54 lines
1.6 KiB
JavaScript
54 lines
1.6 KiB
JavaScript
|
module.exports = Self => {
|
||
|
Self.remoteMethodCtx('updateBillingData', {
|
||
|
description: 'Updates billing data of a client',
|
||
|
accessType: 'WRITE',
|
||
|
accepts: [{
|
||
|
arg: 'data',
|
||
|
type: 'Object',
|
||
|
required: true,
|
||
|
description: 'Params to update',
|
||
|
http: {source: 'body'}
|
||
|
}, {
|
||
|
arg: 'id',
|
||
|
type: 'string',
|
||
|
required: true,
|
||
|
description: 'Model id',
|
||
|
http: {source: 'path'}
|
||
|
}],
|
||
|
returns: {
|
||
|
arg: 'data',
|
||
|
type: 'Worker',
|
||
|
root: true
|
||
|
},
|
||
|
http: {
|
||
|
path: `/:id/updateBillingData`,
|
||
|
verb: 'PATCH'
|
||
|
}
|
||
|
});
|
||
|
|
||
|
Self.updateBillingData = async(ctx, params, id) => {
|
||
|
let userId = ctx.req.accessToken.userId;
|
||
|
let isAdministrative = await Self.app.models.Account.hasRole(userId, 'administrative');
|
||
|
|
||
|
let [taxData] = await Self.app.models.Client.find({where: {id: id}, fields: ['isTaxDataChecked']});
|
||
|
if (!isAdministrative && taxData.isTaxDataChecked)
|
||
|
throw new Error(`You don't have enough privileges to do that`);
|
||
|
|
||
|
let validUpdateParams = [
|
||
|
'payMethodFk',
|
||
|
'dueDay',
|
||
|
'iban',
|
||
|
'hasLcr',
|
||
|
'hasCoreVnl',
|
||
|
'hasSepaVnl'
|
||
|
];
|
||
|
|
||
|
for (const key in params) {
|
||
|
if (validUpdateParams.indexOf(key) === -1)
|
||
|
throw new Error(`You don't have enough privileges to do that`);
|
||
|
}
|
||
|
|
||
|
return await Self.app.models.Client.update({id: id}, params);
|
||
|
};
|
||
|
};
|