43 lines
1.3 KiB
JavaScript
43 lines
1.3 KiB
JavaScript
|
const UserError = require('vn-loopback/util/user-error');
|
||
|
|
||
|
module.exports = Self => {
|
||
|
Self.remoteMethodCtx('addTime', {
|
||
|
description: 'Adds a new hour registry',
|
||
|
accessType: 'WRITE',
|
||
|
accepts: [{
|
||
|
arg: 'data',
|
||
|
type: 'object',
|
||
|
required: true,
|
||
|
description: 'workerFk, timed',
|
||
|
http: {source: 'body'}
|
||
|
}],
|
||
|
returns: [{
|
||
|
type: 'Object',
|
||
|
root: true
|
||
|
}],
|
||
|
http: {
|
||
|
path: `/addTime`,
|
||
|
verb: 'POST'
|
||
|
}
|
||
|
});
|
||
|
|
||
|
Self.addTime = async(ctx, data) => {
|
||
|
const Worker = Self.app.models.Worker;
|
||
|
const myUserId = ctx.req.accessToken.userId;
|
||
|
const myWorker = await Worker.findOne({where: {userFk: myUserId}});
|
||
|
const isSubordinate = await Worker.isSubordinate(ctx, data.workerFk);
|
||
|
const isTeamBoss = await Self.app.models.Account.hasRole(myUserId, 'teamBoss');
|
||
|
|
||
|
if (isSubordinate === false || (isSubordinate && myWorker.id == data.workerFk && !isTeamBoss))
|
||
|
throw new UserError(`You don't have enough privileges`);
|
||
|
|
||
|
const subordinate = await Worker.findById(data.workerFk);
|
||
|
|
||
|
return Self.create({
|
||
|
userFk: subordinate.userFk,
|
||
|
timed: data.timed,
|
||
|
manual: 1
|
||
|
});
|
||
|
};
|
||
|
};
|