fixed billing data

services/loopback/common/methods/client/updateBillingData.js

@@ -30,34 +30,34 @@ module.exports = Self => {
 
     Self.updateBillingData = async(ctx, params, id) => {
         let userId = ctx.req.accessToken.userId;
-        let isAdministrative = await Self.app.models.Account.hasRole(userId, 'administrative');
 
-        let client = await Self.app.models.Client.findOne({where: {id: id}});
+        let data = filterAttributes(params, [
-
-        if (!isAdministrative && client.isTaxDataChecked)
-            throw new UserError(`You don't have enough privileges to do that`);
-
-        let validUpdateParams = [
             'payMethodFk',
             'dueDay',
             'iban',
             'hasLcr',
             'hasCoreVnl',
-            'hasSepaVnl'
+            'hasSepaVnl']);
-        ];
 
-        for (const key in params) {
+        if (!Object.keys(data).length) return;
-            if (validUpdateParams.indexOf(key) === -1)
+
+        let isAdministrative = await Self.app.models.Account.hasRole(userId, 'administrative');
+        let client = await Self.app.models.Client.findOne({where: {id: id}});
+
+        if (!isAdministrative && client.isTaxDataChecked)
             throw new UserError(`You don't have enough privileges to do that`);
-        }
 
-        return client.updateAttributes({
+        return client.updateAttributes(data);
-            payMethodFk: params.payMethodFk,
+    };
-            dueDay: params.dueDay,
+
-            iban: params.iban,
+    function filterAttributes(params, allowed) {
-            hasLcr: params.hasLcr,
+        let newParams = {};
-            hasCoreVnl: params.hasCoreVnl,
+
-            hasSepaVnl: params.hasSepaVnl
+        Object.keys(params).forEach(attribute => {
+            if (allowed.indexOf(attribute) > -1)
+                newParams[attribute] = params[attribute];
         });
-    };
+
+        return newParams;
+    }
 };