fix: refs #6942 acls & back

2024-05-27 10:48:32 +02:00 · 2024-05-27 10:48:32 +02:00 · dc90ad6595
parent f209718383
commit dc90ad6595
6 changed files with 129 additions and 2 deletions
--- a/db/versions/11065-yellowChrysanthemum/00-modifyInvoiceInPrivileges.sql
+++ b/db/versions/11065-yellowChrysanthemum/00-modifyInvoiceInPrivileges.sql
--- a/db/versions/11065-yellowChrysanthemum/01-modifyInvoiceInAcls.sql
+++ b/db/versions/11065-yellowChrysanthemum/01-modifyInvoiceInAcls.sql
@ -0,0 +1,22 @@
+UPDATE salix.ACL
+	SET accessType = 'READ'
+	WHERE principalId IN ('administrative','buyer')
+		AND model = 'invoiceIn'
+		AND property = '*';
+
+INSERT INTO salix.ACL (model, property, accessType, permission, principalType, principalId)
+VALUES 
+	('InvoiceIn', 'updateInvoiceIn', 'WRITE', 'ALLOW', 'ROLE', 'administrative'),
+	('InvoiceIn', 'clone', 'WRITE', 'ALLOW', 'ROLE', 'administrative'),
+	('InvoiceIn', 'corrective', 'WRITE', 'ALLOW', 'ROLE', 'administrative'),
+	('InvoiceIn', 'exchangeRateUpdate', 'WRITE', 'ALLOW', 'ROLE', 'administrative'),
+	('InvoiceIn', 'invoiceInEmail', 'WRITE', 'ALLOW', 'ROLE', 'administrative'),
+	('InvoiceIn', 'toBook', 'WRITE', 'ALLOW', 'ROLE', 'administrative'),
+	('InvoiceIn', 'toUnbook', 'WRITE', 'ALLOW', 'ROLE', 'administrative'),
+	('InvoiceIn', 'updateInvoiceIn', 'WRITE', 'ALLOW', 'ROLE', 'buyer'),
+	('InvoiceIn', 'clone', 'WRITE', 'ALLOW', 'ROLE', 'buyer'),
+	('InvoiceIn', 'corrective', 'WRITE', 'ALLOW', 'ROLE', 'buyer'),
+	('InvoiceIn', 'exchangeRateUpdate', 'WRITE', 'ALLOW', 'ROLE', 'buyer'),
+	('InvoiceIn', 'invoiceInEmail', 'WRITE', 'ALLOW', 'ROLE', 'buyer'),
+	('InvoiceIn', 'toBook', 'WRITE', 'ALLOW', 'ROLE', 'buyer'),
+	('InvoiceIn', 'toUnbook', 'WRITE', 'ALLOW', 'ROLE', 'buyer');
--- a/modules/invoiceIn/back/methods/invoice-in/updateInvoiceIn.js
+++ b/modules/invoiceIn/back/methods/invoice-in/updateInvoiceIn.js
@ -0,0 +1,104 @@
+module.exports = Self => {
+    Self.remoteMethodCtx('updateInvoiceIn', {
+        description: 'To update the invoiceIn attributes',
+        accessType: 'WRITE',
+        accepts: [{
+            arg: 'id',
+            type: 'number',
+            required: true,
+            description: 'The invoiceIn id',
+            http: {source: 'path'}
+        }, {
+            arg: 'supplierFk',
+            type: 'number',
+            required: true
+        }, {
+            arg: 'supplierRef',
+            type: 'any',
+        }, {
+            arg: 'issued',
+            type: 'any',
+        }, {
+            arg: 'operated',
+            type: 'any',
+        }, {
+            arg: 'deductibleExpenseFk',
+            type: 'any',
+        }, {
+            arg: 'dmsFk',
+            type: 'any',
+        }, {
+            arg: 'bookEntried',
+            type: 'any',
+        }, {
+            arg: 'booked',
+            type: 'any',
+        }, {
+            arg: 'currencyFk',
+            type: 'number',
+            required: true
+        }, {
+            arg: 'companyFk',
+            type: 'any',
+        }, {
+            arg: 'withholdingSageFk',
+            type: 'any',
+        },
+        ],
+        returns: {
+            type: 'object',
+            root: true
+        },
+        http: {
+            path: '/:id/updateInvoiceIn',
+            verb: 'PATCH'
+        }
+    });
+
+    Self.updateInvoiceIn = async(ctx,
+        id,
+        supplierFk,
+        supplierRef,
+        issued,
+        operated,
+        deductibleExpenseFk,
+        dmsFk,
+        bookEntried,
+        booked,
+        currencyFk,
+        companyFk,
+        withholdingSageFk,
+        options
+    ) => {
+        let tx;
+        const myOptions = {userId: ctx.req.accessToken.userId};
+
+        if (typeof options == 'object') Object.assign(myOptions, options);
+
+        if (!myOptions.transaction) {
+            tx = await Self.beginTransaction({});
+            myOptions.transaction = tx;
+        }
+
+        try {
+            const invoiceIn = await Self.findById(id, null, myOptions);
+            invoiceIn.updateAttributes({supplierFk,
+                supplierRef,
+                issued,
+                operated,
+                deductibleExpenseFk,
+                dmsFk,
+                bookEntried,
+                booked,
+                currencyFk,
+                companyFk,
+                withholdingSageFk
+            }, myOptions);
+            if (tx) await tx.commit();
+            return invoiceIn;
+        } catch (e) {
+            if (tx) await tx.rollback();
+            throw e;
+        }
+    };
+};
--- a/modules/invoiceIn/back/models/invoice-in.js
+++ b/modules/invoiceIn/back/models/invoice-in.js
@ -12,6 +12,7 @@ module.exports = Self => {
    require('../methods/invoice-in/corrective')(Self);
    require('../methods/invoice-in/exchangeRateUpdate')(Self);
    require('../methods/invoice-in/toUnbook')(Self);
+    require('../methods/invoice-in/updateInvoiceIn')(Self);

    Self.rewriteDbError(function(err) {
        if (err.code === 'ER_ROW_IS_REFERENCED_2' && err.sqlMessage.includes('vehicleInvoiceIn'))
--- a/modules/invoiceIn/front/basic-data/index.html
+++ b/modules/invoiceIn/front/basic-data/index.html
@ -1,4 +1,4 @@
-<mg-ajax path="InvoiceIns/{{patch.params.id}}" options="vnPatch"></mg-ajax>
+<mg-ajax path="InvoiceIns/{{patch.params.id}}/updateInvoiceIn" options="vnPatch"></mg-ajax>
 <vn-watcher
    vn-id="watcher"
    data="$ctrl.invoiceIn"
--- a/modules/item/back/models/expense.json
+++ b/modules/item/back/models/expense.json
@ -9,7 +9,7 @@
    "properties": {
        "id": {
            "id": true,
-            "type": "number",
+            "type": "string",
            "description": "Identifier"
        },
        "name": {