verdnatura/salix
verdnatura
/
salix
3
4
Fork 0
Code Issues Pull Requests 67 Releases Wiki Activity

refs #5929 added ACL and accurate errors
gitea/salix/pipeline/head There was a failure building this commit Details

This commit is contained in:
Jorge Penadés 2023-07-24 10:34:44 +02:00
parent eb963ff993
commit 4f80221101
3 changed files with 25 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
db/changes/233201/00-updatePrice.sql Normal file
View File

@ -0,0 +1,2 @@
INSERT INTO `salix`.`ACL` (`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`)
VALUES ('Ticket','*','*','ALLOW','ROLE','buyer');

4
loopback/locale/es.json
View File

@ -307,5 +307,7 @@
"Negative basis of tickets": "Base negativa para los tickets: {{ticketsIds}}", "Negative basis of tickets": "Base negativa para los tickets: {{ticketsIds}}",
"The company has not informed the supplier account for bank transfers": "La empresa no tiene informado la cuenta de proveedor para transferencias bancarias", "The company has not informed the supplier account for bank transfers": "La empresa no tiene informado la cuenta de proveedor para transferencias bancarias",
"You cannot assign/remove an alias that you are not assigned to": "No puede asignar/eliminar un alias que no tenga asignado", "You cannot assign/remove an alias that you are not assigned to": "No puede asignar/eliminar un alias que no tenga asignado",
"This invoice has a linked vehicle.": "Esta factura tiene un vehiculo vinculado" "This invoice has a linked vehicle.": "Esta factura tiene un vehiculo vinculado",
"You don't have enough privileges.": "You don't have enough privileges.",
"This ticket is locked.": "This ticket is locked."
} }

23
modules/ticket/back/methods/ticket/isEditable.js
View File

@ -1,3 +1,5 @@
const UserError = require('vn-loopback/util/user-error');
module.exports = Self => { module.exports = Self => {
Self.remoteMethodCtx('isEditable', { Self.remoteMethodCtx('isEditable', {
description: 'Check if a ticket is editable', description: 'Check if a ticket is editable',
@ -31,7 +33,7 @@ module.exports = Self => {
}, myOptions); }, myOptions);
const isRoleAdvanced = await models.ACL.checkAccessAcl(ctx, 'Ticket', 'isRoleAdvanced', '*'); const isRoleAdvanced = await models.ACL.checkAccessAcl(ctx, 'Ticket', 'isRoleAdvanced', '*');
const canEditWeeklyTicket = await models.ACL.checkAccessAcl(ctx, 'Ticket', 'buyer', 'WRITE');
const alertLevel = state ? state.alertLevel : null; const alertLevel = state ? state.alertLevel : null;
const ticket = await models.Ticket.findById(id, { const ticket = await models.Ticket.findById(id, {
fields: ['clientFk'], fields: ['clientFk'],
@ -48,13 +50,26 @@ module.exports = Self => {
const isLocked = await models.Ticket.isLocked(id, myOptions); const isLocked = await models.Ticket.isLocked(id, myOptions);
const isWeekly = await models.TicketWeekly.findOne({where: {ticketFk: id}}, myOptions); const isWeekly = await models.TicketWeekly.findOne({where: {ticketFk: id}}, myOptions);
console.log('isRoleAdvanced', isRoleAdvanced);
console.log('canEditWeeklyTicket', canEditWeeklyTicket);
console.log('ticket', ticket);
console.log('isLocked', isLocked);
console.log('isWeekly', isWeekly);
const alertLevelGreaterThanZero = (alertLevel && alertLevel > 0); const alertLevelGreaterThanZero = (alertLevel && alertLevel > 0);
const isNormalClient = ticket && ticket.client().type().code == 'normal'; const isNormalClient = ticket && ticket.client().type().code == 'normal';
const isEditable = !(alertLevelGreaterThanZero && isNormalClient); const isEditable = !(alertLevelGreaterThanZero && isNormalClient);
if (!ticket)
throw new UserError(`The ticket doesn't exist.`);
if (!isEditable && !isRoleAdvanced)
throw new UserError(`This ticket is not editable.`);
if (isLocked)
throw new UserError(`This ticket is locked.`);
if (isWeekly && !canEditWeeklyTicket)
throw new UserError(`You don't have enough privileges.`);
if (ticket && (isEditable || isRoleAdvanced) && !isLocked && !isWeekly)
return true; return true;
return false;
}; };
}; };