From b33f42d05ed6d0c6bbbb79ed7062cc82da2fcde4 Mon Sep 17 00:00:00 2001
From: Bernat Exposito Domenech <bernat.verdnatura@gmail.com>
Date: Tue, 16 Jun 2020 07:47:46 +0200
Subject: [PATCH] add restrictions in claim detail

---
 loopback/locale/es.json                       |  1 +
 .../claim/back/methods/claim/isEditable.js    | 41 +++++++++++++++++++
 .../methods/claim/specs/isEditable.spec.js    | 33 +++++++++++++++
 modules/claim/back/models/claim-beginning.js  | 21 ++++++++++
 modules/claim/back/models/claim.js            |  1 +
 modules/claim/front/detail/index.html         | 12 ++++--
 modules/claim/front/detail/index.js           |  6 +++
 7 files changed, 112 insertions(+), 3 deletions(-)
 create mode 100644 modules/claim/back/methods/claim/isEditable.js
 create mode 100644 modules/claim/back/methods/claim/specs/isEditable.spec.js

diff --git a/loopback/locale/es.json b/loopback/locale/es.json
index d77b6d290..e58d55da0 100644
--- a/loopback/locale/es.json
+++ b/loopback/locale/es.json
@@ -84,6 +84,7 @@
 	"NO_AGENCY_AVAILABLE": "No hay una zona de reparto disponible con estos parámetros",
 	"ERROR_PAST_SHIPMENT": "No puedes seleccionar una fecha de envío en pasado",
 	"The current ticket can't be modified": "El ticket actual no puede ser modificado",
+	"The current claim can't be modified": "La reclamación actual no puede ser modificada",
 	"The sales of this ticket can't be modified": "Las lineas de este ticket no pueden ser modificadas",
 	"Please select at least one sale": "Por favor selecciona al menos una linea",
 	"All sales must belong to the same ticket": "Todas las lineas deben pertenecer al mismo ticket",
diff --git a/modules/claim/back/methods/claim/isEditable.js b/modules/claim/back/methods/claim/isEditable.js
new file mode 100644
index 000000000..2e9991584
--- /dev/null
+++ b/modules/claim/back/methods/claim/isEditable.js
@@ -0,0 +1,41 @@
+module.exports = Self => {
+    Self.remoteMethodCtx('isEditable', {
+        description: 'Check if a claim is editable',
+        accessType: 'READ',
+        accepts: [{
+            arg: 'id',
+            type: 'number',
+            required: true,
+            description: 'the claim id',
+            http: {source: 'path'}
+        }],
+        returns: {
+            type: 'boolean',
+            root: true
+        },
+        http: {
+            path: `/:id/isEditable`,
+            verb: 'get'
+        }
+    });
+
+    Self.isEditable = async(ctx, id) => {
+        const userId = ctx.req.accessToken.userId;
+
+        const isSalesAssistant = await Self.app.models.Account.hasRole(userId, 'salesAssistant');
+
+        let claim = await Self.app.models.Claim.findById(id, {
+            fields: ['claimStateFk'],
+            include: [{
+                relation: 'claimState'
+            }]
+        });
+
+        const isClaimResolved = claim && claim.claimState().code == 'resolved';
+
+        if (!claim || (isClaimResolved && !isSalesAssistant))
+            return false;
+
+        return true;
+    };
+};
diff --git a/modules/claim/back/methods/claim/specs/isEditable.spec.js b/modules/claim/back/methods/claim/specs/isEditable.spec.js
new file mode 100644
index 000000000..ca419de4c
--- /dev/null
+++ b/modules/claim/back/methods/claim/specs/isEditable.spec.js
@@ -0,0 +1,33 @@
+const app = require('vn-loopback/server/server');
+
+describe('claim isEditable()', () => {
+    const salesPerdonId = 18;
+    const salesAssistantId = 21;
+    it('should return false if the given claim does not exist', async() => {
+        let ctx = {req: {accessToken: {userId: salesAssistantId}}};
+        let result = await app.models.Claim.isEditable(ctx, 99999);
+
+        expect(result).toEqual(false);
+    });
+
+    it('should not be able to edit a resolved claim for a salesPerson', async() => {
+        let ctx = {req: {accessToken: {userId: salesPerdonId}}};
+        let result = await app.models.Claim.isEditable(ctx, 4);
+
+        expect(result).toEqual(false);
+    });
+
+    it('should be able to edit a resolved claim for a salesAssistant', async() => {
+        let ctx = {req: {accessToken: {userId: salesAssistantId}}};
+        let result = await app.models.Claim.isEditable(ctx, 4);
+
+        expect(result).toEqual(true);
+    });
+
+    it('should be able to edit a claim for a salesAssistant', async() => {
+        let ctx = {req: {accessToken: {userId: salesPerdonId}}};
+        let result = await app.models.Claim.isEditable(ctx, 1);
+
+        expect(result).toEqual(true);
+    });
+});
diff --git a/modules/claim/back/models/claim-beginning.js b/modules/claim/back/models/claim-beginning.js
index 839044112..3cf372ab2 100644
--- a/modules/claim/back/models/claim-beginning.js
+++ b/modules/claim/back/models/claim-beginning.js
@@ -1,7 +1,28 @@
+
+const UserError = require('vn-loopback/util/user-error');
+const LoopBackContext = require('loopback-context');
+
 module.exports = Self => {
     require('../methods/claim-beginning/importToNewRefundTicket')(Self);
 
     Self.validatesUniquenessOf('saleFk', {
         message: `A claim with that sale already exists`
     });
+    Self.observe('before save', async ctx => {
+        if (ctx.isNewInstance) return;
+        await claimIsEditable(ctx);
+    });
+    Self.observe('before delete', async ctx => {
+        if (ctx.isNewInstance) return;
+        await claimIsEditable(ctx);
+    });
+
+    async function claimIsEditable(ctx) {
+        const loopBackContext = LoopBackContext.getCurrentContext();
+        const httpCtx = {req: loopBackContext.active};
+        const isEditable = await Self.app.models.Claim.isEditable(httpCtx, ctx.where.id);
+
+        if (!isEditable)
+            throw new UserError(`The current claim can't be modified`);
+    }
 };
diff --git a/modules/claim/back/models/claim.js b/modules/claim/back/models/claim.js
index 234a95434..fba11cfb6 100644
--- a/modules/claim/back/models/claim.js
+++ b/modules/claim/back/models/claim.js
@@ -6,4 +6,5 @@ module.exports = Self => {
     require('../methods/claim/regularizeClaim')(Self);
     require('../methods/claim/uploadFile')(Self);
     require('../methods/claim/updateClaimAction')(Self);
+    require('../methods/claim/isEditable')(Self);
 };
diff --git a/modules/claim/front/detail/index.html b/modules/claim/front/detail/index.html
index 6061146c3..9af8fd328 100644
--- a/modules/claim/front/detail/index.html
+++ b/modules/claim/front/detail/index.html
@@ -40,6 +40,7 @@
                     <vn-input-number
                         min="0"
                         step="1"
+                        disabled="!$ctrl.isRewritable"
                         ng-model="saleClaimed.quantity"
                         on-change="$ctrl.setClaimedQuantity(saleClaimed.id, saleClaimed.quantity)"
                         class="dense">
@@ -66,6 +67,7 @@
                 <vn-td shrink>
                     <vn-icon-button
                         vn-tooltip="Remove sale"
+                        ng-if ="$ctrl.isRewritable"
                         icon="delete"
                         ng-click="$ctrl.deleteClaimedSale($index)"
                         tabindex="-1">
@@ -76,9 +78,13 @@
     </vn-table>
     </vn-card>
 </vn-data-viewer>
-<a ng-click="$ctrl.openAddSalesDialog()" vn-tooltip="Add sale item" vn-bind="+" fixed-bottom-right>
-    <vn-float-button icon="add"></vn-float-button>
-</a>
+<vn-float-button 
+    icon="add"
+    ng-if="$ctrl.isRewritable"
+    ng-click="$ctrl.openAddSalesDialog()"   
+    vn-tooltip="Add sale item" vn-bind="+" 
+    fixed-bottom-right>
+</vn-float-button>
 <!-- Add Lines Dialog -->
 <vn-dialog vn-id="add-sales" class="modal-form">
     <tpl-title>
diff --git a/modules/claim/front/detail/index.js b/modules/claim/front/detail/index.js
index 722f7daf7..79f4ab799 100644
--- a/modules/claim/front/detail/index.js
+++ b/modules/claim/front/detail/index.js
@@ -133,6 +133,12 @@ class Controller extends Section {
         });
     }
 
+    isClaimEditable() {
+        this.$http.get(`Claims/${this.claim.id}/isEditable`).then(res => {
+            this.isRewritable = res.data;
+        });
+    }
+
     updateDiscount() {
         const claimedSale = this.saleClaimed.sale;
         if (this.newDiscount != claimedSale.discount) {