From 26ff5e8fa9ee7f933b024bc47022b59678d5e7a2 Mon Sep 17 00:00:00 2001
From: jorgep <jorgep@verdnatura.es>
Date: Wed, 8 May 2024 11:03:18 +0200
Subject: [PATCH] feat; refs #5919 WIP acls

---
 db/versions/11019-grayDendro/01-aclLocker.sql |  7 +++++++
 modules/worker/back/models/locker.json        | 14 ++++++++++++-
 modules/worker/back/models/worker.json        | 20 ++++++++++++++++++-
 3 files changed, 39 insertions(+), 2 deletions(-)
 create mode 100644 db/versions/11019-grayDendro/01-aclLocker.sql

diff --git a/db/versions/11019-grayDendro/01-aclLocker.sql b/db/versions/11019-grayDendro/01-aclLocker.sql
new file mode 100644
index 000000000..6b3a66817
--- /dev/null
+++ b/db/versions/11019-grayDendro/01-aclLocker.sql
@@ -0,0 +1,7 @@
+INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`)
+	VALUES ('Locker', '__get__codes', 'READ', 'ALLOW', 'ROLE', 'employee'),
+		('Locker', '*', '*', 'ALLOW', 'ROLE', 'hr'),
+		('Locker', '*', '*', 'ALLOW', 'ROLE', 'productionBoss'),
+		('Worker', '__get__locker', 'READ', 'ALLOW', 'ROLE', 'hr'),
+		('Worker', '__get__locker', 'READ', 'ALLOW', 'ROLE', 'productionBoss'),
+		('Worker', '__get__locker', 'READ', 'ALLOW', 'ROLE', 'productionBoss');
diff --git a/modules/worker/back/models/locker.json b/modules/worker/back/models/locker.json
index b329648c1..1609df32d 100644
--- a/modules/worker/back/models/locker.json
+++ b/modules/worker/back/models/locker.json
@@ -1,7 +1,7 @@
 {
     "name": "Locker",
     "base": "VnModel",
-    "description": "Employee's locker",
+    "description": "Worker's locker",
     "options": {
         "mysql": {
           "table": "locker"
@@ -14,5 +14,17 @@
         "gender": {
             "type": "string"
         }
+    },
+    "relations": {
+        "user": {
+            "type": "belongsTo",
+            "model": "VnUser",
+            "foreignKey": "workerFk"
+        }
+    },
+    "scopes": {
+        "codes": {
+            "fields": ["id","code"]
+        }
     }
 }
diff --git a/modules/worker/back/models/worker.json b/modules/worker/back/models/worker.json
index af31b11fe..cbe0e4586 100644
--- a/modules/worker/back/models/worker.json
+++ b/modules/worker/back/models/worker.json
@@ -97,5 +97,23 @@
             "model": "Locker",
             "foreignKey": "workerFk"
         }
-    }
+    },
+    "scopes":{
+        "locker": {
+            "fields":["id","sex"],
+            "include": {
+                "relation": "locker",
+                "scope": {"fields": ["id", "code"]}
+            }
+        }
+    },
+    "acls":[
+        {
+            "property": "__get__locker",
+            "accessType": "READ",
+            "permission": "ALLOW",
+            "principalType": "ROLE",
+            "principalId": "$owner"
+        }
+    ]
 }