fixed billing data

services/loopback/common/methods/client/updateBillingData.js

@@ -30,34 +30,34 @@ module.exports = Self => {
 
     Self.updateBillingData = async(ctx, params, id) => {
         let userId = ctx.req.accessToken.userId;
-        let isAdministrative = await Self.app.models.Account.hasRole(userId, 'administrative');
 
-        let client = await Self.app.models.Client.findOne({where: {id: id}});
-
-        if (!isAdministrative && client.isTaxDataChecked)
-            throw new UserError(`You don't have enough privileges to do that`);
-
-        let validUpdateParams = [
+        let data = filterAttributes(params, [
             'payMethodFk',
             'dueDay',
             'iban',
             'hasLcr',
             'hasCoreVnl',
-            'hasSepaVnl'
-        ];
+            'hasSepaVnl']);
 
-        for (const key in params) {
-            if (validUpdateParams.indexOf(key) === -1)
-                throw new UserError(`You don't have enough privileges to do that`);
-        }
+        if (!Object.keys(data).length) return;
 
-        return client.updateAttributes({
-            payMethodFk: params.payMethodFk,
-            dueDay: params.dueDay,
-            iban: params.iban,
-            hasLcr: params.hasLcr,
-            hasCoreVnl: params.hasCoreVnl,
-            hasSepaVnl: params.hasSepaVnl
-        });
+        let isAdministrative = await Self.app.models.Account.hasRole(userId, 'administrative');
+        let client = await Self.app.models.Client.findOne({where: {id: id}});
+
+        if (!isAdministrative && client.isTaxDataChecked)
+            throw new UserError(`You don't have enough privileges to do that`);
+
+        return client.updateAttributes(data);
     };
+
+    function filterAttributes(params, allowed) {
+        let newParams = {};
+
+        Object.keys(params).forEach(attribute => {
+            if (allowed.indexOf(attribute) > -1)
+                newParams[attribute] = params[attribute];
+        });
+
+        return newParams;
+    }
 };