From cd750cb86fdda2ec9705ff90473cfc63250f51b0 Mon Sep 17 00:00:00 2001 From: Dani Herrero Date: Thu, 1 Jun 2017 13:31:42 +0200 Subject: [PATCH 1/5] ACL corregido error --- services/salix/server/boot/routes.js | 34 ++++++++++++---------------- 1 file changed, 14 insertions(+), 20 deletions(-) diff --git a/services/salix/server/boot/routes.js b/services/salix/server/boot/routes.js index cbd83d2c18..993e16eb62 100644 --- a/services/salix/server/boot/routes.js +++ b/services/salix/server/boot/routes.js @@ -11,9 +11,9 @@ module.exports = function (app) { app.get('/acl', function(req, res){ let token = req.cookies.vnToken; - validateToken(token, function(isValid) { + validateToken(token, function(isValid, token) { if (isValid) - sendUserRole(res); + sendUserRole(res, token); else sendACL(res, {}); }); @@ -44,11 +44,8 @@ module.exports = function (app) { function validateToken(tokenId, cb) { app.models.AccessToken.findById(tokenId, function(err, token) { if (token) { - if(token.userId){ - app.currentUser = {id: token.userId}; - } token.validate (function (err, isValid) { - cb(isValid === true); + cb(isValid === true, token); }); } else @@ -56,11 +53,11 @@ module.exports = function (app) { }); } - function sendUserRole(res){ - if(app.currentUser && app.currentUser.id){ + function sendUserRole(res, token){ + if(token.userId){ let query = { "where": { - "principalId": `${app.currentUser.id}`, + "principalId": token.userId, "principalType": "USER" }, "include": [{ @@ -68,29 +65,26 @@ module.exports = function (app) { "scope": { "fields": ["name"] } - }, - { - "relation": "user", - "scope": { - "fields": ["id", "username"] - } }] - }; - app.models.RoleMapping.belongsTo(app.models.User, {foreignKey: 'principalId', as: 'user'}); + }; app.models.RoleMapping.find(query, function(err, roles){ if(roles){ - let acl = { + var acl = { userProfile: {}, roles: {} }; - acl.userProfile = roles[0].user(); Object.keys(roles).forEach(function(_, i){ if(roles[i].roleId){ let rol = roles[i].role(); acl.roles[rol.name] = true; } }); - sendACL(res, acl); + app.models.User.findById(token.userId, function(_, userProfile){ + //acl.userProfile = userProfile; + acl.userProfile.id = userProfile.id; + acl.userProfile.username = userProfile.username; + sendACL(res, acl); + }); } else sendACL(res, {}); From f4ed484b90dae3516c521238fba4b41ba760e7df Mon Sep 17 00:00:00 2001 From: Vicente Falco Date: Thu, 1 Jun 2017 13:52:13 +0200 Subject: [PATCH 2/5] Notas: Anadir usuario --- .../client/common/models/ClientObservation.js | 15 +++++++++++++-- services/client/package.json | 1 + services/client/server/middleware.json | 12 +++++++++++- services/client/server/middleware/currentUser.js | 13 +++++++++++++ 4 files changed, 38 insertions(+), 3 deletions(-) create mode 100644 services/client/server/middleware/currentUser.js diff --git a/services/client/common/models/ClientObservation.js b/services/client/common/models/ClientObservation.js index 150595f5c6..ba6315a3d8 100644 --- a/services/client/common/models/ClientObservation.js +++ b/services/client/common/models/ClientObservation.js @@ -1,4 +1,7 @@ module.exports = function(ClientObservation) { + + let loopBackContext = require('loopback-context'); + ClientObservation.validate('text', isEnabled, {message: 'Se debe rellenar el campo de texto'}); function isEnabled(err) { if (!this.text) err(); @@ -6,7 +9,15 @@ module.exports = function(ClientObservation) { ClientObservation.observe('before save', function(ctx, next) { ctx.instance.created = Date(); - ctx.instance.employeeFk = 20; - next(); + let currentUser = loopBackContext.getCurrentContext(); + let userId = currentUser.get('currentUser'); + let app = require('../../server/server'); + let employee = app.models.Employee; + employee.findOne({where: {userFk: userId}}, function (err, user){ + if (user){ + ctx.instance.employeeFk = user.id; + next(); + } + }); }); }; diff --git a/services/client/package.json b/services/client/package.json index da18e64333..4bfb667231 100644 --- a/services/client/package.json +++ b/services/client/package.json @@ -16,6 +16,7 @@ "loopback-boot": "^2.6.5", "loopback-component-explorer": "^2.7.0", "loopback-connector-mysql": "^3.0.0", + "loopback-context": "^3.1.0", "loopback-datasource-juggler": "^2.54.1", "serve-favicon": "^2.0.1", "strong-error-handler": "^1.2.1" diff --git a/services/client/server/middleware.json b/services/client/server/middleware.json index 0d5c5e38df..e022d4c12c 100644 --- a/services/client/server/middleware.json +++ b/services/client/server/middleware.json @@ -22,10 +22,20 @@ "helmet#noSniff": {}, "helmet#noCache": { "enabled": false + }, + "loopback-context#per-request": { + "params": { + "enableHttpContext": true + } } }, "session": {}, - "auth": {}, + "auth": { + "loopback#token": {} + }, + "auth:after": { + "./middleware/currentUser": {} + }, "parse": {}, "routes": { "loopback#rest": { diff --git a/services/client/server/middleware/currentUser.js b/services/client/server/middleware/currentUser.js new file mode 100644 index 0000000000..6024b442ea --- /dev/null +++ b/services/client/server/middleware/currentUser.js @@ -0,0 +1,13 @@ +module.exports = function(options) { + return function storeCurrentUser(req, res, next) { + if (!req.accessToken) { + return next(); + } + let LoopBackContext = require('loopback-context'); + let loopbackContext = LoopBackContext.getCurrentContext(); + if (loopbackContext) { + loopbackContext.set('currentUser', req.accessToken.userId); + } + next(); + }; +}; From 310ad81a698d5aca6033b10cbecdbc3b14b02348 Mon Sep 17 00:00:00 2001 From: Dani Herrero Date: Thu, 1 Jun 2017 14:05:23 +0200 Subject: [PATCH 3/5] emails separados con coma --- services/client/common/models/Client.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/client/common/models/Client.js b/services/client/common/models/Client.js index 051476522c..3b5feb10d6 100644 --- a/services/client/common/models/Client.js +++ b/services/client/common/models/Client.js @@ -27,7 +27,7 @@ module.exports = function(Client) { Client.validatesFormatOf('email', { message: 'Correo electrónico inválido', allowNull: true, - with: /^[\w|\.|\-]+@\w[\w|\.|\-]*\w$/ + with: /^[\w|\.|\-]+@\w[\w|\.|\-]*\w(,[\w|\.|\-]+@\w[\w|\.|\-]*\w)*$/ }); Client.validatesLengthOf('postcode', { allowNull: true, From b18c2c4966dbe79e5411f16e7e36fd541afd12b1 Mon Sep 17 00:00:00 2001 From: nelo Date: Thu, 1 Jun 2017 14:39:22 +0200 Subject: [PATCH 4/5] =?UTF-8?q?Administraci=C3=B3n=20solo=20recargo=20equi?= =?UTF-8?q?valencia=20Raz=C3=B3n=20social=20=C3=BAnico=20Si=20no=20hay=20c?= =?UTF-8?q?omercial,=20modificar=20los=20datos?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../client/src/billing-data/billing-data.html | 3 +- services/client/common/models/ACL_script.sql | 36 +++++++++------- services/client/common/models/Client.js | 4 +- services/client/common/models/Client.json | 3 ++ .../common/scopes/client/before-save.js | 42 +++++++++++++++++++ 5 files changed, 71 insertions(+), 17 deletions(-) diff --git a/client/client/src/billing-data/billing-data.html b/client/client/src/billing-data/billing-data.html index 74180d36e9..5d37e4f3a3 100644 --- a/client/client/src/billing-data/billing-data.html +++ b/client/client/src/billing-data/billing-data.html @@ -21,9 +21,10 @@ + - + diff --git a/services/client/common/models/ACL_script.sql b/services/client/common/models/ACL_script.sql index 46cde8eabd..2f402ab2da 100644 --- a/services/client/common/models/ACL_script.sql +++ b/services/client/common/models/ACL_script.sql @@ -1,15 +1,21 @@ -insert into `ACL`(`id`,`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values (1,'Account','*','READ','ALLOW','ROLE','employee'); -insert into `ACL`(`id`,`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values (2,'Account','*','WRITE','ALLOW','ROLE','employee'); -insert into `ACL`(`id`,`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values (3,'Address','*','READ','ALLOW','ROLE','employee'); -insert into `ACL`(`id`,`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values (4,'Address','*','WRITE','ALLOW','ROLE','employee'); -insert into `ACL`(`id`,`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values (5,'AgencyService','*','READ','ALLOW','ROLE','employee'); -insert into `ACL`(`id`,`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values (6,'AgencyService','*','WRITE','ALLOW','ROLE','employee'); -insert into `ACL`(`id`,`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values (7,'Client','*','READ','ALLOW','ROLE','employee'); -insert into `ACL`(`id`,`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values (8,'Client','*','WRITE','ALLOW','ROLE','employee'); -insert into `ACL`(`id`,`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values (9,'ClientObservation','*','READ','ALLOW','ROLE','employee'); -insert into `ACL`(`id`,`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values (10,'ClientObservation','*','WRITE','ALLOW','ROLE','employee'); -insert into `ACL`(`id`,`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values (11,'ContactChannel','*','READ','ALLOW','ROLE','employee'); -insert into `ACL`(`id`,`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values (12,'ContactChannel','*','WRITE','ALLOW','ROLE','employee'); -insert into `ACL`(`id`,`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values (13,'Employee','*','READ','ALLOW','ROLE','employee'); -insert into `ACL`(`id`,`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values (14,'PayMethod','*','READ','ALLOW','ROLE','employee'); -insert into `ACL`(`id`,`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values (15,'PayMethod','*','WRITE','ALLOW','ROLE','employee'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('Account','*','READ','ALLOW','ROLE','employee'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('Account','*','WRITE','ALLOW','ROLE','employee'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('Address','*','READ','ALLOW','ROLE','employee'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('Address','*','WRITE','ALLOW','ROLE','employee'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('AgencyService','*','READ','ALLOW','ROLE','employee'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('AgencyService','*','WRITE','ALLOW','ROLE','employee'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('Client','*','READ','ALLOW','ROLE','employee'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('Client','*','WRITE','ALLOW','ROLE','employee'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('Client','fi','WRITE','DENY','ROLE','$everyone'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('Client','fi','WRITE','ALLOW','ROLE','administrative'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('Client','equalizationTax','WRITE','DENY','ROLE','$everyone'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('Client','equalizationTax','WRITE','ALLOW','ROLE','administrative'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('Client','salesPerson','WRITE','DENY','ROLE','$everyone'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('Client','salesPerson','WRITE','ALLOW','ROLE','salesBoss'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('ClientObservation','*','READ','ALLOW','ROLE','employee'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('ClientObservation','*','WRITE','ALLOW','ROLE','employee'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('ContactChannel','*','READ','ALLOW','ROLE','employee'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('ContactChannel','*','WRITE','ALLOW','ROLE','employee'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('Employee','*','READ','ALLOW','ROLE','employee'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('PayMethod','*','READ','ALLOW','ROLE','employee'); +insert into `ACL`(`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) values ('PayMethod','*','WRITE','ALLOW','ROLE','employee'); diff --git a/services/client/common/models/Client.js b/services/client/common/models/Client.js index 051476522c..f29e6bea65 100644 --- a/services/client/common/models/Client.js +++ b/services/client/common/models/Client.js @@ -19,6 +19,9 @@ module.exports = function(Client) { Client.validatesPresenceOf('socialName', { message: 'Debe especificarse la razón social' }); + Client.validatesUniquenessOf('socialName', { + message: 'La razón social debe ser única' + }); Client.validatesFormatOf('postcode', { message: 'El código postal solo debe contener números', allowNull: true, @@ -38,7 +41,6 @@ module.exports = function(Client) { allowBlank: true, max: 23 }); - Client.validate('payMethod', hasSalesMan, { message: 'No se puede cambiar la forma de pago si no hay comercial asignado' }); diff --git a/services/client/common/models/Client.json b/services/client/common/models/Client.json index da955b23fa..da8a76b762 100644 --- a/services/client/common/models/Client.json +++ b/services/client/common/models/Client.json @@ -46,6 +46,9 @@ "active": { "type": "boolean" }, + "discount":{ + "type": "Number" + }, "credit": { "type": "Number" }, diff --git a/services/client/common/scopes/client/before-save.js b/services/client/common/scopes/client/before-save.js index 9a0c82cdd7..8ab6defe1c 100644 --- a/services/client/common/scopes/client/before-save.js +++ b/services/client/common/scopes/client/before-save.js @@ -1,18 +1,60 @@ module.exports = function(Client){ + + var CREDIT_CARD = 5; + Client.observe('before save', function(ctx, next) { if (ctx.instance) { + Object.assign(ctx.instance, doIfNullSalesPerson(ctx.instance)); + if (!ctx.instance.dueDay) ctx.instance.dueDay = 5; + + if(ctx.instance.equalizationTax && !canMarkEqualizationTax(ctx.instance)) + generateErrorEqualizationTax(); + next(); } else { Client.findById(ctx.where.id, function(err, instance) { + Object.assign(ctx.data, doIfNullSalesPerson(instance)); + if (instance && instance.payMethodFk != ctx.data.payMethodFk && instance.dueDay == ctx.data.dueDay) ctx.data.dueDay = 5; + + if(instance.fi !== undefined && ctx.data.equalizationTax && !canMarkEqualizationTax(instance)) + next(generateErrorEqualizationTax()); + + if(instance.equalizationTax !== undefined && instance.equalizationTax && ctx.data.fi && !!canMarkEqualizationTax(ctx.data)) + next(generateErrorEqualizationTax()); + next(); }); } }); + + function doIfNullSalesPerson(instance){ + var data = {}; + if(instance.salesPerson === null){ + data.credit = 0; + data.discount = 0; + data.payMethodFk = CREDIT_CARD; + } + return data; + } + + function canMarkEqualizationTax(instance){ + var firstLetter = instance.fi.toUpperCase().charAt(0); + if(firstLetter != "A" && firstLetter != "B") + return false; + return true; + } + + function generateErrorEqualizationTax(){ + var error = new Error(); + error.message = "No se puede marcar el recargo de equivalencia"; + error.status = 500; + return error; + } } \ No newline at end of file From bb91c026da9b37cb8be8e7e849acf6263150eefa Mon Sep 17 00:00:00 2001 From: Dani Herrero Date: Thu, 1 Jun 2017 14:50:55 +0200 Subject: [PATCH 5/5] =?UTF-8?q?corregido=20error=20aviso=20cambio=20de=20m?= =?UTF-8?q?=C3=A9todo=20pago?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- client/client/src/billing-data/billing-data.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/client/src/billing-data/billing-data.js b/client/client/src/billing-data/billing-data.js index 1824a60911..813aa79b13 100644 --- a/client/client/src/billing-data/billing-data.js +++ b/client/client/src/billing-data/billing-data.js @@ -20,7 +20,7 @@ class billingData { copyData() { if (this.client) { - this.payId = this.client.payMethod ? this.client.payMethod.id : null; + this.payId = this.client.payMethodFk || null; this.dueDay = this.client.dueDay ? this.client.dueDay : null; } }