||($options$$.data||{}).ma_ct||"").toString().toUpperCase();let $ma_trang_thai$$=($data$$.trang_thai||$data$$.progress||"").toString().toUpperCase();!$ma_trang_thai$$&&$options$$.obj&& ($ma_trang_thai$$=($options$$.obj.trang_thai||$options$$.obj.progress||"").toString().toUpperCase());if($ma_ct$$&&$ma_trang_thai$$)if($data$$=await trangthai.findOne({ma_trang_thai:$ma_trang_thai$$,ma_ct:$ma_ct$$}).lean()){if($data$$.not_need_right)return $callbackMain$$(null,!0)}else console.log("Khong tim thay trang thai cho chuc nang nay",{ma_ct:$ma_ct$$,ma_trang_thai:$ma_trang_thai$$,trang_thai:$data$$,action:$action$$});exports.isAdmin($current_id_app$$,$email$$,async($e_key_right_ms_q$$,$admin$$, $app$$,$participant$$)=>{if($e_key_right_ms_q$$)return $callbackMain$$($e_key_right_ms_q$$,!1);if($app$$&&$app$$.allow_modules&&0<$app$$.allow_modules.length&&($e_key_right_ms_q$$={"items.code":{$regex:"^"+$module$$+"$",$options:"i"},active_require:!0},$app$$.menu_code&&($e_key_right_ms_q$$.app=$app$$.menu_code),$e_key_right_ms_q$$=await global.getModel("moduleinfo").find($e_key_right_ms_q$$).lean(),0<$e_key_right_ms_q$$.length&&0==$e_key_right_ms_q$$.filter($m$$=>0<=$app$$.allow_modules.indexOf($m$$.code)&& (!$m$$.not_for_companies||0>$m$$.not_for_companies.indexOf($app$$._id.toString()))&&(!$m$$.only_for_companies||0<=$m$$.only_for_companies.indexOf($app$$._id.toString()))).length))return $callbackMain$$('API "'+$module$$+'" ch\u01b0a \u0111\u01b0\u1ee3c k\u00edch ho\u1ea1t cho c\u00f4ng ty n\u00e0y (trong module '+$e_key_right_ms_q$$[0].app+"/"+$e_key_right_ms_q$$[0].title+")",!1);if($options$$.data&&$options$$.data.id_app){if($options$$.data.id_app!=$current_id_app$$)return $callbackMain$$("B\u1ea1n kh\u00f4ng th\u1ec3 truy c\u1eadp \u0111\u1ed1i t\u01b0\u1ee3ng n\u00e0y", !1);if($options$$.obj&&$options$$.data.id_app!=$options$$.obj.id_app)return $callbackMain$$("B\u1ea1n kh\u00f4ng th\u1ec3 c\u1eadp nh\u1eadt \u0111\u1ed1i t\u01b0\u1ee3ng n\u00e0y",!1)}if($options$$.obj&&$options$$.obj.id_app&&$options$$.obj.id_app!=$current_id_app$$)return $callbackMain$$("B\u1ea1n kh\u00f4ng th\u1ec3 truy c\u1eadp \u0111\u1ed1i t\u01b0\u1ee3ng n\u00e0y",!1);if($options$$.notNeedRight)return $callbackMain$$(null,!0,$app$$);if($options$$.obj&&!$admin$$)if(2===$options$$.obj.visible_to){if(!underscore.contains($options$$.obj.visible_to_users, $email$$)&&$options$$.obj.of_user!==$email$$.toLowerCase()&&$options$$.obj.user_created&&$options$$.obj.user_created.toLowerCase()!==$email$$.toLowerCase())return $callbackMain$$("B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n truy c\u1eadp \u0111\u1ed1i t\u01b0\u1ee3ng n\u00e0y",!1)}else if(1===$options$$.obj.visible_to&&$options$$.obj.of_user!==$email$$.toLowerCase()&&$options$$.obj.user_created&&$options$$.obj.user_created.toLowerCase()!==$email$$.toLowerCase()&&$options$$.obj.phu_trach!=$email$$.toLowerCase()&& 0>($options$$.obj.attends||[]).indexOf($email$$)&&0>(await exports.dsDangPhuTrach($options$$.obj.id_app,$email$$.toLowerCase())).indexOf($options$$.obj.user_created))return $callbackMain$$("Ch\u1ec9 ng\u01b0\u1eddi t\u1ea1o, ph\u1ee5 tr\u00e1ch, h\u1ed7 tr\u1ee3 v\u00e0 admin m\u1edbi c\u00f3 quy\u1ec1n truy c\u1eadp \u0111\u1ed1i t\u01b0\u1ee3ng n\u00e0y",!1);$e_key_right_ms_q$$=$email$$;$participant$$&&$participant$$.group_id&&($e_key_right_ms_q$$=$participant$$.group_id.toLowerCase());right.findOne({id_app:$current_id_app$$, email:$e_key_right_ms_q$$,module:$module$$.toLowerCase()},async function($_right_trang_thai_controler_error$$,$_right_model$$){if($_right_trang_thai_controler_error$$)return $callbackMain$$($_right_trang_thai_controler_error$$,!1);if(!$admin$$){if(!$_right_model$$)return $_right_trang_thai_controler_error$$=global.controllers[$module$$.toUpperCase()],$_right_model$$=(($_right_trang_thai_controler_error$$||{}).model_name||$module$$).toLowerCase(),"customer"==$_right_model$$||0<=$_right_model$$.indexOf("socai")|| 0<=$_right_model$$.indexOf("sokho")||0<=$_right_model$$.indexOf("vatvao")||0<=$_right_model$$.indexOf("vatra")||0<=$_right_model$$.indexOf("tdttno")||0<=$_right_model$$.indexOf("tdttco")||$_right_trang_thai_controler_error$$&&($_right_trang_thai_controler_error$$.options||{}).isVoucher||"view"!==$action$$&&("add"!==$action$$||"group"!==$module$$.toLowerCase())?$callbackMain$$("B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n \u0111\u1ed1i v\u1edbi t\u00ednh n\u0103ng n\u00e0y",!1):($_right_trang_thai_controler_error$$= {"items.code":$module$$.toLowerCase()},$app$$&&$app$$.menu_code&&($_right_trang_thai_controler_error$$.app=$app$$.menu_code),await global.getModel("moduleinfo").findOne($_right_trang_thai_controler_error$$,{app:1}).lean()?$callbackMain$$("B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n \u0111\u1ed1i v\u1edbi t\u00ednh n\u0103ng n\u00e0y",!1):$callbackMain$$(null,!0,$app$$));if(!$_right_model$$[$action$$])return $callbackMain$$("B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n \u0111\u1ed1i v\u1edbi t\u00ednh n\u0103ng n\u00e0y", !1);if($options$$.obj&&$_right_model$$&&!$_right_model$$.viewOfOther&&$options$$.obj.user_created.toLowerCase()!==$email$$&&(2!==$options$$.obj.visible_to||!underscore.contains($options$$.obj.visible_to_users,$email$$))&&$options$$.obj.phu_trach!==$email$$&&0>($options$$.obj.attends||[]).indexOf($email$$)&&0>(await exports.dsDangPhuTrach($options$$.obj.id_app,$email$$.toLowerCase())).indexOf($options$$.obj.user_created))return $callbackMain$$("B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n truy c\u1eadp \u0111\u1ed1i t\u01b0\u1ee3ng n\u00e0y", !1);if($ma_trang_thai$$&&($_right_trang_thai_controler_error$$=$_right_model$$[`${$action$$}_trang_thai`])&&!$_right_trang_thai_controler_error$$[$ma_trang_thai$$]&&void 0!=$_right_trang_thai_controler_error$$[$ma_trang_thai$$])return $callbackMain$$("B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n \u0111\u1ed1i v\u1edbi tr\u1ea1ng th\u00e1i ch\u1ee9ng t\u1eeb n\u00e0y",!1)}$options$$.obj?async.series({trangthai:$callback$$=>{$options$$.obj&&("update"===$action$$||"delete"===$action$$)&&$model$$&&underscore.has($model$$.schema.paths, "ma_ct")&&$options$$.obj.ma_ct?trangthai.findOne({ma_ct:$options$$.obj.ma_ct.toUpperCase(),ma_trang_thai:$options$$.obj.trang_thai},function($e$$,$trang_thai$$){if($e$$)return $callback$$($e$$);if($trang_thai$$){if("update"===$action$$){if(0==$trang_thai$$.allow_update)return $callback$$("Tr\u1ea1ng th\u00e1i ch\u1ee9ng t\u1eeb n\u00e0y kh\u00f4ng cho ph\u00e9p s\u1eeda");if(1==$trang_thai$$.lock_data)return $callback$$("Tr\u1ea1ng th\u00e1i ch\u1ee9ng t\u1eeb n\u00e0y \u0111\u00e3 \u0111\u01b0\u1ee3c kho\u00e1")}if("delete"=== $action$$&&($trang_thai$$.lock_data||0==$trang_thai$$.allow_delete))return $callback$$("Tr\u1ea1ng th\u00e1i ch\u1ee9ng t\u1eeb n\u00e0y kh\u00f4ng cho ph\u00e9p xo\u00e1")}return $callback$$()}):$callback$$()}},$action_right_e$$=>{if($action_right_e$$)$callbackMain$$($action_right_e$$,!1);else{$action_right_e$$=`${$action$$}_right`;if(!$admin$$&&$options$$.obj&&$options$$.obj[$action_right_e$$]&&0<$options$$.obj[$action_right_e$$].length&&0>$options$$.obj[$action_right_e$$].indexOf($email$$.toLowerCase()))return $callbackMain$$("B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n \u0111\u1ed1i v\u1edbi t\u00ednh n\u0103ng n\u00e0y", !1);$callbackMain$$(null,!0,$app$$)}}):$callbackMain$$(null,!0,$app$$)})},$options$$)}; exports.getRightByItem=function($id_app$$,$model$$,$email$$,$next$$,$module$$,$options$$={}){$module$$||($module$$=$model$$&&$model$$.collection&&$model$$.collection.name&&1<$model$$.collection.name.length?$model$$.collection.name.substr(0,$model$$.collection.name.length-1).toLowerCase():"");let $key_cache$$=$module$$?`RightByItem::${$id_app$$}::${$email$$}::${$module$$}::${JSON.stringify($options$$)}`:"",$time_cache$$="public"===$email$$?10080:1;if($key_cache$$&&global.cacheDatas[$key_cache$$]&& moment().diff(moment(global.cacheDatas[$key_cache$$].time),"minutes")<$time_cache$$)return $next$$(null,global.cacheDatas[$key_cache$$].data,!1);exports.isAdmin($id_app$$,$email$$,async function($e$jscomp$3_key_right$$,$admin$$,$app$$,$participant$$){if($e$jscomp$3_key_right$$)return $next$$($e$jscomp$3_key_right$$);let $condition$$={};if($admin$$||$options$$.notNeedRight||!underscore.has($model$$.schema.paths,"id_app"))$next$$(null,$condition$$,$admin$$);else{let $allUsers$$,$selUsers$$,$selGroups$$, $visible$$=[],$allow_trang_thai$$;$e$jscomp$3_key_right$$=$email$$;$participant$$&&$participant$$.group_id&&($e$jscomp$3_key_right$$=$participant$$.group_id.toLowerCase());right.findOne({id_app:$id_app$$,email:$e$jscomp$3_key_right$$,module:$module$$.toLowerCase()},async function($ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$,$_right$jscomp$1_users$$){if($_right$jscomp$1_users$$&&$_right$jscomp$1_users$$.view_all)return $key_cache$$&&(global.cacheDatas[$key_cache$$]={time:new Date, data:_.cloneDeep($condition$$)}),$next$$(null,$condition$$,!1);$ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$=await exports.dsDangPhuTrach($id_app$$,$email$$);$ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$.push($email$$);$_right$jscomp$1_users$$&&$_right$jscomp$1_users$$.view_empty_phu_trach&&($ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$.push(""),$ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$.push(null));if($_right$jscomp$1_users$$&& $_right$jscomp$1_users$$.view){var $_right_trang_thai$$={visible_to:null};underscore.has($model$$.schema.paths,"visible_to")&&($condition$$.$and||($condition$$.$and=[]),$allUsers$$={visible_to:0},$selUsers$$={visible_to:2,visible_to_users:$email$$},$selGroups$$=underscore.has($model$$.schema.paths,"visible_to_usergroups")?{visible_to:5,visible_to_usergroups:($participant$$||{}).group_id}:{visible_to:5,visible_to_users:($participant$$||{}).group_id},$visible$$.push($allUsers$$),$visible$$.push($selUsers$$), $visible$$.push($selGroups$$),$visible$$.push($_right_trang_thai$$));if(!1===$_right$jscomp$1_users$$.viewOfOther){if(underscore.has($model$$.schema.paths,"ma_kh")){var $allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach$$=await exports.dsKhDangPhuTrach($id_app$$,{$in:$ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$});0<$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach$$.length&&$visible$$.push({ma_kh:{$in:$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach$$}})}$allUsers$$?$allUsers$$.user_created= {$in:$ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$}:$visible$$.push({user_created:{$in:$ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$}})}else{if(!0===underscore.has($model$$.schema.paths,"trang_thai")){if($_right_trang_thai$$=$_right$jscomp$1_users$$.view_trang_thai){$allow_trang_thai$$=[void 0,null,""];for($t_viewOfOther_right_trang_thai$$ in $_right_trang_thai$$)$_right_trang_thai$$[$t_viewOfOther_right_trang_thai$$]&&$allow_trang_thai$$.push($t_viewOfOther_right_trang_thai$$); $condition$$.trang_thai={$in:$allow_trang_thai$$}}var $t_viewOfOther_right_trang_thai$$=$_right$jscomp$1_users$$.viewOfOther_trang_thai;if($t_viewOfOther_right_trang_thai$$){$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach$$=[void 0,null,""];for(let $t$$ in $t_viewOfOther_right_trang_thai$$)!$t_viewOfOther_right_trang_thai$$[$t$$]||$_right_trang_thai$$&&!$_right_trang_thai$$[$t$$]||$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach$$.push($t$$)}}$_right$jscomp$1_users$$.viewOfOther_user_groups&& 0<$_right$jscomp$1_users$$.viewOfOther_user_groups.length?($_right$jscomp$1_users$$=await Participant.find({id_app:$id_app$$,group_id:{$in:$_right$jscomp$1_users$$.viewOfOther_user_groups}},{email:1}).lean(),$ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$.push(...$_right$jscomp$1_users$$.map($u$$=>$u$$.email)),$allUsers$$?$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach$$?$allUsers$$.$or=[{user_created:{$in:$ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$.filter($e$$=> $e$$!=$email$$)},trang_thai:{$in:$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach$$}},{user_created:$email$$}]:$allUsers$$.user_created={$in:$ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$}:$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach$$?($visible$$.push({user_created:{$in:$ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$},trang_thai:{$in:$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach$$}}),$visible$$.push({$or:[{user_created:{$in:$ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$.filter($e$$=> $e$$!=$email$$)},trang_thai:{$in:$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach$$}},{user_created:$email$$}]})):$visible$$.push({user_created:{$in:$ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$}})):$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach$$&&($allUsers$$?$allUsers$$.$or=[{user_created:{$ne:$email$$},trang_thai:{$in:$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach$$}},{user_created:$email$$}]:$visible$$.push({$or:[{user_created:{$ne:$email$$},trang_thai:{$in:$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach$$}}, {user_created:$email$$}]}))}$selUsers$$&&(underscore.has($model$$.schema.paths,"of_user")&&$visible$$.push({of_user:$email$$}),underscore.has($model$$.schema.paths,"phu_trach")&&$visible$$.push({phu_trach:{$in:$ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$}}),underscore.has($model$$.schema.paths,"attends")&&$visible$$.push({attends:{$in:$ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$}}))}else 0>not_need_right_models.indexOf($module$$)&&($visible$$.push({user_created:$email$$}), underscore.has($model$$.schema.paths,"of_user")&&$visible$$.push({of_user:$email$$}),underscore.has($model$$.schema.paths,"phu_trach")&&$visible$$.push({phu_trach:{$in:$ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$}}),underscore.has($model$$.schema.paths,"attends")&&$visible$$.push({attends:$email$$})),$ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$={"items.code":$module$$.toLowerCase()},$app$$&&$app$$.menu_code&&($ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$.app= $app$$.menu_code),await global.getModel("moduleinfo").findOne($ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$,{app:1}).lean()||($ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$={visible_to:null},underscore.has($model$$.schema.paths,"visible_to")&&($condition$$.$and||($condition$$.$and=[]),$allUsers$$={visible_to:0},$selUsers$$={visible_to:2,visible_to_users:$email$$},$selGroups$$=underscore.has($model$$.schema.paths,"visible_to_usergroups")?{visible_to:5,visible_to_usergroups:($participant$$|| {}).group_id}:{visible_to:5,visible_to_users:($participant$$||{}).group_id},$visible$$.push($allUsers$$),$visible$$.push($selUsers$$),$visible$$.push($selGroups$$),$visible$$.push($ds_dang_phu_trach_error$jscomp$3_query$jscomp$1_visible_to_null$$)));0<$visible$$.length&&($condition$$.$and||($condition$$.$and=[]),$condition$$.$and.push({$or:$visible$$}));$condition$$.$and&&0===$condition$$.$and.length&&delete $condition$$.$and;$condition$$.$or&&0===$condition$$.$or.length&&delete $condition$$.$or; $key_cache$$&&(global.cacheDatas[$key_cache$$]={time:new Date,data:_.cloneDeep($condition$$)});$next$$(null,$condition$$,!1)})}},$options$$)}; exports.getRightDataView=function($id_app$$,$model$$,$email$$,$next$$){exports.isAdmin($id_app$$,$email$$,function($condition$jscomp$1_e$$,$admin$$){if($condition$jscomp$1_e$$)return $next$$($condition$jscomp$1_e$$);$condition$jscomp$1_e$$={};if(!$admin$$&&!0===underscore.has($model$$.schema.paths,"dataview_to_users")){$condition$jscomp$1_e$$.$and||($condition$jscomp$1_e$$.$and=[]);let $dataview$$=[{dataview_to:null}];$dataview$$.push({dataview_to:0});$dataview$$.push({dataview_to:1,user_created:$email$$}); $dataview$$.push({dataview_to:2,dataview_to_users:$email$$});$condition$jscomp$1_e$$.$and.push({$or:$dataview$$})}$next$$(null,$condition$jscomp$1_e$$,$admin$$)})}; exports.getFieldNotRight=async($_fields_id_app$$,$_p_email$jscomp$5_group_id$$,$ma_ct$$)=>{if(!$_fields_id_app$$)return[];$_p_email$jscomp$5_group_id$$=await Participant.ofApp($_fields_id_app$$,$_p_email$jscomp$5_group_id$$);if(0<$_p_email$jscomp$5_group_id$$.length){$_p_email$jscomp$5_group_id$$=$_p_email$jscomp$5_group_id$$[0].group_id;let $field_not_right$$;try{$field_not_right$$=await right.getInfo($_fields_id_app$$,{email:$_p_email$jscomp$5_group_id$$,module:$ma_ct$$.toLowerCase()},"field_not_right")}catch($e$$){return[]}$_fields_id_app$$= [];for(let $_key$$ in $field_not_right$$)$field_not_right$$[$_key$$]&&$_fields_id_app$$.push($_key$$);return $_fields_id_app$$}return[]};const request=require("request"); exports.verifyReCaptcha=async($gRecaptchaResponse$$,$remoteip$$)=>{if(!$gRecaptchaResponse$$)throw Error("Please select captcha");var $verificationUrl$$="https://www.google.com/recaptcha/api/siteverify?secret="+global.configs.GOOGLE_RECAPTCHA_SECRET_KEY+"&response="+$gRecaptchaResponse$$;$remoteip$$&&($verificationUrl$$+="&remoteip="+$remoteip$$);return new Promise(($resolve$$,$reject$$)=>{request($verificationUrl$$,function($error$$,$response$$,$body$$){$body$$=JSON.parse($body$$);if(!$body$$.success)return console.error("Failed captcha verification", $body$$,$verificationUrl$$),$reject$$(Error("Failed captcha verification"));$resolve$$(!0)})})}; exports.verifyOTP=async($otp_username$$,$otp_id$$,$otp_code$$)=>{if(!$otp_id$$||!$otp_code$$)throw Error("Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u otp-id v\u00e0 otp-code");const $u$$=await global.getModel("user").findOne({$or:[{email:$otp_username$$}]});if(!$u$$)throw Error(`T\u00e0i kho\u1ea3n ${$otp_username$$} kh\u00f4ng t\u1ed3n t\u1ea1i`);if("PIN"===$otp_id$$.toUpperCase()&&configs.use_pin_as_otp){if(!($u$$.local||{}).pin)throw Error("M\u00e3 pin ch\u01b0a \u0111\u01b0\u1ee3c t\u1ea1o"); if(!await $u$$.validPin($otp_code$$))throw Error("M\u00e3 pin kh\u00f4ng ch\u00ednh x\u00e1c");return{pin:$otp_code$$,phone:$otp_username$$}}if(!global.mongoose.Types.ObjectId.isValid($otp_id$$))throw Error("otp-id kh\u00f4ng h\u1ee3p l\u1ec7");$otp_username$$=await global.getModel("otp").findOne({_id:$otp_id$$,phone:$otp_username$$});if(!$otp_username$$)throw Error("OTP kh\u00f4ng h\u1ee3p l\u1ec7");$otp_username$$.tried_number=($otp_username$$.tried_number||0)+1;await $otp_username$$.save();if(!$otp_username$$|| $otp_username$$.tried_number>(configs.MAX_TRY_OTP||3)||$otp_username$$.otp!=$otp_code$$||$otp_username$$.verified||$otp_username$$.expire_time.getTime()<(new Date).getTime())throw Error("M\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i ho\u1eb7c \u0111\u00e3 h\u1ebft hi\u1ec7u l\u1ef1c");await global.getModel("otp").findOneAndUpdate({_id:$otp_id$$},{verified:!0});return $otp_username$$};