UNPKG

flexbiz-server

Version:

Flexible Server

59 lines (58 loc) 28.1 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
const right=global.getModel("right"),App=global.getModel("app"),Participant=global.getModel("participant"),UserGroup=global.getModel("usergroup"),underscore=require("underscore"),moment=require("moment"),trangthai=global.getModel("trangthai"),async=require("async"),_=require("lodash"),{evalute}=require("./utils"),not_need_right_models="parameter rpt label labelinfo templaterpt templatestore templatevoucher listinfo reportinfo shortcut rptobject rptform forminfo importexceltemplate options".split(" "); exports.dsChildrenGroups=async($id_app$$,$group_id$$)=>{let $childrenGroups$$=(await UserGroup.find({group_mother:$group_id$$,id_app:$id_app$$},{_id:1}).lean()).map($g$$=>$g$$._id.toString());$childrenGroups$$.length>0&&await Promise.all($childrenGroups$$.map($c$$=>(async()=>{let $gs$$=await exports.dsChildrenGroups($id_app$$,$c$$);$childrenGroups$$.push(...$gs$$)})()));return $childrenGroups$$}; exports.dsDangPhuTrach=async($id_app$$,$ds_phu_trach_email$$)=>{if(!$id_app$$)return[];let $key_cache$$=`userdangphutrach::${$id_app$$}::${$ds_phu_trach_email$$}`,$time_cache$$=$ds_phu_trach_email$$==="public"?10080:1;if(global.cacheDatas[$key_cache$$]&&moment().diff(moment(global.cacheDatas[$key_cache$$].time),"minutes")<$time_cache$$)return global.cacheDatas[$key_cache$$].data;let $groups$$=(await UserGroup.find({ds_phu_trach:$ds_phu_trach_email$$,id_app:$id_app$$},{_id:1}).lean()).map($g$$=>$g$$._id.toString()); await Promise.all([...$groups$$].map($group_id$$=>(async()=>{let $childrenGroups$$=await exports.dsChildrenGroups($id_app$$,$group_id$$);$groups$$.push(...$childrenGroups$$)})()));$groups$$=[...(new Set($groups$$))];$ds_phu_trach_email$$=(await Participant.find({id_app:$id_app$$,group_id:{$in:$groups$$}},{email:1}).lean()).map($p$$=>$p$$.email);global.cacheDatas[$key_cache$$]={time:new Date,data:_.cloneDeep($ds_phu_trach_email$$)};return $ds_phu_trach_email$$}; exports.dsKhDangPhuTrach=async($data_id_app$$,$phu_trach$$)=>{if(!$data_id_app$$)return[];let $key_cache$$=`khdangphutrach::${$data_id_app$$}::${typeof $phu_trach$$=="object"?JSON.stringify($phu_trach$$):$phu_trach$$}`;if(global.cacheDatas[$key_cache$$]&&moment().diff(moment(global.cacheDatas[$key_cache$$].time),"minutes")<1)return Logger.info("lay danh sach khach hang dang phu trach tu cache",$key_cache$$),global.cacheDatas[$key_cache$$].data;$data_id_app$$=(await global.getModel("customer").find({id_app:$data_id_app$$, phu_trach:$phu_trach$$},{ma_kh:1}).lean()).map($p$$=>$p$$.ma_kh);global.cacheDatas[$key_cache$$]={time:new Date,data:_.cloneDeep($data_id_app$$)};return $data_id_app$$}; exports.isAdmin=function($current_id_app$$,$email$$,$callback$$){if(!$current_id_app$$)return $callback$$(null,!0);App.findOne({_id:$current_id_app$$}).lean().then(async $app$$=>{if(!$app$$)return $callback$$({error:"ID app: "+$current_id_app$$+" kh\u00f4ng t\u1ed3n t\u1ea1i",code:-7},!1);if($app$$.trang_thai=="9")return $callback$$({error:`C\u00f4ng ty ${$app$$.name} \u0111\u00e3 ng\u1eebng s\u1eed d\u1ee5ng`,code:-9},!1);if(global.configs.check_expire_date&&$app$$.expire_date&&(new Date($app$$.expire_date)).getTime()< (new Date).getTime())return $callback$$({error:`C\u00f4ng ty ${$app$$.name} \u0111\u00e3 h\u1ebft h\u1ea1n s\u1eed d\u1ee5ng`,code:-8},!1);let $participant$$=await Participant.findOne({id_app:$current_id_app$$,email:$email$$}).lean();if(!$participant$$)return $callback$$({error:`B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n truy c\u1eadp c\u00f4ng ty ${$app$$.name}`,code:-2},!1);if(!$participant$$.admin&&!$participant$$.active&&$email$$!=="public")return $callback$$({error:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e1c nh\u1eadn", code:-1},!1);$callback$$(null,$participant$$.admin,$app$$,$participant$$)}).catch($error$$=>{$callback$$($error$$,!1)})}; exports.hasRight=async function($current_id_app$$,$email$$,$module$$,$action$$,$callbackMain$$,$options$$={}){if(!$current_id_app$$||$options$$.notNeedRight)return $callbackMain$$(null,!0);const $model$$=global.controllers[$module$$]?global.controllers[$module$$].model:void 0;if($model$$&&$model$$.schema&&!underscore.has($model$$.schema.paths,"id_app"))return $callbackMain$$(null,!0);let $right_code$$=($options$$.right_code||$options$$.listinfo_code||$module$$).toLowerCase();$options$$.data&&($options$$.data.trang_thai|| $options$$.data.trang_thai==0)&&($options$$.data.trang_thai=$options$$.data.trang_thai.toString());$options$$.obj&&($options$$.obj.trang_thai||$options$$.obj.trang_thai==0)&&($options$$.obj.trang_thai=$options$$.obj.trang_thai.toString());$action$$=($action$$||"").toLowerCase();var $data$$=$options$$.data||$options$$.obj||{};const $ma_ct$$=$model$$&&underscore.has($model$$.schema.paths,"ma_ct")&&(($options$$.obj||{}).ma_ct||($options$$.data||{}).ma_ct||"").toString().toUpperCase();let $ma_trang_thai$$= ($data$$.trang_thai||$data$$.progress||"").toString().toUpperCase();!$ma_trang_thai$$&&$options$$.obj&&($ma_trang_thai$$=($options$$.obj.trang_thai||$options$$.obj.progress||"").toString().toUpperCase());if($ma_ct$$&&$ma_trang_thai$$)if($data$$=await trangthai.findOne({ma_trang_thai:$ma_trang_thai$$,ma_ct:$ma_ct$$}).lean()){if($data$$.not_need_right)return $callbackMain$$(null,!0)}else Logger.info("Khong tim thay trang thai cho chuc nang nay",{ma_ct:$ma_ct$$,ma_trang_thai:$ma_trang_thai$$,trang_thai:$data$$, action:$action$$});exports.isAdmin($current_id_app$$,$email$$,async($api_code_e_key_right_ms_q$$,$admin$$,$app$$,$_right__right_trang_thai_controler_participant$$)=>{if($api_code_e_key_right_ms_q$$)return $callbackMain$$($api_code_e_key_right_ms_q$$,!1);var $listinfo_model$$;if(!$admin$$&&$right_code$$!=$module$$.toLowerCase())if($listinfo_model$$=await global.getModel("listinfo").findOne({code:$right_code$$}).lean()){if($api_code_e_key_right_ms_q$$=$listinfo_model$$.api_code||$listinfo_model$$.code, $api_code_e_key_right_ms_q$$!=$module$$.toLowerCase())return $callbackMain$$({error:`M\u00e3 quy\u1ec1n '${$right_code$$}' kh\u00f4ng h\u1ee3p l\u1ec7. API: ${$api_code_e_key_right_ms_q$$}, module: ${$module$$}`})}else return $callbackMain$$({error:`M\u00e3 quy\u1ec1n '${$right_code$$}' kh\u00f4ng t\u1ed3n t\u1ea1i`});$listinfo_model$$=$listinfo_model$$?.permistion_code||$right_code$$;if($app$$&&$app$$.allow_modules&&$app$$.allow_modules.length>0&&($api_code_e_key_right_ms_q$$={"items.code":{$regex:"^"+ $module$$+"$",$options:"i"},active_require:!0},$app$$.menu_code&&($api_code_e_key_right_ms_q$$.app=$app$$.menu_code),$api_code_e_key_right_ms_q$$=await global.getModel("moduleinfo").find($api_code_e_key_right_ms_q$$).lean(),$api_code_e_key_right_ms_q$$.length>0&&$api_code_e_key_right_ms_q$$.filter($m$$=>$app$$.allow_modules.indexOf($m$$.code)>=0&&(!$m$$.not_for_companies||$m$$.not_for_companies.indexOf($app$$._id.toString())<0)&&(!$m$$.only_for_companies||$m$$.only_for_companies.indexOf($app$$._id.toString())>= 0)).length==0))return $callbackMain$$('API "'+$module$$+'" ch\u01b0a \u0111\u01b0\u1ee3c k\u00edch ho\u1ea1t cho c\u00f4ng ty n\u00e0y (trong module '+$api_code_e_key_right_ms_q$$[0].app+"/"+$api_code_e_key_right_ms_q$$[0].title+")",!1);if($options$$.data&&$options$$.data.id_app){if($options$$.data.id_app!=$current_id_app$$)return $callbackMain$$("B\u1ea1n kh\u00f4ng th\u1ec3 truy c\u1eadp th\u00f4ng tin n\u00e0y",!1);if($options$$.obj&&$options$$.data.id_app!=$options$$.obj.id_app)return Logger.warn("[permission]", {obj_id_app:$options$$.obj.id_app,data_id_app:$options$$.data.id_app}),$callbackMain$$("B\u1ea1n kh\u00f4ng th\u1ec3 c\u1eadp nh\u1eadt th\u00f4ng tin n\u00e0y v\u00e0o c\u00f4ng ty kh\u00e1c",!1)}if($options$$.obj&&$options$$.obj.id_app&&$options$$.obj.id_app!=$current_id_app$$)return Logger.warn("[permission]",{obj_id_app:$options$$.obj.id_app,current_id_app:$current_id_app$$}),$callbackMain$$("B\u1ea1n kh\u00f4ng th\u1ec3 truy c\u1eadp th\u00f4ng tin n\u00e0y do d\u1eef li\u1ec7u kh\u00f4ng thu\u1ed9c c\u00f4ng ty hi\u1ec7n t\u1ea1i", !1);if($options$$.notNeedRight)return $callbackMain$$(null,!0,$app$$);if($options$$.obj&&!$admin$$)if($options$$.obj?.visible_to===2){if(!underscore.contains($options$$.obj.visible_to_users,$email$$)&&$options$$.obj?.of_user!==$email$$.toLowerCase()&&$options$$.obj.user_created&&$options$$.obj.user_created.toLowerCase()!==$email$$.toLowerCase())return $callbackMain$$("B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n truy c\u1eadp th\u00f4ng tin n\u00e0y",!1)}else if($options$$.obj.visible_to===1&&$options$$.obj?.of_user!== $email$$.toLowerCase()&&$options$$.obj.user_created&&$options$$.obj.user_created.toLowerCase()!==$email$$.toLowerCase()&&$options$$.obj.phu_trach!=$email$$.toLowerCase()&&($options$$.obj.attends||[]).indexOf($email$$)<0&&(await exports.dsDangPhuTrach($options$$.obj.id_app,$email$$.toLowerCase())).indexOf($options$$.obj.user_created)<0)return $callbackMain$$("Ch\u1ec9 ng\u01b0\u1eddi t\u1ea1o, ph\u1ee5 tr\u00e1ch, h\u1ed7 tr\u1ee3 v\u00e0 admin m\u1edbi c\u00f3 quy\u1ec1n truy c\u1eadp th\u00f4ng tin n\u00e0y", !1);$api_code_e_key_right_ms_q$$=$email$$;$_right__right_trang_thai_controler_participant$$&&$_right__right_trang_thai_controler_participant$$.group_id&&($api_code_e_key_right_ms_q$$=$_right__right_trang_thai_controler_participant$$.group_id.toLowerCase());($_right__right_trang_thai_controler_participant$$=await right.findOne({id_app:$current_id_app$$,email:$api_code_e_key_right_ms_q$$,module:$listinfo_model$$}).lean())||$listinfo_model$$!=$options$$.listinfo_code||$listinfo_model$$==$module$$.toLowerCase()|| ($listinfo_model$$=$module$$.toLowerCase());$_right__right_trang_thai_controler_participant$$=await right.findOne({id_app:$current_id_app$$,email:$api_code_e_key_right_ms_q$$,module:$listinfo_model$$}).lean();if(!$admin$$){if(!$_right__right_trang_thai_controler_participant$$)return $_right__right_trang_thai_controler_participant$$=global.controllers[$module$$.toUpperCase()],$listinfo_model$$=(($_right__right_trang_thai_controler_participant$$||{}).model_name||$module$$).toLowerCase(),$listinfo_model$$== "customer"||$listinfo_model$$.indexOf("socai")>=0||$listinfo_model$$.indexOf("sokho")>=0||$listinfo_model$$.indexOf("vatvao")>=0||$listinfo_model$$.indexOf("vatra")>=0||$listinfo_model$$.indexOf("tdttno")>=0||$listinfo_model$$.indexOf("tdttco")>=0||$_right__right_trang_thai_controler_participant$$&&($_right__right_trang_thai_controler_participant$$.options||{}).isVoucher||$action$$!=="view"&&($action$$!=="add"||$module$$.toLowerCase()!=="group")?$callbackMain$$("B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n \u0111\u1ed1i v\u1edbi t\u00ednh n\u0103ng n\u00e0y", !1):($_right__right_trang_thai_controler_participant$$={"items.code":$module$$.toLowerCase()},$app$$&&$app$$.menu_code&&($_right__right_trang_thai_controler_participant$$.app=$app$$.menu_code),await global.getModel("moduleinfo").findOne($_right__right_trang_thai_controler_participant$$,{app:1}).lean()?$callbackMain$$("B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n \u0111\u1ed1i v\u1edbi t\u00ednh n\u0103ng n\u00e0y",!1):$callbackMain$$(null,!0,$app$$));if($action$$=="view"&&$_right__right_trang_thai_controler_participant$$?.view_all)return $callbackMain$$(null, !0,$app$$);if($action$$=="view"&&$options$$.obj&&$_right__right_trang_thai_controler_participant$$&&!$_right__right_trang_thai_controler_participant$$.view_all&&!$_right__right_trang_thai_controler_participant$$.viewOfOther&&$options$$.obj.user_created.toLowerCase()!==$email$$&&($options$$.obj.visible_to!==2||!underscore.contains($options$$.obj.visible_to_users,$email$$))&&$options$$.obj.phu_trach!==$email$$&&($options$$.obj.attends||[]).indexOf($email$$)<0&&(await exports.dsDangPhuTrach($options$$.obj.id_app, $email$$.toLowerCase())).indexOf($options$$.obj.user_created)<0)return $callbackMain$$("B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n truy c\u1eadp th\u00f4ng tin n\u00e0y",!1);if(!$_right__right_trang_thai_controler_participant$$[$action$$])return $callbackMain$$("B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n \u0111\u1ed1i v\u1edbi t\u00ednh n\u0103ng n\u00e0y",!1);if($ma_trang_thai$$&&($_right__right_trang_thai_controler_participant$$=$_right__right_trang_thai_controler_participant$$[`${$action$$}_trang_thai`])&& !$_right__right_trang_thai_controler_participant$$[$ma_trang_thai$$]&&$_right__right_trang_thai_controler_participant$$[$ma_trang_thai$$]!=void 0)return $callbackMain$$("B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n \u0111\u1ed1i v\u1edbi tr\u1ea1ng th\u00e1i ch\u1ee9ng t\u1eeb n\u00e0y",!1)}$options$$.obj?async.series({trangthai:$callback$$=>{$options$$.obj&&($action$$==="update"||$action$$==="delete")&&$model$$&&underscore.has($model$$.schema.paths,"ma_ct")&&$options$$.obj.ma_ct?trangthai.findOne({ma_ct:$options$$.obj.ma_ct.toUpperCase(), ma_trang_thai:$options$$.obj.trang_thai},function($e$$,$trang_thai$$){if($e$$)return $callback$$($e$$);if($trang_thai$$){if($action$$==="update"){if($trang_thai$$.allow_update==0)return $callback$$("Tr\u1ea1ng th\u00e1i ch\u1ee9ng t\u1eeb n\u00e0y kh\u00f4ng cho ph\u00e9p s\u1eeda");if($trang_thai$$.lock_data==1)return $callback$$("Tr\u1ea1ng th\u00e1i ch\u1ee9ng t\u1eeb n\u00e0y \u0111\u00e3 \u0111\u01b0\u1ee3c kho\u00e1")}if($action$$==="delete"&&($trang_thai$$.lock_data||$trang_thai$$.allow_delete== 0))return $callback$$("Tr\u1ea1ng th\u00e1i ch\u1ee9ng t\u1eeb n\u00e0y kh\u00f4ng cho ph\u00e9p xo\u00e1")}return $callback$$()}):$callback$$()}},$action_right_e$$=>{if($action_right_e$$)$callbackMain$$($action_right_e$$,!1);else{$action_right_e$$=`${$action$$}_right`;if(!$admin$$&&$options$$.obj&&$options$$.obj[$action_right_e$$]&&$options$$.obj[$action_right_e$$].length>0&&$options$$.obj[$action_right_e$$].indexOf($email$$.toLowerCase())<0)return $callbackMain$$("B\u1ea1n kh\u00f4ng c\u00f3 quy\u1ec1n \u0111\u1ed1i v\u1edbi t\u00ednh n\u0103ng n\u00e0y", !1);$callbackMain$$(null,!0,$app$$)}}):$callbackMain$$(null,!0,$app$$)},$options$$)};exports.asyncHasRight=function($current_id_app$$,$email$$,$module$$,$action$$,$options$$={}){return new Promise(($resolve$$,$reject$$)=>{exports.hasRight($current_id_app$$,$email$$,$module$$,$action$$,($e$$,$permission$$,$app$$)=>{if($e$$)return $reject$$($e$$);$resolve$$({permission:$permission$$,app:$app$$})},$options$$)})}; exports.getRightByItem=async function($id_app$$,$model$$,$email$$,$next$$,$module$$,$options$$={}){$module$$||=$model$$&&$model$$.modelName?$model$$.modelName.toLowerCase():"";let $right_code$$=($options$$.right_code||$options$$.listinfo_code||$module$$).toLowerCase(),$key_cache$$=$right_code$$?`RightByItem::${$id_app$$}::${$email$$}::${$right_code$$}::${JSON.stringify($options$$)}`:"",$time_cache$$=$email$$==="public"?10080:1;if($key_cache$$&&global.cacheDatas[$key_cache$$]&&moment().diff(moment(global.cacheDatas[$key_cache$$].time), "minutes")<$time_cache$$)return $next$$(null,global.cacheDatas[$key_cache$$].data,!1);exports.isAdmin($id_app$$,$email$$,async function($condition_e$$,$_right$jscomp$1_admin$jscomp$1_api_code$$,$allow_trang_thai_app$$,$_right_trang_thai$jscomp$1_participant$$){if($condition_e$$)return $next$$($condition_e$$);$condition_e$$={};if($_right$jscomp$1_admin$jscomp$1_api_code$$||$options$$.notNeedRight||!underscore.has($model$$.schema.paths,"id_app"))$next$$(null,$condition_e$$,$_right$jscomp$1_admin$jscomp$1_api_code$$); else{var $listinfo$$;if($right_code$$&&$right_code$$!=$module$$.toLowerCase())if($listinfo$$=await global.getModel("listinfo").findOne({code:$right_code$$}).lean()){if($_right$jscomp$1_admin$jscomp$1_api_code$$=$listinfo$$.api_code||$listinfo$$.code,$_right$jscomp$1_admin$jscomp$1_api_code$$!=$module$$.toLowerCase())return $next$$({error:`M\u00e3 quy\u1ec1n '${$right_code$$}' kh\u00f4ng h\u1ee3p l\u1ec7, API: ${$_right$jscomp$1_admin$jscomp$1_api_code$$}, module: ${$module$$.toLowerCase()}`})}else return $next$$({error:`M\u00e3 quy\u1ec1n '${$right_code$$}' kh\u00f4ng t\u1ed3n t\u1ea1i`}); var $ds_dang_phu_trach_permistion_code$$=$listinfo$$?.permistion_code||$right_code$$;let $selUsers$$;$listinfo$$=[];let $key_right$$=$email$$;$_right_trang_thai$jscomp$1_participant$$&&$_right_trang_thai$jscomp$1_participant$$.group_id&&($key_right$$=$_right_trang_thai$jscomp$1_participant$$.group_id.toLowerCase());($_right$jscomp$1_admin$jscomp$1_api_code$$=await right.findOne({id_app:$id_app$$,email:$key_right$$,module:$ds_dang_phu_trach_permistion_code$$}).lean())||$ds_dang_phu_trach_permistion_code$$!= $options$$.listinfo_code||$ds_dang_phu_trach_permistion_code$$==$module$$.toLowerCase()||($ds_dang_phu_trach_permistion_code$$=$module$$.toLowerCase());if(($_right$jscomp$1_admin$jscomp$1_api_code$$=await right.findOne({id_app:$id_app$$,email:$key_right$$,module:$ds_dang_phu_trach_permistion_code$$}).lean())&&$_right$jscomp$1_admin$jscomp$1_api_code$$.view_all){if($_right$jscomp$1_admin$jscomp$1_api_code$$&&$_right$jscomp$1_admin$jscomp$1_api_code$$.extra_condition)try{$condition_e$$=evalute(`return ${$_right$jscomp$1_admin$jscomp$1_api_code$$.extra_condition}`, {module:$module$$,participant:$_right_trang_thai$jscomp$1_participant$$,appInfo:$allow_trang_thai_app$$})}catch($e$$){return Logger.error("[getRightByItem] [extra_condition]",$e$$,$_right$jscomp$1_admin$jscomp$1_api_code$$.extra_condition),$next$$($e$$.message)}$key_cache$$&&(global.cacheDatas[$key_cache$$]={time:new Date,data:_.cloneDeep($condition_e$$)});return $next$$(null,$condition_e$$,!1)}$ds_dang_phu_trach_permistion_code$$=(await exports.dsDangPhuTrach($id_app$$,$email$$)).filter($d$$=>$d$$); $ds_dang_phu_trach_permistion_code$$.push($email$$);$_right$jscomp$1_admin$jscomp$1_api_code$$&&$_right$jscomp$1_admin$jscomp$1_api_code$$.view_empty_phu_trach&&($ds_dang_phu_trach_permistion_code$$.push(""),$ds_dang_phu_trach_permistion_code$$.push(null));$ds_dang_phu_trach_permistion_code$$=[...(new Set($ds_dang_phu_trach_permistion_code$$))];if($_right$jscomp$1_admin$jscomp$1_api_code$$&&$_right$jscomp$1_admin$jscomp$1_api_code$$.view){$allow_trang_thai_app$$={visible_to:null};if(underscore.has($model$$.schema.paths, "visible_to")){$condition_e$$.$and||($condition_e$$.$and=[]);var $allUsers_query$$={visible_to:0};$selUsers$$={visible_to:2,visible_to_users:$email$$};$_right_trang_thai$jscomp$1_participant$$=underscore.has($model$$.schema.paths,"visible_to_usergroups")?{visible_to:5,visible_to_usergroups:($_right_trang_thai$jscomp$1_participant$$||{}).group_id}:{visible_to:5,visible_to_users:($_right_trang_thai$jscomp$1_participant$$||{}).group_id};$listinfo$$.push($allUsers_query$$);$listinfo$$.push($selUsers$$); $listinfo$$.push($_right_trang_thai$jscomp$1_participant$$);$listinfo$$.push($allow_trang_thai_app$$)}if($_right$jscomp$1_admin$jscomp$1_api_code$$.viewOfOther===!1){if(underscore.has($model$$.schema.paths,"ma_kh")){var $allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach_visible_to_null$$=await exports.dsKhDangPhuTrach($id_app$$,{$in:$ds_dang_phu_trach_permistion_code$$});$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach_visible_to_null$$.length>0&&$listinfo$$.push({ma_kh:{$in:$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach_visible_to_null$$}})}$allUsers_query$$? $allUsers_query$$.user_created={$in:$ds_dang_phu_trach_permistion_code$$}:$listinfo$$.push({user_created:{$in:$ds_dang_phu_trach_permistion_code$$}})}else{if(underscore.has($model$$.schema.paths,"trang_thai")===!0){if($_right_trang_thai$jscomp$1_participant$$=$_right$jscomp$1_admin$jscomp$1_api_code$$.view_trang_thai){$allow_trang_thai_app$$=[void 0,null,""];for(var $t_viewOfOther_right_trang_thai$$ in $_right_trang_thai$jscomp$1_participant$$)$_right_trang_thai$jscomp$1_participant$$[$t_viewOfOther_right_trang_thai$$]&& $allow_trang_thai_app$$.push($t_viewOfOther_right_trang_thai$$);$condition_e$$.trang_thai={$in:$allow_trang_thai_app$$}}if($t_viewOfOther_right_trang_thai$$=$_right$jscomp$1_admin$jscomp$1_api_code$$.viewOfOther_trang_thai){$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach_visible_to_null$$=[void 0,null,""];for(var $t$jscomp$1_users$$ in $t_viewOfOther_right_trang_thai$$)!$t_viewOfOther_right_trang_thai$$[$t$jscomp$1_users$$]||$_right_trang_thai$jscomp$1_participant$$&&!$_right_trang_thai$jscomp$1_participant$$[$t$jscomp$1_users$$]|| $allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach_visible_to_null$$.push($t$jscomp$1_users$$)}}$_right$jscomp$1_admin$jscomp$1_api_code$$.viewOfOther_user_groups&&$_right$jscomp$1_admin$jscomp$1_api_code$$.viewOfOther_user_groups.length>0?($t$jscomp$1_users$$=await Participant.find({id_app:$id_app$$,group_id:{$in:$_right$jscomp$1_admin$jscomp$1_api_code$$.viewOfOther_user_groups}},{email:1}).lean(),$ds_dang_phu_trach_permistion_code$$.push(...$t$jscomp$1_users$$.map($u$$=>$u$$.email)),$allUsers_query$$? $allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach_visible_to_null$$?$allUsers_query$$.$or=[{user_created:{$in:$ds_dang_phu_trach_permistion_code$$.filter($e$$=>$e$$!=$email$$)},trang_thai:{$in:$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach_visible_to_null$$}},{user_created:$email$$}]:$allUsers_query$$.user_created={$in:$ds_dang_phu_trach_permistion_code$$}:$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach_visible_to_null$$?($listinfo$$.push({user_created:{$in:$ds_dang_phu_trach_permistion_code$$}, trang_thai:{$in:$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach_visible_to_null$$}}),$listinfo$$.push({$or:[{user_created:{$in:$ds_dang_phu_trach_permistion_code$$.filter($e$$=>$e$$!=$email$$)},trang_thai:{$in:$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach_visible_to_null$$}},{user_created:$email$$}]})):$listinfo$$.push({user_created:{$in:$ds_dang_phu_trach_permistion_code$$}})):$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach_visible_to_null$$&&($allUsers_query$$?$allUsers_query$$.$or=[{user_created:{$ne:$email$$}, trang_thai:{$in:$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach_visible_to_null$$}},{user_created:$email$$}]:$listinfo$$.push({$or:[{user_created:{$ne:$email$$},trang_thai:{$in:$allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach_visible_to_null$$}},{user_created:$email$$}]}))}$selUsers$$&&(underscore.has($model$$.schema.paths,"of_user")&&$listinfo$$.push({of_user:{$in:[...$ds_dang_phu_trach_permistion_code$$,$email$$]}}),underscore.has($model$$.schema.paths,"user")&&$listinfo$$.push({user:{$in:[...$ds_dang_phu_trach_permistion_code$$, $email$$]}}),underscore.has($model$$.schema.paths,"phu_trach")&&$listinfo$$.push({phu_trach:{$in:$ds_dang_phu_trach_permistion_code$$}}),underscore.has($model$$.schema.paths,"attends")&&$listinfo$$.push({attends:{$in:$ds_dang_phu_trach_permistion_code$$}}))}else not_need_right_models.indexOf($module$$)<0&&($listinfo$$.push({user_created:$email$$}),underscore.has($model$$.schema.paths,"of_user")&&$listinfo$$.push({of_user:{$in:[...$ds_dang_phu_trach_permistion_code$$,$email$$]}}),underscore.has($model$$.schema.paths, "user")&&$listinfo$$.push({user:{$in:[...$ds_dang_phu_trach_permistion_code$$,$email$$]}}),underscore.has($model$$.schema.paths,"phu_trach")&&$listinfo$$.push({phu_trach:{$in:$ds_dang_phu_trach_permistion_code$$}}),underscore.has($model$$.schema.paths,"attends")&&$listinfo$$.push({attends:$email$$})),$allUsers_query$$={"items.code":$module$$.toLowerCase()},$allow_trang_thai_app$$&&$allow_trang_thai_app$$.menu_code&&($allUsers_query$$.app=$allow_trang_thai_app$$.menu_code),await global.getModel("moduleinfo").findOne($allUsers_query$$, {app:1}).lean()||($allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach_visible_to_null$$={visible_to:null},underscore.has($model$$.schema.paths,"visible_to")&&($condition_e$$.$and||($condition_e$$.$and=[]),$allUsers_query$$={visible_to:0},$selUsers$$={visible_to:2,visible_to_users:$email$$},$_right_trang_thai$jscomp$1_participant$$=underscore.has($model$$.schema.paths,"visible_to_usergroups")?{visible_to:5,visible_to_usergroups:($_right_trang_thai$jscomp$1_participant$$||{}).group_id}:{visible_to:5, visible_to_users:($_right_trang_thai$jscomp$1_participant$$||{}).group_id},$listinfo$$.push($allUsers_query$$),$listinfo$$.push($selUsers$$),$listinfo$$.push($_right_trang_thai$jscomp$1_participant$$),$listinfo$$.push($allow_viewOfOther_trang_thai_ds_kh_dang_phu_trach_visible_to_null$$)));underscore.has($model$$.schema.paths,"public")&&$listinfo$$.push({public:!0});underscore.has($model$$.schema.paths,"shared")&&$listinfo$$.push({shared:!0});$listinfo$$.length>0&&($condition_e$$.$and||($condition_e$$.$and= []),$condition_e$$.$and.push({$or:$listinfo$$}));$condition_e$$.$and&&$condition_e$$.$and.length===0&&delete $condition_e$$.$and;$condition_e$$.$or&&$condition_e$$.$or.length===0&&delete $condition_e$$.$or;$key_cache$$&&(global.cacheDatas[$key_cache$$]={time:new Date,data:_.cloneDeep($condition_e$$)});$next$$(null,$condition_e$$,!1)}},$options$$)}; exports.getRightDataView=function($id_app$$,$model$$,$email$$,$next$$){exports.isAdmin($id_app$$,$email$$,function($condition$jscomp$1_e$$,$admin$$){if($condition$jscomp$1_e$$)return $next$$($condition$jscomp$1_e$$);$condition$jscomp$1_e$$={};if(!$admin$$&&underscore.has($model$$.schema.paths,"dataview_to_users")===!0){$condition$jscomp$1_e$$.$and||($condition$jscomp$1_e$$.$and=[]);let $dataview$$=[{dataview_to:null}];$dataview$$.push({dataview_to:0});$dataview$$.push({dataview_to:1,user_created:$email$$}); $dataview$$.push({dataview_to:2,dataview_to_users:$email$$});$condition$jscomp$1_e$$.$and.push({$or:$dataview$$})}$next$$(null,$condition$jscomp$1_e$$,$admin$$)})}; exports.getFieldNotRight=async($_fields_id_app$$,$_p_email$jscomp$6_group_id$$,$ma_ct$$)=>{if(!$_fields_id_app$$)return[];$_p_email$jscomp$6_group_id$$=await Participant.ofApp($_fields_id_app$$,$_p_email$jscomp$6_group_id$$);if($_p_email$jscomp$6_group_id$$.length>0){$_p_email$jscomp$6_group_id$$=$_p_email$jscomp$6_group_id$$[0].group_id;let $field_not_right$$;try{$field_not_right$$=await right.getInfo($_fields_id_app$$,{email:$_p_email$jscomp$6_group_id$$,module:$ma_ct$$.toLowerCase()},"field_not_right")}catch($e$$){return[]}$_fields_id_app$$= [];for(let $_key$$ in $field_not_right$$)$field_not_right$$[$_key$$]&&$_fields_id_app$$.push($_key$$);return $_fields_id_app$$}return[]};const request=require("request"); exports.verifyReCaptcha=async($gRecaptchaResponse$$,$remoteip$$)=>{if(!$gRecaptchaResponse$$)throw Error("Please select captcha");var $verificationUrl$$="https://www.google.com/recaptcha/api/siteverify?secret="+global.configs.GOOGLE_RECAPTCHA_SECRET_KEY+"&response="+$gRecaptchaResponse$$;$remoteip$$&&($verificationUrl$$+="&remoteip="+$remoteip$$);return new Promise(($resolve$$,$reject$$)=>{request($verificationUrl$$,function($error$$,$response$$,$body$$){$body$$=JSON.parse($body$$);if(!$body$$.success)return Logger.error("Failed captcha verification", $body$$,$verificationUrl$$),$reject$$(Error("Failed captcha verification"));$resolve$$(!0)})})}; exports.verifyOTP=async($otp_username$$,$otp_id$$,$otp_code$$)=>{if(!$otp_id$$||!$otp_code$$)throw Error("Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u otp-id v\u00e0 otp-code");const $u$$=await global.getModel("user").findOne({$or:[{email:$otp_username$$}]});if(!$u$$)throw Error(`T\u00e0i kho\u1ea3n ${$otp_username$$} kh\u00f4ng t\u1ed3n t\u1ea1i`);if($otp_id$$.toUpperCase()==="PIN"&&configs.use_pin_as_otp){if(!($u$$.local||{}).pin)throw Error("M\u00e3 pin ch\u01b0a \u0111\u01b0\u1ee3c t\u1ea1o"); if(!await $u$$.validPin($otp_code$$))throw Error("M\u00e3 pin kh\u00f4ng ch\u00ednh x\u00e1c");return{pin:$otp_code$$,phone:$otp_username$$}}if(!global.mongoose.Types.ObjectId.isValid($otp_id$$))throw Error("otp-id kh\u00f4ng h\u1ee3p l\u1ec7");$otp_username$$=await global.getModel("otp").findOne({_id:$otp_id$$,phone:$otp_username$$});if(!$otp_username$$)throw Error("OTP kh\u00f4ng h\u1ee3p l\u1ec7");$otp_username$$.tried_number=($otp_username$$.tried_number||0)+1;await $otp_username$$.save();if(!$otp_username$$|| $otp_username$$.tried_number>(configs.MAX_TRY_OTP||3)||$otp_username$$.otp!=$otp_code$$||$otp_username$$.verified||$otp_username$$.expire_time.getTime()<(new Date).getTime())throw Error("M\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i ho\u1eb7c \u0111\u00e3 h\u1ebft hi\u1ec7u l\u1ef1c");await global.getModel("otp").updateOne({_id:$otp_id$$},{verified:!0});return $otp_username$$};