38 lines
1.2 KiB
JavaScript
38 lines
1.2 KiB
JavaScript
|
module.exports = Self => {
|
||
|
Self.remoteMethodCtx('isEditable', {
|
||
|
description: 'Check if the ticket state is editable',
|
||
|
accessType: 'READ',
|
||
|
accepts: [{
|
||
|
arg: 'stateId',
|
||
|
type: 'number',
|
||
|
required: true,
|
||
|
http: {source: 'path'}
|
||
|
}],
|
||
|
returns: {
|
||
|
type: 'boolean',
|
||
|
root: true
|
||
|
},
|
||
|
http: {
|
||
|
path: `/:stateId/isEditable`,
|
||
|
verb: 'get'
|
||
|
}
|
||
|
});
|
||
|
|
||
|
Self.isEditable = async(ctx, stateId) => {
|
||
|
const accessToken = ctx.req.accessToken;
|
||
|
const models = Self.app.models;
|
||
|
const userId = accessToken.userId;
|
||
|
|
||
|
let isProduction = await models.Account.hasRole(userId, 'production');
|
||
|
let isSalesPerson = await models.Account.hasRole(userId, 'salesPerson');
|
||
|
let isAdministrative = await models.Account.hasRole(userId, 'administrative');
|
||
|
let state = await models.State.findById(stateId);
|
||
|
|
||
|
|
||
|
let salesPersonAllowed = (isSalesPerson && state.code == 'PICKER_DESIGNED');
|
||
|
|
||
|
let isAllowed = isProduction || isAdministrative || salesPersonAllowed || state.alertLevel == 0;
|
||
|
return isAllowed;
|
||
|
};
|
||
|
};
|