salix/modules/worker/back/methods/worker-time-control/addTimeEntry.js

43 lines
1.4 KiB
JavaScript
Raw Normal View History

2019-05-17 11:27:51 +00:00
const UserError = require('vn-loopback/util/user-error');
module.exports = Self => {
2019-11-05 07:59:48 +00:00
Self.remoteMethodCtx('addTimeEntry', {
2019-05-17 11:27:51 +00:00
description: 'Adds a new hour registry',
accessType: 'WRITE',
accepts: [{
arg: 'data',
type: 'object',
required: true,
description: 'workerFk, timed',
http: {source: 'body'}
}],
returns: [{
type: 'Object',
root: true
}],
http: {
2019-11-05 07:59:48 +00:00
path: `/addTimeEntry`,
2019-05-17 11:27:51 +00:00
verb: 'POST'
}
});
2019-11-05 07:59:48 +00:00
Self.addTimeEntry = async(ctx, data) => {
2019-05-17 11:27:51 +00:00
const Worker = Self.app.models.Worker;
const myUserId = ctx.req.accessToken.userId;
const myWorker = await Worker.findOne({where: {userFk: myUserId}});
const isSubordinate = await Worker.isSubordinate(ctx, data.workerFk);
2019-11-18 10:00:09 +00:00
const isTeamBoss = await Self.app.models.Account.hasRole(myUserId, 'teamBoss');
2019-05-17 11:27:51 +00:00
if (isSubordinate === false || (isSubordinate && myWorker.id == data.workerFk && !isTeamBoss))
throw new UserError(`You don't have enough privileges`);
const subordinate = await Worker.findById(data.workerFk);
2019-10-17 12:01:23 +00:00
const timed = new Date(data.timed);
2019-05-17 11:27:51 +00:00
let [result] = await Self.rawSql('SELECT vn.workerTimeControl_add(?, ?, ?, ?) AS id', [
2019-10-17 12:01:23 +00:00
subordinate.userFk, null, timed, true]);
return result;
2019-05-17 11:27:51 +00:00
};
};