diff --git a/db/changes/233201/00-updatePrice.sql b/db/changes/233201/00-updatePrice.sql index 93888df6e..959943d6f 100644 --- a/db/changes/233201/00-updatePrice.sql +++ b/db/changes/233201/00-updatePrice.sql @@ -1,2 +1,2 @@ INSERT INTO `salix`.`ACL` (`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`) - VALUES ('Ticket','*','*','ALLOW','ROLE','buyer'); + VALUES ('Ticket','canEditWeekly','WRITE','ALLOW','ROLE','buyer'); diff --git a/loopback/locale/es.json b/loopback/locale/es.json index 1a200709f..942cc74c7 100644 --- a/loopback/locale/es.json +++ b/loopback/locale/es.json @@ -309,5 +309,6 @@ "You cannot assign/remove an alias that you are not assigned to": "No puede asignar/eliminar un alias que no tenga asignado", "This invoice has a linked vehicle.": "Esta factura tiene un vehiculo vinculado", "You don't have enough privileges.": "You don't have enough privileges.", - "This ticket is locked.": "This ticket is locked." + "This ticket is locked.": "This ticket is locked.", + "This ticket is not editable.": "This ticket is not editable." } \ No newline at end of file diff --git a/modules/ticket/back/methods/ticket/isEditable.js b/modules/ticket/back/methods/ticket/isEditable.js index 9f7e14dcc..967988214 100644 --- a/modules/ticket/back/methods/ticket/isEditable.js +++ b/modules/ticket/back/methods/ticket/isEditable.js @@ -33,7 +33,7 @@ module.exports = Self => { }, myOptions); const isRoleAdvanced = await models.ACL.checkAccessAcl(ctx, 'Ticket', 'isRoleAdvanced', '*'); - const canEditWeeklyTicket = await models.ACL.checkAccessAcl(ctx, 'Ticket', 'buyer', 'WRITE'); + const canEditWeeklyTicket = await models.ACL.checkAccessAcl(ctx, 'Ticket', 'canEditWeekly', 'WRITE'); const alertLevel = state ? state.alertLevel : null; const ticket = await models.Ticket.findById(id, { fields: ['clientFk'], @@ -50,14 +50,10 @@ module.exports = Self => { const isLocked = await models.Ticket.isLocked(id, myOptions); const isWeekly = await models.TicketWeekly.findOne({where: {ticketFk: id}}, myOptions); - console.log('isRoleAdvanced', isRoleAdvanced); - console.log('canEditWeeklyTicket', canEditWeeklyTicket); - console.log('ticket', ticket); - console.log('isLocked', isLocked); - console.log('isWeekly', isWeekly); const alertLevelGreaterThanZero = (alertLevel && alertLevel > 0); const isNormalClient = ticket && ticket.client().type().code == 'normal'; const isEditable = !(alertLevelGreaterThanZero && isNormalClient); + if (!ticket) throw new UserError(`The ticket doesn't exist.`); diff --git a/modules/ticket/back/methods/ticket/specs/isEditable.spec.js b/modules/ticket/back/methods/ticket/specs/isEditable.spec.js index 7337017d6..043445c28 100644 --- a/modules/ticket/back/methods/ticket/specs/isEditable.spec.js +++ b/modules/ticket/back/methods/ticket/specs/isEditable.spec.js @@ -1,143 +1,68 @@ const models = require('vn-loopback/server/server').models; describe('ticket isEditable()', () => { - it('should return false if the given ticket does not exist', async() => { + it('should throw an error as the ticket does not exist', async() => { const tx = await models.Ticket.beginTransaction({}); - let result; - + let error; try { const options = {transaction: tx}; const ctx = { req: {accessToken: {userId: 9}} }; - result = await models.Ticket.isEditable(ctx, 9999, options); - + await models.Ticket.isEditable(ctx, 9999, options); await tx.rollback(); } catch (e) { await tx.rollback(); - throw e; + error = e; } - expect(result).toEqual(false); + expect(error.message).toEqual(`The ticket doesn't exist.`); }); - it(`should return false if the given ticket isn't invoiced but isDeleted`, async() => { + it('should throw an error as this ticket is not editable', async() => { const tx = await models.Ticket.beginTransaction({}); - let result; - - try { - const options = {transaction: tx}; - const deletedTicket = await models.Ticket.findOne({ - where: { - invoiceOut: null, - isDeleted: true - }, - fields: ['id'] - }); - - const ctx = { - req: {accessToken: {userId: 9}} - }; - - result = await models.Ticket.isEditable(ctx, deletedTicket.id, options); - - await tx.rollback(); - } catch (e) { - await tx.rollback(); - throw e; - } - - expect(result).toEqual(false); - }); - - it('should return true if the given ticket is editable', async() => { - const tx = await models.Ticket.beginTransaction({}); - let result; + let error; try { const options = {transaction: tx}; const ctx = { - req: {accessToken: {userId: 9}} + req: {accessToken: {userId: 1}} }; - result = await models.Ticket.isEditable(ctx, 16, options); - + await models.Ticket.isEditable(ctx, 8, options); await tx.rollback(); } catch (e) { + error = e; await tx.rollback(); - throw e; } - expect(result).toEqual(true); + expect(error.message).toEqual(`This ticket is not editable.`); }); - it('should not be able to edit a deleted or invoiced ticket even for salesAssistant', async() => { + it('should throw an error as this ticket is locked.', async() => { const tx = await models.Ticket.beginTransaction({}); - let result; - - try { - const options = {transaction: tx}; - const ctx = { - req: {accessToken: {userId: 21}} - }; - - result = await models.Ticket.isEditable(ctx, 19, options); - - await tx.rollback(); - } catch (e) { - await tx.rollback(); - throw e; - } - - expect(result).toEqual(false); - }); - - it('should not be able to edit a deleted or invoiced ticket even for productionBoss', async() => { - const tx = await models.Ticket.beginTransaction({}); - let result; - - try { - const options = {transaction: tx}; - const ctx = { - req: {accessToken: {userId: 50}} - }; - - result = await models.Ticket.isEditable(ctx, 19, options); - - await tx.rollback(); - } catch (e) { - await tx.rollback(); - throw e; - } - - expect(result).toEqual(false); - }); - - it('should not be able to edit a deleted or invoiced ticket even for salesPerson', async() => { - const tx = await models.Ticket.beginTransaction({}); - let result; - + let error; try { const options = {transaction: tx}; const ctx = { req: {accessToken: {userId: 18}} }; - result = await models.Ticket.isEditable(ctx, 19, options); + await models.Ticket.isEditable(ctx, 19, options); await tx.rollback(); } catch (e) { + error = e; await tx.rollback(); - throw e; } - expect(result).toEqual(false); + expect(error.message).toEqual(`This ticket is locked.`); }); - it('should not be able to edit if is a ticket weekly', async() => { + it('should throw an error as you do not have enough privileges.', async() => { const tx = await models.Ticket.beginTransaction({}); - + let error; try { const options = {transaction: tx}; @@ -147,10 +72,29 @@ describe('ticket isEditable()', () => { expect(result).toEqual(false); + await tx.rollback(); + } catch (e) { + error = e; + await tx.rollback(); + } + + expect(error.message).toEqual(`You don't have enough privileges.`); + }); + + it('should be able to edit a ticket weekly', async() => { + const tx = await models.Ticket.beginTransaction({}); + let result; + try { + const options = {transaction: tx}; + const ctx = {req: {accessToken: {userId: 35}}}; + + result = await models.Ticket.isEditable(ctx, 15, options); await tx.rollback(); } catch (e) { await tx.rollback(); throw e; } + + expect(result).toEqual(true); }); });