verdnatura/salix
verdnatura
/
salix
3
4
Fork 0
Code Issues Pull Requests 55 Releases Wiki Activity

feat(ticket_isEditable): use ticketWeekly
gitea/salix/pipeline/head This commit is unstable Details

This commit is contained in:
Alex Moreno 2022-11-07 09:19:20 +01:00
parent 5051f8b590
commit 03ec8e27e6
6 changed files with 33 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
db/changes/10500-november/00-editTrackedACL.sql
View File

@ -1,5 +1,4 @@
INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`)
VALUES
('Sale', 'editTracked', 'WRITE', 'ALLOW', 'ROLE', 'production'),
('Sale', 'editFloramondo', 'WRITE', 'ALLOW', 'ROLE', 'salesAssistant'),
('Ticket', 'editWeekly', 'WRITE', 'DENY', 'ROLE', '$authenticated');
('Sale', 'editFloramondo', 'WRITE', 'ALLOW', 'ROLE', 'salesAssistant');

8
db/dump/fixtures.sql
View File

@ -984,7 +984,7 @@ INSERT INTO `vn`.`sale`(`id`, `itemFk`, `ticketFk`, `concept`, `quantity`, `pric
(30, 4, 18, 'Melee weapon heavy shield 1x0.5m', 20, 1.72, 0, 0, 0, util.VN_CURDATE()),
(31, 2, 23, 'Melee weapon combat fist 15cm', -5, 7.08, 0, 0, 0, util.VN_CURDATE()),
(32, 1, 24, 'Ranged weapon longbow 2m', -1, 8.07, 0, 0, 0, util.VN_CURDATE()),
(33, 5, 14, 'Ranged weapon pistol 9mm', 50, 1.79, 0, 0, 0, util.VN_CURDATE());
(33, 5, 14, 'Ranged weapon pistol 9mm', 50, 1.79, 0, 0, 0, util.VN_CURDATE());
INSERT INTO `vn`.`saleChecked`(`saleFk`, `isChecked`)
VALUES
@ -1358,7 +1358,7 @@ INSERT INTO `vn`.`ticketWeekly`(`ticketFk`, `weekDay`)
(3, 2),
(4, 4),
(5, 6),
(14, 6);
(15, 6);
INSERT INTO `vn`.`travel`(`id`,`shipped`, `landed`, `warehouseInFk`, `warehouseOutFk`, `agencyModeFk`, `m3`, `kg`,`ref`, `totalEntries`, `cargoSupplierFk`)
VALUES
@ -2712,7 +2712,7 @@ INSERT INTO `vn`.`ticketCollection` (`ticketFk`, `collectionFk`, `created`, `lev
INSERT INTO `vn`.`saleCloned` (`saleClonedFk`, `saleOriginalFk`)
VALUES
('27', '25');
(29, 25);
UPDATE `account`.`user`
SET `hasGrant` = 1
@ -2720,4 +2720,4 @@ UPDATE `account`.`user`
INSERT INTO `vn`.`osTicketConfig` (`id`, `host`, `user`, `password`, `oldStatus`, `newStatusId`, `day`, `comment`, `hostDb`, `userDb`, `passwordDb`, `portDb`, `responseType`, `fromEmailId`, `replyTo`)
VALUES
(0, 'http://localhost:56596/scp', 'ostadmin', 'Admin1', 'open', 3, 60, 'Este CAU se ha cerrado automáticamente. Si el problema persiste responda a este mensaje.', 'localhost', 'osticket', 'osticket', 40003, 'reply', 1, 'all');
(0, 'http://localhost:56596/scp', 'ostadmin', 'Admin1', 'open', 3, 60, 'Este CAU se ha cerrado automáticamente. Si el problema persiste responda a este mensaje.', 'localhost', 'osticket', 'osticket', 40003, 'reply', 1, 'all');

5
modules/ticket/back/methods/sale/canEdit.js
View File

@ -46,19 +46,16 @@ module.exports = Self => {
const hasSaleTracking = await models.SaleTracking.findOne({where: {saleFk: {inq: sales}}}, myOptions);
const hasSaleCloned = await models.SaleCloned.findOne({where: {saleClonedFk: {inq: sales}}}, myOptions);
const isTicketWeekly = await models.TicketWeekly.findOne({where: {ticketFk: ticketId}}, myOptions);
const hasSaleFloramondo = salesData.find(sale => sale.item().isFloramondo);
const canEditTracked = await models.ACL.checkAccessAcl(ctx, 'Sale', 'editTracked');
const canEditCloned = await models.ACL.checkAccessAcl(ctx, 'Sale', 'editCloned');
const canEditWeekly = await models.ACL.checkAccessAcl(ctx, 'Ticket', 'editWeekly');
const canEditFloramondo = await models.ACL.checkAccessAcl(ctx, 'Sale', 'editFloramondo');
const shouldEditTracked = canEditTracked || !hasSaleTracking;
const shouldEditCloned = canEditCloned || !hasSaleCloned;
const shouldEditWeekly = canEditWeekly || !isTicketWeekly;
const shouldEditFloramondo = canEditFloramondo || !hasSaleFloramondo;
return shouldEditTracked && shouldEditCloned && shouldEditWeekly && shouldEditFloramondo;
return shouldEditTracked && shouldEditCloned && shouldEditFloramondo;
};
};

70
modules/ticket/back/methods/sale/specs/canEdit.spec.js
View File

@ -72,6 +72,7 @@ describe('sale canEdit()', () => {
});
describe('sale editCloned', () => {
const saleCloned = [29];
it('should return false if any of the sales is cloned', async() => {
const tx = await models.Sale.beginTransaction({});
@ -81,9 +82,7 @@ describe('sale canEdit()', () => {
const buyerId = 35;
const ctx = {req: {accessToken: {userId: buyerId}}};
const sales = [27];
const result = await models.Sale.canEdit(ctx, sales, options);
const result = await models.Sale.canEdit(ctx, saleCloned, options);
expect(result).toEqual(false);
@ -115,66 +114,7 @@ describe('sale canEdit()', () => {
});
const ctx = {req: {accessToken: {userId: role.id}}};
const sales = [27];
const result = await models.Sale.canEdit(ctx, sales, options);
expect(result).toEqual(true);
await tx.rollback();
} catch (e) {
await tx.rollback();
throw e;
}
});
});
describe('ticket editWeekly', () => {
it('should return false if any of the sales is of ticket weekly', async() => {
const tx = await models.Sale.beginTransaction({});
try {
const options = {transaction: tx};
const ctx = {req: {accessToken: {userId: employeeId}}};
const sales = [33];
const result = await models.Sale.canEdit(ctx, sales, options);
expect(result).toEqual(false);
await tx.rollback();
} catch (e) {
await tx.rollback();
throw e;
}
});
it('should return true if any of the sales is of ticketWeekly and has the correct role', async() => {
const tx = await models.Sale.beginTransaction({});
const roleEnabled = await models.ACL.findOne({
where: {
model: 'Ticket',
property: 'editWeekly',
permission: 'ALLOW'
}
});
if (!roleEnabled || !roleEnabled.principalId) return await tx.rollback();
try {
const options = {transaction: tx};
const role = await models.Role.findOne({
where: {
name: roleEnabled.principalId
}
});
const ctx = {req: {accessToken: {userId: role.id}}};
const sales = [33];
const result = await models.Sale.canEdit(ctx, sales, options);
const result = await models.Sale.canEdit(ctx, saleCloned, options);
expect(result).toEqual(true);
@ -189,7 +129,7 @@ describe('sale canEdit()', () => {
describe('sale editFloramondo', () => {
it('should return false if any of the sales isFloramondo', async() => {
const tx = await models.Sale.beginTransaction({});
const sales = [33];
const sales = [26];
try {
const options = {transaction: tx};
@ -213,7 +153,7 @@ describe('sale canEdit()', () => {
it('should return true if any of the sales is of isFloramondo and has the correct role', async() => {
const tx = await models.Sale.beginTransaction({});
const sales = [32];
const sales = [26];
const roleEnabled = await models.ACL.findOne({
where: {

4
modules/ticket/back/methods/ticket/isEditable.js
View File

@ -44,13 +44,15 @@ module.exports = Self => {
}
}]
}, myOptions);
const isLocked = await models.Ticket.isLocked(id, myOptions);
const isWeekly = await models.TicketWeekly.findOne({where: {ticketFk: id}}, myOptions);
const alertLevelGreaterThanZero = (alertLevel && alertLevel > 0);
const isNormalClient = ticket && ticket.client().type().code == 'normal';
const isEditable = !(alertLevelGreaterThanZero && isNormalClient);
if (ticket && (isEditable || isRoleAdvanced) && !isLocked)
if (ticket && (isEditable || isRoleAdvanced) && !isLocked && !isWeekly)
return true;
return false;

19
modules/ticket/back/methods/ticket/specs/isEditable.spec.js
View File

@ -134,4 +134,23 @@ describe('ticket isEditable()', () => {
expect(result).toEqual(false);
});
it('should not be able to edit if is a ticket weekly', async() => {
const tx = await models.Ticket.beginTransaction({});
try {
const options = {transaction: tx};
const ctx = {req: {accessToken: {userId: 1}}};
const result = await models.Ticket.isEditable(ctx, 15, options);
expect(result).toEqual(false);
await tx.rollback();
} catch (e) {
await tx.rollback();
throw e;
}
});
});