diff --git a/CHANGELOG.md b/CHANGELOG.md index f48811338..4eed71921 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,14 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [2414.01] - 2024-04-04 + +### Added + +### Changed + +### Fixed + ## [2408.01] - 2024-02-22 ### Added diff --git a/back/methods/dms/downloadFile.js b/back/methods/dms/downloadFile.js index 1b9150053..d64b15b70 100644 --- a/back/methods/dms/downloadFile.js +++ b/back/methods/dms/downloadFile.js @@ -29,7 +29,8 @@ module.exports = Self => { http: { path: `/:id/downloadFile`, verb: 'GET' - } + }, + accessScopes: ['read:multimedia'] }); Self.downloadFile = async function(ctx, id) { diff --git a/back/methods/docuware/download.js b/back/methods/docuware/download.js index a0d72ce01..a1776cde5 100644 --- a/back/methods/docuware/download.js +++ b/back/methods/docuware/download.js @@ -42,7 +42,8 @@ module.exports = Self => { http: { path: `/:id/download`, verb: 'GET' - } + }, + accessScopes: ['read:multimedia'] }); Self.download = async function(id, fileCabinet, filter) { diff --git a/back/methods/image/download.js b/back/methods/image/download.js index 2b1a4b546..201e16164 100644 --- a/back/methods/image/download.js +++ b/back/methods/image/download.js @@ -47,7 +47,8 @@ module.exports = Self => { http: { path: `/:collection/:size/:id/download`, verb: 'GET' - } + }, + accessScopes: ['read:multimedia'] }); Self.download = async function(ctx, collection, size, id) { diff --git a/back/methods/vn-user/share-token.js b/back/methods/vn-user/share-token.js new file mode 100644 index 000000000..8efa22db4 --- /dev/null +++ b/back/methods/vn-user/share-token.js @@ -0,0 +1,27 @@ + +module.exports = Self => { + Self.remoteMethodCtx('shareToken', { + description: 'Returns token to view files or images and share it', + accessType: 'WRITE', + accepts: [], + returns: { + type: 'Object', + root: true + }, + http: { + path: `/shareToken`, + verb: 'GET' + } + }); + + Self.shareToken = async function(ctx) { + const {accessToken: token} = ctx.req; + + const user = await Self.findById(token.userId); + const multimediaToken = await user.accessTokens.create({ + scopes: ['read:multimedia'] + }); + + return {multimediaToken}; + }; +}; diff --git a/back/methods/vn-user/specs/share-token.spec.js b/back/methods/vn-user/specs/share-token.spec.js new file mode 100644 index 000000000..aaa83817c --- /dev/null +++ b/back/methods/vn-user/specs/share-token.spec.js @@ -0,0 +1,27 @@ +const {models} = require('vn-loopback/server/server'); +describe('Share Token', () => { + let ctx = null; + beforeAll(async() => { + const unAuthCtx = { + req: { + headers: {}, + connection: { + remoteAddress: '127.0.0.1' + }, + getLocale: () => 'en' + }, + args: {} + }; + let login = await models.VnUser.signIn(unAuthCtx, 'salesAssistant', 'nightmare'); + let accessToken = await models.AccessToken.findById(login.token); + ctx = {req: {accessToken: accessToken}}; + }); + + it('should renew token', async() => { + const multimediaToken = await models.VnUser.shareToken(ctx); + + expect(Object.keys(multimediaToken).length).toEqual(1); + expect(multimediaToken.multimediaToken.userId).toEqual(ctx.req.accessToken.userId); + expect(multimediaToken.multimediaToken.scopes[0]).toEqual('read:multimedia'); + }); +}); diff --git a/back/model-config.json b/back/model-config.json index b14fad3e6..f48ec11e6 100644 --- a/back/model-config.json +++ b/back/model-config.json @@ -16,7 +16,7 @@ "Accounting": { "dataSource": "vn" }, - "Buyer": { + "Buyer": { "dataSource": "vn" }, "Campaign": { @@ -94,6 +94,9 @@ "Module": { "dataSource": "vn" }, + "MrwConfig": { + "dataSource": "vn" + }, "Notification": { "dataSource": "vn" }, @@ -166,10 +169,10 @@ "VnRole": { "dataSource": "vn" }, - "MrwConfig": { + "WorkerActivity": { + "dataSource": "vn" + }, + "WorkerActivityType": { "dataSource": "vn" } -} - - - +} \ No newline at end of file diff --git a/back/models/vn-user.js b/back/models/vn-user.js index 3a416d7e3..b59f13ffa 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -13,6 +13,7 @@ module.exports = function(Self) { require('../methods/vn-user/privileges')(Self); require('../methods/vn-user/validate-auth')(Self); require('../methods/vn-user/renew-token')(Self); + require('../methods/vn-user/share-token')(Self); require('../methods/vn-user/update-user')(Self); Self.definition.settings.acls = Self.definition.settings.acls.filter(acl => acl.property !== 'create'); diff --git a/back/models/vn-user.json b/back/models/vn-user.json index 639603643..5f6ac3f47 100644 --- a/back/models/vn-user.json +++ b/back/models/vn-user.json @@ -1,129 +1,140 @@ { - "name": "VnUser", - "base": "User", - "validateUpsert": true, - "options": { - "mysql": { - "table": "account.user" - } - }, + "name": "VnUser", + "base": "User", + "validateUpsert": true, + "options": { + "mysql": { + "table": "account.user" + } + }, "mixins": { "Loggable": true }, "resetPasswordTokenTTL": "604800", - "properties": { - "id": { - "type": "number", - "id": true - }, + "properties": { + "id": { + "type": "number", + "id": true + }, "name": { - "type": "string", - "required": true - }, - "username": { - "type": "string" - }, - "roleFk": { - "type": "number", - "mysql": { - "columnName": "role" - } - }, - "nickname": { - "type": "string" - }, - "lang": { - "type": "string" - }, - "active": { - "type": "boolean" - }, - "email": { - "type": "string" - }, - "emailVerified": { - "type": "boolean" - }, - "created": { - "type": "date" - }, - "updated": { - "type": "date" - }, - "image": { - "type": "string" - }, - "hasGrant": { - "type": "boolean" - }, + "type": "string", + "required": true + }, + "username": { + "type": "string" + }, + "roleFk": { + "type": "number", + "mysql": { + "columnName": "role" + } + }, + "nickname": { + "type": "string" + }, + "lang": { + "type": "string" + }, + "active": { + "type": "boolean" + }, + "email": { + "type": "string" + }, + "emailVerified": { + "type": "boolean" + }, + "created": { + "type": "date" + }, + "updated": { + "type": "date" + }, + "image": { + "type": "string" + }, + "hasGrant": { + "type": "boolean" + }, "passExpired": { "type": "date" }, - "twoFactor": { - "type": "string" - } - }, - "relations": { - "role": { - "type": "belongsTo", - "model": "VnRole", - "foreignKey": "roleFk" - }, - "roles": { - "type": "hasMany", - "model": "RoleRole", - "foreignKey": "role", - "primaryKey": "roleFk" - }, - "emailUser": { - "type": "hasOne", - "model": "EmailUser", - "foreignKey": "userFk" - }, - "worker": { - "type": "hasOne", - "model": "Worker", - "foreignKey": "id" - }, - "userConfig": { - "type": "hasOne", - "model": "UserConfig", - "foreignKey": "userFk" - } - }, - "acls": [ - { - "property": "signIn", - "accessType": "EXECUTE", - "principalType": "ROLE", - "principalId": "$everyone", - "permission": "ALLOW" - }, { - "property": "recoverPassword", - "accessType": "EXECUTE", - "principalType": "ROLE", - "principalId": "$everyone", - "permission": "ALLOW" - }, { - "property": "validateAuth", - "accessType": "EXECUTE", - "principalType": "ROLE", - "principalId": "$everyone", - "permission": "ALLOW" - }, { - "property": "privileges", - "accessType": "*", - "principalType": "ROLE", - "principalId": "$authenticated", - "permission": "ALLOW" - }, { - "property": "renewToken", - "accessType": "WRITE", - "principalType": "ROLE", - "principalId": "$authenticated", - "permission": "ALLOW" - } - ], + "twoFactor": { + "type": "string" + } + }, + "relations": { + "role": { + "type": "belongsTo", + "model": "VnRole", + "foreignKey": "roleFk" + }, + "roles": { + "type": "hasMany", + "model": "RoleRole", + "foreignKey": "role", + "primaryKey": "roleFk" + }, + "emailUser": { + "type": "hasOne", + "model": "EmailUser", + "foreignKey": "userFk" + }, + "worker": { + "type": "hasOne", + "model": "Worker", + "foreignKey": "id" + }, + "userConfig": { + "type": "hasOne", + "model": "UserConfig", + "foreignKey": "userFk" + } + }, + "acls": [ + { + "property": "signIn", + "accessType": "EXECUTE", + "principalType": "ROLE", + "principalId": "$everyone", + "permission": "ALLOW" + }, + { + "property": "recoverPassword", + "accessType": "EXECUTE", + "principalType": "ROLE", + "principalId": "$everyone", + "permission": "ALLOW" + }, + { + "property": "validateAuth", + "accessType": "EXECUTE", + "principalType": "ROLE", + "principalId": "$everyone", + "permission": "ALLOW" + }, + { + "property": "privileges", + "accessType": "*", + "principalType": "ROLE", + "principalId": "$authenticated", + "permission": "ALLOW" + }, + { + "property": "renewToken", + "accessType": "WRITE", + "principalType": "ROLE", + "principalId": "$authenticated", + "permission": "ALLOW" + }, + { + "property": "shareToken", + "accessType": "WRITE", + "principalType": "ROLE", + "principalId": "$authenticated", + "permission": "ALLOW" + } + ], "scopes": { "preview": { "fields": [ @@ -140,7 +151,7 @@ "hasGrant", "realm", "email", - "emailVerified" + "emailVerified" ] } } diff --git a/back/models/workerActivity.json b/back/models/workerActivity.json new file mode 100644 index 000000000..e3b994f77 --- /dev/null +++ b/back/models/workerActivity.json @@ -0,0 +1,39 @@ +{ + "name": "WorkerActivity", + "base": "VnModel", + "options": { + "mysql": { + "table": "workerActivity" + } + }, + "properties": { + "id": { + "id": true, + "type": "number" + }, + "created": { + "type": "date" + }, + "model": { + "type": "string" + }, + "event": { + "type": "string" + }, + "description": { + "type": "string" + }, + "relations": { + "workerFk": { + "type": "belongsTo", + "model": "Worker", + "foreignKey": "workerFk" + }, + "workerActivityTypeFk": { + "type": "belongsTo", + "model": "WorkerActivityType", + "foreignKey": "workerActivityTypeFk" + } + } + } +} \ No newline at end of file diff --git a/back/models/workerActivityType.json b/back/models/workerActivityType.json new file mode 100644 index 000000000..f010363a7 --- /dev/null +++ b/back/models/workerActivityType.json @@ -0,0 +1,19 @@ +{ + "name": "WorkerActivityType", + "base": "VnModel", + "options": { + "mysql": { + "table": "workerActivityType" + } + }, + "properties": { + "code": { + "id": true, + "type": "string" + }, + "description": { + "type": "string", + "required": false + } + } +} \ No newline at end of file diff --git a/db/dump/fixtures.before.sql b/db/dump/fixtures.before.sql index 65d358bb5..919aac7a8 100644 --- a/db/dump/fixtures.before.sql +++ b/db/dump/fixtures.before.sql @@ -592,13 +592,13 @@ INSERT INTO `vn`.`supplierAccount`(`id`, `supplierFk`, `iban`, `bankEntityFk`) VALUES (241, 442, 'ES111122333344111122221111', 128); -INSERT INTO `vn`.`company`(`id`, `code`, `supplierAccountFk`, `workerManagerFk`, `companyCode`, `sage200Company`, `expired`, `companyGroupFk`, `phytosanitary` , `clientFk`) +INSERT INTO `vn`.`company`(`id`, `code`, `supplierAccountFk`, `workerManagerFk`, `companyCode`, `expired`, `companyGroupFk`, `phytosanitary` , `clientFk`) VALUES - (69 , 'CCs', NULL, 30, NULL, 0, NULL, 1, NULL , NULL), - (442 , 'VNL', 241, 30, 2 , 1, NULL, 2, 'VNL Company - Plant passport' , 1101), - (567 , 'VNH', NULL, 30, NULL, 4, NULL, 1, 'VNH Company - Plant passport' , NULL), - (791 , 'FTH', NULL, 30, NULL, 3, '2015-11-30', 1, NULL , NULL), - (1381, 'ORN', NULL, 30, NULL, 7, NULL, 1, 'ORN Company - Plant passport' , NULL); + (69 , 'CCs', NULL, 30, 0, NULL, 1, NULL , NULL), + (442 , 'VNL', 241, 30, 1, NULL, 2, 'VNL Company - Plant passport' , 1101), + (567 , 'VNH', NULL, 30, 4, NULL, 1, 'VNH Company - Plant passport' , NULL), + (791 , 'FTH', NULL, 30, 3, '2015-11-30', 1, NULL , NULL), + (1381, 'ORN', NULL, 30, 7, NULL, 1, 'ORN Company - Plant passport' , NULL); INSERT INTO `vn`.`taxArea` (`code`, `claveOperacionFactura`, `CodigoTransaccion`) VALUES @@ -1491,8 +1491,8 @@ INSERT INTO `bs`.`waste`(`buyer`, `year`, `week`, `family`, `itemFk`, `itemTypeF INSERT INTO `vn`.`buy`(`id`,`entryFk`,`itemFk`,`buyingValue`,`quantity`,`packagingFk`,`stickers`,`freightValue`,`packageValue`,`comissionValue`,`packing`,`grouping`,`groupingMode`,`location`,`price1`,`price2`,`price3`, `printedStickers`,`isChecked`,`isIgnored`,`weight`, `created`) VALUES - (1, 1, 1, 50, 5000, 4, 1, 1.500, 1.500, 0.000, 1, 1, 1, NULL, 0.00, 99.6, 99.4, 0, 1, 0, 1, DATE_ADD(util.VN_CURDATE(), INTERVAL -2 MONTH)), - (2, 2, 1, 50, 100, 4, 1, 1.500, 1.500, 0.000, 1, 1, 1, NULL, 0.00, 99.6, 99.4, 0, 1, 0, 1, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH)), + (1, 1, 1, 50, 5000, 4, 1, 1.500, 1.500, 0.000, 1, 1, 1, NULL, 0.00, 99.6, 99.4, 0, 1, 0, 1, util.VN_CURDATE() - INTERVAL 2 MONTH), + (2, 2, 1, 50, 100, 4, 1, 1.500, 1.500, 0.000, 1, 1, 1, NULL, 0.00, 99.6, 99.4, 0, 1, 0, 1, util.VN_CURDATE() - INTERVAL 1 MONTH), (3, 3, 1, 50, 100, 4, 1, 1.500, 1.500, 0.000, 1, 1, 0, NULL, 0.00, 99.6, 99.4, 0, 1, 0, 1, util.VN_CURDATE()), (4, 2, 2, 5, 450, 3, 1, 1.000, 1.000, 0.000, 10, 10, 0, NULL, 0.00, 7.30, 7.00, 0, 1, 0, 2.5, util.VN_CURDATE()), (5, 3, 3, 55, 500, 5, 1, 1.000, 1.000, 0.000, 1, 1, 0, NULL, 0.00, 78.3, 75.6, 0, 1, 0, 2.5, util.VN_CURDATE()), @@ -3070,8 +3070,6 @@ INSERT INTO `vn`.`cmr` (id,truckPlate,observations,senderInstruccions,paymentIns UPDATE vn.department SET workerFk = null; --- NEW WAREHOUSE - INSERT INTO vn.packaging VALUES('--', 2745600.00, 100.00, 120.00, 220.00, 0.00, 1, '2001-01-01 00:00:00.000', NULL, NULL, NULL, 0.00, 16, 0.00, 0, NULL, 0.00, NULL, NULL, 0, NULL, 0, 0); @@ -3735,3 +3733,6 @@ INSERT INTO vn.report (name) VALUES ('LabelCollection'); INSERT INTO vn.parkingLog(originFk, userFk, `action`, creationDate, description, changedModel,oldInstance, newInstance, changedModelId, changedModelValue) VALUES(1, 18, 'update', util.VN_CURDATE(), NULL, 'SaleGroup', '{"parkingFk":null}', '{"parkingFk":1}', 1, NULL); + +INSERT INTO vn.ticketLog (originFk,userFk,`action`,creationDate,changedModel,newInstance,changedModelId,changedModelValue) + VALUES (18,9,'insert','2001-01-01 11:01:00.000','Ticket','{"isDeleted":true}',45,'Super Man'); diff --git a/db/routines/sage/procedures/pgc_add.sql b/db/routines/sage/procedures/pgc_add.sql index ebcb2d043..78d80a9fe 100644 --- a/db/routines/sage/procedures/pgc_add.sql +++ b/db/routines/sage/procedures/pgc_add.sql @@ -17,13 +17,13 @@ BEGIN e.id accountFk, UCASE(e.name), '' - FROM expense e + FROM vn.expense e UNION SELECT company_getCode(vCompanyFk), a.account, UCASE(a.bank), '' - FROM accounting a + FROM vn.accounting a WHERE a.isActive AND a.`account` UNION diff --git a/db/routines/vn/functions/travel_hasUniqueAwb.sql b/db/routines/vn/functions/travel_hasUniqueAwb.sql new file mode 100644 index 000000000..e918f1a26 --- /dev/null +++ b/db/routines/vn/functions/travel_hasUniqueAwb.sql @@ -0,0 +1,28 @@ +DELIMITER $$ +CREATE OR REPLACE DEFINER=`root`@`localhost` FUNCTION `vn`.`travel_hasUniqueAwb`( + vSelf INT +) + RETURNS BOOL + READS SQL DATA +BEGIN +/** + * Comprueba que el travel pasado tiene un AWB lógico, + * no se pueden tener varios AWB asociados al mismo DUA + * + * @param vSelf Id del travel + */ + DECLARE vHasUniqueAwb BOOL DEFAULT TRUE; + + SELECT NOT COUNT(t2.awbFk) INTO vHasUniqueAwb + FROM entry e + JOIN travel t ON t.id = e.travelFk + JOIN duaEntry de ON de.entryFk = e.id + JOIN duaEntry de2 ON de2.duaFk = de.duaFk + JOIN entry e2 ON e2.id = de2.entryFk + JOIN travel t2 ON t2.id = e2.travelFk + WHERE t.id = vSelf + AND t2.awbFk <> t.awbFk; + + RETURN vHasUniqueAwb; +END$$ +DELIMITER ; diff --git a/db/routines/vn/procedures/inventory_repair.sql b/db/routines/vn/procedures/inventory_repair.sql index ea65ac37d..93527d84b 100644 --- a/db/routines/vn/procedures/inventory_repair.sql +++ b/db/routines/vn/procedures/inventory_repair.sql @@ -37,7 +37,7 @@ BEGIN LEFT JOIN origin o ON o.id = i.originFk ) ON it.id = i.typeFk LEFT JOIN edi.ekt ek ON b.ektFk = ek.id - WHERE (b.packagingFk = "--" OR b.price2 = 0 OR b.packing = 0 OR b.buyingValue = 0) AND tr.landed > util.firstDayOfMonth(TIMESTAMPADD(MONTH,-1,util.VN_CURDATE())) AND s.name = 'INVENTARIO'; + WHERE (b.packagingFk = "--" OR b.price2 = 0 OR b.buyingValue = 0) AND tr.landed > util.firstDayOfMonth(TIMESTAMPADD(MONTH,-1,util.VN_CURDATE())) AND s.name = 'INVENTARIO'; DROP TEMPORARY TABLE IF EXISTS tmp.lastEntryOk; CREATE TEMPORARY TABLE tmp.lastEntryOk @@ -94,11 +94,6 @@ BEGIN JOIN tmp.lastEntryOkGroup eo ON eo.itemFk = lt.itemFk AND eo.warehouseFk = lt.warehouseFk SET b.price2 = eo.price2 WHERE b.price2 = 0 ; - UPDATE buy b - JOIN tmp.lastEntry lt ON lt.buyFk = b.id - JOIN tmp.lastEntryOkGroup eo ON eo.itemFk = lt.itemFk AND eo.warehouseFk = lt.warehouseFk - SET b.packing = eo.packing WHERE b.packing = 0; - UPDATE buy b JOIN tmp.lastEntry lt ON lt.buyFk = b.id JOIN tmp.lastEntryOkGroup eo ON eo.itemFk = lt.itemFk AND eo.warehouseFk = lt.warehouseFk diff --git a/db/routines/vn/procedures/invoiceInTaxMakeByDua.sql b/db/routines/vn/procedures/invoiceInTaxMakeByDua.sql index 2ff478d6b..3453516cc 100644 --- a/db/routines/vn/procedures/invoiceInTaxMakeByDua.sql +++ b/db/routines/vn/procedures/invoiceInTaxMakeByDua.sql @@ -1,8 +1,11 @@ DELIMITER $$ -CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn`.`invoiceInTaxMakeByDua`(vDuaFk INT) +CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn`.`invoiceInTaxMakeByDua`( + vDuaFk INT +) BEGIN /** - * Borra los valores de duaTax y sus vctos. y los vuelve a crear en base a la tabla duaEntry + * Borra los valores de duaTax y sus vctos. y los vuelve a + * crear en base a la tabla duaEntry. * * @param vDuaFk Id del dua a recalcular */ @@ -26,7 +29,7 @@ BEGIN LEAVE l; END IF; - CALL vn2008.recibidaIvaInsert(vInvoiceInFk); + CALL invoiceInTax_recalc(vInvoiceInFk); CALL invoiceInDueDay_recalc(vInvoiceInFk); END LOOP; diff --git a/db/routines/vn/procedures/invoiceInTax_recalc.sql b/db/routines/vn/procedures/invoiceInTax_recalc.sql new file mode 100644 index 000000000..3b5ce5247 --- /dev/null +++ b/db/routines/vn/procedures/invoiceInTax_recalc.sql @@ -0,0 +1,62 @@ +DELIMITER $$ +CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn`.`invoiceInTax_recalc`( + vInvoiceInFk INT +) +BEGIN +/** + * Recalcula y actualiza los impuestos de la factura + * usando la última tasa de cambio y detalles de compra. + * + * @param vInvoiceInFk Id de factura recibida + */ + DECLARE vRate DOUBLE DEFAULT 1; + DECLARE vDated DATE; + DECLARE vExpenseFk INT; + + SELECT MAX(rr.dated) INTO vDated + FROM referenceRate rr + JOIN invoiceIn ii ON ii.id = vInvoiceInFk + WHERE rr.dated <= ii.issued + AND rr.currencyFk = ii.currencyFk; + + IF vDated THEN + SELECT `value` INTO vRate + FROM referenceRate + WHERE dated = vDated; + END IF; + + DELETE FROM invoiceInTax WHERE invoiceInFk = vInvoiceInFk; + + SELECT id INTO vExpenseFk + FROM expense + WHERE code = 'extraCommGoodsAcquisition'; + + IF vExpenseFk IS NULL THEN + CALL util.throw('Expense extraCommGoodsAcquisition not exists'); + END IF; + + INSERT INTO invoiceInTax( + invoiceInFk, + taxableBase, + expenseFk, + foreignValue, + taxTypeSageFk, + transactionTypeSageFk + ) + SELECT ii.id, + SUM(b.buyingValue * b.quantity) / vRate bi, + vExpenseFk, + IF(c.code = 'EUR', NULL, SUM(b.buyingValue * b.quantity)), + s.taxTypeSageFk, + s.transactionTypeSageFk + FROM invoiceIn ii + JOIN currency c ON c.id = ii.currencyFk + JOIN `entry` e ON e.invoiceInFk = ii.id + JOIN supplier s ON s.id = e.supplierFk + JOIN buy b ON b.entryFk = e.id + LEFT JOIN referenceRate rr ON rr.currencyFk = ii.currencyFk + AND rr.dated = ii.issued + WHERE ii.id = vInvoiceInFk + HAVING bi IS NOT NULL; +END$$ +DELIMITER ; diff --git a/db/routines/vn/procedures/item_getSimilar.sql b/db/routines/vn/procedures/item_getSimilar.sql index e8b791d29..0ddfe21b5 100644 --- a/db/routines/vn/procedures/item_getSimilar.sql +++ b/db/routines/vn/procedures/item_getSimilar.sql @@ -19,93 +19,74 @@ BEGIN DECLARE vTypeFk INT; DECLARE vPriority INT DEFAULT 1; - DECLARE vTag1 VARCHAR(20) COLLATE 'utf8_unicode_ci'; - DECLARE vTag5 VARCHAR(20) COLLATE 'utf8_unicode_ci'; - DECLARE vTag6 VARCHAR(20) COLLATE 'utf8_unicode_ci'; - DECLARE vTag7 VARCHAR(20) COLLATE 'utf8_unicode_ci'; - DECLARE vTag8 VARCHAR(20) COLLATE 'utf8_unicode_ci'; - - DECLARE vValue1 VARCHAR(50) COLLATE 'utf8_unicode_ci'; - DECLARE vValue5 VARCHAR(50) COLLATE 'utf8_unicode_ci'; - DECLARE vValue6 VARCHAR(50) COLLATE 'utf8_unicode_ci'; - DECLARE vValue7 VARCHAR(50) COLLATE 'utf8_unicode_ci'; - DECLARE vValue8 VARCHAR(50) COLLATE 'utf8_unicode_ci'; - - SELECT typeFk, - tag5, - value5, - tag6, - value6, - tag7, - value7, - tag8, - value8, - t.name, - it.value - INTO vTypeFk, - vTag5, - vValue5, - vTag6, - vValue6, - vTag7, - vValue7, - vTag8, - vValue8, - vTag1, - vValue1 - FROM item i - LEFT JOIN itemTag it ON it.itemFk = i.id - AND it.priority = vPriority - LEFT JOIN tag t ON t.id = it.tagFk - WHERE i.id = vSelf; - CALL cache.available_refresh(vCalcFk, FALSE, vWarehouseFk, vDated); + + WITH itemTags AS ( + SELECT i.id, + typeFk, + tag5, + value5, + tag6, + value6, + tag7, + value7, + tag8, + value8, + t.name, + it.value + FROM vn.item i + LEFT JOIN vn.itemTag it ON it.itemFk = i.id + AND it.priority = vPriority + LEFT JOIN vn.tag t ON t.id = it.tagFk + WHERE i.id = vSelf + ) SELECT i.id itemFk, i.longName, i.subName, i.tag5, i.value5, - (i.value5 <=> vValue5) match5, + (i.value5 <=> its.value5) match5, i.tag6, i.value6, - (i.value6 <=> vValue6) match6, + (i.value6 <=> its.value6) match6, i.tag7, i.value7, - (i.value7 <=> vValue7) match7, + (i.value7 <=> its.value7) match7, i.tag8, i.value8, - (i.value8 <=> vValue8) match8, + (i.value8 <=> its.value8) match8, a.available, IFNULL(ip.counter, 0) `counter`, IF(b.groupingMode = 1, b.grouping, b.packing) minQuantity, iss.visible located - FROM item i - STRAIGHT_JOIN cache.available a ON a.item_id = i.id + FROM vn.item i + JOIN cache.available a ON a.item_id = i.id AND a.calc_id = vCalcFk - LEFT JOIN itemProposal ip ON ip.mateFk = i.id + LEFT JOIN vn.itemProposal ip ON ip.mateFk = i.id AND ip.itemFk = vSelf - LEFT JOIN itemTag it ON it.itemFk = i.id + LEFT JOIN vn.itemTag it ON it.itemFk = i.id AND it.priority = vPriority - LEFT JOIN tag t ON t.id = it.tagFk + LEFT JOIN vn.tag t ON t.id = it.tagFk LEFT JOIN cache.last_buy lb ON lb.item_id = i.id AND lb.warehouse_id = vWarehouseFk - LEFT JOIN buy b ON b.id = lb.buy_id - LEFT JOIN itemShelvingStock iss ON iss.itemFk = i.id + LEFT JOIN vn.buy b ON b.id = lb.buy_id + LEFT JOIN vn.itemShelvingStock iss ON iss.itemFk = i.id AND iss.warehouseFk = vWarehouseFk + JOIN itemTags its WHERE a.available > 0 - AND IF(vShowType, i.typeFk = vTypeFk, TRUE) + AND IF(vShowType, i.typeFk = its.typeFk, TRUE) AND i.id <> vSelf ORDER BY `counter` DESC, - (t.name = vTag1) DESC, - (it.value = vValue1) DESC, - (i.tag5 = vTag5) DESC, + (t.name = its.name) DESC, + (it.value = its.value) DESC, + (i.tag5 = its.tag5) DESC, match5 DESC, - (i.tag6 = vTag6) DESC, + (i.tag6 = its.tag6) DESC, match6 DESC, - (i.tag7 = vTag7) DESC, + (i.tag7 = its.tag7) DESC, match7 DESC, - (i.tag8 = vTag8) DESC, + (i.tag8 = its.tag8) DESC, match8 DESC; END$$ DELIMITER ; diff --git a/db/routines/vn/triggers/entry_beforeInsert.sql b/db/routines/vn/triggers/entry_beforeInsert.sql index f475630db..c0c0aa28c 100644 --- a/db/routines/vn/triggers/entry_beforeInsert.sql +++ b/db/routines/vn/triggers/entry_beforeInsert.sql @@ -7,6 +7,8 @@ BEGIN CALL supplier_checkIsActive(NEW.supplierFk); SET NEW.currencyFk = entry_getCurrency(NEW.currencyFk, NEW.supplierFk); SET NEW.commission = entry_getCommission(NEW.travelFk, NEW.currencyFk,NEW.supplierFk); - + IF NEW.travelFk IS NOT NULL AND NOT travel_hasUniqueAwb(NEW.travelFk) THEN + CALL util.throw('The travel is incorrect, there is a different AWB in the associated entries'); + END IF; END$$ DELIMITER ; diff --git a/db/routines/vn/triggers/entry_beforeUpdate.sql b/db/routines/vn/triggers/entry_beforeUpdate.sql index 60b83002c..384feb458 100644 --- a/db/routines/vn/triggers/entry_beforeUpdate.sql +++ b/db/routines/vn/triggers/entry_beforeUpdate.sql @@ -8,13 +8,18 @@ BEGIN DECLARE vHasDistinctWarehouses BOOL; SET NEW.editorFk = account.myUser_getId(); + + IF NOT (NEW.travelFk <=> OLD.travelFk) THEN - IF !(NEW.travelFk <=> OLD.travelFk) THEN + IF NEW.travelFk IS NOT NULL AND NOT travel_hasUniqueAwb(NEW.travelFk) THEN + CALL util.throw('The travel is incorrect, there is a different AWB in the associated entries'); + END IF; + SELECT COUNT(*) > 0 INTO vIsVirtual FROM entryVirtual WHERE entryFk = NEW.id; - SELECT !(o.warehouseInFk <=> n.warehouseInFk) - OR !(o.warehouseOutFk <=> n.warehouseOutFk) + SELECT NOT (o.warehouseInFk <=> n.warehouseInFk) + OR NOT (o.warehouseOutFk <=> n.warehouseOutFk) INTO vHasDistinctWarehouses FROM travel o, travel n WHERE o.id = OLD.travelFk @@ -43,9 +48,8 @@ BEGIN SET NEW.currencyFk = entry_getCurrency(NEW.currencyFk, NEW.supplierFk); END IF; - IF NOT (NEW.travelFk <=> OLD.travelFk) - OR NOT (NEW.currencyFk <=> OLD.currencyFk) THEN - SET NEW.commission = entry_getCommission(NEW.travelFk, NEW.currencyFk,NEW.supplierFk); + IF NOT (NEW.travelFk <=> OLD.travelFk) OR NOT (NEW.currencyFk <=> OLD.currencyFk) THEN + SET NEW.commission = entry_getCommission(NEW.travelFk, NEW.currencyFk, NEW.supplierFk); END IF; END$$ DELIMITER ; diff --git a/db/routines/vn/triggers/travel_afterUpdate.sql b/db/routines/vn/triggers/travel_afterUpdate.sql index b4e40ae41..7752505e3 100644 --- a/db/routines/vn/triggers/travel_afterUpdate.sql +++ b/db/routines/vn/triggers/travel_afterUpdate.sql @@ -5,7 +5,7 @@ CREATE OR REPLACE DEFINER=`root`@`localhost` TRIGGER `vn`.`travel_afterUpdate` BEGIN CALL stock.log_add('travel', NEW.id, OLD.id); - IF !(NEW.shipped <=> OLD.shipped) THEN + IF NOT(NEW.shipped <=> OLD.shipped) THEN UPDATE entry SET commission = entry_getCommission(travelFk, currencyFk,supplierFk) WHERE travelFk = NEW.id; @@ -23,5 +23,9 @@ BEGIN CALL buy_checkItem(); END IF; END IF; + + IF (NOT(NEW.awbFk <=> OLD.awbFk)) AND NEW.awbFk IS NOT NULL AND NOT travel_hasUniqueAwb(NEW.id) THEN + CALL util.throw('The AWB is incorrect, there is a different AWB in the associated entries'); + END IF; END$$ DELIMITER ; diff --git a/db/routines/vn/triggers/travel_beforeInsert.sql b/db/routines/vn/triggers/travel_beforeInsert.sql index 4e1dae3ef..817bd69bb 100644 --- a/db/routines/vn/triggers/travel_beforeInsert.sql +++ b/db/routines/vn/triggers/travel_beforeInsert.sql @@ -8,5 +8,9 @@ BEGIN CALL travel_checkDates(NEW.shipped, NEW.landed); CALL travel_checkWarehouseIsFeedStock(NEW.warehouseInFk); + + IF NEW.awbFk IS NOT NULL AND NOT travel_hasUniqueAwb(NEW.id) THEN + CALL util.throw('The AWB is incorrect, there is a different AWB in the associated entries'); + END IF; END$$ DELIMITER ; diff --git a/db/routines/vn2008/procedures/ListaTicketsEncajados.sql b/db/routines/vn2008/procedures/ListaTicketsEncajados.sql deleted file mode 100644 index ce99916ee..000000000 --- a/db/routines/vn2008/procedures/ListaTicketsEncajados.sql +++ /dev/null @@ -1,25 +0,0 @@ -DELIMITER $$ -CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn2008`.`ListaTicketsEncajados`(IN intId_Trabajador int) -BEGIN - -SELECT Agencia, - Consignatario, - ti.Id_Ticket, - ts.userFk Id_Trabajador, - IFNULL(ncajas,0) AS ncajas, - IFNULL(nbultos,0) AS nbultos, - IFNULL(notros,0) AS notros, - ts.code AS Estado - FROM Tickets ti - INNER JOIN Consignatarios ON ti.Id_Consigna = Consignatarios.Id_consigna - INNER JOIN Agencias ON ti.Id_Agencia = Agencias.Id_Agencia - LEFT JOIN (SELECT ticketFk,count(*) AS ncajas FROM vn.expedition WHERE packagingFk=94 GROUP BY ticketFk) sub1 ON ti.Id_Ticket=sub1.ticketFk - LEFT JOIN (SELECT ticketFk,count(*) AS nbultos FROM vn.expedition WHERE packagingFk IS NULL GROUP BY ticketFk) sub2 ON ti.Id_Ticket=sub2.ticketFk - LEFT JOIN (SELECT ticketFk,count(*) AS notros FROM vn.expedition WHERE packagingFk >0 GROUP BY ticketFk) sub3 ON ti.Id_Ticket=sub3.ticketFk - INNER JOIN vn.ticketState ts ON ti.Id_ticket = ts.ticketFk - WHERE ti.Fecha=util.VN_CURDATE() AND - ts.userFk=intId_Trabajador - GROUP BY ti.Id_Ticket; - -END$$ -DELIMITER ; diff --git a/db/routines/vn2008/procedures/customerDebtEvolution.sql b/db/routines/vn2008/procedures/customerDebtEvolution.sql deleted file mode 100644 index b9763b985..000000000 --- a/db/routines/vn2008/procedures/customerDebtEvolution.sql +++ /dev/null @@ -1,49 +0,0 @@ -DELIMITER $$ -CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn2008`.`customerDebtEvolution`(IN vCustomer INT) -BEGIN - -SELECT * FROM -( - SELECT day, date, @s:= round(IFNULL(Euros,0) + @s,2) as Saldo, Euros, Credito, 0 as Cero - FROM - ( - SELECT day, date, IFNULL(Euros,0) as Euros, Credito - FROM time - JOIN (SELECT @s:= 0, - Credito as Credito FROM Clientes WHERE Id_Cliente = vCustomer) c - LEFT JOIN - (SELECT Euros, date(Fecha) as Fecha FROM - ( - SELECT Fechacobro as Fecha, Entregado as Euros - FROM Recibos - WHERE Id_Cliente = vCustomer - AND Fechacobro >= '2017-01-01' - UNION ALL - SELECT vn.getDueDate(io.issued,c.Vencimiento), - io.amount - FROM vn.invoiceOut io - JOIN Clientes c ON io.clientFk = c.Id_Cliente - WHERE io.clientFk = vCustomer - AND io.issued >= '2017-01-01' - UNION ALL - SELECT '2016-12-31', Debt - FROM bi.customerDebtInventory - WHERE Id_Cliente = vCustomer - UNION ALL - SELECT Fecha, - SUM(Cantidad * Preu * (100 - Descuento ) * 1.10 / 100) - FROM Tickets t - JOIN Movimientos m on m.Id_Ticket = t.Id_Ticket - WHERE Id_Cliente = vCustomer - AND Factura IS NULL - AND Fecha >= '2017-01-01' - GROUP BY Fecha - ) sub2 - ORDER BY Fecha - )sub ON time.date = sub.Fecha - WHERE time.date BETWEEN '2016-12-31' AND util.VN_CURDATE() - ORDER BY date - ) sub3 -)sub4 -; - - -END$$ -DELIMITER ; diff --git a/db/routines/vn2008/procedures/preOrdenarRuta.sql b/db/routines/vn2008/procedures/preOrdenarRuta.sql deleted file mode 100644 index b5fd2b24b..000000000 --- a/db/routines/vn2008/procedures/preOrdenarRuta.sql +++ /dev/null @@ -1,22 +0,0 @@ -DELIMITER $$ -CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn2008`.`preOrdenarRuta`(IN vRutaId INT) -BEGIN -/* Usa los valores del ultimo año para adivinar el orden de los tickets en la ruta - * vRutaId id ruta - * DEPRECATED use vn.routeGressPriority -*/ - -UPDATE Tickets mt -JOIN ( - SELECT tt.Id_Consigna, round(ifnull(avg(t.Prioridad),0),0) as Prioridad - from Tickets t - JOIN Tickets tt on tt.Id_Consigna = t.Id_Consigna - where t.Fecha > TIMESTAMPADD(YEAR,-1,util.VN_CURDATE()) - AND tt.Id_Ruta = vRutaId - GROUP BY Id_Consigna - ) sub ON sub.Id_Consigna = mt.Id_Consigna - SET mt.Prioridad = sub.Prioridad - WHERE mt.Id_Ruta = vRutaId; - -END$$ -DELIMITER ; diff --git a/db/routines/vn2008/procedures/prepare_ticket_list.sql b/db/routines/vn2008/procedures/prepare_ticket_list.sql deleted file mode 100644 index e407a91b7..000000000 --- a/db/routines/vn2008/procedures/prepare_ticket_list.sql +++ /dev/null @@ -1,22 +0,0 @@ -DELIMITER $$ -CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn2008`.`prepare_ticket_list`(vStartingDate DATETIME, vEndingDate DATETIME) -BEGIN - DROP TEMPORARY TABLE IF EXISTS tmp.ticket_list; - CREATE TEMPORARY TABLE tmp.ticket_list - (PRIMARY KEY (Id_Ticket)) - ENGINE = MEMORY - SELECT t.Id_Ticket, c.Id_Cliente - FROM Tickets t - LEFT JOIN vn.ticketState ts ON ts.ticketFk = t.Id_Ticket - JOIN Clientes c ON c.Id_Cliente = t.Id_Cliente - WHERE c.typeFk IN ('normal','handMaking','internalUse') - AND ( - Fecha BETWEEN util.today() AND vEndingDate - OR ( - ts.alertLevel < 3 - AND t.Fecha >= vStartingDate - AND t.Fecha < util.today() - ) - ); -END$$ -DELIMITER ; diff --git a/db/routines/vn2008/procedures/recibidaIvaInsert.sql b/db/routines/vn2008/procedures/recibidaIvaInsert.sql deleted file mode 100644 index e2aba0a35..000000000 --- a/db/routines/vn2008/procedures/recibidaIvaInsert.sql +++ /dev/null @@ -1,39 +0,0 @@ -DELIMITER $$ -CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn2008`.`recibidaIvaInsert`(IN vId INT) -BEGIN - - DECLARE vRate DOUBLE DEFAULT 1; - DECLARE vDated DATE; - - SELECT MAX(rr.date) INTO vDated - FROM reference_rate rr - JOIN recibida r ON r.id = vId - WHERE rr.date <= r.fecha - AND rr.moneda_id = r.moneda_id ; - - IF vDated THEN - - SELECT rate INTO vRate - FROM reference_rate - WHERE `date` = vDated; - END IF; - - DELETE FROM recibida_iva WHERE recibida_id = vId; - - INSERT INTO recibida_iva(recibida_id, bi, gastos_id, divisa, taxTypeSageFk, transactionTypeSageFk) - SELECT r.id, - SUM(Costefijo * Cantidad) / IFNULL(vRate,1) bi, - 6003000000, - IF(r.moneda_id = 1,NULL,SUM(Costefijo * Cantidad )) divisa, - taxTypeSageFk, - transactionTypeSageFk - FROM recibida r - JOIN Entradas e ON e.recibida_id = r.id - JOIN Proveedores p ON p.Id_Proveedor = e.Id_Proveedor - JOIN Compres c ON c.Id_Entrada = e.Id_Entrada - LEFT JOIN reference_rate rr ON rr.moneda_id = r.moneda_id AND rr.date = r.fecha - WHERE r.id = vId - HAVING bi IS NOT NULL; - -END$$ -DELIMITER ; diff --git a/db/versions/10892-yellowGerbera/00-firstScript.sql b/db/versions/10892-yellowGerbera/00-firstScript.sql new file mode 100644 index 000000000..1795300f2 --- /dev/null +++ b/db/versions/10892-yellowGerbera/00-firstScript.sql @@ -0,0 +1,19 @@ +SET @isTriggerDisabled := TRUE; + +UPDATE vn.buy + SET packing = 1 + WHERE packing IS NULL + OR packing <= 0; + +UPDATE vn.itemShelving + SET packing = 1 + WHERE packing IS NULL + OR NOT packing; + +SET @isTriggerDisabled := FALSE; + +ALTER TABLE vn.buy MODIFY COLUMN packing int(11) NOT NULL CHECK(packing > 0); +ALTER TABLE vn.itemShelving MODIFY COLUMN packing int(11) NOT NULL CHECK(packing > 0); + +-- Antes tenia '0=sin obligar 1=groping 2=packing' (groping → grouping) +ALTER TABLE vn.buy MODIFY COLUMN groupingMode tinyint(4) DEFAULT 0 NOT NULL COMMENT '0=sin obligar 1=grouping 2=packing'; diff --git a/db/versions/10893-limeFern/00-sage.sql b/db/versions/10893-limeFern/00-sage.sql new file mode 100644 index 000000000..d4c7e6221 --- /dev/null +++ b/db/versions/10893-limeFern/00-sage.sql @@ -0,0 +1,73 @@ +-- Auto-generated SQL script #202403061303 +UPDATE vn.company + SET companyCode=0 + WHERE id=69; +UPDATE vn.company + SET companyCode=1 + WHERE id=442; +UPDATE vn.company + SET companyCode=4 + WHERE id=567; +UPDATE vn.company + SET companyCode=2 + WHERE id=791; +UPDATE vn.company + SET companyCode=3 + WHERE id=792; +UPDATE vn.company + SET companyCode=5 + WHERE id=965; +UPDATE vn.company + SET companyCode=7 + WHERE id=1381; +UPDATE vn.company + SET companyCode=3 + WHERE id=1463; +UPDATE vn.company + SET companyCode=8 + WHERE id=2142; +UPDATE vn.company + SET companyCode=6 + WHERE id=2393; +UPDATE vn.company + SET companyCode=9 + WHERE id=3869; + +-- Auto-generated SQL script #202403061311 +UPDATE vn.company + SET sage200Company=NULL + WHERE id=69; +UPDATE vn.company + SET sage200Company=NULL + WHERE id=442; +UPDATE vn.company + SET sage200Company=NULL + WHERE id=567; +UPDATE vn.company + SET sage200Company=NULL + WHERE id=791; +UPDATE vn.company + SET sage200Company=NULL + WHERE id=792; +UPDATE vn.company + SET sage200Company=NULL + WHERE id=965; +UPDATE vn.company + SET sage200Company=NULL + WHERE id=1381; +UPDATE vn.company + SET sage200Company=NULL + WHERE id=1463; +UPDATE vn.company + SET sage200Company=NULL + WHERE id=2142; +UPDATE vn.company + SET sage200Company=NULL + WHERE id=2393; +UPDATE vn.company + SET sage200Company=NULL + WHERE id=3869; + + +ALTER TABLE vn.company CHANGE sage200Company sage200Company__ int(2) DEFAULT NULL NULL COMMENT '@deprecated 06/03/2024'; +ALTER TABLE vn.company MODIFY COLUMN sage200Company__ int(2) DEFAULT NULL NULL COMMENT '@deprecated 06/03/2024'; diff --git a/db/versions/10905-grayIvy/00-firstScript.sql b/db/versions/10905-grayIvy/00-firstScript.sql new file mode 100644 index 000000000..cca41cd48 --- /dev/null +++ b/db/versions/10905-grayIvy/00-firstScript.sql @@ -0,0 +1,36 @@ +USE vn; + +CREATE OR REPLACE TABLE vn.workerActivityType ( + `code` varchar(20) NOT NULL, + `description` varchar(45) NOT NULL, + PRIMARY KEY (`code`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci; + +ALTER TABLE vn.department ADD workerActivityTypeFk varchar(20) NULL COMMENT 'Indica la actitividad que desempeña por defecto ese departamento'; +ALTER TABLE vn.department ADD CONSTRAINT department_workerActivityType_FK FOREIGN KEY (workerActivityTypeFk) REFERENCES vn.workerActivityType(code) ON DELETE CASCADE ON UPDATE CASCADE; + + + +INSERT INTO vn.workerActivityType (code, description) VALUES('ON_CHECKING', 'REVISION'); +INSERT INTO vn.workerActivityType (code, description) VALUES('PREVIOUS_CAM', 'CAMARA'); +INSERT INTO vn.workerActivityType (code, description) VALUES('PREVIOUS_ART', 'ARTIFICIAL'); +INSERT INTO vn.workerActivityType (code, description) VALUES('ON_PREPARATION', 'SACADO'); +INSERT INTO vn.workerActivityType (code, description) VALUES('PACKING', 'ENCAJADO'); +INSERT INTO vn.workerActivityType (code, description) VALUES('FIELD', 'CAMPOS'); +INSERT INTO vn.workerActivityType (code, description) VALUES('DELIVERY', 'REPARTO'); +INSERT INTO vn.workerActivityType (code, description) VALUES('STORAGE', 'ALMACENAJE'); +INSERT INTO vn.workerActivityType (code, description) VALUES('PALLETIZING', 'PALETIZADO'); +INSERT INTO vn.workerActivityType (code, description) VALUES('STOP', 'PARADA'); + + +INSERT INTO salix.ACL ( model, property, accessType, permission, principalType, principalId) VALUES('WorkerActivityType', '*', 'READ', 'ALLOW', 'ROLE', 'production'); +INSERT INTO salix.ACL ( model, property, accessType, permission, principalType, principalId) VALUES('WorkerActivity', '*', '*', 'ALLOW', 'ROLE', 'production'); + + +ALTER TABLE vn.workerActivity MODIFY COLUMN event enum('open','close','insert','delete','update','refresh') CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NULL; +ALTER TABLE vn.workerActivity MODIFY COLUMN model enum('COM','ENT','TPV','ENC','LAB','ETI','APP') CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL; + + +ALTER TABLE vn.workerActivity ADD workerActivityTypeFk varchar(20) NULL; +ALTER TABLE vn.workerActivity ADD CONSTRAINT workerActivity_workerActivityType_FK FOREIGN KEY (workerActivityTypeFk) REFERENCES vn.workerActivityType(code) ON DELETE CASCADE ON UPDATE CASCADE; + diff --git a/db/versions/10919-brownMoss/00-firstScript.sql b/db/versions/10919-brownMoss/00-firstScript.sql new file mode 100644 index 000000000..640d2180a --- /dev/null +++ b/db/versions/10919-brownMoss/00-firstScript.sql @@ -0,0 +1,3 @@ +-- Place your SQL code here + + diff --git a/front/core/services/auth.js b/front/core/services/auth.js index 844a5145d..753bc3fba 100644 --- a/front/core/services/auth.js +++ b/front/core/services/auth.js @@ -83,22 +83,27 @@ export default class Auth { } onLoginOk(json, now, remember) { - this.vnToken.set(json.data.token, now, json.data.ttl, remember); - - return this.loadAcls().then(() => { - let continueHash = this.$state.params.continue; - if (continueHash) - this.$window.location = continueHash; - else - this.$state.go('home'); - }); + return this.$http.get('VnUsers/ShareToken', { + headers: {Authorization: json.data.token} + }).then(({data}) => { + this.vnToken.set(json.data.token, data.multimediaToken.id, now, json.data.ttl, remember); + this.loadAcls().then(() => { + let continueHash = this.$state.params.continue; + if (continueHash) + this.$window.location = continueHash; + else + this.$state.go('home'); + }); + }).catch(() => {}); } logout() { + this.$http.post('Accounts/logout', null, {headers: {'Authorization': this.vnToken.tokenMultimedia}, + }).catch(() => {}); + let promise = this.$http.post('VnUsers/logout', null, { headers: {Authorization: this.vnToken.token} }).catch(() => {}); - this.vnToken.unset(); this.loggedIn = false; this.vnModules.reset(); diff --git a/front/core/services/interceptor.js b/front/core/services/interceptor.js index 0c3253c69..90d813ed4 100644 --- a/front/core/services/interceptor.js +++ b/front/core/services/interceptor.js @@ -19,7 +19,7 @@ function interceptor($q, vnApp, $translate) { if (config.url.charAt(0) !== '/' && apiPath) config.url = `${apiPath}${config.url}`; - if (token) + if (token && !config.headers.Authorization) config.headers.Authorization = token; if ($translate.use()) config.headers['Accept-Language'] = $translate.use(); diff --git a/front/core/services/token.js b/front/core/services/token.js index c8cb4f6bb..125de6b9a 100644 --- a/front/core/services/token.js +++ b/front/core/services/token.js @@ -24,21 +24,22 @@ export default class Token { } catch (e) {} } - set(token, created, ttl, remember) { + set(token, tokenMultimedia, created, ttl, remember) { this.unset(); Object.assign(this, { token, + tokenMultimedia, created, ttl, remember }); - this.vnInterceptor.setToken(token); + this.vnInterceptor.setToken(token, tokenMultimedia); try { if (remember) - this.setStorage(localStorage, token, created, ttl); + this.setStorage(localStorage, token, tokenMultimedia, created, ttl); else - this.setStorage(sessionStorage, token, created, ttl); + this.setStorage(sessionStorage, token, tokenMultimedia, created, ttl); } catch (err) { console.error(err); } @@ -46,6 +47,7 @@ export default class Token { unset() { this.token = null; + this.tokenMultimedia = null; this.created = null; this.ttl = null; this.remember = null; @@ -57,13 +59,15 @@ export default class Token { getStorage(storage) { this.token = storage.getItem('vnToken'); + this.tokenMultimedia = storage.getItem('vnTokenMultimedia'); if (!this.token) return; const created = storage.getItem('vnTokenCreated'); this.created = created && new Date(created); this.ttl = storage.getItem('vnTokenTtl'); } - setStorage(storage, token, created, ttl) { + setStorage(storage, token, tokenMultimedia, created, ttl) { + storage.setItem('vnTokenMultimedia', tokenMultimedia); storage.setItem('vnToken', token); storage.setItem('vnTokenCreated', created.toJSON()); storage.setItem('vnTokenTtl', ttl); @@ -71,6 +75,7 @@ export default class Token { removeStorage(storage) { storage.removeItem('vnToken'); + storage.removeItem('vnTokenMultimedia'); storage.removeItem('vnTokenCreated'); storage.removeItem('vnTokenTtl'); } diff --git a/front/salix/components/layout/index.js b/front/salix/components/layout/index.js index 89912d4e3..e935c6d99 100644 --- a/front/salix/components/layout/index.js +++ b/front/salix/components/layout/index.js @@ -23,8 +23,7 @@ export class Layout extends Component { if (!this.$.$root.user) return; const userId = this.$.$root.user.id; - const token = this.vnToken.token; - return `/api/Images/user/160x160/${userId}/download?access_token=${token}`; + return `/api/Images/user/160x160/${userId}/download?access_token=${this.vnToken.tokenMultimedia}`; } refresh() { diff --git a/front/salix/components/log/index.html b/front/salix/components/log/index.html index c75030100..a3aaf0011 100644 --- a/front/salix/components/log/index.html +++ b/front/salix/components/log/index.html @@ -31,7 +31,7 @@ ng-click="$ctrl.showDescriptor($event, userLog)"> + ng-src="/api/Images/user/160x160/{{::userLog.userFk}}/download?access_token={{::$ctrl.vnToken.tokenMultimedia}}"> @@ -181,7 +181,7 @@ val="{{::nickname}}"> + ng-src="/api/Images/user/160x160/{{::id}}/download?access_token={{::$ctrl.vnToken.tokenMultimedia}}">
diff --git a/front/salix/module.js b/front/salix/module.js index 0ce855308..53b718427 100644 --- a/front/salix/module.js +++ b/front/salix/module.js @@ -13,7 +13,7 @@ export function run($window, $rootScope, vnAuth, vnApp, vnToken, $state) { if (!collection || !size || !id) return; const basePath = `/api/Images/${collection}/${size}/${id}`; - return `${basePath}/download?access_token=${vnToken.token}`; + return `${basePath}/download?access_token=${vnToken.tokenMultimedia}`; }; $window.validations = {}; diff --git a/loopback/locale/en.json b/loopback/locale/en.json index 53b1a8bb5..31b954a32 100644 --- a/loopback/locale/en.json +++ b/loopback/locale/en.json @@ -220,5 +220,7 @@ "Shelving not valid": "Shelving not valid", "printerNotExists": "The printer does not exist", "There are not picking tickets": "There are not picking tickets", - "ticketCommercial": "The ticket {{ ticket }} for the salesperson {{ salesMan }} is in preparation. (automatically generated message)" + "ticketCommercial": "The ticket {{ ticket }} for the salesperson {{ salesMan }} is in preparation. (automatically generated message)", + "This password can only be changed by the user themselves": "This password can only be changed by the user themselves", + "They're not your subordinate": "They're not your subordinate" } diff --git a/loopback/locale/es.json b/loopback/locale/es.json index 3748b6eaf..7730d4a8c 100644 --- a/loopback/locale/es.json +++ b/loopback/locale/es.json @@ -346,5 +346,7 @@ "CountryFK cannot be empty": "El país no puede estar vacío", "Cmr file does not exist": "El archivo del cmr no existe", "You are not allowed to modify the alias": "No estás autorizado a modificar el alias", - "The address of the customer must have information about Incoterms and Customs Agent": "El consignatario del cliente debe tener informado Incoterms y Agente de aduanas" -} \ No newline at end of file + "The address of the customer must have information about Incoterms and Customs Agent": "El consignatario del cliente debe tener informado Incoterms y Agente de aduanas", + "This password can only be changed by the user themselves": "Esta contraseña solo puede ser modificada por el propio usuario", + "They're not your subordinate": "No es tu subordinado/a." +} diff --git a/modules/account/back/methods/account/logout.js b/modules/account/back/methods/account/logout.js index 5db3efa33..7d2e8153e 100644 --- a/modules/account/back/methods/account/logout.js +++ b/modules/account/back/methods/account/logout.js @@ -15,7 +15,8 @@ module.exports = Self => { http: { path: `/logout`, verb: 'POST' - } + }, + accessScopes: ['DEFAULT', 'read:multimedia'] }); Self.logout = async ctx => Self.app.models.VnUser.logout(ctx.req.accessToken.id); diff --git a/modules/account/back/models/account.js b/modules/account/back/models/account.js index 5021a5d94..ceb26053c 100644 --- a/modules/account/back/models/account.js +++ b/modules/account/back/models/account.js @@ -1,4 +1,7 @@ +const ForbiddenError = require('vn-loopback/util/forbiddenError'); +const {models} = require('vn-loopback/server/server'); + module.exports = Self => { require('../methods/account/sync')(Self); require('../methods/account/sync-by-id')(Self); @@ -7,4 +10,11 @@ module.exports = Self => { require('../methods/account/logout')(Self); require('../methods/account/change-password')(Self); require('../methods/account/set-password')(Self); + + Self.setUnverifiedPassword = async(id, pass, options) => { + const {emailVerified} = await models.VnUser.findById(id, {fields: ['emailVerified']}, options); + if (emailVerified) throw new ForbiddenError('This password can only be changed by the user themselves'); + + await models.VnUser.setPassword(id, pass, options); + }; }; diff --git a/modules/claim/back/methods/claim/downloadFile.js b/modules/claim/back/methods/claim/downloadFile.js index 750356b0b..61784f39e 100644 --- a/modules/claim/back/methods/claim/downloadFile.js +++ b/modules/claim/back/methods/claim/downloadFile.js @@ -32,7 +32,8 @@ module.exports = Self => { http: { path: `/:id/downloadFile`, verb: 'GET' - } + }, + accessScopes: ['read:multimedia'] }); Self.downloadFile = async function(ctx, id) { diff --git a/modules/client/front/balance/index/index.html b/modules/client/front/balance/index/index.html index faf772c2d..34524d2f3 100644 --- a/modules/client/front/balance/index/index.html +++ b/modules/client/front/balance/index/index.html @@ -114,7 +114,7 @@ + href="api/InvoiceOuts/{{::balance.id}}/download?access_token={{::$ctrl.vnToken.tokenMultimedia}}"> diff --git a/modules/invoiceOut/back/methods/invoiceOut/download.js b/modules/invoiceOut/back/methods/invoiceOut/download.js index 4c76f7c07..cb71121d5 100644 --- a/modules/invoiceOut/back/methods/invoiceOut/download.js +++ b/modules/invoiceOut/back/methods/invoiceOut/download.js @@ -31,7 +31,8 @@ module.exports = Self => { http: { path: '/:id/download', verb: 'GET' - } + }, + accessScopes: ['read:multimedia'] }); Self.download = async function(ctx, id, options) { diff --git a/modules/invoiceOut/back/methods/invoiceOut/downloadZip.js b/modules/invoiceOut/back/methods/invoiceOut/downloadZip.js index fe005f1ab..4f2a8aab3 100644 --- a/modules/invoiceOut/back/methods/invoiceOut/downloadZip.js +++ b/modules/invoiceOut/back/methods/invoiceOut/downloadZip.js @@ -31,7 +31,8 @@ module.exports = Self => { http: { path: '/downloadZip', verb: 'GET' - } + }, + accessScopes: ['read:multimedia'] }); Self.downloadZip = async function(ctx, ids, options) { diff --git a/modules/invoiceOut/front/descriptor-menu/index.html b/modules/invoiceOut/front/descriptor-menu/index.html index 435db3612..1bf34831e 100644 --- a/modules/invoiceOut/front/descriptor-menu/index.html +++ b/modules/invoiceOut/front/descriptor-menu/index.html @@ -37,7 +37,7 @@ @@ -102,7 +102,7 @@ diff --git a/modules/invoiceOut/front/descriptor-menu/index.js b/modules/invoiceOut/front/descriptor-menu/index.js index 2c28599e7..5184c137e 100644 --- a/modules/invoiceOut/front/descriptor-menu/index.js +++ b/modules/invoiceOut/front/descriptor-menu/index.js @@ -118,11 +118,14 @@ class Controller extends Section { const query = 'InvoiceOuts/refund'; const params = {ref: this.invoiceOut.ref, withWarehouse: withWarehouse}; this.$http.post(query, params).then(res => { - const refundTicket = res.data; - this.vnApp.showSuccess(this.$t('The following refund ticket have been created', { - ticketId: refundTicket.id + const tickets = res.data; + const refundTickets = tickets.map(ticket => ticket.id); + + this.vnApp.showSuccess(this.$t('The following refund tickets have been created', { + ticketId: refundTickets.join(',') })); - this.$state.go('ticket.card.sale', {id: refundTicket.id}); + if (refundTickets.length == 1) + this.$state.go('ticket.card.sale', {id: refundTickets[0]}); }); } diff --git a/modules/invoiceOut/front/descriptor-menu/locale/es.yml b/modules/invoiceOut/front/descriptor-menu/locale/es.yml index aaeefd9cc..9285fafa7 100644 --- a/modules/invoiceOut/front/descriptor-menu/locale/es.yml +++ b/modules/invoiceOut/front/descriptor-menu/locale/es.yml @@ -15,7 +15,7 @@ Are you sure you want to clone this invoice?: Estas seguro de clonar esta factur InvoiceOut booked: Factura asentada Are you sure you want to book this invoice?: Estas seguro de querer asentar esta factura? Are you sure you want to refund this invoice?: Estas seguro de querer abonar esta factura? -Create a single ticket with all the content of the current invoice: Crear un ticket unico con todo el contenido de la factura actual +Create a refund ticket for each ticket on the current invoice: Crear un ticket abono por cada ticket de la factura actual Regenerate PDF invoice: Regenerar PDF factura The invoice PDF document has been regenerated: El documento PDF de la factura ha sido regenerado The email can't be empty: El correo no puede estar vacío diff --git a/modules/invoiceOut/front/index/index.js b/modules/invoiceOut/front/index/index.js index 2cde3c940..403c51d58 100644 --- a/modules/invoiceOut/front/index/index.js +++ b/modules/invoiceOut/front/index/index.js @@ -25,7 +25,7 @@ export default class Controller extends Section { openPdf() { if (this.checked.length <= 1) { const [invoiceOutId] = this.checked; - const url = `api/InvoiceOuts/${invoiceOutId}/download?access_token=${this.vnToken.token}`; + const url = `api/InvoiceOuts/${invoiceOutId}/download?access_token=${this.vnToken.tokenMultimedia}`; window.open(url, '_blank'); } else { const invoiceOutIds = this.checked; diff --git a/modules/item/back/methods/item-image-queue/download.js b/modules/item/back/methods/item-image-queue/download.js index eb952daa4..e1bc248ae 100644 --- a/modules/item/back/methods/item-image-queue/download.js +++ b/modules/item/back/methods/item-image-queue/download.js @@ -11,6 +11,7 @@ module.exports = Self => { path: `/download`, verb: 'POST', }, + accessScopes: ['read:multimedia'] }); Self.download = async() => { diff --git a/modules/route/back/methods/route/downloadCmrsZip.js b/modules/route/back/methods/route/downloadCmrsZip.js index 58445f6f1..43f6e9648 100644 --- a/modules/route/back/methods/route/downloadCmrsZip.js +++ b/modules/route/back/methods/route/downloadCmrsZip.js @@ -29,7 +29,8 @@ module.exports = Self => { http: { path: '/downloadCmrsZip', verb: 'GET' - } + }, + accessScopes: ['read:multimedia'] }); Self.downloadCmrsZip = async function(ctx, ids, options) { diff --git a/modules/route/back/methods/route/downloadZip.js b/modules/route/back/methods/route/downloadZip.js index 597f1d1f6..d7fc30aa3 100644 --- a/modules/route/back/methods/route/downloadZip.js +++ b/modules/route/back/methods/route/downloadZip.js @@ -29,7 +29,8 @@ module.exports = Self => { http: { path: '/downloadZip', verb: 'GET' - } + }, + accessScopes: ['read:multimedia'] }); Self.downloadZip = async function(ctx, id, options) { diff --git a/modules/route/back/methods/route/driverRoutePdf.js b/modules/route/back/methods/route/driverRoutePdf.js index f0cd75f0e..e7b4dee17 100644 --- a/modules/route/back/methods/route/driverRoutePdf.js +++ b/modules/route/back/methods/route/driverRoutePdf.js @@ -34,7 +34,9 @@ module.exports = Self => { http: { path: '/:id/driver-route-pdf', verb: 'GET' - } + }, + accessScopes: ['read:multimedia'] + }); Self.driverRoutePdf = (ctx, id) => Self.printReport(ctx, id, 'driver-route'); diff --git a/modules/route/back/models/route.js b/modules/route/back/models/route.js index 3505609d1..bf1f26e74 100644 --- a/modules/route/back/models/route.js +++ b/modules/route/back/models/route.js @@ -30,9 +30,11 @@ module.exports = Self => { }); function validateDistance(err) { - const routeTotalKm = this.kmEnd - this.kmStart; - const routeMaxKm = 4000; - if (routeTotalKm > routeMaxKm || this.kmStart > this.kmEnd) - err(); + if (this.kmEnd) { + const routeTotalKm = this.kmEnd - this.kmStart; + const routeMaxKm = 4000; + if (routeTotalKm > routeMaxKm || this.kmStart > this.kmEnd) + err(); + } } }; diff --git a/modules/route/front/index/index.js b/modules/route/front/index/index.js index 7c19a26cd..0c5dfe7f3 100644 --- a/modules/route/front/index/index.js +++ b/modules/route/front/index/index.js @@ -40,7 +40,7 @@ export default class Controller extends Section { const stringRoutesIds = routesIds.join(','); if (this.checked.length <= 1) { - const url = `api/Routes/${stringRoutesIds}/driver-route-pdf?access_token=${this.vnToken.token}`; + const url = `api/Routes/${stringRoutesIds}/driver-route-pdf?access_token=${this.vnToken.tokenMultimedia}`; window.open(url, '_blank'); } else { const serializedParams = this.$httpParamSerializer({ diff --git a/modules/ticket/back/methods/ticket-log/specs/getChanges.spec.js b/modules/ticket/back/methods/ticket-log/specs/getChanges.spec.js index 04f42f7be..cccaa182f 100644 --- a/modules/ticket/back/methods/ticket-log/specs/getChanges.spec.js +++ b/modules/ticket/back/methods/ticket-log/specs/getChanges.spec.js @@ -9,8 +9,8 @@ describe('ticketLog getChanges()', () => { it('should return the changes in the sales of a ticket', async() => { const ticketId = 16; - const changues = await models.TicketLog.getChanges(ctx, ticketId); + const changes = await models.TicketLog.getChanges(ctx, ticketId); - expect(changues).toContain(`Change quantity`); + expect(changes).toContain(`Change quantity`); }); }); diff --git a/modules/ticket/back/methods/ticket/restore.js b/modules/ticket/back/methods/ticket/restore.js index e268c3891..01b5d1652 100644 --- a/modules/ticket/back/methods/ticket/restore.js +++ b/modules/ticket/back/methods/ticket/restore.js @@ -29,6 +29,15 @@ module.exports = Self => { if (typeof options == 'object') Object.assign(myOptions, options); + const ticketLog = await models.TicketLog.findOne({ + fields: ['originFk', 'creationDate', 'newInstance'], + where: { + originFk: id, + newInstance: {like: '%"isDeleted":true%'} + }, + order: 'creationDate DESC' + }, myOptions); + const ticket = await models.Ticket.findById(id, { include: [{ relation: 'client', @@ -39,10 +48,9 @@ module.exports = Self => { }, myOptions); const now = Date.vnNew(); - const maxDate = new Date(ticket.updated); + const maxDate = new Date(ticketLog?.creationDate); maxDate.setHours(maxDate.getHours() + 1); - - if (now > maxDate) + if (!ticketLog || now > maxDate) throw new UserError(`You can only restore a ticket within the first hour after deletion`); // Send notification to salesPerson diff --git a/modules/ticket/back/methods/ticket/specs/restore.spec.js b/modules/ticket/back/methods/ticket/specs/restore.spec.js index 3b35ae2b4..121a6ba96 100644 --- a/modules/ticket/back/methods/ticket/specs/restore.spec.js +++ b/modules/ticket/back/methods/ticket/specs/restore.spec.js @@ -4,7 +4,7 @@ const models = app.models; describe('ticket restore()', () => { const employeeUser = 1110; - const ticketId = 18; + const ticketId = 9; const activeCtx = { accessToken: {userId: employeeUser}, headers: { @@ -30,10 +30,21 @@ describe('ticket restore()', () => { try { const options = {transaction: tx}; const ticket = await models.Ticket.findById(ticketId, null, options); + await ticket.updateAttributes({ isDeleted: true, updated: now }, options); + + await models.TicketLog.create({ + originFk: ticketId, + userFk: employeeUser, + action: 'update', + changedModel: 'Ticket', + creationDate: new Date('2001-01-01 10:59:00'), + newInstance: '{"isDeleted":true}' + }, options); + await app.models.Ticket.restore(ctx, ticketId, options); await tx.rollback(); } catch (e) { @@ -52,11 +63,21 @@ describe('ticket restore()', () => { const options = {transaction: tx}; const ticketBeforeUpdate = await models.Ticket.findById(ticketId, null, options); + await ticketBeforeUpdate.updateAttributes({ isDeleted: true, updated: now }, options); + await models.TicketLog.create({ + originFk: ticketId, + userFk: employeeUser, + action: 'update', + changedModel: 'Ticket', + creationDate: new Date('2001-01-01 11:01:00'), + newInstance: '{"isDeleted":true}' + }, options); + const ticketAfterUpdate = await models.Ticket.findById(ticketId, null, options); expect(ticketAfterUpdate.isDeleted).toBeTruthy(); @@ -65,7 +86,9 @@ describe('ticket restore()', () => { const ticketAfterRestore = await models.Ticket.findById(ticketId, null, options); const fullYear = now.getFullYear(); + const shippedFullYear = ticketAfterRestore.shipped.getFullYear(); + const landedFullYear = ticketAfterRestore.landed.getFullYear(); expect(ticketAfterRestore.isDeleted).toBeFalsy(); diff --git a/modules/ticket/back/models/ticket-log.json b/modules/ticket/back/models/ticket-log.json index d5d1e5520..32b4afd13 100644 --- a/modules/ticket/back/models/ticket-log.json +++ b/modules/ticket/back/models/ticket-log.json @@ -5,5 +5,40 @@ "mysql": { "table": "ticketLog" } - } + }, + "properties": { + "id": { + "type": "string" + }, + "originFk": { + "type": "number" + }, + "userFk": { + "type":"number" + }, + "action": { + "type": "string" + }, + "creationDate": { + "type": "date" + }, + "description": { + "type": "string" + }, + "changedModel": { + "type": "string" + }, + "oldInstance": { + "type": "any" + }, + "newInstance": { + "type": "any" + }, + "changedModelId": { + "type": "string" + }, + "changedModelValue": { + "type": "string" + } + } } diff --git a/modules/ticket/front/descriptor-menu/index.js b/modules/ticket/front/descriptor-menu/index.js index e71913267..d2dd13f73 100644 --- a/modules/ticket/front/descriptor-menu/index.js +++ b/modules/ticket/front/descriptor-menu/index.js @@ -35,6 +35,29 @@ class Controller extends Section { }); } }); + + const filter = { + fields: ['originFk', 'creationDate', 'newInstance'], + where: { + originFk: value, + newInstance: {like: '%"isDeleted":true%'} + }, + order: 'creationDate DESC' + }; + this.$http.get(`TicketLogs/findOne`, {filter}) + .then(res => { + if (res && res.data) { + const now = Date.vnNew(); + const maxDate = new Date(res.data.creationDate); + maxDate.setHours(maxDate.getHours() + 1); + if (now <= maxDate) + return this.canRestoreTicket = true; + } + this.canRestoreTicket = false; + }) + .catch(() => { + this.canRestoreTicket = false; + }); } get isInvoiced() { @@ -171,15 +194,6 @@ class Controller extends Section { }); } - get canRestoreTicket() { - const isDeleted = this.ticket.isDeleted; - const now = Date.vnNew(); - const maxDate = new Date(this.ticket.updated); - maxDate.setHours(maxDate.getHours() + 1); - - return isDeleted && (now <= maxDate); - } - restoreTicket() { return this.$http.post(`Tickets/${this.id}/restore`) .then(() => this.reload()) diff --git a/modules/ticket/front/descriptor-menu/index.spec.js b/modules/ticket/front/descriptor-menu/index.spec.js index 6d74881b8..80ad9a33a 100644 --- a/modules/ticket/front/descriptor-menu/index.spec.js +++ b/modules/ticket/front/descriptor-menu/index.spec.js @@ -40,29 +40,6 @@ describe('Ticket Component vnTicketDescriptorMenu', () => { controller.ticket = ticket; })); - describe('canRestoreTicket() getter', () => { - it('should return true for a ticket deleted within the last hour', () => { - controller.ticket.isDeleted = true; - controller.ticket.updated = Date.vnNew(); - - const result = controller.canRestoreTicket; - - expect(result).toBeTruthy(); - }); - - it('should return false for a ticket deleted more than one hour ago', () => { - const pastHour = Date.vnNew(); - pastHour.setHours(pastHour.getHours() - 2); - - controller.ticket.isDeleted = true; - controller.ticket.updated = pastHour; - - const result = controller.canRestoreTicket; - - expect(result).toBeFalsy(); - }); - }); - describe('addTurn()', () => { it('should make a query and call $.addTurn.hide() and vnApp.showSuccess()', () => { controller.$.addTurn = {hide: () => {}}; @@ -105,20 +82,6 @@ describe('Ticket Component vnTicketDescriptorMenu', () => { }); }); - describe('restoreTicket()', () => { - it('should make a query to restore the ticket and call vnApp.showSuccess()', () => { - jest.spyOn(controller, 'reload').mockReturnThis(); - jest.spyOn(controller.vnApp, 'showSuccess'); - - $httpBackend.expectPOST(`Tickets/${ticket.id}/restore`).respond(); - controller.restoreTicket(); - $httpBackend.flush(); - - expect(controller.reload).toHaveBeenCalled(); - expect(controller.vnApp.showSuccess).toHaveBeenCalled(); - }); - }); - describe('showPdfDeliveryNote()', () => { it('should open a new window showing a delivery note PDF document', () => { jest.spyOn(window, 'open').mockReturnThis(); diff --git a/modules/ticket/front/descriptor-menu/locale/es.yml b/modules/ticket/front/descriptor-menu/locale/es.yml index 3181a753c..111fc2702 100644 --- a/modules/ticket/front/descriptor-menu/locale/es.yml +++ b/modules/ticket/front/descriptor-menu/locale/es.yml @@ -14,7 +14,8 @@ Refund all...: Abonar todo... with warehouse: con almacén without warehouse: sin almacén Invoice sent: Factura enviada -The following refund ticket have been created: "Se ha creado siguiente ticket de abono: {{ticketId}}" +The following refund ticket have been created: "Se ha creado el siguiente ticket de abono: {{ticketId}}" +The following refund tickets have been created: "Se han creado los siguientes tickets de abono: {{ticketId}}" Transfer client: Transferir cliente Send SMS...: Enviar SMS... Notify changes: Notificar cambios diff --git a/modules/worker/back/methods/worker-dms/downloadFile.js b/modules/worker/back/methods/worker-dms/downloadFile.js index cc8653e0e..08fbcf924 100644 --- a/modules/worker/back/methods/worker-dms/downloadFile.js +++ b/modules/worker/back/methods/worker-dms/downloadFile.js @@ -29,7 +29,8 @@ module.exports = Self => { http: { path: `/:id/downloadFile`, verb: 'GET' - } + }, + accessScopes: ['read:multimedia'] }); Self.downloadFile = async function(ctx, id) { diff --git a/modules/worker/back/methods/worker/setPassword.js b/modules/worker/back/methods/worker/setPassword.js index 43d3d946f..9969530a4 100644 --- a/modules/worker/back/methods/worker/setPassword.js +++ b/modules/worker/back/methods/worker/setPassword.js @@ -1,31 +1,29 @@ -const UserError = require('vn-loopback/util/user-error'); +const ForbiddenError = require('vn-loopback/util/forbiddenError'); module.exports = Self => { Self.remoteMethodCtx('setPassword', { description: 'Set a new password', - accepts: [ - { - arg: 'workerFk', - type: 'number', - required: true, - description: 'The worker id', - }, - { - arg: 'newPass', - type: 'String', - required: true, - description: 'The new worker password' - } - ], + accepts: [{ + arg: 'id', + type: 'number', + required: true, + description: 'The worker id', + http: {source: 'path'} + }, { + arg: 'newPass', + type: 'String', + required: true, + description: 'The new worker password' + }], http: { path: `/:id/setPassword`, verb: 'PATCH' } }); - Self.setPassword = async(ctx, options) => { + Self.setPassword = async(ctx, id, newPass, options) => { const models = Self.app.models; const myOptions = {}; - const {args} = ctx; let tx; + if (typeof options == 'object') Object.assign(myOptions, options); if (!myOptions.transaction) { @@ -33,11 +31,10 @@ module.exports = Self => { myOptions.transaction = tx; } try { - const isSubordinate = await models.Worker.isSubordinate(ctx, args.workerFk, myOptions); - if (!isSubordinate) throw new UserError('You don\'t have enough privileges.'); + const isSubordinate = await Self.isSubordinate(ctx, id, myOptions); + if (!isSubordinate) throw new ForbiddenError('They\'re not your subordinate'); - await models.VnUser.setPassword(args.workerFk, args.newPass, myOptions); - await models.VnUser.updateAll({id: args.workerFk}, {emailVerified: true}, myOptions); + await models.Account.setUnverifiedPassword(id, newPass, myOptions); if (tx) await tx.commit(); } catch (e) { diff --git a/modules/worker/back/methods/worker/specs/setPassword.spec.js b/modules/worker/back/methods/worker/specs/setPassword.spec.js index fbb403b24..8d152bdd1 100644 --- a/modules/worker/back/methods/worker/specs/setPassword.spec.js +++ b/modules/worker/back/methods/worker/specs/setPassword.spec.js @@ -1,31 +1,30 @@ -const UserError = require('vn-loopback/util/user-error'); - -const models = require('vn-loopback/server/server').models; +const {models} = require('vn-loopback/server/server'); describe('worker setPassword()', () => { let ctx; + const newPass = 'H3rn4d3z#'; + const employeeId = 1; + const managerId = 20; + const administrativeId = 5; + beforeAll(() => { ctx = { req: { - accessToken: {}, + accessToken: {userId: managerId}, headers: {origin: 'http://localhost'} }, - args: {workerFk: 9} }; }); - beforeEach(() => { - ctx.req.accessToken.userId = 20; - ctx.args.newPass = 'H3rn4d3z#'; - }); - - it('should change the password', async() => { + it('should change the password if it is a subordinate and the email is not verified', async() => { const tx = await models.Worker.beginTransaction({}); try { const options = {transaction: tx}; - await models.Worker.setPassword(ctx, options); + await models.Worker.setPassword(ctx, employeeId, newPass, options); + const isNewPass = await passHasBeenChanged(employeeId, newPass, options); + expect(isNewPass).toBeTrue(); await tx.rollback(); } catch (e) { await tx.rollback(); @@ -33,29 +32,48 @@ describe('worker setPassword()', () => { } }); - it('should throw an error: Password does not meet requirements', async() => { - const tx = await models.Collection.beginTransaction({}); - ctx.args.newPass = 'Hi'; + it('should not change the password if it is a subordinate and the email is verified', async() => { + const tx = await models.Worker.beginTransaction({}); + try { const options = {transaction: tx}; - await models.Worker.setPassword(ctx, options); + await models.VnUser.updateAll({id: employeeId}, {emailVerified: true}, options); + await models.Worker.setPassword(ctx, employeeId, newPass, options); + + await tx.rollback(); + } catch (e) { + expect(e.message).toEqual(`This password can only be changed by the user themselves`); + await tx.rollback(); + } + }); + + it('should not change the password if it is not a subordinate', async() => { + const tx = await models.Worker.beginTransaction({}); + try { + const options = {transaction: tx}; + await models.Worker.setPassword(ctx, administrativeId, newPass, options); + await tx.rollback(); + } catch (e) { + expect(e.message).toEqual(`They're not your subordinate`); + await tx.rollback(); + } + }); + + it('should throw an error: Password does not meet requirements', async() => { + const tx = await models.Worker.beginTransaction({}); + const newPass = 'Hi'; + try { + const options = {transaction: tx}; + await models.Worker.setPassword(ctx, employeeId, newPass, options); await tx.rollback(); } catch (e) { expect(e.sqlMessage).toEqual('Password does not meet requirements'); await tx.rollback(); } }); - - it('should throw an error: You don\'t have enough privileges.', async() => { - ctx.req.accessToken.userId = 5; - const tx = await models.Collection.beginTransaction({}); - try { - const options = {transaction: tx}; - await models.Worker.setPassword(ctx, options); - await tx.rollback(); - } catch (e) { - expect(e).toEqual(new UserError(`You don't have enough privileges.`)); - await tx.rollback(); - } - }); }); + +const passHasBeenChanged = async(userId, pass, options) => { + const user = await models.VnUser.findById(userId, null, options); + return user.hasPassword(pass); +}; diff --git a/modules/worker/back/models/department.json b/modules/worker/back/models/department.json index edeba74f7..0245a7486 100644 --- a/modules/worker/back/models/department.json +++ b/modules/worker/back/models/department.json @@ -62,6 +62,11 @@ "type": "belongsTo", "model": "Worker", "foreignKey": "workerFk" + }, + "workerActivity": { + "type": "belongsTo", + "model": "Worker", + "foreignKey": "workerActivityTypeFk" } } -} +} \ No newline at end of file diff --git a/modules/worker/front/descriptor/index.html b/modules/worker/front/descriptor/index.html index 8290e2a15..73332efac 100644 --- a/modules/worker/front/descriptor/index.html +++ b/modules/worker/front/descriptor/index.html @@ -11,8 +11,8 @@ ? 'Click to allow the user to be disabled' : 'Click to exclude the user from getting disabled'}} - - Change password + + Change password diff --git a/modules/worker/front/descriptor/index.js b/modules/worker/front/descriptor/index.js index 13ffa6f2f..d7962369c 100644 --- a/modules/worker/front/descriptor/index.js +++ b/modules/worker/front/descriptor/index.js @@ -69,6 +69,7 @@ class Controller extends Descriptor { } ] }; + return this.getData(`Workers/${this.id}`, {filter}) .then(res => this.entity = res.data); } @@ -86,15 +87,14 @@ class Controller extends Descriptor { if (this.newPassword != this.repeatPassword) throw new UserError(`Passwords don't match`); this.$http.patch( - `Workers/${this.entity.id}/setPassword`, - {workerFk: this.entity.id, newPass: this.newPassword} + `Workers/${this.entity.id}/setPassword`, {newPass: this.newPassword} ) .then(() => { this.vnApp.showSuccess(this.$translate.instant('Password changed!')); - }); + }).then(() => this.loadData()); } } -Controller.$inject = ['$element', '$scope', '$rootScope']; +Controller.$inject = ['$element', '$scope', '$rootScope', 'vnConfig']; ngModule.vnComponent('vnWorkerDescriptor', { template: require('./index.html'), diff --git a/modules/worker/front/descriptor/index.spec.js b/modules/worker/front/descriptor/index.spec.js index d158a9e8e..4f7fa6a05 100644 --- a/modules/worker/front/descriptor/index.spec.js +++ b/modules/worker/front/descriptor/index.spec.js @@ -16,6 +16,7 @@ describe('vnWorkerDescriptor', () => { const id = 1; const response = 'foo'; + $httpBackend.whenGET('UserConfigs/getUserConfig').respond({}); $httpBackend.expectRoute('GET', `Workers/${id}`).respond(response); controller.id = id; $httpBackend.flush(); diff --git a/package.json b/package.json index 9e897823d..6aecaccdc 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "salix-back", - "version": "24.12.0", + "version": "24.14.0", "author": "Verdnatura Levante SL", "description": "Salix backend", "license": "GPL-3.0",