Merge branch 'dev' of https://gitea.verdnatura.es/verdnatura/salix into 6951-ticketCloneAll

2024-03-15 10:44:37 +01:00 · 2024-03-15 10:44:37 +01:00 · a38f93b0e3
parent 690d935429 5341818473
commit a38f93b0e3
64 changed files with 929 additions and 672 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -5,6 +5,14 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 ## [2414.01] - 2024-04-04
 ### Added
 ### Changed
 ### Fixed
 ## [2408.01] - 2024-02-22
 ### Added
--- a/back/methods/dms/downloadFile.js
+++ b/back/methods/dms/downloadFile.js
@ -29,7 +29,8 @@ module.exports = Self => {
        http: {
            path: `/:id/downloadFile`,
            verb: 'GET'
-        }
+        },
        accessScopes: ['read:multimedia']
    });
    Self.downloadFile = async function(ctx, id) {
--- a/back/methods/docuware/download.js
+++ b/back/methods/docuware/download.js
@ -42,7 +42,8 @@ module.exports = Self => {
        http: {
            path: `/:id/download`,
            verb: 'GET'
-        }
+        },
        accessScopes: ['read:multimedia']
    });
    Self.download = async function(id, fileCabinet, filter) {
--- a/back/methods/image/download.js
+++ b/back/methods/image/download.js
@ -47,7 +47,8 @@ module.exports = Self => {
        http: {
            path: `/:collection/:size/:id/download`,
            verb: 'GET'
-        }
+        },
        accessScopes: ['read:multimedia']
    });
    Self.download = async function(ctx, collection, size, id) {
--- a/back/methods/vn-user/share-token.js
+++ b/back/methods/vn-user/share-token.js
@ -0,0 +1,27 @@
 module.exports = Self => {
    Self.remoteMethodCtx('shareToken', {
        description: 'Returns token to view files or images and share it',
        accessType: 'WRITE',
        accepts: [],
        returns: {
            type: 'Object',
            root: true
        },
        http: {
            path: `/shareToken`,
            verb: 'GET'
        }
    });
    Self.shareToken = async function(ctx) {
        const {accessToken: token} = ctx.req;
        const user = await Self.findById(token.userId);
        const multimediaToken = await user.accessTokens.create({
            scopes: ['read:multimedia']
        });
        return {multimediaToken};
    };
 };
--- a/back/methods/vn-user/specs/share-token.spec.js
+++ b/back/methods/vn-user/specs/share-token.spec.js
@ -0,0 +1,27 @@
 const {models} = require('vn-loopback/server/server');
 describe('Share Token', () => {
    let ctx = null;
    beforeAll(async() => {
        const unAuthCtx = {
            req: {
                headers: {},
                connection: {
                    remoteAddress: '127.0.0.1'
                },
                getLocale: () => 'en'
            },
            args: {}
        };
        let login = await models.VnUser.signIn(unAuthCtx, 'salesAssistant', 'nightmare');
        let accessToken = await models.AccessToken.findById(login.token);
        ctx = {req: {accessToken: accessToken}};
    });
    it('should renew token', async() => {
        const multimediaToken = await models.VnUser.shareToken(ctx);
        expect(Object.keys(multimediaToken).length).toEqual(1);
        expect(multimediaToken.multimediaToken.userId).toEqual(ctx.req.accessToken.userId);
        expect(multimediaToken.multimediaToken.scopes[0]).toEqual('read:multimedia');
    });
 });
--- a/back/model-config.json
+++ b/back/model-config.json
@ -94,6 +94,9 @@
    "Module": {
        "dataSource": "vn"
    },
    "MrwConfig": {
        "dataSource": "vn"
    },
    "Notification": {
        "dataSource": "vn"
    },
@ -166,10 +169,10 @@
    "VnRole": {
        "dataSource": "vn"
    },
-    "MrwConfig": {
+    "WorkerActivity": {
        "dataSource": "vn"
    },
    "WorkerActivityType": {
        "dataSource": "vn"
    }
 }
--- a/back/models/vn-user.js
+++ b/back/models/vn-user.js
@ -13,6 +13,7 @@ module.exports = function(Self) {
    require('../methods/vn-user/privileges')(Self);
    require('../methods/vn-user/validate-auth')(Self);
    require('../methods/vn-user/renew-token')(Self);
    require('../methods/vn-user/share-token')(Self);
    require('../methods/vn-user/update-user')(Self);
    Self.definition.settings.acls = Self.definition.settings.acls.filter(acl => acl.property !== 'create');
--- a/back/models/vn-user.json
+++ b/back/models/vn-user.json
@ -98,30 +98,41 @@
            "principalType": "ROLE",
            "principalId": "$everyone",
            "permission": "ALLOW"
-		}, {
+        },
        {
            "property": "recoverPassword",
            "accessType": "EXECUTE",
            "principalType": "ROLE",
            "principalId": "$everyone",
            "permission": "ALLOW"
-		}, {
+        },
        {
            "property": "validateAuth",
            "accessType": "EXECUTE",
            "principalType": "ROLE",
            "principalId": "$everyone",
            "permission": "ALLOW"
-		}, {
+        },
        {
            "property": "privileges",
            "accessType": "*",
            "principalType": "ROLE",
            "principalId": "$authenticated",
            "permission": "ALLOW"
-		}, {
+        },
        {
            "property": "renewToken",
            "accessType": "WRITE",
            "principalType": "ROLE",
            "principalId": "$authenticated",
            "permission": "ALLOW"
        },
        {
            "property": "shareToken",
            "accessType": "WRITE",
            "principalType": "ROLE",
            "principalId": "$authenticated",
            "permission": "ALLOW"
        }
    ],
    "scopes": {
--- a/back/models/workerActivity.json
+++ b/back/models/workerActivity.json
@ -0,0 +1,39 @@
 {
 	"name": "WorkerActivity",
 	"base": "VnModel",
 	"options": {
 		"mysql": {
 			"table": "workerActivity"
 		}
 	},
 	"properties": {
 		"id": {
 			"id": true,
 			"type": "number"
 		},
 		"created": {
 			"type": "date"
 		},
 		"model": {
 			"type": "string"
 		},
 		"event": {
 			"type": "string"
 		},
 		"description": {
 			"type": "string"
 		},
 		"relations": {
 			"workerFk": {
 				"type": "belongsTo",
 				"model": "Worker",
 				"foreignKey": "workerFk"
 			},
 			"workerActivityTypeFk": {
 				"type": "belongsTo",
 				"model": "WorkerActivityType",
 				"foreignKey": "workerActivityTypeFk"
 			}
 		}
 	}
 }
--- a/back/models/workerActivityType.json
+++ b/back/models/workerActivityType.json
@ -0,0 +1,19 @@
 {
 	"name": "WorkerActivityType",
 	"base": "VnModel",
 	"options": {
 		"mysql": {
 			"table": "workerActivityType"
 		}
 	},
 	"properties": {
 		"code": {
 			"id": true,
 			"type": "string"
 		},
 		"description": {
 			"type": "string",
 			"required": false
 		}
 	}
 }
--- a/db/dump/fixtures.before.sql
+++ b/db/dump/fixtures.before.sql
@ -592,13 +592,13 @@ INSERT INTO `vn`.`supplierAccount`(`id`, `supplierFk`, `iban`, `bankEntityFk`)
    VALUES
         (241, 442, 'ES111122333344111122221111', 128);
-INSERT INTO `vn`.`company`(`id`, `code`, `supplierAccountFk`, `workerManagerFk`, `companyCode`, `sage200Company`, `expired`, `companyGroupFk`, `phytosanitary` , `clientFk`)
+INSERT INTO `vn`.`company`(`id`, `code`, `supplierAccountFk`, `workerManagerFk`, `companyCode`, `expired`, `companyGroupFk`, `phytosanitary` , `clientFk`)
    VALUES
-        (69  , 'CCs', NULL, 30,  NULL, 0, NULL,         1, NULL                             , NULL),
+        (69  , 'CCs', NULL, 30, 0, NULL,         1, NULL                             , NULL),
-        (442 , 'VNL', 241,  30,  2   , 1, NULL,         2, 'VNL Company - Plant passport'   , 1101),
+        (442 , 'VNL', 241,  30, 1, NULL,         2, 'VNL Company - Plant passport'   , 1101),
-        (567 , 'VNH', NULL, 30,  NULL, 4, NULL,         1, 'VNH Company - Plant passport'   , NULL),
+        (567 , 'VNH', NULL, 30, 4, NULL,         1, 'VNH Company - Plant passport'   , NULL),
-        (791 , 'FTH', NULL, 30,  NULL, 3, '2015-11-30', 1, NULL                             , NULL),
+        (791 , 'FTH', NULL, 30, 3, '2015-11-30', 1, NULL                             , NULL),
-        (1381, 'ORN', NULL, 30,  NULL, 7, NULL,         1, 'ORN Company - Plant passport'   , NULL);
+        (1381, 'ORN', NULL, 30, 7, NULL,         1, 'ORN Company - Plant passport'   , NULL);
 INSERT INTO `vn`.`taxArea` (`code`, `claveOperacionFactura`, `CodigoTransaccion`)
    VALUES
@ -3068,8 +3068,6 @@ INSERT INTO `vn`.`cmr` (id,truckPlate,observations,senderInstruccions,paymentIns
 UPDATE vn.department
    SET workerFk = null;
 -- NEW WAREHOUSE
 INSERT INTO vn.packaging
    VALUES('--', 2745600.00, 100.00, 120.00, 220.00, 0.00, 1, '2001-01-01 00:00:00.000', NULL, NULL, NULL, 0.00, 16, 0.00, 0, NULL, 0.00, NULL, NULL, 0, NULL, 0, 0);
@ -3733,3 +3731,6 @@ INSERT INTO vn.report (name) VALUES ('LabelCollection');
 INSERT INTO vn.parkingLog(originFk, userFk, `action`, creationDate, description, changedModel,oldInstance, newInstance, changedModelId, changedModelValue)
 	VALUES(1, 18, 'update', util.VN_CURDATE(), NULL, 'SaleGroup', '{"parkingFk":null}', '{"parkingFk":1}', 1, NULL);
 INSERT INTO vn.ticketLog (originFk,userFk,`action`,creationDate,changedModel,newInstance,changedModelId,changedModelValue)
 	VALUES (18,9,'insert','2001-01-01 11:01:00.000','Ticket','{"isDeleted":true}',45,'Super Man');
--- a/db/routines/vn/procedures/inventory_repair.sql
+++ b/db/routines/vn/procedures/inventory_repair.sql
@ -37,7 +37,7 @@ BEGIN
 				LEFT JOIN origin o ON o.id = i.originFk
 				) ON it.id = i.typeFk
 		LEFT JOIN edi.ekt ek ON b.ektFk = ek.id
-		WHERE (b.packagingFk = "--" OR b.price2 = 0 OR b.packing = 0 OR b.buyingValue = 0) AND tr.landed > util.firstDayOfMonth(TIMESTAMPADD(MONTH,-1,util.VN_CURDATE())) AND s.name = 'INVENTARIO';
+		WHERE (b.packagingFk = "--" OR b.price2 = 0 OR b.buyingValue = 0) AND tr.landed > util.firstDayOfMonth(TIMESTAMPADD(MONTH,-1,util.VN_CURDATE())) AND s.name = 'INVENTARIO';
 	DROP TEMPORARY TABLE IF EXISTS tmp.lastEntryOk;
 	CREATE TEMPORARY TABLE tmp.lastEntryOk  
@ -94,11 +94,6 @@ BEGIN
 		JOIN tmp.lastEntryOkGroup eo ON eo.itemFk = lt.itemFk AND eo.warehouseFk = lt.warehouseFk
 		 SET b.price2 = eo.price2 WHERE  b.price2 = 0 ;
 		UPDATE buy b
 		JOIN tmp.lastEntry lt ON lt.buyFk = b.id
 		JOIN tmp.lastEntryOkGroup eo ON eo.itemFk = lt.itemFk AND eo.warehouseFk = lt.warehouseFk
 		SET b.packing = eo.packing WHERE b.packing = 0;
 		UPDATE buy b
 		JOIN tmp.lastEntry lt ON lt.buyFk = b.id
 		JOIN tmp.lastEntryOkGroup eo ON eo.itemFk = lt.itemFk AND eo.warehouseFk = lt.warehouseFk
--- a/db/routines/vn/procedures/invoiceInTaxMakeByDua.sql
+++ b/db/routines/vn/procedures/invoiceInTaxMakeByDua.sql
@ -1,8 +1,11 @@
 DELIMITER $$
-CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn`.`invoiceInTaxMakeByDua`(vDuaFk INT)
+CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn`.`invoiceInTaxMakeByDua`(
 	vDuaFk INT
 )
 BEGIN
 /**
- * Borra los valores de duaTax y sus vctos. y los vuelve a crear en base a la tabla duaEntry
+ * Borra los valores de duaTax y sus vctos. y los vuelve a
 * crear en base a la tabla duaEntry.
 *  
 * @param vDuaFk Id del dua a recalcular
 */
@ -26,7 +29,7 @@ BEGIN
 			LEAVE l;
 		END IF;
-		CALL vn2008.recibidaIvaInsert(vInvoiceInFk);
+		CALL invoiceInTax_recalc(vInvoiceInFk);
 		CALL invoiceInDueDay_recalc(vInvoiceInFk);
 	END LOOP;
--- a/db/routines/vn/procedures/invoiceInTax_recalc.sql
+++ b/db/routines/vn/procedures/invoiceInTax_recalc.sql
@ -0,0 +1,62 @@
 DELIMITER $$
 CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn`.`invoiceInTax_recalc`(
 	vInvoiceInFk INT
 )
 BEGIN
 /**
 * Recalcula y actualiza los impuestos de la factura
 * usando la última tasa de cambio y detalles de compra. 
 *
 * @param vInvoiceInFk Id de factura recibida
 */
 	DECLARE vRate DOUBLE DEFAULT 1;
 	DECLARE vDated DATE;
 	DECLARE vExpenseFk INT;
 	SELECT MAX(rr.dated) INTO vDated
 		FROM referenceRate rr
 			JOIN invoiceIn ii ON ii.id = vInvoiceInFk
 		WHERE rr.dated <= ii.issued
 			AND rr.currencyFk = ii.currencyFk;
 	IF vDated THEN
 		SELECT `value` INTO vRate
 			FROM referenceRate
 			WHERE dated = vDated;
 	END IF;
 	DELETE FROM invoiceInTax WHERE invoiceInFk = vInvoiceInFk;
 	SELECT id INTO vExpenseFk
 		FROM expense
 		WHERE code = 'extraCommGoodsAcquisition';
 	IF vExpenseFk IS NULL THEN
 		CALL util.throw('Expense extraCommGoodsAcquisition not exists');
 	END IF;
 	INSERT INTO invoiceInTax(
 		invoiceInFk,
 		taxableBase,
 		expenseFk,
 		foreignValue,
 		taxTypeSageFk,
 		transactionTypeSageFk
 	)
 		SELECT ii.id,
 				SUM(b.buyingValue * b.quantity) / vRate bi,
 				vExpenseFk,
 				IF(c.code = 'EUR', NULL, SUM(b.buyingValue * b.quantity)),
 				s.taxTypeSageFk,
 				s.transactionTypeSageFk
 			FROM invoiceIn ii
 				JOIN currency c ON c.id = ii.currencyFk
 				JOIN `entry` e ON e.invoiceInFk = ii.id
 				JOIN supplier s ON s.id = e.supplierFk
 				JOIN buy b ON b.entryFk = e.id
 				LEFT JOIN referenceRate rr ON rr.currencyFk = ii.currencyFk
 					AND rr.dated = ii.issued
 			WHERE ii.id = vInvoiceInFk
 			HAVING bi IS NOT NULL;
 END$$
 DELIMITER ;
--- a/db/routines/vn/procedures/item_getSimilar.sql
+++ b/db/routines/vn/procedures/item_getSimilar.sql
@ -19,19 +19,12 @@ BEGIN
 	DECLARE vTypeFk INT;
 	DECLARE vPriority INT DEFAULT 1;
-	DECLARE vTag1 VARCHAR(20) COLLATE 'utf8_unicode_ci';
+	CALL cache.available_refresh(vCalcFk, FALSE, vWarehouseFk, vDated);
 	DECLARE vTag5 VARCHAR(20) COLLATE 'utf8_unicode_ci';
 	DECLARE vTag6 VARCHAR(20) COLLATE 'utf8_unicode_ci';
 	DECLARE vTag7 VARCHAR(20) COLLATE 'utf8_unicode_ci';
 	DECLARE vTag8 VARCHAR(20) COLLATE 'utf8_unicode_ci';
 	DECLARE vValue1 VARCHAR(50) COLLATE 'utf8_unicode_ci';
 	DECLARE vValue5 VARCHAR(50) COLLATE 'utf8_unicode_ci';
 	DECLARE vValue6 VARCHAR(50) COLLATE 'utf8_unicode_ci';
 	DECLARE vValue7 VARCHAR(50) COLLATE 'utf8_unicode_ci';
 	DECLARE vValue8 VARCHAR(50) COLLATE 'utf8_unicode_ci';
-	SELECT typeFk,
+	WITH itemTags AS (
 		SELECT i.id,
 				typeFk,
 				tag5,
 				value5,
 				tag6,
@ -42,70 +35,58 @@ BEGIN
 				value8,
 				t.name,
 				it.value
-		INTO vTypeFk,
+			FROM vn.item i
-				vTag5,
+				LEFT JOIN vn.itemTag it ON it.itemFk = i.id
 				vValue5,
 				vTag6,
 				vValue6,
 				vTag7,
 				vValue7,
 				vTag8,
 				vValue8,
 				vTag1,
 				vValue1
 		FROM item i
 			LEFT JOIN itemTag it ON it.itemFk = i.id
 					AND it.priority = vPriority
-			LEFT JOIN tag t ON t.id = it.tagFk
+				LEFT JOIN vn.tag t ON t.id = it.tagFk
-		WHERE i.id = vSelf;
+			WHERE i.id = vSelf
-
+	)
 	CALL cache.available_refresh(vCalcFk, FALSE, vWarehouseFk, vDated);
 	SELECT i.id itemFk,
 			i.longName,
 			i.subName,
 			i.tag5,
 			i.value5,
-			(i.value5 <=> vValue5) match5,
+			(i.value5 <=> its.value5) match5,
 			i.tag6,
 			i.value6,
-			(i.value6 <=> vValue6) match6,
+			(i.value6 <=> its.value6) match6,
 			i.tag7,
 			i.value7,
-			(i.value7 <=> vValue7) match7,
+			(i.value7 <=> its.value7) match7,
 			i.tag8,
 			i.value8,
-			(i.value8 <=> vValue8) match8,
+			(i.value8 <=> its.value8) match8,
 			a.available,
 			IFNULL(ip.counter, 0) `counter`,
 			IF(b.groupingMode = 1, b.grouping, b.packing) minQuantity,
 			iss.visible located
-		FROM item i
+		FROM vn.item i
-			STRAIGHT_JOIN cache.available a ON a.item_id = i.id
+			JOIN cache.available a ON a.item_id = i.id
 				AND a.calc_id = vCalcFk
-			LEFT JOIN itemProposal ip ON ip.mateFk = i.id
+			LEFT JOIN vn.itemProposal ip ON ip.mateFk = i.id
 				AND ip.itemFk = vSelf
-			LEFT JOIN itemTag it ON it.itemFk = i.id
+			LEFT JOIN vn.itemTag it ON it.itemFk = i.id
 				AND it.priority = vPriority
-			LEFT JOIN tag t ON t.id = it.tagFk
+			LEFT JOIN vn.tag t ON t.id = it.tagFk
 			LEFT JOIN cache.last_buy lb ON lb.item_id = i.id
 				AND lb.warehouse_id = vWarehouseFk
-			LEFT JOIN buy b ON b.id = lb.buy_id
+			LEFT JOIN vn.buy b ON b.id = lb.buy_id
-			LEFT JOIN itemShelvingStock iss ON iss.itemFk = i.id
+			LEFT JOIN vn.itemShelvingStock iss ON iss.itemFk = i.id
 				AND iss.warehouseFk = vWarehouseFk
 			JOIN itemTags its
 		WHERE a.available > 0
-			AND IF(vShowType, i.typeFk = vTypeFk, TRUE)
+			AND IF(vShowType, i.typeFk = its.typeFk, TRUE)
 			AND i.id <> vSelf
 		ORDER BY `counter` DESC,
-			(t.name = vTag1) DESC,
+			(t.name = its.name) DESC,
-			(it.value = vValue1) DESC,
+			(it.value = its.value) DESC,
-			(i.tag5 = vTag5) DESC,
+			(i.tag5 = its.tag5) DESC,
 			match5 DESC,
-			(i.tag6 = vTag6) DESC,
+			(i.tag6 = its.tag6) DESC,
 			match6 DESC,
-			(i.tag7 = vTag7) DESC,
+			(i.tag7 = its.tag7) DESC,
 			match7 DESC,
-			(i.tag8 = vTag8) DESC,
+			(i.tag8 = its.tag8) DESC,
 			match8 DESC;
 END$$
 DELIMITER ;
--- a/db/routines/vn2008/procedures/ListaTicketsEncajados.sql
+++ b/db/routines/vn2008/procedures/ListaTicketsEncajados.sql
@ -1,25 +0,0 @@
 DELIMITER $$
 CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn2008`.`ListaTicketsEncajados`(IN intId_Trabajador int)
 BEGIN 
 SELECT Agencia,
    Consignatario,
    ti.Id_Ticket,
    ts.userFk Id_Trabajador,
    IFNULL(ncajas,0) AS ncajas,
    IFNULL(nbultos,0) AS nbultos,
    IFNULL(notros,0) AS notros,
    ts.code AS Estado
    FROM Tickets ti
        INNER JOIN Consignatarios ON ti.Id_Consigna = Consignatarios.Id_consigna
        INNER JOIN Agencias ON ti.Id_Agencia = Agencias.Id_Agencia
        LEFT JOIN (SELECT ticketFk,count(*) AS ncajas  FROM vn.expedition WHERE packagingFk=94 GROUP BY ticketFk) sub1 ON ti.Id_Ticket=sub1.ticketFk
        LEFT JOIN (SELECT ticketFk,count(*) AS nbultos  FROM vn.expedition WHERE packagingFk IS NULL GROUP BY ticketFk) sub2 ON ti.Id_Ticket=sub2.ticketFk
        LEFT JOIN (SELECT ticketFk,count(*) AS notros  FROM vn.expedition WHERE packagingFk >0 GROUP BY ticketFk) sub3 ON ti.Id_Ticket=sub3.ticketFk
        INNER JOIN vn.ticketState ts ON ti.Id_ticket = ts.ticketFk
    WHERE ti.Fecha=util.VN_CURDATE() AND
        ts.userFk=intId_Trabajador
    GROUP BY ti.Id_Ticket;
 END$$
 DELIMITER ;
--- a/db/routines/vn2008/procedures/customerDebtEvolution.sql
+++ b/db/routines/vn2008/procedures/customerDebtEvolution.sql
@ -1,49 +0,0 @@
 DELIMITER $$
 CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn2008`.`customerDebtEvolution`(IN vCustomer INT)
 BEGIN
 SELECT * FROM
 (
 	SELECT day, date, @s:= round(IFNULL(Euros,0) + @s,2) as Saldo, Euros, Credito, 0 as Cero
 	FROM
 	(
 	SELECT day, date, IFNULL(Euros,0) as Euros, Credito
 	FROM time
 	JOIN (SELECT @s:= 0, - Credito as Credito FROM Clientes WHERE Id_Cliente = vCustomer) c
 	LEFT JOIN
 	(SELECT Euros, date(Fecha) as Fecha FROM
 		(
 			SELECT Fechacobro as Fecha, Entregado as Euros
 			FROM Recibos 
 			WHERE Id_Cliente = vCustomer
 			AND Fechacobro >= '2017-01-01'
 			UNION ALL
 			SELECT vn.getDueDate(io.issued,c.Vencimiento), - io.amount
 			FROM vn.invoiceOut io
            JOIN Clientes c ON io.clientFk = c.Id_Cliente
 			WHERE io.clientFk = vCustomer
 			AND io.issued >= '2017-01-01'
 			UNION ALL
 			SELECT '2016-12-31', Debt
 			FROM bi.customerDebtInventory
 			WHERE Id_Cliente = vCustomer
            UNION ALL
            SELECT Fecha, - SUM(Cantidad * Preu * (100 - Descuento ) * 1.10 / 100)
            FROM Tickets t
            JOIN Movimientos m on m.Id_Ticket = t.Id_Ticket
            WHERE Id_Cliente = vCustomer
            AND Factura IS NULL
            AND Fecha >= '2017-01-01'
            GROUP BY Fecha
 		) sub2
 		ORDER BY Fecha
 	)sub ON time.date = sub.Fecha
 	WHERE time.date BETWEEN '2016-12-31' AND util.VN_CURDATE()
 	ORDER BY date
 	) sub3
 )sub4
 ;
 END$$
 DELIMITER ;
--- a/db/routines/vn2008/procedures/preOrdenarRuta.sql
+++ b/db/routines/vn2008/procedures/preOrdenarRuta.sql
@ -1,22 +0,0 @@
 DELIMITER $$
 CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn2008`.`preOrdenarRuta`(IN vRutaId INT)
 BEGIN
 /* Usa los valores del ultimo año para adivinar el orden de los tickets en la ruta
 * vRutaId id ruta
 * DEPRECATED use vn.routeGressPriority
 */
 UPDATE Tickets mt
 JOIN (
 	SELECT tt.Id_Consigna, round(ifnull(avg(t.Prioridad),0),0) as Prioridad
 	from Tickets t
 	JOIN Tickets tt on tt.Id_Consigna = t.Id_Consigna
 	where t.Fecha > TIMESTAMPADD(YEAR,-1,util.VN_CURDATE())
 	AND tt.Id_Ruta = vRutaId
 	GROUP BY Id_Consigna
    ) sub ON sub.Id_Consigna = mt.Id_Consigna
    SET mt.Prioridad = sub.Prioridad
    WHERE mt.Id_Ruta = vRutaId;
 END$$
 DELIMITER ;
--- a/db/routines/vn2008/procedures/prepare_ticket_list.sql
+++ b/db/routines/vn2008/procedures/prepare_ticket_list.sql
@ -1,22 +0,0 @@
 DELIMITER $$
 CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn2008`.`prepare_ticket_list`(vStartingDate DATETIME, vEndingDate DATETIME)
 BEGIN
 	DROP TEMPORARY TABLE IF EXISTS tmp.ticket_list;    
 	CREATE TEMPORARY TABLE tmp.ticket_list
 		(PRIMARY KEY (Id_Ticket))
 		ENGINE = MEMORY
 		SELECT t.Id_Ticket, c.Id_Cliente
 			FROM Tickets t
 				LEFT JOIN vn.ticketState ts ON ts.ticketFk = t.Id_Ticket
 				JOIN Clientes c ON c.Id_Cliente = t.Id_Cliente
 			WHERE c.typeFk IN ('normal','handMaking','internalUse')
 				AND (
 					Fecha BETWEEN util.today() AND vEndingDate
 					OR (
 						ts.alertLevel < 3
 						AND t.Fecha >= vStartingDate
 						AND t.Fecha < util.today()
 					)
 				);
 END$$
 DELIMITER ;
--- a/db/routines/vn2008/procedures/recibidaIvaInsert.sql
+++ b/db/routines/vn2008/procedures/recibidaIvaInsert.sql
@ -1,39 +0,0 @@
 DELIMITER $$
 CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn2008`.`recibidaIvaInsert`(IN vId INT)
 BEGIN
 	DECLARE vRate DOUBLE DEFAULT 1;
 	DECLARE vDated DATE;
 	SELECT MAX(rr.date) INTO vDated
 		FROM reference_rate rr
 			JOIN recibida r ON r.id = vId
 		WHERE rr.date <= r.fecha 
 			AND rr.moneda_id = r.moneda_id ;
 	IF vDated THEN
 		SELECT rate INTO vRate
 			FROM reference_rate
 			WHERE `date` = vDated;
 	END IF;
 	DELETE FROM recibida_iva WHERE recibida_id = vId;
 	INSERT INTO recibida_iva(recibida_id, bi, gastos_id, divisa, taxTypeSageFk, transactionTypeSageFk)
 		SELECT r.id,  
 			SUM(Costefijo * Cantidad) / IFNULL(vRate,1) bi,
 			6003000000,  
 			IF(r.moneda_id = 1,NULL,SUM(Costefijo * Cantidad )) divisa,
 			taxTypeSageFk,
 			transactionTypeSageFk
 			FROM recibida r 
 				JOIN Entradas e ON e.recibida_id = r.id
 				JOIN Proveedores p ON p.Id_Proveedor = e.Id_Proveedor
 				JOIN Compres c ON c.Id_Entrada = e.Id_Entrada
 				LEFT JOIN reference_rate rr ON rr.moneda_id = r.moneda_id AND rr.date = r.fecha
 			WHERE r.id = vId 
 			HAVING bi IS NOT NULL;
 END$$
 DELIMITER ;
--- a/db/versions/10892-yellowGerbera/00-firstScript.sql
+++ b/db/versions/10892-yellowGerbera/00-firstScript.sql
@ -0,0 +1,19 @@
 SET @isTriggerDisabled := TRUE;
 UPDATE vn.buy 
 	SET packing = 1
 	WHERE packing IS NULL
 		OR packing <= 0;
 UPDATE vn.itemShelving 
 	SET packing = 1
 	WHERE packing IS NULL
 		OR NOT packing;
 SET @isTriggerDisabled := FALSE;
 ALTER TABLE vn.buy MODIFY COLUMN packing int(11) NOT NULL CHECK(packing > 0);
 ALTER TABLE vn.itemShelving MODIFY COLUMN packing int(11) NOT NULL CHECK(packing > 0);
 -- Antes tenia '0=sin obligar 1=groping 2=packing' (groping → grouping)
 ALTER TABLE vn.buy MODIFY COLUMN groupingMode tinyint(4) DEFAULT 0 NOT NULL COMMENT '0=sin obligar 1=grouping 2=packing';
--- a/db/versions/10893-limeFern/00-sage.sql
+++ b/db/versions/10893-limeFern/00-sage.sql
@ -0,0 +1,73 @@
 --  Auto-generated SQL script #202403061303
 UPDATE vn.company
 	SET companyCode=0
 	WHERE id=69;
 UPDATE vn.company
 	SET companyCode=1
 	WHERE id=442;
 UPDATE vn.company
 	SET companyCode=4
 	WHERE id=567;
 UPDATE vn.company
 	SET companyCode=2
 	WHERE id=791;
 UPDATE vn.company
 	SET companyCode=3
 	WHERE id=792;
 UPDATE vn.company
 	SET companyCode=5
 	WHERE id=965;
 UPDATE vn.company
 	SET companyCode=7
 	WHERE id=1381;
 UPDATE vn.company
 	SET companyCode=3
 	WHERE id=1463;
 UPDATE vn.company
 	SET companyCode=8
 	WHERE id=2142;
 UPDATE vn.company
 	SET companyCode=6
 	WHERE id=2393;
 UPDATE vn.company
 	SET companyCode=9
 	WHERE id=3869;
 --  Auto-generated SQL script #202403061311
 UPDATE vn.company
 	SET sage200Company=NULL
 	WHERE id=69;
 UPDATE vn.company
 	SET sage200Company=NULL
 	WHERE id=442;
 UPDATE vn.company
 	SET sage200Company=NULL
 	WHERE id=567;
 UPDATE vn.company
 	SET sage200Company=NULL
 	WHERE id=791;
 UPDATE vn.company
 	SET sage200Company=NULL
 	WHERE id=792;
 UPDATE vn.company
 	SET sage200Company=NULL
 	WHERE id=965;
 UPDATE vn.company
 	SET sage200Company=NULL
 	WHERE id=1381;
 UPDATE vn.company
 	SET sage200Company=NULL
 	WHERE id=1463;
 UPDATE vn.company
 	SET sage200Company=NULL
 	WHERE id=2142;
 UPDATE vn.company
 	SET sage200Company=NULL
 	WHERE id=2393;
 UPDATE vn.company
 	SET sage200Company=NULL
 	WHERE id=3869;
 ALTER TABLE vn.company CHANGE sage200Company sage200Company__ int(2) DEFAULT NULL NULL COMMENT '@deprecated 06/03/2024';
 ALTER TABLE vn.company MODIFY COLUMN sage200Company__ int(2) DEFAULT NULL NULL COMMENT '@deprecated 06/03/2024';
--- a/db/versions/10905-grayIvy/00-firstScript.sql
+++ b/db/versions/10905-grayIvy/00-firstScript.sql
@ -0,0 +1,36 @@
 USE vn;
 CREATE OR REPLACE TABLE vn.workerActivityType (
  `code` varchar(20) NOT NULL,
  `description` varchar(45) NOT NULL,
  PRIMARY KEY (`code`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
 ALTER TABLE vn.department ADD workerActivityTypeFk varchar(20) NULL COMMENT 'Indica la actitividad que desempeña por defecto ese departamento';
 ALTER TABLE vn.department ADD CONSTRAINT department_workerActivityType_FK FOREIGN KEY (workerActivityTypeFk) REFERENCES vn.workerActivityType(code) ON DELETE CASCADE ON UPDATE CASCADE;
 INSERT INTO vn.workerActivityType (code, description) VALUES('ON_CHECKING', 'REVISION');
 INSERT INTO vn.workerActivityType (code, description) VALUES('PREVIOUS_CAM', 'CAMARA');
 INSERT INTO vn.workerActivityType (code, description) VALUES('PREVIOUS_ART', 'ARTIFICIAL');
 INSERT INTO vn.workerActivityType (code, description) VALUES('ON_PREPARATION', 'SACADO');
 INSERT INTO vn.workerActivityType (code, description) VALUES('PACKING', 'ENCAJADO');
 INSERT INTO vn.workerActivityType (code, description) VALUES('FIELD', 'CAMPOS');
 INSERT INTO vn.workerActivityType (code, description) VALUES('DELIVERY', 'REPARTO');
 INSERT INTO vn.workerActivityType (code, description) VALUES('STORAGE', 'ALMACENAJE');
 INSERT INTO vn.workerActivityType (code, description) VALUES('PALLETIZING', 'PALETIZADO');
 INSERT INTO vn.workerActivityType (code, description) VALUES('STOP', 'PARADA');
 INSERT INTO salix.ACL ( model, property, accessType, permission, principalType, principalId) VALUES('WorkerActivityType', '*', 'READ', 'ALLOW', 'ROLE', 'production');
 INSERT INTO salix.ACL ( model, property, accessType, permission, principalType, principalId) VALUES('WorkerActivity', '*', '*', 'ALLOW', 'ROLE', 'production');
 ALTER TABLE vn.workerActivity MODIFY COLUMN event enum('open','close','insert','delete','update','refresh') CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NULL;
 ALTER TABLE vn.workerActivity MODIFY COLUMN model enum('COM','ENT','TPV','ENC','LAB','ETI','APP') CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL;
 ALTER TABLE vn.workerActivity ADD workerActivityTypeFk varchar(20) NULL;
 ALTER TABLE vn.workerActivity ADD CONSTRAINT workerActivity_workerActivityType_FK FOREIGN KEY (workerActivityTypeFk) REFERENCES vn.workerActivityType(code) ON DELETE CASCADE ON UPDATE CASCADE;
--- a/db/versions/10919-brownMoss/00-firstScript.sql
+++ b/db/versions/10919-brownMoss/00-firstScript.sql
@ -0,0 +1,3 @@
 -- Place your SQL code here
--- a/front/core/services/auth.js
+++ b/front/core/services/auth.js
@ -83,22 +83,27 @@ export default class Auth {
    }
    onLoginOk(json, now, remember) {
-        this.vnToken.set(json.data.token, now, json.data.ttl, remember);
+        return this.$http.get('VnUsers/ShareToken', {
-
+            headers: {Authorization: json.data.token}
-        return this.loadAcls().then(() => {
+        }).then(({data}) => {
            this.vnToken.set(json.data.token, data.multimediaToken.id, now, json.data.ttl, remember);
            this.loadAcls().then(() => {
                let continueHash = this.$state.params.continue;
                if (continueHash)
                    this.$window.location = continueHash;
                else
                    this.$state.go('home');
            });
        }).catch(() => {});
    }
    logout() {
        this.$http.post('Accounts/logout', null, {headers: {'Authorization': this.vnToken.tokenMultimedia},
        }).catch(() => {});
        let promise = this.$http.post('VnUsers/logout', null, {
            headers: {Authorization: this.vnToken.token}
        }).catch(() => {});
        this.vnToken.unset();
        this.loggedIn = false;
        this.vnModules.reset();
--- a/front/core/services/interceptor.js
+++ b/front/core/services/interceptor.js
@ -19,7 +19,7 @@ function interceptor($q, vnApp, $translate) {
            if (config.url.charAt(0) !== '/' && apiPath)
                config.url = `${apiPath}${config.url}`;
-            if (token)
+            if (token && !config.headers.Authorization)
                config.headers.Authorization = token;
            if ($translate.use())
                config.headers['Accept-Language'] = $translate.use();
--- a/front/core/services/token.js
+++ b/front/core/services/token.js
@ -24,21 +24,22 @@ export default class Token {
        } catch (e) {}
    }
-    set(token, created, ttl, remember) {
+    set(token, tokenMultimedia, created, ttl, remember) {
        this.unset();
        Object.assign(this, {
            token,
            tokenMultimedia,
            created,
            ttl,
            remember
        });
-        this.vnInterceptor.setToken(token);
+        this.vnInterceptor.setToken(token, tokenMultimedia);
        try {
            if (remember)
-                this.setStorage(localStorage, token, created, ttl);
+                this.setStorage(localStorage, token, tokenMultimedia, created, ttl);
            else
-                this.setStorage(sessionStorage, token, created, ttl);
+                this.setStorage(sessionStorage, token, tokenMultimedia, created, ttl);
        } catch (err) {
            console.error(err);
        }
@ -46,6 +47,7 @@ export default class Token {
    unset() {
        this.token = null;
        this.tokenMultimedia = null;
        this.created = null;
        this.ttl = null;
        this.remember = null;
@ -57,13 +59,15 @@ export default class Token {
    getStorage(storage) {
        this.token = storage.getItem('vnToken');
        this.tokenMultimedia = storage.getItem('vnTokenMultimedia');
        if (!this.token) return;
        const created = storage.getItem('vnTokenCreated');
        this.created = created && new Date(created);
        this.ttl = storage.getItem('vnTokenTtl');
    }
-    setStorage(storage, token, created, ttl) {
+    setStorage(storage, token, tokenMultimedia, created, ttl) {
        storage.setItem('vnTokenMultimedia', tokenMultimedia);
        storage.setItem('vnToken', token);
        storage.setItem('vnTokenCreated', created.toJSON());
        storage.setItem('vnTokenTtl', ttl);
@ -71,6 +75,7 @@ export default class Token {
    removeStorage(storage) {
        storage.removeItem('vnToken');
        storage.removeItem('vnTokenMultimedia');
        storage.removeItem('vnTokenCreated');
        storage.removeItem('vnTokenTtl');
    }
--- a/front/salix/components/layout/index.js
+++ b/front/salix/components/layout/index.js
@ -23,8 +23,7 @@ export class Layout extends Component {
        if (!this.$.$root.user) return;
        const userId = this.$.$root.user.id;
-        const token = this.vnToken.token;
+        return `/api/Images/user/160x160/${userId}/download?access_token=${this.vnToken.tokenMultimedia}`;
        return `/api/Images/user/160x160/${userId}/download?access_token=${token}`;
    }
    refresh() {
--- a/front/salix/components/log/index.html
+++ b/front/salix/components/log/index.html
@ -31,7 +31,7 @@
                    ng-click="$ctrl.showDescriptor($event, userLog)">
                    <img
                        ng-if="::userLog.user.image"
-                        ng-src="/api/Images/user/160x160/{{::userLog.userFk}}/download?access_token={{::$ctrl.vnToken.token}}">
+                        ng-src="/api/Images/user/160x160/{{::userLog.userFk}}/download?access_token={{::$ctrl.vnToken.tokenMultimedia}}">
                    </img>
                </vn-avatar>
                </div>
@ -181,7 +181,7 @@
                        val="{{::nickname}}">
                        <img
                            ng-if="::image"
-                            ng-src="/api/Images/user/160x160/{{::id}}/download?access_token={{::$ctrl.vnToken.token}}">
+                            ng-src="/api/Images/user/160x160/{{::id}}/download?access_token={{::$ctrl.vnToken.tokenMultimedia}}">
                        </img>
                    </vn-avatar>
                    <div>
--- a/front/salix/module.js
+++ b/front/salix/module.js
@ -13,7 +13,7 @@ export function run($window, $rootScope, vnAuth, vnApp, vnToken, $state) {
        if (!collection || !size || !id) return;
        const basePath = `/api/Images/${collection}/${size}/${id}`;
-        return `${basePath}/download?access_token=${vnToken.token}`;
+        return `${basePath}/download?access_token=${vnToken.tokenMultimedia}`;
    };
    $window.validations = {};
--- a/loopback/locale/en.json
+++ b/loopback/locale/en.json
@ -220,5 +220,7 @@
 	"Shelving not valid": "Shelving not valid",
 	"printerNotExists": "The printer does not exist",
 	"There are not picking tickets": "There are not picking tickets",
-	"ticketCommercial": "The ticket {{ ticket }} for the salesperson {{ salesMan }} is in preparation. (automatically generated message)"
+	"ticketCommercial": "The ticket {{ ticket }} for the salesperson {{ salesMan }} is in preparation. (automatically generated message)",
    "This password can only be changed by the user themselves": "This password can only be changed by the user themselves",
    "They're not your subordinate": "They're not your subordinate"
 }
--- a/loopback/locale/es.json
+++ b/loopback/locale/es.json
@ -346,5 +346,7 @@
    "CountryFK cannot be empty": "El país no puede estar vacío",
    "Cmr file does not exist": "El archivo del cmr no existe",
    "You are not allowed to modify the alias": "No estás autorizado a modificar el alias",
-    "The address of the customer must have information about Incoterms and Customs Agent": "El consignatario del cliente debe tener informado Incoterms y Agente de aduanas"
+    "The address of the customer must have information about Incoterms and Customs Agent": "El consignatario del cliente debe tener informado Incoterms y Agente de aduanas",
    "This password can only be changed by the user themselves": "Esta contraseña solo puede ser modificada por el propio usuario",
    "They're not your subordinate": "No es tu subordinado/a."
 }
--- a/modules/account/back/methods/account/logout.js
+++ b/modules/account/back/methods/account/logout.js
@ -15,7 +15,8 @@ module.exports = Self => {
        http: {
            path: `/logout`,
            verb: 'POST'
-        }
+        },
        accessScopes: ['DEFAULT', 'read:multimedia']
    });
    Self.logout = async ctx => Self.app.models.VnUser.logout(ctx.req.accessToken.id);
--- a/modules/account/back/models/account.js
+++ b/modules/account/back/models/account.js
@ -1,4 +1,7 @@
 const ForbiddenError = require('vn-loopback/util/forbiddenError');
 const {models} = require('vn-loopback/server/server');
 module.exports = Self => {
    require('../methods/account/sync')(Self);
    require('../methods/account/sync-by-id')(Self);
@ -7,4 +10,11 @@ module.exports = Self => {
    require('../methods/account/logout')(Self);
    require('../methods/account/change-password')(Self);
    require('../methods/account/set-password')(Self);
    Self.setUnverifiedPassword = async(id, pass, options) => {
        const {emailVerified} = await models.VnUser.findById(id, {fields: ['emailVerified']}, options);
        if (emailVerified) throw new ForbiddenError('This password can only be changed by the user themselves');
        await models.VnUser.setPassword(id, pass, options);
    };
 };
--- a/modules/claim/back/methods/claim/downloadFile.js
+++ b/modules/claim/back/methods/claim/downloadFile.js
@ -32,7 +32,8 @@ module.exports = Self => {
        http: {
            path: `/:id/downloadFile`,
            verb: 'GET'
-        }
+        },
        accessScopes: ['read:multimedia']
    });
    Self.downloadFile = async function(ctx, id) {
--- a/modules/client/front/balance/index/index.html
+++ b/modules/client/front/balance/index/index.html
@ -114,7 +114,7 @@
                    <vn-td center shrink>
                        <a ng-show="balance.hasPdf"
                            target="_blank"
-                            href="api/InvoiceOuts/{{::balance.id}}/download?access_token={{::$ctrl.vnToken.token}}">
+                            href="api/InvoiceOuts/{{::balance.id}}/download?access_token={{::$ctrl.vnToken.tokenMultimedia}}">
                            <vn-icon-button
                                icon="cloud_download"
                                title="{{'Download PDF' | translate}}">
--- a/modules/invoiceOut/back/methods/invoiceOut/download.js
+++ b/modules/invoiceOut/back/methods/invoiceOut/download.js
@ -31,7 +31,8 @@ module.exports = Self => {
        http: {
            path: '/:id/download',
            verb: 'GET'
-        }
+        },
        accessScopes: ['read:multimedia']
    });
    Self.download = async function(ctx, id, options) {
--- a/modules/invoiceOut/back/methods/invoiceOut/downloadZip.js
+++ b/modules/invoiceOut/back/methods/invoiceOut/downloadZip.js
@ -31,7 +31,8 @@ module.exports = Self => {
        http: {
            path: '/downloadZip',
            verb: 'GET'
-        }
+        },
        accessScopes: ['read:multimedia']
    });
    Self.downloadZip = async function(ctx, ids, options) {
--- a/modules/invoiceOut/front/descriptor-menu/index.html
+++ b/modules/invoiceOut/front/descriptor-menu/index.html
@ -37,7 +37,7 @@
            <vn-menu vn-id="showInvoiceMenu">
                <vn-list>
                    <a class="vn-item"
-                        href="api/InvoiceOuts/{{$ctrl.id}}/download?access_token={{$ctrl.vnToken.token}}"
+                        href="api/InvoiceOuts/{{$ctrl.id}}/download?access_token={{$ctrl.vnToken.tokenMultimedia}}"
                        target="_blank"
                        name="showInvoicePdf"
                        translate>
@ -102,7 +102,7 @@
        </vn-item>
        <vn-item class="dropdown"
            vn-click-stop="refundMenu.show($event, 'left')"
-            vn-tooltip="Create a single ticket with all the content of the current invoice"
+            vn-tooltip="Create a refund ticket for each ticket on the current invoice"
            vn-acl="invoicing, claimManager, salesAssistant"
            vn-acl-action="remove"
            translate>
--- a/modules/invoiceOut/front/descriptor-menu/index.js
+++ b/modules/invoiceOut/front/descriptor-menu/index.js
@ -118,11 +118,14 @@ class Controller extends Section {
        const query = 'InvoiceOuts/refund';
        const params = {ref: this.invoiceOut.ref, withWarehouse: withWarehouse};
        this.$http.post(query, params).then(res => {
-            const refundTicket = res.data;
+            const tickets = res.data;
-            this.vnApp.showSuccess(this.$t('The following refund ticket have been created', {
+            const refundTickets = tickets.map(ticket => ticket.id);
-                ticketId: refundTicket.id
+
            this.vnApp.showSuccess(this.$t('The following refund tickets have been created', {
                ticketId: refundTickets.join(',')
            }));
-            this.$state.go('ticket.card.sale', {id: refundTicket.id});
+            if (refundTickets.length == 1)
                this.$state.go('ticket.card.sale', {id: refundTickets[0]});
        });
    }
--- a/modules/invoiceOut/front/descriptor-menu/locale/es.yml
+++ b/modules/invoiceOut/front/descriptor-menu/locale/es.yml
@ -15,7 +15,7 @@ Are you sure you want to clone this invoice?: Estas seguro de clonar esta factur
 InvoiceOut booked: Factura asentada
 Are you sure you want to book this invoice?: Estas seguro de querer asentar esta factura?
 Are you sure you want to refund this invoice?: Estas seguro de querer abonar esta factura?
-Create a single ticket with all the content of the current invoice: Crear un ticket unico con todo el contenido de la factura actual
+Create a refund ticket for each ticket on the current invoice: Crear un ticket abono por cada ticket de la factura actual
 Regenerate PDF invoice: Regenerar PDF factura
 The invoice PDF document has been regenerated: El documento PDF de la factura ha sido regenerado
 The email can't be empty: El correo no puede estar vacío
--- a/modules/invoiceOut/front/index/index.js
+++ b/modules/invoiceOut/front/index/index.js
@ -25,7 +25,7 @@ export default class Controller extends Section {
    openPdf() {
        if (this.checked.length <= 1) {
            const [invoiceOutId] = this.checked;
-            const url = `api/InvoiceOuts/${invoiceOutId}/download?access_token=${this.vnToken.token}`;
+            const url = `api/InvoiceOuts/${invoiceOutId}/download?access_token=${this.vnToken.tokenMultimedia}`;
            window.open(url, '_blank');
        } else {
            const invoiceOutIds = this.checked;
--- a/modules/item/back/methods/item-image-queue/download.js
+++ b/modules/item/back/methods/item-image-queue/download.js
@ -11,6 +11,7 @@ module.exports = Self => {
            path: `/download`,
            verb: 'POST',
        },
        accessScopes: ['read:multimedia']
    });
    Self.download = async() => {
--- a/modules/route/back/methods/route/downloadCmrsZip.js
+++ b/modules/route/back/methods/route/downloadCmrsZip.js
@ -29,7 +29,8 @@ module.exports = Self => {
        http: {
            path: '/downloadCmrsZip',
            verb: 'GET'
-        }
+        },
        accessScopes: ['read:multimedia']
    });
    Self.downloadCmrsZip = async function(ctx, ids, options) {
--- a/modules/route/back/methods/route/downloadZip.js
+++ b/modules/route/back/methods/route/downloadZip.js
@ -29,7 +29,8 @@ module.exports = Self => {
        http: {
            path: '/downloadZip',
            verb: 'GET'
-        }
+        },
        accessScopes: ['read:multimedia']
    });
    Self.downloadZip = async function(ctx, id, options) {
--- a/modules/route/back/methods/route/driverRoutePdf.js
+++ b/modules/route/back/methods/route/driverRoutePdf.js
@ -34,7 +34,9 @@ module.exports = Self => {
        http: {
            path: '/:id/driver-route-pdf',
            verb: 'GET'
-        }
+        },
        accessScopes: ['read:multimedia']
    });
    Self.driverRoutePdf = (ctx, id) => Self.printReport(ctx, id, 'driver-route');
--- a/modules/route/back/models/route.js
+++ b/modules/route/back/models/route.js
@ -30,9 +30,11 @@ module.exports = Self => {
    });
    function validateDistance(err) {
        if (this.kmEnd) {
            const routeTotalKm = this.kmEnd - this.kmStart;
            const routeMaxKm = 4000;
            if (routeTotalKm > routeMaxKm || this.kmStart > this.kmEnd)
                err();
        }
    }
 };
--- a/modules/route/front/index/index.js
+++ b/modules/route/front/index/index.js
@ -40,7 +40,7 @@ export default class Controller extends Section {
        const stringRoutesIds = routesIds.join(',');
        if (this.checked.length <= 1) {
-            const url = `api/Routes/${stringRoutesIds}/driver-route-pdf?access_token=${this.vnToken.token}`;
+            const url = `api/Routes/${stringRoutesIds}/driver-route-pdf?access_token=${this.vnToken.tokenMultimedia}`;
            window.open(url, '_blank');
        } else {
            const serializedParams = this.$httpParamSerializer({
--- a/modules/ticket/back/methods/ticket-log/specs/getChanges.spec.js
+++ b/modules/ticket/back/methods/ticket-log/specs/getChanges.spec.js
@ -9,8 +9,8 @@ describe('ticketLog getChanges()', () => {
    it('should return the changes in the sales of a ticket', async() => {
        const ticketId = 16;
-        const changues = await models.TicketLog.getChanges(ctx, ticketId);
+        const changes = await models.TicketLog.getChanges(ctx, ticketId);
-        expect(changues).toContain(`Change quantity`);
+        expect(changes).toContain(`Change quantity`);
    });
 });
--- a/modules/ticket/back/methods/ticket/restore.js
+++ b/modules/ticket/back/methods/ticket/restore.js
@ -29,6 +29,15 @@ module.exports = Self => {
        if (typeof options == 'object')
            Object.assign(myOptions, options);
        const ticketLog = await models.TicketLog.findOne({
            fields: ['originFk', 'creationDate', 'newInstance'],
            where: {
                originFk: id,
                newInstance: {like: '%"isDeleted":true%'}
            },
            order: 'creationDate DESC'
        }, myOptions);
        const ticket = await models.Ticket.findById(id, {
            include: [{
                relation: 'client',
@ -39,10 +48,9 @@ module.exports = Self => {
        }, myOptions);
        const now = Date.vnNew();
-        const maxDate = new Date(ticket.updated);
+        const maxDate = new Date(ticketLog?.creationDate);
        maxDate.setHours(maxDate.getHours() + 1);
-
+        if (!ticketLog || now > maxDate)
        if (now > maxDate)
            throw new UserError(`You can only restore a ticket within the first hour after deletion`);
        // Send notification to salesPerson
--- a/modules/ticket/back/methods/ticket/specs/restore.spec.js
+++ b/modules/ticket/back/methods/ticket/specs/restore.spec.js
@ -4,7 +4,7 @@ const models = app.models;
 describe('ticket restore()', () => {
    const employeeUser = 1110;
-    const ticketId = 18;
+    const ticketId = 9;
    const activeCtx = {
        accessToken: {userId: employeeUser},
        headers: {
@ -30,10 +30,21 @@ describe('ticket restore()', () => {
        try {
            const options = {transaction: tx};
            const ticket = await models.Ticket.findById(ticketId, null, options);
            await ticket.updateAttributes({
                isDeleted: true,
                updated: now
            }, options);
            await models.TicketLog.create({
                originFk: ticketId,
                userFk: employeeUser,
                action: 'update',
                changedModel: 'Ticket',
                creationDate: new Date('2001-01-01 10:59:00'),
                newInstance: '{"isDeleted":true}'
            }, options);
            await app.models.Ticket.restore(ctx, ticketId, options);
            await tx.rollback();
        } catch (e) {
@ -52,11 +63,21 @@ describe('ticket restore()', () => {
            const options = {transaction: tx};
            const ticketBeforeUpdate = await models.Ticket.findById(ticketId, null, options);
            await ticketBeforeUpdate.updateAttributes({
                isDeleted: true,
                updated: now
            }, options);
            await models.TicketLog.create({
                originFk: ticketId,
                userFk: employeeUser,
                action: 'update',
                changedModel: 'Ticket',
                creationDate: new Date('2001-01-01 11:01:00'),
                newInstance: '{"isDeleted":true}'
            }, options);
            const ticketAfterUpdate = await models.Ticket.findById(ticketId, null, options);
            expect(ticketAfterUpdate.isDeleted).toBeTruthy();
@ -65,7 +86,9 @@ describe('ticket restore()', () => {
            const ticketAfterRestore = await models.Ticket.findById(ticketId, null, options);
            const fullYear = now.getFullYear();
            const shippedFullYear = ticketAfterRestore.shipped.getFullYear();
            const landedFullYear = ticketAfterRestore.landed.getFullYear();
            expect(ticketAfterRestore.isDeleted).toBeFalsy();
--- a/modules/ticket/back/models/ticket-log.json
+++ b/modules/ticket/back/models/ticket-log.json
@ -5,5 +5,40 @@
 		"mysql": {
 			"table": "ticketLog"
 		}
 	},
    "properties": {
        "id": {
            "type": "string"
        },
        "originFk": {
            "type": "number"
        },
        "userFk": {
            "type":"number"
        },
        "action": {
            "type": "string"
        },
        "creationDate": {
            "type": "date"
        },
        "description": {
            "type": "string"
        },
        "changedModel": {
            "type": "string"
        },
        "oldInstance": {
            "type": "any"
        },
        "newInstance": {
            "type": "any"
        },
        "changedModelId": {
            "type": "string"
        },
        "changedModelValue": {
            "type": "string"
        }
    }
 }
--- a/modules/ticket/front/descriptor-menu/index.js
+++ b/modules/ticket/front/descriptor-menu/index.js
@ -35,6 +35,29 @@ class Controller extends Section {
                });
            }
        });
        const filter = {
            fields: ['originFk', 'creationDate', 'newInstance'],
            where: {
                originFk: value,
                newInstance: {like: '%"isDeleted":true%'}
            },
            order: 'creationDate DESC'
        };
        this.$http.get(`TicketLogs/findOne`, {filter})
            .then(res => {
                if (res && res.data) {
                    const now = Date.vnNew();
                    const maxDate = new Date(res.data.creationDate);
                    maxDate.setHours(maxDate.getHours() + 1);
                    if (now <= maxDate)
                        return this.canRestoreTicket = true;
                }
                this.canRestoreTicket = false;
            })
            .catch(() => {
                this.canRestoreTicket = false;
            });
    }
    get isInvoiced() {
@ -171,15 +194,6 @@ class Controller extends Section {
            });
    }
    get canRestoreTicket() {
        const isDeleted = this.ticket.isDeleted;
        const now = Date.vnNew();
        const maxDate = new Date(this.ticket.updated);
        maxDate.setHours(maxDate.getHours() + 1);
        return isDeleted && (now <= maxDate);
    }
    restoreTicket() {
        return this.$http.post(`Tickets/${this.id}/restore`)
            .then(() => this.reload())
--- a/modules/ticket/front/descriptor-menu/index.spec.js
+++ b/modules/ticket/front/descriptor-menu/index.spec.js
@ -40,29 +40,6 @@ describe('Ticket Component vnTicketDescriptorMenu', () => {
        controller.ticket = ticket;
    }));
    describe('canRestoreTicket() getter', () => {
        it('should return true for a ticket deleted within the last hour', () => {
            controller.ticket.isDeleted = true;
            controller.ticket.updated = Date.vnNew();
            const result = controller.canRestoreTicket;
            expect(result).toBeTruthy();
        });
        it('should return false for a ticket deleted more than one hour ago', () => {
            const pastHour = Date.vnNew();
            pastHour.setHours(pastHour.getHours() - 2);
            controller.ticket.isDeleted = true;
            controller.ticket.updated = pastHour;
            const result = controller.canRestoreTicket;
            expect(result).toBeFalsy();
        });
    });
    describe('addTurn()', () => {
        it('should make a query and call $.addTurn.hide() and vnApp.showSuccess()', () => {
            controller.$.addTurn = {hide: () => {}};
@ -105,20 +82,6 @@ describe('Ticket Component vnTicketDescriptorMenu', () => {
        });
    });
    describe('restoreTicket()', () => {
        it('should make a query to restore the ticket and call vnApp.showSuccess()', () => {
            jest.spyOn(controller, 'reload').mockReturnThis();
            jest.spyOn(controller.vnApp, 'showSuccess');
            $httpBackend.expectPOST(`Tickets/${ticket.id}/restore`).respond();
            controller.restoreTicket();
            $httpBackend.flush();
            expect(controller.reload).toHaveBeenCalled();
            expect(controller.vnApp.showSuccess).toHaveBeenCalled();
        });
    });
    describe('showPdfDeliveryNote()', () => {
        it('should open a new window showing a delivery note PDF document', () => {
            jest.spyOn(window, 'open').mockReturnThis();
--- a/modules/ticket/front/descriptor-menu/locale/es.yml
+++ b/modules/ticket/front/descriptor-menu/locale/es.yml
@ -14,7 +14,8 @@ Refund all...: Abonar todo...
 with warehouse: con almacén
 without warehouse: sin almacén
 Invoice sent: Factura enviada
-The following refund ticket have been created: "Se ha creado siguiente ticket de abono: {{ticketId}}"
+The following refund ticket have been created: "Se ha creado el siguiente ticket de abono: {{ticketId}}"
 The following refund tickets have been created: "Se han creado los siguientes tickets de abono: {{ticketId}}"
 Transfer client: Transferir cliente
 Send SMS...: Enviar SMS...
 Notify changes: Notificar cambios
--- a/modules/worker/back/methods/worker-dms/downloadFile.js
+++ b/modules/worker/back/methods/worker-dms/downloadFile.js
@ -29,7 +29,8 @@ module.exports = Self => {
        http: {
            path: `/:id/downloadFile`,
            verb: 'GET'
-        }
+        },
        accessScopes: ['read:multimedia']
    });
    Self.downloadFile = async function(ctx, id) {
--- a/modules/worker/back/methods/worker/setPassword.js
+++ b/modules/worker/back/methods/worker/setPassword.js
@ -1,31 +1,29 @@
-const UserError = require('vn-loopback/util/user-error');
+const ForbiddenError = require('vn-loopback/util/forbiddenError');
 module.exports = Self => {
    Self.remoteMethodCtx('setPassword', {
        description: 'Set a new password',
-        accepts: [
+        accepts: [{
-            {
+            arg: 'id',
                arg: 'workerFk',
            type: 'number',
            required: true,
            description: 'The worker id',
-            },
+            http: {source: 'path'}
-            {
+        }, {
            arg: 'newPass',
            type: 'String',
            required: true,
            description: 'The new worker password'
-            }
+        }],
        ],
        http: {
            path: `/:id/setPassword`,
            verb: 'PATCH'
        }
    });
-    Self.setPassword = async(ctx, options) => {
+    Self.setPassword = async(ctx, id, newPass, options) => {
        const models = Self.app.models;
        const myOptions = {};
        const {args} = ctx;
        let tx;
        if (typeof options == 'object')
            Object.assign(myOptions, options);
        if (!myOptions.transaction) {
@ -33,11 +31,10 @@ module.exports = Self => {
            myOptions.transaction = tx;
        }
        try {
-            const isSubordinate = await models.Worker.isSubordinate(ctx, args.workerFk, myOptions);
+            const isSubordinate = await Self.isSubordinate(ctx, id, myOptions);
-            if (!isSubordinate) throw new UserError('You don\'t have enough privileges.');
+            if (!isSubordinate) throw new ForbiddenError('They\'re not your subordinate');
-            await models.VnUser.setPassword(args.workerFk, args.newPass, myOptions);
+            await models.Account.setUnverifiedPassword(id, newPass, myOptions);
            await models.VnUser.updateAll({id: args.workerFk}, {emailVerified: true}, myOptions);
            if (tx) await tx.commit();
        } catch (e) {
--- a/modules/worker/back/methods/worker/specs/setPassword.spec.js
+++ b/modules/worker/back/methods/worker/specs/setPassword.spec.js
@ -1,31 +1,30 @@
-const UserError = require('vn-loopback/util/user-error');
+const {models} = require('vn-loopback/server/server');
 const models = require('vn-loopback/server/server').models;
 describe('worker setPassword()', () => {
    let ctx;
    const newPass = 'H3rn4d3z#';
    const employeeId = 1;
    const managerId = 20;
    const administrativeId = 5;
    beforeAll(() => {
        ctx = {
            req: {
-                accessToken: {},
+                accessToken: {userId: managerId},
                headers: {origin: 'http://localhost'}
            },
            args: {workerFk: 9}
        };
    });
-    beforeEach(() => {
+    it('should change the password if it is a subordinate and the email is not verified', async() => {
        ctx.req.accessToken.userId = 20;
        ctx.args.newPass = 'H3rn4d3z#';
    });
    it('should change the password', async() => {
        const tx = await models.Worker.beginTransaction({});
        try {
            const options = {transaction: tx};
-            await models.Worker.setPassword(ctx, options);
+            await models.Worker.setPassword(ctx, employeeId, newPass, options);
            const isNewPass = await passHasBeenChanged(employeeId, newPass, options);
            expect(isNewPass).toBeTrue();
            await tx.rollback();
        } catch (e) {
            await tx.rollback();
@ -33,29 +32,48 @@ describe('worker setPassword()', () => {
        }
    });
-    it('should throw an error: Password does not meet requirements', async() => {
+    it('should not change the password if it is a subordinate and the email is verified', async() => {
-        const tx = await models.Collection.beginTransaction({});
+        const tx = await models.Worker.beginTransaction({});
-        ctx.args.newPass = 'Hi';
+
        try {
            const options = {transaction: tx};
-            await models.Worker.setPassword(ctx, options);
+            await models.VnUser.updateAll({id: employeeId}, {emailVerified: true}, options);
            await models.Worker.setPassword(ctx, employeeId, newPass, options);
            await tx.rollback();
        } catch (e) {
            expect(e.message).toEqual(`This password can only be changed by the user themselves`);
            await tx.rollback();
        }
    });
    it('should not change the password if it is not a subordinate', async() => {
        const tx = await models.Worker.beginTransaction({});
        try {
            const options = {transaction: tx};
            await models.Worker.setPassword(ctx, administrativeId, newPass, options);
            await tx.rollback();
        } catch (e) {
            expect(e.message).toEqual(`They're not your subordinate`);
            await tx.rollback();
        }
    });
    it('should throw an error: Password does not meet requirements', async() => {
        const tx = await models.Worker.beginTransaction({});
        const newPass = 'Hi';
        try {
            const options = {transaction: tx};
            await models.Worker.setPassword(ctx, employeeId, newPass, options);
            await tx.rollback();
        } catch (e) {
            expect(e.sqlMessage).toEqual('Password does not meet requirements');
            await tx.rollback();
        }
    });
 });
-    it('should throw an error: You don\'t have enough privileges.', async() => {
+const passHasBeenChanged = async(userId, pass, options) => {
-        ctx.req.accessToken.userId = 5;
+    const user = await models.VnUser.findById(userId, null, options);
-        const tx = await models.Collection.beginTransaction({});
+    return user.hasPassword(pass);
-        try {
+};
            const options = {transaction: tx};
            await models.Worker.setPassword(ctx, options);
            await tx.rollback();
        } catch (e) {
            expect(e).toEqual(new UserError(`You don't have enough privileges.`));
            await tx.rollback();
        }
    });
 });
--- a/modules/worker/back/models/department.json
+++ b/modules/worker/back/models/department.json
@ -62,6 +62,11 @@
            "type": "belongsTo",
            "model": "Worker",
            "foreignKey": "workerFk"
        },
        "workerActivity": {
            "type": "belongsTo",
            "model": "Worker",
            "foreignKey": "workerActivityTypeFk"
        }
    }
 }
--- a/modules/worker/front/descriptor/index.html
+++ b/modules/worker/front/descriptor/index.html
@ -11,7 +11,7 @@
                ? 'Click to allow the user to be disabled'
                : 'Click to exclude the user from getting disabled'}}
          </vn-item>
-          <vn-item ng-if="!$ctrl.worker.user.emailVerified" ng-click="setPassword.show()" translate>
+          <vn-item ng-if="!$ctrl.worker.user.emailVerified && $ctrl.vnConfig.storage.currentUserWorkerId !=$ctrl.worker.id" ng-click="setPassword.show()" translate>
            Change password 
          </vn-item>
    </slot-menu>
--- a/modules/worker/front/descriptor/index.js
+++ b/modules/worker/front/descriptor/index.js
@ -69,6 +69,7 @@ class Controller extends Descriptor {
                }
            ]
        };
        return this.getData(`Workers/${this.id}`, {filter})
            .then(res => this.entity = res.data);
    }
@ -86,15 +87,14 @@ class Controller extends Descriptor {
        if (this.newPassword != this.repeatPassword)
            throw new UserError(`Passwords don't match`);
        this.$http.patch(
-            `Workers/${this.entity.id}/setPassword`,
+            `Workers/${this.entity.id}/setPassword`, {newPass: this.newPassword}
            {workerFk: this.entity.id, newPass: this.newPassword}
        ) .then(() => {
            this.vnApp.showSuccess(this.$translate.instant('Password changed!'));
-        });
+        }).then(() => this.loadData());
    }
 }
-Controller.$inject = ['$element', '$scope', '$rootScope'];
+Controller.$inject = ['$element', '$scope', '$rootScope', 'vnConfig'];
 ngModule.vnComponent('vnWorkerDescriptor', {
    template: require('./index.html'),
--- a/modules/worker/front/descriptor/index.spec.js
+++ b/modules/worker/front/descriptor/index.spec.js
@ -16,6 +16,7 @@ describe('vnWorkerDescriptor', () => {
            const id = 1;
            const response = 'foo';
            $httpBackend.whenGET('UserConfigs/getUserConfig').respond({});
            $httpBackend.expectRoute('GET', `Workers/${id}`).respond(response);
            controller.id = id;
            $httpBackend.flush();
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
    "name": "salix-back",
-    "version": "24.12.0",
+    "version": "24.14.0",
    "author": "Verdnatura Levante SL",
    "description": "Salix backend",
    "license": "GPL-3.0",