feat: refs #8239 Added checkColumnPermission method

loopback/common/methods/application/checkColumnPermission.js

@@ -0,0 +1,65 @@
+const UserError = require('vn-loopback/util/user-error');
+
+module.exports = Self => {
+    Self.remoteMethod('checkColumnPermission', {
+        description: 'Return enum values of column',
+        accessType: 'EXECUTE',
+        accepts: [{
+            arg: 'schema',
+            type: 'string',
+            description: 'The schema of db',
+            required: true,
+        }, {
+            arg: 'table',
+            type: 'string',
+            description: 'The table of schema',
+            required: true,
+        }, {
+            arg: 'column',
+            type: 'string',
+            description: 'The column of table',
+            required: true,
+        }, {
+            arg: 'privilegeType',
+            type: 'string',
+            description: 'Privilege type (SELECT|UPDATE|INSERT|DELETE)',
+            required: true,
+        }, {
+            arg: 'userId',
+            type: 'number',
+            description: 'The user id',
+            required: true,
+        }
+        ],
+        returns: {
+            type: 'any',
+            root: true
+        },
+        http: {
+            path: `/check-column-permission`,
+            verb: 'GET'
+        }
+    });
+
+    Self.checkColumnPermission = async(schema, table, column, privilegeType, userId) => {
+        const models = Self.app.models;
+        const $t = ((msg, vars) => // Me falta hacer funcionar el $t, ya que probando con ctx no funciona
+            msg.replace(/\{(\w+)\}/g, (_, key) => vars[key] || '')
+        );
+
+        const user = await models.VnUser.findById(userId);
+        const role = await models.VnRole.findById(user.roleFk);
+        const permissions = await Self.rawSql(`
+            SELECT TRUE
+                FROM information_schema.COLUMN_PRIVILEGES 
+                WHERE TABLE_SCHEMA = ?
+                    AND TABLE_NAME = ? 
+                    AND COLUMN_NAME = ?
+                    AND PRIVILEGE_TYPE = ?
+                    AND REGEXP_SUBSTR(GRANTEE, '[a-zA-Z]+') = ?
+            `, [schema, table, column, privilegeType, role.name]);
+
+        if (!permissions.length)
+            throw new UserError($t(`You don't have enough privileges to modify`, {column}));
+    };
+};

loopback/common/models/application.js

@@ -5,4 +5,5 @@ module.exports = function(Self) {
     require('../methods/application/executeProc')(Self);
     require('../methods/application/executeFunc')(Self);
     require('../methods/application/getEnumValues')(Self);
+    require('../methods/application/checkColumnPermission')(Self);
 };

loopback/locale/en.json

@@ -249,5 +249,6 @@
     "Sales already moved": "Sales already moved",
     "Holidays to past days not available": "Holidays to past days not available",
 	"Price cannot be blank": "Price cannot be blank",
-    "There are tickets to be invoiced": "There are tickets to be invoiced"
+    "There are tickets to be invoiced": "There are tickets to be invoiced",
+	"You don't have enough privileges to modify": "You don't have enough privileges to modify: {{column}}"
 }

loopback/locale/es.json

@@ -398,5 +398,6 @@
 	"Holidays to past days not available": "Las vacaciones a días pasados no están disponibles",
 	"All tickets have a route order": "Todos los tickets tienen orden de ruta",
 	"Price cannot be blank": "Price cannot be blank",
-    "There are tickets to be invoiced": "La zona tiene tickets por facturar"
-}
+	"There are tickets to be invoiced": "La zona tiene tickets por facturar",
+	"You don't have enough privileges to modify": "No tienes suficientes permisos para modificar la columna: {{column}}"
+}

loopback/locale/fr.json

@@ -366,5 +366,6 @@
     "The quantity claimed cannot be greater than the quantity of the line": "Le montant réclamé ne peut pas être supérieur au montant de la ligne",
     "You do not have permission to modify the booked field": "Vous n'avez pas la permission de modifier le champ comptabilisé",
 	"ticketLostExpedition": "Le ticket [{{ticketId}}]({{{ticketUrl}}}) a l'expédition perdue suivante : {{expeditionId}}",
-	"The web user's email already exists": "L'email de l'internaute existe déjà"
+	"The web user's email already exists": "L'email de l'internaute existe déjà",
+	"You don't have enough privileges to modify": "Vous n'avez pas suffisamment de privilèges pour modifier: {{column}}"
 }

loopback/locale/pt.json

@@ -365,5 +365,6 @@
 	"Cannot send mail": "Não é possível enviar o email",
 	"The quantity claimed cannot be greater than the quantity of the line": "O valor reclamado não pode ser superior ao valor da linha",
 	"ticketLostExpedition": "O ticket [{{ticketId}}]({{{ticketUrl}}}) tem a seguinte expedição perdida: {{expeditionId}}",
-	"The web user's email already exists": "O e-mail do utilizador da web já existe."
+	"The web user's email already exists": "O e-mail do utilizador da web já existe.",
+		"You don't have enough privileges to modify": "Você não tem privilégios suficientes para modificar: {{column}}"
 }

modules/item/back/models/item.js

@@ -1,4 +1,5 @@
 let UserError = require('vn-loopback/util/user-error');
+const models = require('vn-loopback/server/server').models;
 
 module.exports = Self => {
     require('../methods/item/filter')(Self);
@@ -22,6 +23,9 @@ module.exports = Self => {
 
     Self.observe('before save', async function(ctx) {
         await Self.availableId(ctx);
+        await models.Application.checkColumnPermission(
+            'vn', 'item', 'packingOut', 'UPDATE', ctx.options.accessToken.userId
+        );
     });
 
     Self.availableId = async function(ctx) {