diff --git a/db/changes/233001/00-getRoutesByWorker.sql b/db/changes/234801/00-getRoutesByWorker.sql similarity index 71% rename from db/changes/233001/00-getRoutesByWorker.sql rename to db/changes/234801/00-getRoutesByWorker.sql index aa612d48e..bdc4a246e 100644 --- a/db/changes/233001/00-getRoutesByWorker.sql +++ b/db/changes/234801/00-getRoutesByWorker.sql @@ -18,7 +18,3 @@ INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `pri ('Route', 'insertTicket', 'WRITE', 'ALLOW', 'ROLE', 'employee'), ('Route', 'getDeliveryPoint', 'READ', 'ALLOW', 'ROLE', 'deliveryBoss'), ('Route', 'summary', 'READ', 'ALLOW', 'ROLE', 'employee'); - - -INSERT INTO salix.AccessToken (id, ttl, scopes, created, userId, outdated) VALUES('1z0GILWTs8huKrJGp7Fj0PvHaGA8Gg9DTNhm6nn6AfhkNJygeVUHMZKOGfMPp0xO', 1209600, NULL, '2023-07-17 13:34:10', 56, '2023-07-31 13:34:10'); -INSERT INTO salix.AccessToken (id, ttl, scopes, created, userId, outdated) VALUES('1z0GILWTs8huKrJGp7Fj0PvHaGA8Gg9DTNhm6nn6AfhkNJygeVUHMZKOGfMPp0xP', 1209600, NULL, '2023-07-17 13:34:10', 57, '2023-07-31 13:34:10'); diff --git a/modules/client/back/methods/client/specs/getRoutesByWorker.spec.js b/modules/client/back/methods/client/specs/getRoutesByWorker.spec.js deleted file mode 100644 index b43fe49d2..000000000 --- a/modules/client/back/methods/client/specs/getRoutesByWorker.spec.js +++ /dev/null @@ -1,19 +0,0 @@ -const {models} = require('vn-loopback/server/server'); - -describe('getRoutesByWorker', () => { - fit('should return the routes of the worker can view all routes', async() => { - const deliveryBossId = 57; - const ctx = {req: {accessToken: {userId: deliveryBossId}}}; - const result = await models.Route.getRoutesByWorker(ctx); - - expect(result.length).toEqual(7); - }); - - fit('should return the routes of the worker can not view all routes', async() => { - const deliveryId = 56; - const ctx = {req: {accessToken: {userId: deliveryId}}}; - const result = await models.Route.getRoutesByWorker(ctx); - - expect(result.length).toEqual(5); - }); -}); diff --git a/modules/route/back/methods/route/filter.js b/modules/route/back/methods/route/filter.js index fc35e979f..afefa77d1 100644 --- a/modules/route/back/methods/route/filter.js +++ b/modules/route/back/methods/route/filter.js @@ -105,7 +105,7 @@ module.exports = Self => { } }); - filter = mergeFilters(ctx.args.filter, {where}); + filter = mergeFilters(filter, {where}); let stmts = []; let stmt; @@ -129,9 +129,11 @@ module.exports = Self => { r.description, am.name agencyName, u.name AS workerUserName, - v.numberPlate AS vehiclePlateNumber + v.numberPlate AS vehiclePlateNumber, + Date_format(r.time, '%H:%i') hour FROM route r LEFT JOIN agencyMode am ON am.id = r.agencyModeFk + LEFT JOIN agency a ON a.id = am.agencyFk LEFT JOIN vehicle v ON v.id = r.vehicleFk LEFT JOIN worker w ON w.id = r.workerFk LEFT JOIN account.user u ON u.id = w.id` diff --git a/modules/route/back/methods/route/getByWorker.js b/modules/route/back/methods/route/getByWorker.js new file mode 100644 index 000000000..2f8a286e6 --- /dev/null +++ b/modules/route/back/methods/route/getByWorker.js @@ -0,0 +1,66 @@ +const mergeFilters = require('vn-loopback/util/filter').mergeFilters; + +module.exports = Self => { + Self.remoteMethodCtx('getByWorker', { + description: 'Return the routes by worker', + accessType: 'READ', + returns: { + type: ['object'], + root: true + }, + http: { + path: `/getByWorker`, + verb: 'GET' + } + }); + + Self.getByWorker = async ctx => { + const models = Self.app.models; + const userId = ctx.req.accessToken.userId; + const myOptions = {}; + + if (typeof options == 'object') + Object.assign(myOptions, options); + + const canViewAll = await models.ACL.checkAccessAcl(ctx, 'Route', 'canViewAllRoute', 'READ'); + let filterGrant = {}; + console.log(userId); + console.log(canViewAll); + if (canViewAll) { + const userConfig = await models.UserConfig.getUserConfig(ctx, myOptions); + filterGrant = { + where: {'a.warehouseFk': userConfig.warehouseFk} + }; + } else { + filterGrant = { + where: {'r.workerFk': userId} + }; + } + + const currentDate = Date.vnNew(); + currentDate.setHours(0, 0, 0, 0); + const nextDay = Date.vnNew(); + nextDay.setDate(currentDate.getDate() + 1); + + const filter = { + where: { + and: [ + { + or: [ + {'r.created': currentDate}, + {'r.created': nextDay} + ] + } + ] + }, + order: [ + 'r.created ASC', + 'r.time ASC', + 'am.name ASC' + ] + }; + + const result = await Self.filter(ctx, mergeFilters(filter, filterGrant)); + return result; + }; +}; diff --git a/modules/route/back/methods/route/getRoutesByWorker.js b/modules/route/back/methods/route/getRoutesByWorker.js deleted file mode 100644 index 0a6f59816..000000000 --- a/modules/route/back/methods/route/getRoutesByWorker.js +++ /dev/null @@ -1,48 +0,0 @@ -module.exports = Self => { - Self.remoteMethodCtx('getRoutesByWorker', { - description: 'Return the routes by worker', - accessType: 'READ', - returns: { - type: 'object', - root: true - }, - http: { - path: `/get-routes-by-worker`, - verb: 'GET' - } - }); - - Self.getRoutesByWorker = async(ctx, options) => { - const userId = ctx.req.accessToken.userId; - const myOptions = {}; - - if (typeof options == 'object') - Object.assign(myOptions, options); - - const canViewAll = await Self.app.models.ACL.checkAccessAcl(ctx, 'Route', 'canViewAllRoute', 'READ'); - const condition = canViewAll ? `ay.warehouseFK = uc.warehouseFk` : `r.workerFk = ${userId}`; - - return Self.rawSql(` - SELECT concat(w.firstName , ' ', w.lastName) driver, - r.id, - Date_format(r.time, '%H:%i') hour, - r.created, - r.m3, - v.numberPlate, - a.name, - r.kmStart, - r.kmEnd, - r.started, - r.finished - FROM vn.route r - JOIN vn.vehicle v ON r.vehicleFk = v.id - JOIN vn.agencyMode a ON r.agencyModeFk = a.id - JOIN vn.agency ay ON a.agencyFk = ay.id - JOIN vn.worker w ON r.workerFk = w.id - LEFT JOIN vn.userConfig uc ON uc.userFk = ? - WHERE (r.created = util.VN_CURDATE() OR r.created = TIMESTAMPADD(day, 1, util.VN_CURDATE())) - AND ${condition} - ORDER BY r.created ASC, r.time ASC, a.name ASC - `, [userId], myOptions); - }; -}; diff --git a/modules/route/back/methods/route/specs/getByWorker.spec.js b/modules/route/back/methods/route/specs/getByWorker.spec.js new file mode 100644 index 000000000..52b8d6d87 --- /dev/null +++ b/modules/route/back/methods/route/specs/getByWorker.spec.js @@ -0,0 +1,39 @@ +const app = require('vn-loopback/server/server'); +const LoopBackContext = require('loopback-context'); + +fdescribe('route getByWorker()', () => { + const userId = 56; + const activeCtx = { + accessToken: {userId: userId}, + http: { + req: { + headers: {origin: 'http://localhost'} + } + } + }; + const ctx = {req: activeCtx}; + + beforeAll(() => { + spyOn(LoopBackContext, 'getCurrentContext').and.returnValue({ + active: activeCtx + }); + }); + + it('should return routes assigned to the worker', async() => { + const result = await app.models.Route.getByWorker(ctx); + + // AquĆ­ se verifica que el resultado contiene rutas asignadas al usuario + console.log(result); + + expect(result.every(route => route.workerFk === userId)).toBe(true); + }); + + it('should return all routes if user has canViewAllRoute permission', async() => { + // Simular que el usuario tiene permiso para ver todas las rutas + spyOn(app.models.ACL, 'checkAccessAcl').and.returnValue(Promise.resolve(true)); + + const result = await app.models.Route.getByWorker(ctx); + + expect(result.some(route => route.workerFk != userId)).toBe(true); + }); +}); diff --git a/modules/route/back/models/route.js b/modules/route/back/models/route.js index 073c601fe..cbdd75679 100644 --- a/modules/route/back/models/route.js +++ b/modules/route/back/models/route.js @@ -14,10 +14,10 @@ module.exports = Self => { require('../methods/route/driverRouteEmail')(Self); require('../methods/route/sendSms')(Self); require('../methods/route/downloadZip')(Self); - require('../methods/route/getRoutesByWorker')(Self); require('../methods/route/cmr')(Self); require('../methods/route/getExternalCmrs')(Self); require('../methods/route/downloadCmrsZip')(Self); + require('../methods/route/getByWorker')(Self); Self.validate('kmStart', validateDistance, { message: 'Distance must be lesser than 1000'