diff --git a/loopback/locale/es.json b/loopback/locale/es.json index fdc1bd9770..89e301fcab 100644 --- a/loopback/locale/es.json +++ b/loopback/locale/es.json @@ -86,6 +86,7 @@ "The current ticket can't be modified": "El ticket actual no puede ser modificado", "The current claim can't be modified": "La reclamación actual no puede ser modificada", "The sales of this ticket can't be modified": "Las lineas de este ticket no pueden ser modificadas", + "Sale(s) blocked, contact production": "Linea(s) bloqueada(s), contacte con produccion", "Please select at least one sale": "Por favor selecciona al menos una linea", "All sales must belong to the same ticket": "Todas las lineas deben pertenecer al mismo ticket", "NO_ZONE_FOR_THIS_PARAMETERS": "Para este día no hay ninguna zona configurada", diff --git a/modules/ticket/back/methods/sale/canEdit.js b/modules/ticket/back/methods/sale/canEdit.js new file mode 100644 index 0000000000..4e0fc5f8bf --- /dev/null +++ b/modules/ticket/back/methods/sale/canEdit.js @@ -0,0 +1,40 @@ +module.exports = Self => { + Self.remoteMethodCtx('canEdit', { + description: 'Check if all the received sales are aditable', + accessType: 'READ', + accepts: [{ + arg: 'sales', + type: ['object'], + required: true + }], + returns: { + type: 'boolean', + root: true + }, + http: { + path: `/isEditable`, + verb: 'get' + } + }); + + Self.canEdit = async(ctx, sales, options) => { + const models = Self.app.models; + const userId = ctx.req.accessToken.userId; + const myOptions = {}; + + if (typeof options == 'object') + Object.assign(myOptions, options); + + const idsCollection = sales.map(sale => sale.id); + + const saleTracking = await models.SaleTracking.find({where: {saleFk: {inq: idsCollection}}}, myOptions); + + const hasSaleTracking = saleTracking.length; + + const isProductionRole = await models.Account.hasRole(userId, 'production', myOptions); + + const canEdit = (isProductionRole || !hasSaleTracking); + + return canEdit; + }; +}; diff --git a/modules/ticket/back/methods/sale/deleteSales.js b/modules/ticket/back/methods/sale/deleteSales.js index d11223d3bf..31899a501b 100644 --- a/modules/ticket/back/methods/sale/deleteSales.js +++ b/modules/ticket/back/methods/sale/deleteSales.js @@ -28,10 +28,16 @@ module.exports = Self => { Self.deleteSales = async(ctx, sales, ticketId) => { const models = Self.app.models; + + const canEditSales = await models.Sale.canEdit(ctx, sales); + const isTicketEditable = await models.Ticket.isEditable(ctx, ticketId); if (!isTicketEditable) throw new UserError(`The sales of this ticket can't be modified`); + if (!canEditSales) + throw new UserError(`Sale(s) blocked, please contact production`); + const promises = []; for (let sale of sales) { const deletedSale = models.Sale.destroyById(sale.id); diff --git a/modules/ticket/back/methods/sale/recalculatePrice.js b/modules/ticket/back/methods/sale/recalculatePrice.js index 9ad7e68e7b..9e902d393e 100644 --- a/modules/ticket/back/methods/sale/recalculatePrice.js +++ b/modules/ticket/back/methods/sale/recalculatePrice.js @@ -29,6 +29,11 @@ module.exports = Self => { if (!isEditable) throw new UserError(`The sales of this ticket can't be modified`); + const canEditSale = await models.Sale.canEdit(ctx, [id]); + + if (!canEditSale) + throw new UserError(`Sale(s) blocked, please contact production`); + return Self.rawSql('CALL vn.sale_calculateComponent(?, null)', [id]); }; }; diff --git a/modules/ticket/back/methods/sale/reserve.js b/modules/ticket/back/methods/sale/reserve.js index e054e1ec81..96c794e7ca 100644 --- a/modules/ticket/back/methods/sale/reserve.js +++ b/modules/ticket/back/methods/sale/reserve.js @@ -37,6 +37,11 @@ module.exports = Self => { if (!isTicketEditable) throw new UserError(`The sales of this ticket can't be modified`); + const canEditSale = await models.Sale.canEdit(ctx, sales); + + if (!canEditSale) + throw new UserError(`Sale(s) blocked, please contact production`); + const promises = []; for (let sale of sales) { const reservedSale = models.Sale.update({id: sale.id}, {reserved: reserved}); diff --git a/modules/ticket/back/methods/sale/specs/canEdit.spec.js b/modules/ticket/back/methods/sale/specs/canEdit.spec.js new file mode 100644 index 0000000000..fb1e1ab877 --- /dev/null +++ b/modules/ticket/back/methods/sale/specs/canEdit.spec.js @@ -0,0 +1,36 @@ +const app = require('vn-loopback/server/server'); + +describe('sale canEdit()', () => { + it('should return true if the role is production regardless of the saleTrackings', async() => { + const productionUserID = 49; + let ctx = {req: {accessToken: {userId: productionUserID}}}; + + const sales = [{id: 3}]; + + const result = await app.models.Sale.canEdit(ctx, sales); + + expect(result).toEqual(true); + }); + + it('should return true if the role is not production and none of the sales has saleTracking', async() => { + const salesPersonUserID = 18; + let ctx = {req: {accessToken: {userId: salesPersonUserID}}}; + + const sales = [{id: 10}]; + + const result = await app.models.Sale.canEdit(ctx, sales); + + expect(result).toEqual(true); + }); + + it('should return false if any of the sales has a saleTracking record', async() => { + const salesPersonUserID = 18; + let ctx = {req: {accessToken: {userId: salesPersonUserID}}}; + + const sales = [{id: 3}]; + + const result = await app.models.Sale.canEdit(ctx, sales); + + expect(result).toEqual(false); + }); +}); diff --git a/modules/ticket/back/methods/sale/specs/updateConcept.spec.js b/modules/ticket/back/methods/sale/specs/updateConcept.spec.js index d383cc9484..428bac390f 100644 --- a/modules/ticket/back/methods/sale/specs/updateConcept.spec.js +++ b/modules/ticket/back/methods/sale/specs/updateConcept.spec.js @@ -1,6 +1,7 @@ const app = require('vn-loopback/server/server'); describe('sale updateConcept()', () => { + const ctx = {req: {accessToken: {userId: 9}}}; const saleId = 1; let originalSale; @@ -21,7 +22,7 @@ describe('sale updateConcept()', () => { const newConcept = 'I am he new concept'; try { - await app.models.Sale.updateConcept(undefined, newConcept); + await app.models.Sale.updateConcept(ctx, undefined, newConcept); } catch (e) { err = e; } @@ -32,7 +33,7 @@ describe('sale updateConcept()', () => { it('should update the sale concept', async() => { const newConcept = 'I am the new concept'; - let response = await app.models.Sale.updateConcept(saleId, newConcept); + let response = await app.models.Sale.updateConcept(ctx, saleId, newConcept); expect(response.concept).toEqual(newConcept); }); diff --git a/modules/ticket/back/methods/sale/specs/updateQuantity.spec.js b/modules/ticket/back/methods/sale/specs/updateQuantity.spec.js index ccb73d7799..16221b55ce 100644 --- a/modules/ticket/back/methods/sale/specs/updateQuantity.spec.js +++ b/modules/ticket/back/methods/sale/specs/updateQuantity.spec.js @@ -1,10 +1,12 @@ const app = require('vn-loopback/server/server'); describe('sale updateQuantity()', () => { + const ctx = {req: {accessToken: {userId: 9}}}; + it('should throw an error if the quantity is not a number', async() => { let error; - await app.models.Sale.updateQuantity(1, 'wrong quantity!') + await app.models.Sale.updateQuantity(ctx, 1, 'wrong quantity!') .catch(response => { expect(response).toEqual(new Error('The value should be a number')); error = response; @@ -16,7 +18,7 @@ describe('sale updateQuantity()', () => { it('should throw an error if the quantity is greater than it should be', async() => { let error; - await app.models.Sale.updateQuantity(1, 99) + await app.models.Sale.updateQuantity(ctx, 1, 99) .catch(response => { expect(response).toEqual(new Error('The new quantity should be smaller than the old one')); error = response; @@ -30,7 +32,7 @@ describe('sale updateQuantity()', () => { expect(originalLineData.quantity).toEqual(5); - await app.models.Sale.updateQuantity(1, 4); + await app.models.Sale.updateQuantity(ctx, 1, 4); let modifiedLineData = await app.models.Sale.findOne({where: {id: 1}, fields: ['quantity']}); diff --git a/modules/ticket/back/methods/sale/updateConcept.js b/modules/ticket/back/methods/sale/updateConcept.js index d95cf1202d..6a5f3375fa 100644 --- a/modules/ticket/back/methods/sale/updateConcept.js +++ b/modules/ticket/back/methods/sale/updateConcept.js @@ -1,5 +1,5 @@ module.exports = Self => { - Self.remoteMethod('updateConcept', { + Self.remoteMethodCtx('updateConcept', { description: 'Updates the concept of a sale', accessType: 'WRITE', accepts: [{ @@ -24,8 +24,14 @@ module.exports = Self => { } }); - Self.updateConcept = async(id, newConcept) => { - let currentLine = await Self.app.models.Sale.findById(id); + Self.updateConcept = async(ctx, id, newConcept) => { + const models = Self.app.models; + const currentLine = await models.Sale.findById(id); + + const canEditSale = await models.Sale.canEdit(ctx, [id]); + + if (!canEditSale) + throw new UserError(`Sale(s) blocked, please contact production`); return await currentLine.updateAttributes({concept: newConcept}); }; diff --git a/modules/ticket/back/methods/sale/updatePrice.js b/modules/ticket/back/methods/sale/updatePrice.js index 200eeb4442..2195c2b7b9 100644 --- a/modules/ticket/back/methods/sale/updatePrice.js +++ b/modules/ticket/back/methods/sale/updatePrice.js @@ -55,6 +55,11 @@ module.exports = Self => { if (!isEditable) throw new UserError(`The sales of this ticket can't be modified`); + const canEditSale = await models.Sale.canEdit(ctx, [id]); + + if (!canEditSale) + throw new UserError(`Sale(s) blocked, please contact production`); + const userId = ctx.req.accessToken.userId; let usesMana = await models.WorkerMana.findOne({where: {workerFk: userId}, fields: 'amount'}, options); diff --git a/modules/ticket/back/methods/sale/updateQuantity.js b/modules/ticket/back/methods/sale/updateQuantity.js index c25aa9007d..00df49b9f7 100644 --- a/modules/ticket/back/methods/sale/updateQuantity.js +++ b/modules/ticket/back/methods/sale/updateQuantity.js @@ -1,7 +1,7 @@ let UserError = require('vn-loopback/util/user-error'); module.exports = Self => { - Self.remoteMethod('updateQuantity', { + Self.remoteMethodCtx('updateQuantity', { description: 'Changes the quantity of a sale', accessType: 'WRITE', accepts: [{ @@ -26,11 +26,18 @@ module.exports = Self => { } }); - Self.updateQuantity = async(id, quantity) => { + Self.updateQuantity = async(ctx, id, quantity) => { + const models = Self.app.models; + + const canEditSale = await models.Sale.canEdit(ctx, [id]); + + if (!canEditSale) + throw new UserError(`Sale(s) blocked, please contact production`); + if (isNaN(quantity)) throw new UserError(`The value should be a number`); - let currentLine = await Self.app.models.Sale.findOne({where: {id: id}}); + let currentLine = await models.Sale.findOne({where: {id: id}}); if (quantity > currentLine.quantity) throw new UserError('The new quantity should be smaller than the old one'); diff --git a/modules/ticket/back/models/sale.js b/modules/ticket/back/models/sale.js index 4885071fd9..545e054dc1 100644 --- a/modules/ticket/back/models/sale.js +++ b/modules/ticket/back/models/sale.js @@ -6,6 +6,7 @@ module.exports = Self => { require('../methods/sale/updateQuantity')(Self); require('../methods/sale/updateConcept')(Self); require('../methods/sale/recalculatePrice')(Self); + require('../methods/sale/canEdit')(Self); Self.validatesPresenceOf('concept', { message: `Concept cannot be blank`