fix: refs #6889 allocate 'productionReviewer' role to revision dep. workers & check if is owner or reviewer

2024-05-30 11:47:12 +02:00 · 2024-05-30 11:47:12 +02:00 · 002111d8d1
parent 5158017edd
commit 002111d8d1
3 changed files with 28 additions and 11 deletions
--- a/db/versions/11060-tealGalax/00-createRoleProductionReviewer.sql
+++ b/db/versions/11060-tealGalax/00-createRoleProductionReviewer.sql
@ -9,3 +9,10 @@ INSERT INTO account.role
 -- UPDATE salix.ACL 
 -- 	SET principalId = 'productionReviewer'
 -- 	WHERE property = 'isInPreparing';
+
+UPDATE account.user u
+		JOIN vn.workerDepartment wd ON wd.workerFk = u.id
+		JOIN vn.department d ON wd.departmentFk = d.id 
+		JOIN account.role r ON r.name = 'productionReviewer'
+	SET u.role = r.id
+	WHERE d.name = 'REVISION';
--- a/modules/route/back/methods/route/specs/getSuggestedTickets.spec.js
+++ b/modules/route/back/methods/route/specs/getSuggestedTickets.spec.js
@ -28,7 +28,7 @@ describe('route getSuggestedTickets()', () => {

            const result = await models.Route.getSuggestedTickets(routeID, options);

-            const length = result.length; // cambiar agenciaMode de los tickets por el 8 y ver si da algún problema
+            const length = result.length;
            const anyResult = result[Math.floor(Math.random() * Math.floor(length))];

            expect(result.length).toEqual(4);
--- a/modules/ticket/back/methods/ticket/isEditableOrThrow.js
+++ b/modules/ticket/back/methods/ticket/isEditableOrThrow.js
@ -8,18 +8,13 @@ module.exports = Self => {
        if (typeof options == 'object')
            Object.assign(myOptions, options);

-        const state = await models.TicketState.findOne({
-            where: {ticketFk: id}
-        }, myOptions);
-
+        const state = await models.TicketState.findOne({where: {ticketFk: id}}, myOptions);
        const isRoleAdvanced = await models.ACL.checkAccessAcl(ctx, 'Ticket', 'isRoleAdvanced', '*');
+        const isProductionReviewer = await models.ACL.checkAccessAcl(ctx, 'Sale', 'isInPreparing', '*');
        const canEditWeeklyTicket = await models.ACL.checkAccessAcl(ctx, 'Ticket', 'canEditWeekly', 'WRITE');
        const alertLevel = state ? state.alertLevel : null;
        const ticket = await models.Ticket.findById(id, {
-            fields: ['clientFk'],
-            include: {
-                relation: 'client'
-            }
+            fields: ['clientFk'], include: {relation: 'client'}
        }, myOptions);

        const isLocked = await models.Ticket.isLocked(id, myOptions);
@ -29,10 +24,25 @@ module.exports = Self => {
        const isNormalClient = ticket && ticket.client().typeFk == 'normal';
        const isEditable = !(alertLevelGreaterThanZero && isNormalClient);

+        const ticketCollection = await models.TicketCollection.findOne({
+            include: {relation: 'collection'}, where: {ticketFk: id}
+        }, myOptions);
+        let workerId = ticketCollection?.collection()?.workerFk;
+
+        if (!workerId) {
+            const saleGroup = await models.SaleGroup.findOne({fields: ['id'], where: {ticketFk: id}}, myOptions);
+            const sectorCollectionSaleGroup = saleGroup && await models.SectorCollectionSaleGroup.findOne({
+                include: {relation: 'sectorCollection'}, where: {saleGroupFk: saleGroup.id}
+            }, myOptions);
+
+            workerId = sectorCollectionSaleGroup?.sectorCollection()?.userFk;
+        }
+        const isOwner = workerId === ctx.req.accessToken.userId;
+
        if (!ticket)
            throw new ForbiddenError(`The ticket doesn't exist.`);

-        if (!isEditable && !isRoleAdvanced)
+        if (!isEditable && !isRoleAdvanced && !isProductionReviewer && !isOwner)
            throw new ForbiddenError(`This ticket is not editable.`);

        if (isLocked && !isWeekly)