From 6fcbf69f60ec9d471e2909a47c59f01bd049c903 Mon Sep 17 00:00:00 2001 From: alexm Date: Fri, 30 Jun 2023 08:26:51 +0200 Subject: [PATCH] refs #5753 isNotEditableCredit to zeroCreditEditor --- db/changes/232801/00-fix_editCredit.sql | 6 ++++++ modules/client/back/models/client.js | 10 +++++----- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/db/changes/232801/00-fix_editCredit.sql b/db/changes/232801/00-fix_editCredit.sql index 40571ddb5..ff0d9e2b3 100644 --- a/db/changes/232801/00-fix_editCredit.sql +++ b/db/changes/232801/00-fix_editCredit.sql @@ -4,4 +4,10 @@ UPDATE `salix`.`ACL` model = 'Client' AND property = 'editCredit'; +UPDATE `salix`.`ACL` + SET property='zeroCreditEditor' + WHERE + model = 'Client' + AND property = 'isNotEditableCredit'; + diff --git a/modules/client/back/models/client.js b/modules/client/back/models/client.js index 000a99de7..e17ed5ec7 100644 --- a/modules/client/back/models/client.js +++ b/modules/client/back/models/client.js @@ -413,18 +413,18 @@ module.exports = Self => { order: 'id DESC' }, ctx.options); - if (lastCredit) { - const canEdit = - await models.ACL.checkAccessAcl(accessToken, 'Client', 'isNotEditableCredit', 'WRITE'); + if (lastCredit && lastCredit.amount == 0) { + const zeroCreditEditor = + await models.ACL.checkAccessAcl(accessToken, 'Client', 'zeroCreditEditor', 'WRITE'); const lastCreditIsNotEditable = await models.ACL.checkAccessAcl( {req: {accessToken: {userId: lastCredit.workerFk}}}, 'Client', - 'isNotEditableCredit', + 'zeroCreditEditor', 'WRITE' ); - if (lastCredit.amount == 0 && lastCreditIsNotEditable && !canEdit) + if (lastCreditIsNotEditable && !zeroCreditEditor) throw new UserError(`You can't change the credit set to zero from a financialBoss`); }