From 2e89af97950249f1cd807dd763e62c6f9be07c71 Mon Sep 17 00:00:00 2001
From: Bernat <bernat.verdnatura@gmail.com>
Date: Mon, 12 Aug 2019 13:26:44 +0200
Subject: [PATCH] #1630  state.isEditable

---
 .../ticket/back/methods/state/isEditable.js   | 37 +++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 modules/ticket/back/methods/state/isEditable.js

diff --git a/modules/ticket/back/methods/state/isEditable.js b/modules/ticket/back/methods/state/isEditable.js
new file mode 100644
index 000000000..00b4f4c4f
--- /dev/null
+++ b/modules/ticket/back/methods/state/isEditable.js
@@ -0,0 +1,37 @@
+module.exports = Self => {
+    Self.remoteMethodCtx('isEditable', {
+        description: 'Check if the ticket state is editable',
+        accessType: 'READ',
+        accepts: [{
+            arg: 'stateId',
+            type: 'number',
+            required: true,
+            http: {source: 'path'}
+        }],
+        returns: {
+            type: 'boolean',
+            root: true
+        },
+        http: {
+            path: `/:stateId/isEditable`,
+            verb: 'get'
+        }
+    });
+
+    Self.isEditable = async(ctx, stateId) => {
+        const accessToken = ctx.req.accessToken;
+        const models = Self.app.models;
+        const userId = accessToken.userId;
+
+        let isProduction = await models.Account.hasRole(userId, 'production');
+        let isSalesPerson = await models.Account.hasRole(userId, 'salesPerson');
+        let isAdministrative = await models.Account.hasRole(userId, 'administrative');
+        let state = await models.State.findById(stateId);
+
+
+        let salesPersonAllowed = (isSalesPerson && state.code == 'PICKER_DESIGNED');
+
+        let isAllowed = isProduction || isAdministrative || salesPersonAllowed || state.alertLevel == 0;
+        return isAllowed;
+    };
+};