diff --git a/back/methods/account/funcionalityAcl.js b/back/methods/account/funcionalityAcl.js index 3a5e09720..ae73dee0b 100644 --- a/back/methods/account/funcionalityAcl.js +++ b/back/methods/account/funcionalityAcl.js @@ -29,12 +29,20 @@ module.exports = Self => { const userId = ctx.req.accessToken.userId; const models = Self.app.models; - const [acl] = await Self.rawSql( - `SELECT f.role - FROM salix.funcionalityAcl f - WHERE f.model = ? - AND f.property = ?`, [model, property]); + const acls = await models.FuncionalityAcl.find({ + where: { + model: model, + property: property + } + }); - return await models.Account.hasRole(userId, acl.role); + const hasPermissions = acls.filter(async acl => { + console.log('FILTER: '); + acl.role && await models.Account.hasRole(userId, acl.role); + }); + console.log(hasPermissions); + if (hasPermissions) + return true; + return false; }; }; diff --git a/back/model-config.json b/back/model-config.json index 830a78fd4..c35196955 100644 --- a/back/model-config.json +++ b/back/model-config.json @@ -53,6 +53,9 @@ "EmailUser": { "dataSource": "vn" }, + "FuncionalityAcl": { + "dataSource": "vn" + }, "Image": { "dataSource": "vn" }, diff --git a/back/models/account.js b/back/models/account.js index 5b101eef7..368f154bc 100644 --- a/back/models/account.js +++ b/back/models/account.js @@ -7,7 +7,7 @@ module.exports = Self => { require('../methods/account/change-password')(Self); require('../methods/account/set-password')(Self); require('../methods/account/validate-token')(Self); - require('../methods/account/aclFunc')(Self); + require('../methods/account/funcionalityAcl')(Self); // Validations diff --git a/db/changes/10490-august/00-funcionalityAcl.sql b/db/changes/10490-august/00-funcionalityAcl.sql index 889a92c48..b52580327 100644 --- a/db/changes/10490-august/00-funcionalityAcl.sql +++ b/db/changes/10490-august/00-funcionalityAcl.sql @@ -1,7 +1,13 @@ -CREATE TABLE `funcionalityAcl` ( +CREATE TABLE `salix`.`funcionalityAcl` ( `id` int(11) NOT NULL AUTO_INCREMENT, `model` varchar(255) COLLATE utf8mb3_unicode_ci DEFAULT NULL, `property` varchar(255) COLLATE utf8mb3_unicode_ci DEFAULT NULL, `role` varchar(45) COLLATE utf8mb3_unicode_ci DEFAULT NULL, PRIMARY KEY (`id`) - ) ENGINE=InnoDB AUTO_INCREMENT=65 DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci +) ENGINE=InnoDB AUTO_INCREMENT=65 DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci; + + +INSERT INTO `salix`.`funcionalityAcl` (`model`, `property`, `role`) + VALUES + ('Sale', 'editTracked', 'production'), + ('Sale', 'editCloned', NULL); diff --git a/db/dump/fixtures.sql b/db/dump/fixtures.sql index cde9345ef..fb31c08a5 100644 --- a/db/dump/fixtures.sql +++ b/db/dump/fixtures.sql @@ -2665,11 +2665,6 @@ INSERT INTO `vn`.`ticketCollection` (`ticketFk`, `collectionFk`, `created`, `lev VALUES (9, 3, util.VN_NOW(), NULL, 0, NULL, NULL, NULL, NULL); -INSERT INTO `salix`.`funcionalityAcl` (`model`, `property`, `role`) - VALUES - ('Sale', 'editTracked', 'production'), - ('Sale', 'editCloned', 'production'); - INSERT INTO `vn`.`saleCloned` (`saleClonedFk`, `saleOriginalFk`) VALUES ('26', '25'); diff --git a/modules/ticket/back/methods/sale/specs/canEdit.spec.js b/modules/ticket/back/methods/sale/specs/canEdit.spec.js index 9533d6464..1fe63f33c 100644 --- a/modules/ticket/back/methods/sale/specs/canEdit.spec.js +++ b/modules/ticket/back/methods/sale/specs/canEdit.spec.js @@ -91,7 +91,7 @@ describe('sale canEdit()', () => { it('should return true if any of the sales is cloned and has the correct role', async() => { const tx = await models.Sale.beginTransaction({}); - // modify? + try { const options = {transaction: tx};