fix: refs #6889 allocate 'productionReviewer' role to revision dep. workers & check if is owner or reviewer
gitea/salix/pipeline/pr-dev This commit looks good
Details
gitea/salix/pipeline/pr-dev This commit looks good
Details
This commit is contained in:
parent
5158017edd
commit
002111d8d1
|
@ -8,4 +8,11 @@ INSERT INTO account.role
|
|||
|
||||
-- UPDATE salix.ACL
|
||||
-- SET principalId = 'productionReviewer'
|
||||
-- WHERE property = 'isInPreparing';
|
||||
-- WHERE property = 'isInPreparing';
|
||||
|
||||
UPDATE account.user u
|
||||
JOIN vn.workerDepartment wd ON wd.workerFk = u.id
|
||||
JOIN vn.department d ON wd.departmentFk = d.id
|
||||
JOIN account.role r ON r.name = 'productionReviewer'
|
||||
SET u.role = r.id
|
||||
WHERE d.name = 'REVISION';
|
|
@ -28,7 +28,7 @@ describe('route getSuggestedTickets()', () => {
|
|||
|
||||
const result = await models.Route.getSuggestedTickets(routeID, options);
|
||||
|
||||
const length = result.length; // cambiar agenciaMode de los tickets por el 8 y ver si da algún problema
|
||||
const length = result.length;
|
||||
const anyResult = result[Math.floor(Math.random() * Math.floor(length))];
|
||||
|
||||
expect(result.length).toEqual(4);
|
||||
|
|
|
@ -8,18 +8,13 @@ module.exports = Self => {
|
|||
if (typeof options == 'object')
|
||||
Object.assign(myOptions, options);
|
||||
|
||||
const state = await models.TicketState.findOne({
|
||||
where: {ticketFk: id}
|
||||
}, myOptions);
|
||||
|
||||
const state = await models.TicketState.findOne({where: {ticketFk: id}}, myOptions);
|
||||
const isRoleAdvanced = await models.ACL.checkAccessAcl(ctx, 'Ticket', 'isRoleAdvanced', '*');
|
||||
const isProductionReviewer = await models.ACL.checkAccessAcl(ctx, 'Sale', 'isInPreparing', '*');
|
||||
const canEditWeeklyTicket = await models.ACL.checkAccessAcl(ctx, 'Ticket', 'canEditWeekly', 'WRITE');
|
||||
const alertLevel = state ? state.alertLevel : null;
|
||||
const ticket = await models.Ticket.findById(id, {
|
||||
fields: ['clientFk'],
|
||||
include: {
|
||||
relation: 'client'
|
||||
}
|
||||
fields: ['clientFk'], include: {relation: 'client'}
|
||||
}, myOptions);
|
||||
|
||||
const isLocked = await models.Ticket.isLocked(id, myOptions);
|
||||
|
@ -29,10 +24,25 @@ module.exports = Self => {
|
|||
const isNormalClient = ticket && ticket.client().typeFk == 'normal';
|
||||
const isEditable = !(alertLevelGreaterThanZero && isNormalClient);
|
||||
|
||||
const ticketCollection = await models.TicketCollection.findOne({
|
||||
include: {relation: 'collection'}, where: {ticketFk: id}
|
||||
}, myOptions);
|
||||
let workerId = ticketCollection?.collection()?.workerFk;
|
||||
|
||||
if (!workerId) {
|
||||
const saleGroup = await models.SaleGroup.findOne({fields: ['id'], where: {ticketFk: id}}, myOptions);
|
||||
const sectorCollectionSaleGroup = saleGroup && await models.SectorCollectionSaleGroup.findOne({
|
||||
include: {relation: 'sectorCollection'}, where: {saleGroupFk: saleGroup.id}
|
||||
}, myOptions);
|
||||
|
||||
workerId = sectorCollectionSaleGroup?.sectorCollection()?.userFk;
|
||||
}
|
||||
const isOwner = workerId === ctx.req.accessToken.userId;
|
||||
|
||||
if (!ticket)
|
||||
throw new ForbiddenError(`The ticket doesn't exist.`);
|
||||
|
||||
if (!isEditable && !isRoleAdvanced)
|
||||
if (!isEditable && !isRoleAdvanced && !isProductionReviewer && !isOwner)
|
||||
throw new ForbiddenError(`This ticket is not editable.`);
|
||||
|
||||
if (isLocked && !isWeekly)
|
||||
|
|
Loading…
Reference in New Issue