diff --git a/CHANGELOG.md b/CHANGELOG.md index 8967a1633..fa2ebcd62 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [2326.01] - 2023-06-29 ### Added +- (Entradas -> Correo) Al cambiar el tipo de cambio enviará un correo a las personas designadas ### Changed diff --git a/back/methods/vn-user/renew-token.js b/back/methods/vn-user/renew-token.js new file mode 100644 index 000000000..1f3532bd6 --- /dev/null +++ b/back/methods/vn-user/renew-token.js @@ -0,0 +1,38 @@ +const UserError = require('vn-loopback/util/user-error'); + +module.exports = Self => { + Self.remoteMethodCtx('renewToken', { + description: 'Checks if the token has more than renewPeriod seconds to live and if so, renews it', + accepts: [], + returns: { + type: 'Object', + root: true + }, + http: { + path: `/renewToken`, + verb: 'POST' + } + }); + + Self.renewToken = async function(ctx) { + const models = Self.app.models; + const userId = ctx.req.accessToken.userId; + const created = ctx.req.accessToken.created; + const tokenId = ctx.req.accessToken.id; + + const now = new Date(); + const differenceMilliseconds = now - created; + const differenceSeconds = Math.floor(differenceMilliseconds / 1000); + + const accessTokenConfig = await models.AccessTokenConfig.findOne({fields: ['renewPeriod']}); + + if (differenceSeconds <= accessTokenConfig.renewPeriod) + throw new UserError(`The renew period has not been exceeded`); + + await Self.logout(tokenId); + const user = await Self.findById(userId); + const accessToken = await user.createAccessToken(); + + return {token: accessToken.id, created: accessToken.created}; + }; +}; diff --git a/back/methods/vn-user/signIn.js b/back/methods/vn-user/signIn.js index 6615cb5f1..c98f1da54 100644 --- a/back/methods/vn-user/signIn.js +++ b/back/methods/vn-user/signIn.js @@ -76,6 +76,6 @@ module.exports = Self => { let loginInfo = Object.assign({password}, userInfo); token = await Self.login(loginInfo, 'user'); - return {token: token.id}; + return {token: token.id, created: token.created}; }; }; diff --git a/back/methods/vn-user/specs/signIn.js b/back/methods/vn-user/specs/signIn.spec.js similarity index 91% rename from back/methods/vn-user/specs/signIn.js rename to back/methods/vn-user/specs/signIn.spec.js index b46c645d6..c3f4630c6 100644 --- a/back/methods/vn-user/specs/signIn.js +++ b/back/methods/vn-user/specs/signIn.spec.js @@ -9,7 +9,7 @@ describe('VnUser signIn()', () => { expect(login.token).toBeDefined(); - await models.VnUser.signOut(ctx); + await models.VnUser.logout(ctx.req.accessToken.id); }); it('should return the token if the user doesnt exist but the client does', async() => { @@ -19,7 +19,7 @@ describe('VnUser signIn()', () => { expect(login.token).toBeDefined(); - await models.VnUser.signOut(ctx); + await models.VnUser.logout(ctx.req.accessToken.id); }); }); diff --git a/back/methods/vn-user/specs/signOut.js b/back/methods/vn-user/specs/signOut.js deleted file mode 100644 index c84e86f05..000000000 --- a/back/methods/vn-user/specs/signOut.js +++ /dev/null @@ -1,42 +0,0 @@ -const {models} = require('vn-loopback/server/server'); - -describe('VnUser signOut()', () => { - it('should logout and remove token after valid login', async() => { - let loginResponse = await models.VnUser.signOut('buyer', 'nightmare'); - let accessToken = await models.AccessToken.findById(loginResponse.token); - let ctx = {req: {accessToken: accessToken}}; - - let logoutResponse = await models.VnUser.signOut(ctx); - let tokenAfterLogout = await models.AccessToken.findById(loginResponse.token); - - expect(logoutResponse).toBeTrue(); - expect(tokenAfterLogout).toBeNull(); - }); - - it('should throw a 401 error when token is invalid', async() => { - let error; - let ctx = {req: {accessToken: {id: 'invalidToken'}}}; - - try { - response = await models.VnUser.signOut(ctx); - } catch (e) { - error = e; - } - - expect(error).toBeDefined(); - expect(error.statusCode).toBe(401); - }); - - it('should throw an error when no token is passed', async() => { - let error; - let ctx = {req: {accessToken: null}}; - - try { - response = await models.VnUser.signOut(ctx); - } catch (e) { - error = e; - } - - expect(error).toBeDefined(); - }); -}); diff --git a/back/model-config.json b/back/model-config.json index ff2bf5850..d945f3250 100644 --- a/back/model-config.json +++ b/back/model-config.json @@ -2,6 +2,14 @@ "AccountingType": { "dataSource": "vn" }, + "AccessTokenConfig": { + "dataSource": "vn", + "options": { + "mysql": { + "table": "salix.accessTokenConfig" + } + } + }, "Bank": { "dataSource": "vn" }, diff --git a/back/models/access-token-config.json b/back/models/access-token-config.json new file mode 100644 index 000000000..6d90a0f4d --- /dev/null +++ b/back/models/access-token-config.json @@ -0,0 +1,30 @@ +{ + "name": "AccessTokenConfig", + "base": "VnModel", + "options": { + "mysql": { + "table": "accessTokenConfig" + } + }, + "properties": { + "id": { + "type": "number", + "id": true, + "description": "Identifier" + }, + "renewPeriod": { + "type": "number", + "required": true + }, + "renewInterval": { + "type": "number", + "required": true + } + }, + "acls": [{ + "accessType": "READ", + "principalType": "ROLE", + "principalId": "$everyone", + "permission": "ALLOW" + }] +} diff --git a/back/models/vn-user.js b/back/models/vn-user.js index fb3279353..b58395acc 100644 --- a/back/models/vn-user.js +++ b/back/models/vn-user.js @@ -10,6 +10,9 @@ module.exports = function(Self) { require('../methods/vn-user/recover-password')(Self); require('../methods/vn-user/validate-token')(Self); require('../methods/vn-user/privileges')(Self); + require('../methods/vn-user/renew-token')(Self); + + Self.definition.settings.acls = Self.definition.settings.acls.filter(acl => acl.property !== 'create'); // Validations diff --git a/back/models/vn-user.json b/back/models/vn-user.json index 8486e29b8..61e42f77a 100644 --- a/back/models/vn-user.json +++ b/back/models/vn-user.json @@ -118,5 +118,24 @@ "principalId": "$authenticated", "permission": "ALLOW" } - ] + ], + "scopes": { + "preview": { + "fields": [ + "id", + "name", + "username", + "roleFk", + "nickname", + "lang", + "active", + "created", + "updated", + "image", + "hasGrant", + "realm", + "email" + ] + } + } } diff --git a/back/process.yml b/back/process.yml index 38d2b9eaf..a29323240 100644 --- a/back/process.yml +++ b/back/process.yml @@ -4,4 +4,4 @@ apps: instances: 1 max_restarts: 3 restart_delay: 15000 - node_args: --tls-min-v1.0 + node_args: --tls-min-v1.0 --openssl-legacy-provider diff --git a/db/changes/231801/00-userAcl.sql b/db/changes/231801/00-userAcl.sql index 64803bf18..9eb3ebf28 100644 --- a/db/changes/231801/00-userAcl.sql +++ b/db/changes/231801/00-userAcl.sql @@ -1,6 +1,5 @@ INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId) VALUES - ('VnUser', '*', '*', 'ALLOW', 'ROLE', 'employee'), ('VnUser','acl','READ','ALLOW','ROLE','account'), ('VnUser','getCurrentUserData','READ','ALLOW','ROLE','account'), ('VnUser','changePassword', 'WRITE', 'ALLOW', 'ROLE', 'account'), diff --git a/db/changes/232601/00-aclAccount.sql b/db/changes/232601/00-aclAccount.sql new file mode 100644 index 000000000..bf8106b98 --- /dev/null +++ b/db/changes/232601/00-aclAccount.sql @@ -0,0 +1,8 @@ +DELETE + FROM `salix`.`ACL` + WHERE model='Account' AND property='*' AND accessType='*'; + +INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId) + VALUES + ('Account', '*', 'WRITE', 'ALLOW', 'ROLE', 'sysadmin'), + ('Account', '*', 'READ', 'ALLOW', 'ROLE', 'employee'); diff --git a/db/changes/232601/00-aclMailAliasAccount.sql b/db/changes/232601/00-aclMailAliasAccount.sql new file mode 100644 index 000000000..619e9bb6e --- /dev/null +++ b/db/changes/232601/00-aclMailAliasAccount.sql @@ -0,0 +1,5 @@ +DELETE FROM `salix`.`ACL` WHERE model = 'MailAliasAccount'; +INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`) + VALUES + ('MailAliasAccount', '*', 'READ', 'ALLOW', 'ROLE', 'employee'), + ('MailAliasAccount', '*', 'WRITE', 'ALLOW', 'ROLE', 'itManagement'); diff --git a/db/changes/232601/00-aclMailForward.sql b/db/changes/232601/00-aclMailForward.sql new file mode 100644 index 000000000..afe2acec8 --- /dev/null +++ b/db/changes/232601/00-aclMailForward.sql @@ -0,0 +1,5 @@ +DELETE FROM `salix`.`ACL` WHERE model = 'MailForward'; +INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`) + VALUES + ('MailForward', '*', 'READ', 'ALLOW', 'ROLE', 'employee'), + ('MailForward', '*', 'WRITE', 'ALLOW', 'ROLE', 'itManagement'); diff --git a/db/changes/232601/00-aclRole.sql b/db/changes/232601/00-aclRole.sql new file mode 100644 index 000000000..e16f052be --- /dev/null +++ b/db/changes/232601/00-aclRole.sql @@ -0,0 +1,5 @@ +DELETE FROM `salix`.`ACL` WHERE model = 'Role'; +INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`) + VALUES + ('Role', '*', 'READ', 'ALLOW', 'ROLE', 'employee'), + ('Role', '*', 'WRITE', 'ALLOW', 'ROLE', 'it'); diff --git a/db/changes/232601/00-aclVnUser.sql b/db/changes/232601/00-aclVnUser.sql new file mode 100644 index 000000000..39fa2cb14 --- /dev/null +++ b/db/changes/232601/00-aclVnUser.sql @@ -0,0 +1,10 @@ +DELETE + FROM `salix`.`ACL` + WHERE model = 'VnUser' AND property = '*' AND principalId = 'employee'; + +INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId) + VALUES + ('VnUser', '*', '*', 'ALLOW', 'ROLE', 'itManagement'), + ('VnUser', '__get__preview', 'READ', 'ALLOW', 'ROLE', 'employee'), + ('VnUser', 'preview', '*', 'ALLOW', 'ROLE', 'employee'), + ('VnUser', 'create', '*', 'ALLOW', 'ROLE', 'itManagement'); diff --git a/db/changes/232601/00-entry_updateComission.sql b/db/changes/232601/00-entry_updateComission.sql new file mode 100644 index 000000000..5a25d72e8 --- /dev/null +++ b/db/changes/232601/00-entry_updateComission.sql @@ -0,0 +1,40 @@ +DELIMITER $$ +$$ +CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn`.`entry_updateComission`(vCurrency INT) +BEGIN +/** + * Actualiza la comision de las entradas de hoy a futuro y las recalcula + * + * @param vCurrency id del tipo de moneda(SAR,EUR,USD,GBP,JPY) + */ + DECLARE vCurrencyName VARCHAR(25); + DECLARE vComission INT; + + CREATE OR REPLACE TEMPORARY TABLE tmp.recalcEntryCommision + SELECT e.id + FROM vn.entry e + JOIN vn.travel t ON t.id = e.travelFk + JOIN vn.warehouse w ON w.id = t.warehouseInFk + WHERE t.shipped >= util.VN_CURDATE() + AND e.currencyFk = vCurrency; + + SET vComission = currency_getCommission(vCurrency); + + UPDATE vn.entry e + JOIN tmp.recalcEntryCommision tmp ON tmp.id = e.id + SET e.commission = vComission; + + SELECT `name` INTO vCurrencyName + FROM currency + WHERE id = vCurrency; + + CALL entry_recalc(); + SELECT util.notification_send( + 'entry-update-comission', + JSON_OBJECT('currencyName', vCurrencyName, 'referenceCurrent', vComission), + account.myUser_getId() + ); + + DROP TEMPORARY TABLE tmp.recalcEntryCommision; +END$$ +DELIMITER ; \ No newline at end of file diff --git a/db/changes/232601/00-salix.sql b/db/changes/232601/00-salix.sql new file mode 100644 index 000000000..dc1ed69be --- /dev/null +++ b/db/changes/232601/00-salix.sql @@ -0,0 +1,10 @@ +CREATE TABLE `salix`.`accessTokenConfig` ( + `id` int(10) unsigned NOT NULL AUTO_INCREMENT, + `renewPeriod` int(10) unsigned DEFAULT NULL, + `renewInterval` int(10) unsigned DEFAULT NULL, + PRIMARY KEY (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci; + +INSERT IGNORE INTO `salix`.`accessTokenConfig` (`id`, `renewPeriod`, `renewInterval`) + VALUES + (1, 21600, 300); diff --git a/db/dump/fixtures.sql b/db/dump/fixtures.sql index 3f4433fa1..9c930222f 100644 --- a/db/dump/fixtures.sql +++ b/db/dump/fixtures.sql @@ -2895,6 +2895,10 @@ INSERT INTO `vn`.`wagonTypeTray` (`id`, `typeFk`, `height`, `colorFk`) (2, 1, 50, 2), (3, 1, 0, 3); +INSERT INTO `salix`.`accessTokenConfig` (`id`, `renewPeriod`, `renewInterval`) + VALUES + (1, 21600, 300); + INSERT INTO `vn`.`travelConfig` (`id`, `warehouseInFk`, `warehouseOutFk`, `agencyFk`, `companyFk`) VALUES (1, 1, 1, 1, 442); diff --git a/e2e/paths/03-worker/06_create.spec.js b/e2e/paths/03-worker/06_create.spec.js index 98e67edbf..11d36b3cf 100644 --- a/e2e/paths/03-worker/06_create.spec.js +++ b/e2e/paths/03-worker/06_create.spec.js @@ -53,7 +53,7 @@ describe('Worker create path', () => { expect(message.text).toContain('Data saved!'); // 'rollback' - await page.loginAndModule('sysadmin', 'account'); + await page.loginAndModule('itManagement', 'account'); await page.accessToSearchResult(newWorker); await page.waitToClick(selectors.accountDescriptor.menuButton); diff --git a/e2e/paths/14-account/01_create_and_basic_data.spec.js b/e2e/paths/14-account/01_create_and_basic_data.spec.js index 54e4d1f12..e38d1aeec 100644 --- a/e2e/paths/14-account/01_create_and_basic_data.spec.js +++ b/e2e/paths/14-account/01_create_and_basic_data.spec.js @@ -8,7 +8,7 @@ describe('Account create and basic data path', () => { beforeAll(async() => { browser = await getBrowser(); page = browser.page; - await page.loginAndModule('developer', 'account'); + await page.loginAndModule('itManagement', 'account'); }); afterAll(async() => { diff --git a/front/core/services/auth.js b/front/core/services/auth.js index 41cd27f03..ef6c07637 100644 --- a/front/core/services/auth.js +++ b/front/core/services/auth.js @@ -64,7 +64,7 @@ export default class Auth { } onLoginOk(json, remember) { - this.vnToken.set(json.data.token, remember); + this.vnToken.set(json.data.token, json.data.created, remember); return this.loadAcls().then(() => { let continueHash = this.$state.params.continue; diff --git a/front/core/services/index.js b/front/core/services/index.js index 867a13df0..855f2fab1 100644 --- a/front/core/services/index.js +++ b/front/core/services/index.js @@ -11,3 +11,4 @@ import './report'; import './email'; import './file'; import './date'; + diff --git a/front/core/services/token.js b/front/core/services/token.js index 126fbb604..c1bb5a173 100644 --- a/front/core/services/token.js +++ b/front/core/services/token.js @@ -9,25 +9,33 @@ export default class Token { constructor() { try { this.token = sessionStorage.getItem('vnToken'); - if (!this.token) + this.created = sessionStorage.getItem('vnTokenCreated'); + if (!this.token) { this.token = localStorage.getItem('vnToken'); + this.created = localStorage.getItem('vnTokenCreated'); + } } catch (e) {} } - set(value, remember) { + set(token, created, remember) { this.unset(); try { - if (remember) - localStorage.setItem('vnToken', value); - else - sessionStorage.setItem('vnToken', value); + if (remember) { + localStorage.setItem('vnToken', token); + localStorage.setItem('vnTokenCreated', created); + } else { + sessionStorage.setItem('vnToken', token); + sessionStorage.setItem('vnTokenCreated', created); + } } catch (e) {} - this.token = value; + this.token = token; + this.created = created; } unset() { localStorage.removeItem('vnToken'); sessionStorage.removeItem('vnToken'); this.token = null; + this.created = null; } } diff --git a/front/salix/components/layout/index.js b/front/salix/components/layout/index.js index 48f50f404..dc2313f4f 100644 --- a/front/salix/components/layout/index.js +++ b/front/salix/components/layout/index.js @@ -3,13 +3,14 @@ import Component from 'core/lib/component'; import './style.scss'; export class Layout extends Component { - constructor($element, $, vnModules) { + constructor($element, $, vnModules, vnToken) { super($element, $); this.modules = vnModules.get(); } $onInit() { this.getUserData(); + this.getAccessTokenConfig(); } getUserData() { @@ -30,8 +31,42 @@ export class Layout extends Component { refresh() { window.location.reload(); } + + getAccessTokenConfig() { + this.$http.get('AccessTokenConfigs').then(json => { + const firtsResult = json.data[0]; + if (!firtsResult) return; + this.renewPeriod = firtsResult.renewPeriod; + this.renewInterval = firtsResult.renewInterval; + + const intervalMilliseconds = firtsResult.renewInterval * 1000; + this.inservalId = setInterval(this.checkTokenValidity.bind(this), intervalMilliseconds); + }); + } + + checkTokenValidity() { + const now = new Date(); + const differenceMilliseconds = now - new Date(this.vnToken.created); + const differenceSeconds = Math.floor(differenceMilliseconds / 1000); + + if (differenceSeconds > this.renewPeriod) { + this.$http.post('VnUsers/renewToken') + .then(json => { + if (json.data.token) { + let remember = true; + if (window.sessionStorage.vnToken) remember = false; + + this.vnToken.set(json.data.token, json.data.created, remember); + } + }); + } + } + + $onDestroy() { + clearInterval(this.inservalId); + } } -Layout.$inject = ['$element', '$scope', 'vnModules']; +Layout.$inject = ['$element', '$scope', 'vnModules', 'vnToken']; ngModule.vnComponent('vnLayout', { template: require('./index.html'), diff --git a/front/salix/components/layout/index.spec.js b/front/salix/components/layout/index.spec.js index 0d70c4806..8f65f32ce 100644 --- a/front/salix/components/layout/index.spec.js +++ b/front/salix/components/layout/index.spec.js @@ -37,4 +37,49 @@ describe('Component vnLayout', () => { expect(url).not.toBeDefined(); }); }); + + describe('getAccessTokenConfig()', () => { + it(`should set the renewPeriod and renewInterval properties in localStorage`, () => { + const response = [{ + renewPeriod: 100, + renewInterval: 5 + }]; + + $httpBackend.expect('GET', `AccessTokenConfigs`).respond(response); + controller.getAccessTokenConfig(); + $httpBackend.flush(); + + expect(controller.renewPeriod).toBe(100); + expect(controller.renewInterval).toBe(5); + expect(controller.inservalId).toBeDefined(); + }); + }); + + describe('checkTokenValidity()', () => { + it(`should not call renewToken and not set vnToken in the controller`, () => { + controller.renewPeriod = 100; + controller.vnToken.created = new Date(); + + controller.checkTokenValidity(); + + expect(controller.vnToken.token).toBeNull(); + }); + + it(`should call renewToken and set vnToken properties in the controller`, () => { + const response = { + token: 999, + created: new Date() + }; + controller.renewPeriod = 100; + const oneHourBefore = new Date(Date.now() - (60 * 60 * 1000)); + controller.vnToken.created = oneHourBefore; + + $httpBackend.expect('POST', `VnUsers/renewToken`).respond(response); + controller.checkTokenValidity(); + $httpBackend.flush(); + + expect(controller.vnToken.token).toBe(999); + expect(controller.vnToken.created).toEqual(response.created); + }); + }); }); diff --git a/loopback/common/models/vn-model.js b/loopback/common/models/vn-model.js index f92e1ea09..22b535f62 100644 --- a/loopback/common/models/vn-model.js +++ b/loopback/common/models/vn-model.js @@ -200,22 +200,20 @@ module.exports = function(Self) { const connector = this.dataSource.connector; let conn; let res; - const opts = Object.assign({}, options); try { if (userId) { - conn = await new Promise((resolve, reject) => { - connector.client.getConnection(function(err, conn) { - if (err) - reject(err); - else - resolve(conn); + if (!options.transaction) { + options = Object.assign({}, options); + conn = await new Promise((resolve, reject) => { + connector.client.getConnection(function(err, conn) { + if (err) + reject(err); + else + resolve(conn); + }); }); - }); - - const opts = Object.assign({}, options); - if (!opts.transaction) { - opts.transaction = { + options.transaction = { connection: conn, connector }; @@ -223,15 +221,14 @@ module.exports = function(Self) { await connector.executeP( 'CALL account.myUser_loginWithName((SELECT name FROM account.user WHERE id = ?))', - [userId], opts + [userId], options ); } - res = await connector.executeP(query, params, opts); + res = await connector.executeP(query, params, options); - if (userId) { - await connector.executeP('CALL account.myUser_logout()', null, opts); - } + if (userId) + await connector.executeP('CALL account.myUser_logout()', null, options); } finally { if (conn) conn.release(); } diff --git a/loopback/locale/es.json b/loopback/locale/es.json index 7e2701f95..895d087dc 100644 --- a/loopback/locale/es.json +++ b/loopback/locale/es.json @@ -293,5 +293,6 @@ "Pass expired": "La contraseña ha caducado, cambiela desde Salix", "Invalid NIF for VIES": "Invalid NIF for VIES", "Ticket does not exist": "Este ticket no existe", - "Ticket is already signed": "Este ticket ya ha sido firmado" + "Ticket is already signed": "Este ticket ya ha sido firmado", + "The renew period has not been exceeded": "El periodo de renovación no ha sido superado" } diff --git a/modules/account/front/aliases/index.html b/modules/account/front/aliases/index.html index 9f4ba857f..11d546afb 100644 --- a/modules/account/front/aliases/index.html +++ b/modules/account/front/aliases/index.html @@ -17,7 +17,9 @@ + ng-click="removeConfirm.show(row)" + vn-acl="itManagement" + vn-acl-action="remove"> @@ -30,9 +32,11 @@ translate-attr="{title: 'Add'}" vn-bind="+" ng-click="$ctrl.onAddClick()" - fixed-bottom-right> + fixed-bottom-right + vn-acl="itManagement" + vn-acl-action="remove"> - @@ -49,7 +53,7 @@ - this.user = res.data), + this.$http.get(`VnUsers/preview`, {filter}) + .then(res => { + const [user] = res.data; + this.user = user; + }), this.$http.get(`Accounts/${this.$params.id}/exists`) .then(res => this.hasAccount = res.data.exists) ]); diff --git a/modules/account/front/card/index.spec.js b/modules/account/front/card/index.spec.js index 204b897e4..712d3c1d8 100644 --- a/modules/account/front/card/index.spec.js +++ b/modules/account/front/card/index.spec.js @@ -15,12 +15,12 @@ describe('component vnUserCard', () => { it('should reload the controller data', () => { controller.$params.id = 1; - $httpBackend.expectGET('VnUsers/1').respond('foo'); + $httpBackend.expectGET('VnUsers/preview').respond('foo'); $httpBackend.expectGET('Accounts/1/exists').respond({exists: true}); controller.reload(); $httpBackend.flush(); - expect(controller.user).toBe('foo'); + expect(controller.user).toBe('f'); expect(controller.hasAccount).toBeTruthy(); }); }); diff --git a/modules/account/front/create/index.html b/modules/account/front/create/index.html index ee2de926a..acc07d346 100644 --- a/modules/account/front/create/index.html +++ b/modules/account/front/create/index.html @@ -12,18 +12,18 @@ @@ -39,7 +39,7 @@ type="password"> diff --git a/modules/account/front/create/index.js b/modules/account/front/create/index.js index 41fd718f6..01ba7905b 100644 --- a/modules/account/front/create/index.js +++ b/modules/account/front/create/index.js @@ -2,6 +2,11 @@ import ngModule from '../module'; import Section from 'salix/components/section'; export default class Controller extends Section { + constructor($element, $) { + super($element, $); + this.user = {active: true}; + } + onSubmit() { return this.$.watcher.submit().then(res => { this.$state.go('account.card.basicData', {id: res.data.id}); diff --git a/modules/account/front/descriptor/index.html b/modules/account/front/descriptor/index.html index 7a7ba43f3..381b2991c 100644 --- a/modules/account/front/descriptor/index.html +++ b/modules/account/front/descriptor/index.html @@ -6,7 +6,7 @@ Delete @@ -15,7 +15,7 @@ ng-if="::$root.user.id == $ctrl.id" ng-click="$ctrl.onChangePassClick(true)" name="changePassword" - vn-acl="hr" + vn-acl="sysadmin" vn-acl-action="remove" translate> Change password @@ -23,7 +23,7 @@ Set password @@ -32,7 +32,7 @@ ng-if="!$ctrl.hasAccount" ng-click="enableAccount.show()" name="enableAccount" - vn-acl="it" + vn-acl="sysadmin" vn-acl-action="remove" translate> Enable account @@ -41,7 +41,7 @@ ng-if="$ctrl.hasAccount" ng-click="disableAccount.show()" name="disableAccount" - vn-acl="it" + vn-acl="sysadmin" vn-acl-action="remove" translate> Disable account @@ -50,7 +50,7 @@ ng-if="!$ctrl.user.active" ng-click="activateUser.show()" name="activateUser" - vn-acl="hr" + vn-acl="itManagement" vn-acl-action="remove" translate> Activate user @@ -59,7 +59,7 @@ ng-if="$ctrl.user.active" ng-click="deactivateUser.show()" name="deactivateUser" - vn-acl="hr" + vn-acl="itManagement" vn-acl-action="remove" translate> Deactivate user diff --git a/modules/account/front/index/index.html b/modules/account/front/index/index.html index d067c8c37..7502c8b3d 100644 --- a/modules/account/front/index/index.html +++ b/modules/account/front/index/index.html @@ -14,11 +14,11 @@
{{::user.nickname}}
@@ -36,12 +36,12 @@ - - \ No newline at end of file + diff --git a/modules/account/front/mail-forwarding/index.html b/modules/account/front/mail-forwarding/index.html index 6c688f504..df5cd80bf 100644 --- a/modules/account/front/mail-forwarding/index.html +++ b/modules/account/front/mail-forwarding/index.html @@ -14,12 +14,12 @@ Todos los correos serán reenviados a la dirección especificada, no se mantendrá copia de los mismos en el buzón del usuario. +You don't have enough privileges: No tienes suficientes permisos diff --git a/modules/account/front/main/index.html b/modules/account/front/main/index.html index 5872a328d..36b493ec4 100644 --- a/modules/account/front/main/index.html +++ b/modules/account/front/main/index.html @@ -1,6 +1,6 @@ diff --git a/modules/account/front/privileges/index.html b/modules/account/front/privileges/index.html index 8e33b708e..61f2c534e 100644 --- a/modules/account/front/privileges/index.html +++ b/modules/account/front/privileges/index.html @@ -1,9 +1,7 @@ @@ -11,15 +9,16 @@ name="form" ng-submit="watcher.submit()" class="vn-w-md"> - + - + + + this.$.summary = res.data); + this.$http.get(`VnUsers/preview`, {filter}) + .then(res => { + const [summary] = res.data; + this.$.summary = summary; + }); } get isHr() { return this.aclService.hasAny(['hr']); diff --git a/modules/client/front/web-access/index.html b/modules/client/front/web-access/index.html index 15dc5ed58..74407ba5c 100644 --- a/modules/client/front/web-access/index.html +++ b/modules/client/front/web-access/index.html @@ -1,7 +1,5 @@ @@ -51,9 +49,9 @@ label="Save"> + ng-if="$ctrl.canChangePassword" + label="Change password" + vn-dialog="change-pass"> { + const [user] = res.data; + this.account = user; + }); + } + + get client() { + return this._client; + } + $onChanges() { if (this.client) { this.account = this.client.account; diff --git a/modules/client/front/web-access/index.spec.js b/modules/client/front/web-access/index.spec.js index c1bb47a8e..7325bf932 100644 --- a/modules/client/front/web-access/index.spec.js +++ b/modules/client/front/web-access/index.spec.js @@ -5,12 +5,14 @@ describe('Component VnClientWebAccess', () => { let $scope; let vnApp; let controller; + let $httpParamSerializer; beforeEach(ngModule('client')); - beforeEach(inject(($componentController, $rootScope, _$httpBackend_, _vnApp_) => { + beforeEach(inject(($componentController, $rootScope, _$httpBackend_, _$httpParamSerializer_, _vnApp_) => { $scope = $rootScope.$new(); $httpBackend = _$httpBackend_; + $httpParamSerializer = _$httpParamSerializer_; vnApp = _vnApp_; jest.spyOn(vnApp, 'showError'); const $element = angular.element(''); @@ -32,7 +34,10 @@ describe('Component VnClientWebAccess', () => { describe('isCustomer()', () => { it('should return true if the password can be modified', () => { controller.client = {id: '1234'}; + const filter = {where: {id: controller.client.id}}; + const serializedParams = $httpParamSerializer({filter}); + $httpBackend.expectGET(`VnUsers/preview?${serializedParams}`).respond('foo'); $httpBackend.expectGET(`Clients/${controller.client.id}/hasCustomerRole`).respond(true); controller.isCustomer(); $httpBackend.flush(); @@ -42,7 +47,10 @@ describe('Component VnClientWebAccess', () => { it(`should return a false if the password can't be modified`, () => { controller.client = {id: '1234'}; + const filter = {where: {id: controller.client.id}}; + const serializedParams = $httpParamSerializer({filter}); + $httpBackend.expectGET(`VnUsers/preview?${serializedParams}`).respond('foo'); $httpBackend.expectGET(`Clients/${controller.client.id}/hasCustomerRole`).respond(false); controller.isCustomer(); $httpBackend.flush(); @@ -54,9 +62,12 @@ describe('Component VnClientWebAccess', () => { describe('checkConditions()', () => { it('should perform a query to check if the client is valid', () => { controller.client = {id: '1234'}; + const filter = {where: {id: controller.client.id}}; + const serializedParams = $httpParamSerializer({filter}); expect(controller.canEnableCheckBox).toBeTruthy(); + $httpBackend.expectGET(`VnUsers/preview?${serializedParams}`).respond('foo'); $httpBackend.expectGET(`Clients/${controller.client.id}/isValidClient`).respond(false); controller.checkConditions(); $httpBackend.flush(); @@ -82,7 +93,10 @@ describe('Component VnClientWebAccess', () => { controller.newPassword = 'm24x8'; controller.repeatPassword = 'm24x8'; controller.canChangePassword = true; + const filter = {where: {id: controller.client.id}}; + const serializedParams = $httpParamSerializer({filter}); + $httpBackend.expectGET(`VnUsers/preview?${serializedParams}`).respond('foo'); const query = `Clients/${controller.client.id}/setPassword`; $httpBackend.expectPATCH(query, {newPassword: controller.newPassword}).respond('done'); controller.onPassChange(); diff --git a/modules/monitor/front/index/tickets/index.html b/modules/monitor/front/index/tickets/index.html index bdd4e76ff..94a950baf 100644 --- a/modules/monitor/front/index/tickets/index.html +++ b/modules/monitor/front/index/tickets/index.html @@ -50,13 +50,13 @@ Salesperson - + Date - + Theoretical - + Practical diff --git a/modules/order/back/methods/order/confirm.js b/modules/order/back/methods/order/confirm.js index 5fdab29b3..1fcb3a760 100644 --- a/modules/order/back/methods/order/confirm.js +++ b/modules/order/back/methods/order/confirm.js @@ -21,7 +21,6 @@ module.exports = Self => { Self.confirm = async(ctx, orderFk) => { const userId = ctx.req.accessToken.userId; - const query = `CALL hedera.order_confirmWithUser(?, ?)`; const response = await Self.rawSql(query, [orderFk, userId], {userId}); diff --git a/modules/supplier/back/locale/supplier-account/en.yml b/modules/supplier/back/locale/supplier-account/en.yml index 2bce50cfa..43c4ba40d 100644 --- a/modules/supplier/back/locale/supplier-account/en.yml +++ b/modules/supplier/back/locale/supplier-account/en.yml @@ -5,3 +5,4 @@ columns: beneficiary: beneficiary supplierFk: supplier bankEntityFk: bank entity + accountingFk: ledger account diff --git a/modules/supplier/back/locale/supplier-account/es.yml b/modules/supplier/back/locale/supplier-account/es.yml index 120293c8a..9db5708a3 100644 --- a/modules/supplier/back/locale/supplier-account/es.yml +++ b/modules/supplier/back/locale/supplier-account/es.yml @@ -5,3 +5,4 @@ columns: beneficiary: beneficiario supplierFk: proveedor bankEntityFk: entidad bancaria + accountingFk: cuenta contable diff --git a/modules/ticket/front/sale/index.html b/modules/ticket/front/sale/index.html index f50ef10a5..be9e81964 100644 --- a/modules/ticket/front/sale/index.html +++ b/modules/ticket/front/sale/index.html @@ -69,7 +69,7 @@ Price Disc Amount - Packaging + Packaging @@ -202,7 +202,7 @@ - {{$ctrl.getSaleTotal(sale) | currency: 'EUR':2}} + {{sale.amount | currency: 'EUR':2}} {{::sale.item.itemPackingTypeFk | dashIfEmpty}} diff --git a/modules/ticket/front/sale/index.js b/modules/ticket/front/sale/index.js index 88a59e605..b68db6dc0 100644 --- a/modules/ticket/front/sale/index.js +++ b/modules/ticket/front/sale/index.js @@ -34,6 +34,11 @@ class Controller extends Section { } get sales() { + if (this._sales) { + for (let sale of this._sales) + sale.amount = this.getSaleTotal(sale); + } + return this._sales; } @@ -49,6 +54,7 @@ class Controller extends Section { return ticketState && ticketState.state.code; } + getConfig() { let filter = { fields: ['daysForWarningClaim'], diff --git a/modules/worker/back/methods/department/getLeaves.js b/modules/worker/back/methods/department/getLeaves.js index 48fe78e08..b1ce2fbe8 100644 --- a/modules/worker/back/methods/department/getLeaves.js +++ b/modules/worker/back/methods/department/getLeaves.js @@ -1,5 +1,5 @@ module.exports = Self => { - Self.remoteMethodCtx, ('getLeaves', { + Self.remoteMethodCtx('getLeaves', { description: 'Returns the nodes for a department', accepts: [{ arg: 'parentId', diff --git a/modules/worker/back/methods/worker/isAuthorized.js b/modules/worker/back/methods/worker/isAuthorized.js new file mode 100644 index 000000000..519aab94f --- /dev/null +++ b/modules/worker/back/methods/worker/isAuthorized.js @@ -0,0 +1,44 @@ +module.exports = Self => { + Self.remoteMethod('isAuthorized', { + description: 'Return true if the current user is a superior of the worker that is passed by parameter', + accessType: 'READ', + accepts: [{ + arg: 'ctx', + type: 'Object', + http: {source: 'context'} + }, { + arg: 'id', + type: 'number', + required: true, + description: 'The worker id', + http: {source: 'path'} + }], + returns: { + type: 'boolean', + root: true + }, + http: { + path: `/:id/isAuthorized`, + verb: 'GET' + } + }); + + Self.isAuthorized = async(ctx, id, options) => { + const models = Self.app.models; + const currentUserId = ctx.req.accessToken.userId; + const isHimself = currentUserId == id; + + const myOptions = {}; + + if (typeof options == 'object') + Object.assign(myOptions, options); + + const isSubordinate = await models.Worker.isSubordinate(ctx, id, myOptions); + const isTeamBoss = await models.VnUser.hasRole(currentUserId, 'teamBoss', myOptions); + + if (!isSubordinate || (isSubordinate && isHimself && !isTeamBoss)) + return false; + + return true; + }; +}; diff --git a/modules/worker/back/models/worker.js b/modules/worker/back/models/worker.js index 16e4055bc..ccae3a6e6 100644 --- a/modules/worker/back/models/worker.js +++ b/modules/worker/back/models/worker.js @@ -17,6 +17,7 @@ module.exports = Self => { require('../methods/worker/deallocatePDA')(Self); require('../methods/worker/allocatePDA')(Self); require('../methods/worker/search')(Self); + require('../methods/worker/isAuthorized')(Self); Self.validatesUniquenessOf('locker', { message: 'This locker has already been assigned' diff --git a/modules/worker/front/account/index.html b/modules/worker/front/account/index.html deleted file mode 100644 index 6f6be660c..000000000 --- a/modules/worker/front/account/index.html +++ /dev/null @@ -1,33 +0,0 @@ - - - - -
- - - - - - - - - - - - - -
diff --git a/modules/worker/front/calendar/index.html b/modules/worker/front/calendar/index.html index c9eacbd82..29540081e 100644 --- a/modules/worker/front/calendar/index.html +++ b/modules/worker/front/calendar/index.html @@ -63,6 +63,7 @@ ng-model="$ctrl.businessId" search-function="{businessFk: $search}" value-field="businessFk" + show-field="businessFk" order="businessFk DESC" limit="5"> diff --git a/modules/worker/front/calendar/index.js b/modules/worker/front/calendar/index.js index 4ca0fc929..a52ecd7da 100644 --- a/modules/worker/front/calendar/index.js +++ b/modules/worker/front/calendar/index.js @@ -71,10 +71,6 @@ class Controller extends Section { } } - get payedHolidays() { - return this._businessId; - } - buildYearFilter() { const now = Date.vnNew(); now.setFullYear(now.getFullYear() + 1); @@ -95,10 +91,10 @@ class Controller extends Section { } getActiveContract() { - this.$http.get(`Workers/${this.worker.id}/activeContract`).then(res => { - if (res.data) - this.businessId = res.data.businessFk; - }); + this.$http.get(`Workers/${this.worker.id}/activeContract`) + .then(res => { + if (res.data) this.businessId = res.data.businessFk; + }); } getContractHolidays() { diff --git a/print/core/components/report-footer/report-footer.js b/print/core/components/report-footer/report-footer.js index 077ef0bde..ed718b8dc 100755 --- a/print/core/components/report-footer/report-footer.js +++ b/print/core/components/report-footer/report-footer.js @@ -5,10 +5,9 @@ module.exports = { name: 'report-footer', async serverPrefetch() { this.company = await db.findOne(` - SELECT IFNULL(ci.footnotes, cl.footnotes) as footnotes + SELECT IFNULL(ci.footnotes, c.footnotes) footnotes FROM company c - LEFT JOIN companyL10n cl ON c.id = cl.id - LEFT JOIN companyI18n ci ON ci.companyFk = cl.id + LEFT JOIN companyI18n ci ON ci.companyFk = c.id AND ci.lang = (SELECT lang FROM account.user where id = ?) WHERE c.code = ?`, [this.recipientId, this.companyCode]); diff --git a/print/templates/email/entry-update-comission/assets/css/import.js b/print/templates/email/entry-update-comission/assets/css/import.js new file mode 100644 index 000000000..7360587f7 --- /dev/null +++ b/print/templates/email/entry-update-comission/assets/css/import.js @@ -0,0 +1,13 @@ +const Stylesheet = require(`vn-print/core/stylesheet`); + +const path = require('path'); +const vnPrintPath = path.resolve('print'); + +module.exports = new Stylesheet([ + `${vnPrintPath}/common/css/spacing.css`, + `${vnPrintPath}/common/css/misc.css`, + `${vnPrintPath}/common/css/layout.css`, + `${vnPrintPath}/common/css/email.css`, + `${__dirname}/style.css`]) + .mergeStyles(); + diff --git a/print/templates/email/entry-update-comission/assets/css/style.css b/print/templates/email/entry-update-comission/assets/css/style.css new file mode 100644 index 000000000..5db85befa --- /dev/null +++ b/print/templates/email/entry-update-comission/assets/css/style.css @@ -0,0 +1,5 @@ +.external-link { + border: 2px dashed #8dba25; + border-radius: 3px; + text-align: center +} \ No newline at end of file diff --git a/print/templates/email/entry-update-comission/entry-update-comission.html b/print/templates/email/entry-update-comission/entry-update-comission.html new file mode 100644 index 000000000..d3ca1202a --- /dev/null +++ b/print/templates/email/entry-update-comission/entry-update-comission.html @@ -0,0 +1,10 @@ + +
+
+

+ {{$t('dear')}} +

+

+
+
+
diff --git a/print/templates/email/entry-update-comission/entry-update-comission.js b/print/templates/email/entry-update-comission/entry-update-comission.js new file mode 100755 index 000000000..8afe10ea0 --- /dev/null +++ b/print/templates/email/entry-update-comission/entry-update-comission.js @@ -0,0 +1,19 @@ +const Component = require(`vn-print/core/component`); +const emailBody = new Component('email-body'); + +module.exports = { + name: 'entry-update-comission', + components: { + 'email-body': emailBody.build(), + }, + props: { + currencyName: { + type: String, + required: true + }, + referenceCurrent: { + type: Number, + required: true + } + } +}; diff --git a/print/templates/email/entry-update-comission/locale/es.yml b/print/templates/email/entry-update-comission/locale/es.yml new file mode 100644 index 000000000..de58be3e7 --- /dev/null +++ b/print/templates/email/entry-update-comission/locale/es.yml @@ -0,0 +1,4 @@ +subject: Actualización tipo de cambio en entradas +title: Actualización tipo de cambio en entradas +dear: Hola, +body: 'El tipo de cambio para las ENTRADAS/COMPRAS en {0} se ha actualizado a partir de hoy en: {1}' \ No newline at end of file diff --git a/print/templates/reports/invoice/invoice.html b/print/templates/reports/invoice/invoice.html index 727621b2c..d74325dfd 100644 --- a/print/templates/reports/invoice/invoice.html +++ b/print/templates/reports/invoice/invoice.html @@ -242,7 +242,7 @@ -
+
{{$t('observations')}}
@@ -267,9 +267,7 @@ v-bind:left-text="$t('invoiceRef', [invoice.ref])" v-bind:center-text="client.socialName" v-bind:recipient-id="client.id" - v-bind="$props" - - > + v-bind="$props">