verdnatura/salix
verdnatura
/
salix
3
5
Fork 0
Code Issues Pull Requests 49 Releases Wiki Activity

feat(ticket_isEditable): use ticketWeekly
gitea/salix/pipeline/head This commit is unstable Details

This commit is contained in:
Alex Moreno 2022-11-07 09:19:20 +01:00
parent 5051f8b590
commit 03ec8e27e6
6 changed files with 33 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
db/changes/10500-november/00-editTrackedACL.sql
View File

@ -1,5 +1,4 @@
INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`) INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`)
VALUES VALUES
('Sale', 'editTracked', 'WRITE', 'ALLOW', 'ROLE', 'production'), ('Sale', 'editTracked', 'WRITE', 'ALLOW', 'ROLE', 'production'),
('Sale', 'editFloramondo', 'WRITE', 'ALLOW', 'ROLE', 'salesAssistant'), ('Sale', 'editFloramondo', 'WRITE', 'ALLOW', 'ROLE', 'salesAssistant');
('Ticket', 'editWeekly', 'WRITE', 'DENY', 'ROLE', '$authenticated');

6
db/dump/fixtures.sql
View File

@ -984,7 +984,7 @@ INSERT INTO `vn`.`sale`(`id`, `itemFk`, `ticketFk`, `concept`, `quantity`, `pric
(30, 4, 18, 'Melee weapon heavy shield 1x0.5m', 20, 1.72, 0, 0, 0, util.VN_CURDATE()), (30, 4, 18, 'Melee weapon heavy shield 1x0.5m', 20, 1.72, 0, 0, 0, util.VN_CURDATE()),
(31, 2, 23, 'Melee weapon combat fist 15cm', -5, 7.08, 0, 0, 0, util.VN_CURDATE()), (31, 2, 23, 'Melee weapon combat fist 15cm', -5, 7.08, 0, 0, 0, util.VN_CURDATE()),
(32, 1, 24, 'Ranged weapon longbow 2m', -1, 8.07, 0, 0, 0, util.VN_CURDATE()), (32, 1, 24, 'Ranged weapon longbow 2m', -1, 8.07, 0, 0, 0, util.VN_CURDATE()),
(33, 5, 14, 'Ranged weapon pistol 9mm', 50, 1.79, 0, 0, 0, util.VN_CURDATE()); (33, 5, 14, 'Ranged weapon pistol 9mm', 50, 1.79, 0, 0, 0, util.VN_CURDATE());
INSERT INTO `vn`.`saleChecked`(`saleFk`, `isChecked`) INSERT INTO `vn`.`saleChecked`(`saleFk`, `isChecked`)
VALUES VALUES
@ -1358,7 +1358,7 @@ INSERT INTO `vn`.`ticketWeekly`(`ticketFk`, `weekDay`)
(3, 2), (3, 2),
(4, 4), (4, 4),
(5, 6), (5, 6),
(14, 6); (15, 6);
INSERT INTO `vn`.`travel`(`id`,`shipped`, `landed`, `warehouseInFk`, `warehouseOutFk`, `agencyModeFk`, `m3`, `kg`,`ref`, `totalEntries`, `cargoSupplierFk`) INSERT INTO `vn`.`travel`(`id`,`shipped`, `landed`, `warehouseInFk`, `warehouseOutFk`, `agencyModeFk`, `m3`, `kg`,`ref`, `totalEntries`, `cargoSupplierFk`)
VALUES VALUES
@ -2712,7 +2712,7 @@ INSERT INTO `vn`.`ticketCollection` (`ticketFk`, `collectionFk`, `created`, `lev
INSERT INTO `vn`.`saleCloned` (`saleClonedFk`, `saleOriginalFk`) INSERT INTO `vn`.`saleCloned` (`saleClonedFk`, `saleOriginalFk`)
VALUES VALUES
('27', '25'); (29, 25);
UPDATE `account`.`user` UPDATE `account`.`user`
SET `hasGrant` = 1 SET `hasGrant` = 1

5
modules/ticket/back/methods/sale/canEdit.js
View File

@ -46,19 +46,16 @@ module.exports = Self => {
const hasSaleTracking = await models.SaleTracking.findOne({where: {saleFk: {inq: sales}}}, myOptions); const hasSaleTracking = await models.SaleTracking.findOne({where: {saleFk: {inq: sales}}}, myOptions);
const hasSaleCloned = await models.SaleCloned.findOne({where: {saleClonedFk: {inq: sales}}}, myOptions); const hasSaleCloned = await models.SaleCloned.findOne({where: {saleClonedFk: {inq: sales}}}, myOptions);
const isTicketWeekly = await models.TicketWeekly.findOne({where: {ticketFk: ticketId}}, myOptions);
const hasSaleFloramondo = salesData.find(sale => sale.item().isFloramondo); const hasSaleFloramondo = salesData.find(sale => sale.item().isFloramondo);
const canEditTracked = await models.ACL.checkAccessAcl(ctx, 'Sale', 'editTracked'); const canEditTracked = await models.ACL.checkAccessAcl(ctx, 'Sale', 'editTracked');
const canEditCloned = await models.ACL.checkAccessAcl(ctx, 'Sale', 'editCloned'); const canEditCloned = await models.ACL.checkAccessAcl(ctx, 'Sale', 'editCloned');
const canEditWeekly = await models.ACL.checkAccessAcl(ctx, 'Ticket', 'editWeekly');
const canEditFloramondo = await models.ACL.checkAccessAcl(ctx, 'Sale', 'editFloramondo'); const canEditFloramondo = await models.ACL.checkAccessAcl(ctx, 'Sale', 'editFloramondo');
const shouldEditTracked = canEditTracked || !hasSaleTracking; const shouldEditTracked = canEditTracked || !hasSaleTracking;
const shouldEditCloned = canEditCloned || !hasSaleCloned; const shouldEditCloned = canEditCloned || !hasSaleCloned;
const shouldEditWeekly = canEditWeekly || !isTicketWeekly;
const shouldEditFloramondo = canEditFloramondo || !hasSaleFloramondo; const shouldEditFloramondo = canEditFloramondo || !hasSaleFloramondo;
return shouldEditTracked && shouldEditCloned && shouldEditWeekly && shouldEditFloramondo; return shouldEditTracked && shouldEditCloned && shouldEditFloramondo;
}; };
}; };

70
modules/ticket/back/methods/sale/specs/canEdit.spec.js
View File

@ -72,6 +72,7 @@ describe('sale canEdit()', () => {
}); });
describe('sale editCloned', () => { describe('sale editCloned', () => {
const saleCloned = [29];
it('should return false if any of the sales is cloned', async() => { it('should return false if any of the sales is cloned', async() => {
const tx = await models.Sale.beginTransaction({}); const tx = await models.Sale.beginTransaction({});
@ -81,9 +82,7 @@ describe('sale canEdit()', () => {
const buyerId = 35; const buyerId = 35;
const ctx = {req: {accessToken: {userId: buyerId}}}; const ctx = {req: {accessToken: {userId: buyerId}}};
const sales = [27]; const result = await models.Sale.canEdit(ctx, saleCloned, options);
const result = await models.Sale.canEdit(ctx, sales, options);
expect(result).toEqual(false); expect(result).toEqual(false);
@ -115,66 +114,7 @@ describe('sale canEdit()', () => {
}); });
const ctx = {req: {accessToken: {userId: role.id}}}; const ctx = {req: {accessToken: {userId: role.id}}};
const sales = [27]; const result = await models.Sale.canEdit(ctx, saleCloned, options);
const result = await models.Sale.canEdit(ctx, sales, options);
expect(result).toEqual(true);
await tx.rollback();
} catch (e) {
await tx.rollback();
throw e;
}
});
});
describe('ticket editWeekly', () => {
it('should return false if any of the sales is of ticket weekly', async() => {
const tx = await models.Sale.beginTransaction({});
try {
const options = {transaction: tx};
const ctx = {req: {accessToken: {userId: employeeId}}};
const sales = [33];
const result = await models.Sale.canEdit(ctx, sales, options);
expect(result).toEqual(false);
await tx.rollback();
} catch (e) {
await tx.rollback();
throw e;
}
});
it('should return true if any of the sales is of ticketWeekly and has the correct role', async() => {
const tx = await models.Sale.beginTransaction({});
const roleEnabled = await models.ACL.findOne({
where: {
model: 'Ticket',
property: 'editWeekly',
permission: 'ALLOW'
}
});
if (!roleEnabled || !roleEnabled.principalId) return await tx.rollback();
try {
const options = {transaction: tx};
const role = await models.Role.findOne({
where: {
name: roleEnabled.principalId
}
});
const ctx = {req: {accessToken: {userId: role.id}}};
const sales = [33];
const result = await models.Sale.canEdit(ctx, sales, options);
expect(result).toEqual(true); expect(result).toEqual(true);
@ -189,7 +129,7 @@ describe('sale canEdit()', () => {
describe('sale editFloramondo', () => { describe('sale editFloramondo', () => {
it('should return false if any of the sales isFloramondo', async() => { it('should return false if any of the sales isFloramondo', async() => {
const tx = await models.Sale.beginTransaction({}); const tx = await models.Sale.beginTransaction({});
const sales = [33]; const sales = [26];
try { try {
const options = {transaction: tx}; const options = {transaction: tx};
@ -213,7 +153,7 @@ describe('sale canEdit()', () => {
it('should return true if any of the sales is of isFloramondo and has the correct role', async() => { it('should return true if any of the sales is of isFloramondo and has the correct role', async() => {
const tx = await models.Sale.beginTransaction({}); const tx = await models.Sale.beginTransaction({});
const sales = [32]; const sales = [26];
const roleEnabled = await models.ACL.findOne({ const roleEnabled = await models.ACL.findOne({
where: { where: {

4
modules/ticket/back/methods/ticket/isEditable.js
View File

@ -44,13 +44,15 @@ module.exports = Self => {
} }
}] }]
}, myOptions); }, myOptions);
const isLocked = await models.Ticket.isLocked(id, myOptions); const isLocked = await models.Ticket.isLocked(id, myOptions);
const isWeekly = await models.TicketWeekly.findOne({where: {ticketFk: id}}, myOptions);
const alertLevelGreaterThanZero = (alertLevel && alertLevel > 0); const alertLevelGreaterThanZero = (alertLevel && alertLevel > 0);
const isNormalClient = ticket && ticket.client().type().code == 'normal'; const isNormalClient = ticket && ticket.client().type().code == 'normal';
const isEditable = !(alertLevelGreaterThanZero && isNormalClient); const isEditable = !(alertLevelGreaterThanZero && isNormalClient);
if (ticket && (isEditable || isRoleAdvanced) && !isLocked) if (ticket && (isEditable || isRoleAdvanced) && !isLocked && !isWeekly)
return true; return true;
return false; return false;

19
modules/ticket/back/methods/ticket/specs/isEditable.spec.js
View File

@ -134,4 +134,23 @@ describe('ticket isEditable()', () => {
expect(result).toEqual(false); expect(result).toEqual(false);
}); });
it('should not be able to edit if is a ticket weekly', async() => {
const tx = await models.Ticket.beginTransaction({});
try {
const options = {transaction: tx};
const ctx = {req: {accessToken: {userId: 1}}};
const result = await models.Ticket.isEditable(ctx, 15, options);
expect(result).toEqual(false);
await tx.rollback();
} catch (e) {
await tx.rollback();
throw e;
}
});
}); });