Merge branch 'dev' into 6023-changeRol

2023-11-10 10:49:38 +00:00 · 2023-11-10 10:49:38 +00:00 · eb98de71b1
parent 9f92bc4b4c ad07c4ec97
commit eb98de71b1
13 changed files with 277 additions and 100 deletions
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@ -10,5 +10,8 @@
    "eslint.format.enable": true,
    "[javascript]": {
        "editor.defaultFormatter": "dbaeumer.vscode-eslint"
-    }
+    },
+    "cSpell.words": [
+        "salix"
+    ]
 }
--- a/back/methods/notification/getList.js
+++ b/back/methods/notification/getList.js
@ -0,0 +1,54 @@
+module.exports = Self => {
+    Self.remoteMethod('getList', {
+        description: 'Get list of the available and active notification subscriptions',
+        accessType: 'READ',
+        accepts: [
+            {
+                arg: 'id',
+                type: 'number',
+                description: 'User to modify',
+                http: {source: 'path'}
+            }
+        ],
+        returns: {
+            type: 'object',
+            root: true
+        },
+        http: {
+            path: `/:id/getList`,
+            verb: 'GET'
+        }
+    });
+
+    Self.getList = async(id, options) => {
+        const activeNotificationsMap = new Map();
+
+        const myOptions = {};
+
+        if (typeof options == 'object')
+            Object.assign(myOptions, options);
+
+        const availableNotificationsMap = await Self.getAvailable(id, myOptions);
+        const activeNotifications = await Self.app.models.NotificationSubscription.find({
+            fields: ['id', 'notificationFk'],
+            include: {relation: 'notification'},
+            where: {userFk: id}
+        }, myOptions);
+
+        for (active of activeNotifications) {
+            activeNotificationsMap.set(active.notificationFk, {
+                id: active.id,
+                notificationFk: active.notificationFk,
+                name: active.notification().name,
+                description: active.notification().description,
+                active: true
+            });
+            availableNotificationsMap.delete(active.notificationFk);
+        }
+
+        return {
+            active: [...activeNotificationsMap.entries()],
+            available: [...availableNotificationsMap.entries()]
+        };
+    };
+};
--- a/back/methods/notification/specs/getList.spec.js
+++ b/back/methods/notification/specs/getList.spec.js
@ -0,0 +1,13 @@
+const models = require('vn-loopback/server/server').models;
+
+describe('NotificationSubscription getList()', () => {
+    it('should return a list of available and active notifications of a user', async() => {
+        const userId = 9;
+        const {active, available} = await models.NotificationSubscription.getList(userId);
+        const notifications = await models.Notification.find({});
+        const totalAvailable = notifications.length - active.length;
+
+        expect(active.length).toEqual(2);
+        expect(available.length).toEqual(totalAvailable);
+    });
+});
--- a/back/models/notificationSubscription.js
+++ b/back/models/notificationSubscription.js
@ -1,62 +1,74 @@
 const UserError = require('vn-loopback/util/user-error');

 module.exports = Self => {
+    require('../methods/notification/getList')(Self);
+
    Self.observe('before save', async function(ctx) {
+        await checkModifyPermission(ctx);
+    });
+
+    Self.observe('before delete', async function(ctx) {
+        await checkModifyPermission(ctx);
+    });
+
+    async function checkModifyPermission(ctx) {
        const models = Self.app.models;
+        const instance = ctx.instance;
        const userId = ctx.options.accessToken.userId;
-        const user = await ctx.instance.userFk;
-        const modifiedUser = await getUserToModify(null, user, models);

-        if (userId != modifiedUser.id && userId != modifiedUser.bossFk)
-            throw new UserError('You dont have permission to modify this user');
-    });
+        let notificationFk;
+        let workerId;

-    Self.remoteMethod('deleteNotification', {
-        description: 'Deletes a notification subscription',
-        accepts: [
-            {
-                arg: 'ctx',
-                type: 'object',
-                http: {source: 'context'}
-            },
-            {
-                arg: 'notificationId',
-                type: 'number',
-                required: true
-            },
-        ],
-        returns: {
-            type: 'object',
-            root: true
-        },
-        http: {
-            verb: 'POST',
-            path: '/deleteNotification'
+        if (instance) {
+            notificationFk = instance.notificationFk;
+            workerId = instance.userFk;
+        } else {
+            const notificationSubscription = await models.NotificationSubscription.findById(ctx.where.id);
+            notificationFk = notificationSubscription.notificationFk;
+            workerId = notificationSubscription.userFk;
        }
-    });

-    Self.deleteNotification = async function(ctx, notificationId) {
-        const models = Self.app.models;
-        const user = ctx.req.accessToken.userId;
-        const modifiedUser = await getUserToModify(notificationId, null, models);
+        const worker = await models.Worker.findById(workerId, {fields: ['id', 'bossFk']});
+        const available = await Self.getAvailable(workerId);
+        const hasAcl = available.has(notificationFk);

-        if (user != modifiedUser.id && user != modifiedUser.bossFk)
-            throw new UserError('You dont have permission to modify this user');
-
-        await models.NotificationSubscription.destroyById(notificationId);
-    };
-
-    async function getUserToModify(notificationId, userFk, models) {
-        let userToModify = userFk;
-        if (notificationId) {
-            const subscription = await models.NotificationSubscription.findById(notificationId);
-            userToModify = subscription.userFk;
-        }
-        return await models.Worker.findOne({
-            fields: ['id', 'bossFk'],
-            where: {
-                id: userToModify
-            }
-        });
+        if (!hasAcl || (userId != worker.id && userId != worker.bossFk))
+            throw new UserError('The notification subscription of this worker cant be modified');
    }
+
+    Self.getAvailable = async function(userId, options) {
+        const availableNotificationsMap = new Map();
+        const models = Self.app.models;
+
+        const myOptions = {};
+
+        if (typeof options == 'object')
+            Object.assign(myOptions, options);
+
+        const roles = await models.RoleMapping.find({
+            fields: ['roleId'],
+            where: {principalId: userId}
+        }, myOptions);
+
+        const availableNotifications = await models.NotificationAcl.find({
+            fields: ['notificationFk', 'roleFk'],
+            include: {relation: 'notification'},
+            where: {
+                roleFk: {
+                    inq: roles.map(role => role.roleId),
+                },
+            }
+        }, myOptions);
+
+        for (available of availableNotifications) {
+            availableNotificationsMap.set(available.notificationFk, {
+                id: null,
+                notificationFk: available.notificationFk,
+                name: available.notification().name,
+                description: available.notification().description,
+                active: false
+            });
+        }
+        return availableNotificationsMap;
+    };
 };
--- a/back/models/specs/notificationSubscription.spec.js
+++ b/back/models/specs/notificationSubscription.spec.js
@ -1,74 +1,126 @@
 const models = require('vn-loopback/server/server').models;

 describe('loopback model NotificationSubscription', () => {
-    it('Should fail to delete a notification if the user is not editing itself or a subordinate', async() => {
+    it('should fail to add a notification subscription if the worker doesnt have ACLs', async() => {
        const tx = await models.NotificationSubscription.beginTransaction({});
+        let error;

        try {
-            const options = {transaction: tx};
-            const user = 9;
+            const options = {transaction: tx, accessToken: {userId: 9}};
+            await models.NotificationSubscription.create({notificationFk: 1, userFk: 62}, options);
+
+            await tx.rollback();
+        } catch (e) {
+            await tx.rollback();
+            error = e;
+        }
+
+        expect(error.message).toEqual('The notification subscription of this worker cant be modified');
+    });
+
+    it('should fail to add a notification subscription if the user isnt editing itself or subordinate', async() => {
+        const tx = await models.NotificationSubscription.beginTransaction({});
+        let error;
+
+        try {
+            const options = {transaction: tx, accessToken: {userId: 1}};
+            await models.NotificationSubscription.create({notificationFk: 1, userFk: 9}, options);
+
+            await tx.rollback();
+        } catch (e) {
+            await tx.rollback();
+            error = e;
+        }
+
+        expect(error.message).toEqual('The notification subscription of this worker cant be modified');
+    });
+
+    it('should fail to delete a notification subscription if the user isnt editing itself or subordinate', async() => {
+        const tx = await models.NotificationSubscription.beginTransaction({});
+        let error;
+
+        try {
+            const options = {transaction: tx, accessToken: {userId: 9}};
            const notificationSubscriptionId = 2;
-            const ctx = {req: {accessToken: {userId: user}}};
-            const notification = await models.NotificationSubscription.findById(notificationSubscriptionId);
+            await models.NotificationSubscription.destroyAll({id: notificationSubscriptionId}, options);

-            let error;
-
-            try {
-                await models.NotificationSubscription.deleteNotification(ctx, notification.id, options);
-            } catch (e) {
-                error = e;
-            }
-
-            expect(error.message).toContain('You dont have permission to modify this user');
            await tx.rollback();
        } catch (e) {
            await tx.rollback();
-            throw e;
+            error = e;
        }
+
+        expect(error.message).toEqual('The notification subscription of this worker cant be modified');
    });

-    it('Should delete a notification if the user is editing itself', async() => {
+    it('should add a notification subscription if the user is editing itself', async() => {
        const tx = await models.NotificationSubscription.beginTransaction({});
+        let error;

        try {
-            const options = {transaction: tx};
-            const user = 9;
+            const options = {transaction: tx, accessToken: {userId: 9}};
+            await models.NotificationSubscription.create({notificationFk: 2, userFk: 9}, options);
+
+            await tx.rollback();
+        } catch (e) {
+            await tx.rollback();
+            error = e;
+        }
+
+        expect(error).toBeUndefined();
+    });
+
+    it('should delete a notification subscription if the user is editing itself', async() => {
+        const tx = await models.NotificationSubscription.beginTransaction({});
+        let error;
+
+        try {
+            const options = {transaction: tx, accessToken: {userId: 9}};
+            const notificationSubscriptionId = 6;
+            await models.NotificationSubscription.destroyAll({id: notificationSubscriptionId}, options);
+
+            await tx.rollback();
+        } catch (e) {
+            await tx.rollback();
+            error = e;
+        }
+
+        expect(error).toBeUndefined();
+    });
+
+    it('should add a notification subscription if the user is editing a subordinate', async() => {
+        const tx = await models.NotificationSubscription.beginTransaction({});
+        let error;
+
+        try {
+            const options = {transaction: tx, accessToken: {userId: 9}};
+            await models.NotificationSubscription.create({notificationFk: 1, userFk: 5}, options);
+
+            await tx.rollback();
+        } catch (e) {
+            await tx.rollback();
+            error = e;
+        }
+
+        expect(error).toBeUndefined();
+    });
+
+    it('should delete a notification subscription if the user is editing a subordinate', async() => {
+        const tx = await models.NotificationSubscription.beginTransaction({});
+        let error;
+
+        try {
+            const options = {transaction: tx, accessToken: {userId: 19}};
            const notificationSubscriptionId = 4;
-            const ctx = {req: {accessToken: {userId: user}}};
-            const notification = await models.NotificationSubscription.findById(notificationSubscriptionId);
+            await models.NotificationSubscription.destroyAll({id: notificationSubscriptionId}, options);

-            await models.NotificationSubscription.deleteNotification(ctx, notification.id, options);
-
-            const deletedNotification = await models.NotificationSubscription.findById(notificationSubscriptionId);
-
-            expect(deletedNotification).toBeNull();
            await tx.rollback();
        } catch (e) {
            await tx.rollback();
-            throw e;
+            error = e;
        }
-    });

-    it('Should delete a notification if the user is editing a subordinate', async() => {
-        const tx = await models.NotificationSubscription.beginTransaction({});
-
-        try {
-            const options = {transaction: tx};
-            const user = 9;
-            const notificationSubscriptionId = 5;
-            const ctx = {req: {accessToken: {userId: user}}};
-            const notification = await models.NotificationSubscription.findById(notificationSubscriptionId);
-
-            await models.NotificationSubscription.deleteNotification(ctx, notification.id, options);
-
-            const deletedNotification = await models.NotificationSubscription.findById(notificationSubscriptionId);
-
-            expect(deletedNotification).toBeNull();
-            await tx.rollback();
-        } catch (e) {
-            await tx.rollback();
-            throw e;
-        }
+        expect(error).toBeUndefined();
    });
 });

--- a/db/changes/234801/00-notificationSubscription.sql
+++ b/db/changes/234801/00-notificationSubscription.sql
@ -0,0 +1,3 @@
+INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`)
+    VALUES
+        ('NotificationSubscription', 'getList', 'READ', 'ALLOW', 'ROLE', 'employee');
--- a/db/dump/fixtures.sql
+++ b/db/dump/fixtures.sql
@ -2788,6 +2788,11 @@ INSERT INTO `util`.`notification` (`id`, `name`, `description`)
 INSERT INTO `util`.`notificationAcl` (`notificationFk`, `roleFk`)
    VALUES
        (1, 9),
+        (1, 1),
+        (2, 1),
+        (3, 9),
+        (4, 1),
+        (5, 9),
        (6, 9);

 INSERT INTO `util`.`notificationQueue` (`id`, `notificationFk`, `params`, `authorFk`, `status`, `created`)
@ -2800,6 +2805,8 @@ INSERT INTO `util`.`notificationSubscription` (`notificationFk`, `userFk`)
    VALUES
        (1, 1109),
        (1, 1110),
+        (2, 1110),
+        (4, 1110),
        (2, 1109),
 	    (1, 9),
        (1, 3),
--- a/loopback/locale/es.json
+++ b/loopback/locale/es.json
@ -321,9 +321,9 @@
 	"Select a different client": "Seleccione un cliente distinto",
 	"Fill all the fields": "Rellene todos los campos",
 	"The response is not a PDF": "La respuesta no es un PDF",
-	"Ticket without Route": "Ticket sin ruta",
 	"Booking completed": "Reserva completada",
 	"The ticket is in preparation": "El ticket [{{ticketId}}]({{{ticketUrl}}}) del comercial {{salesPersonId}} está en preparación",
 	"The amount cannot be less than the minimum": "La cantidad no puede ser menor que la cantidad mímina",
-	"quantityLessThanMin": "La cantidad no puede ser menor que la cantidad mímina"
+	"quantityLessThanMin": "La cantidad no puede ser menor que la cantidad mímina",
+	"The notification subscription of this worker cant be modified": "La subscripción a la notificación de este trabajador no puede ser modificada"
 }
--- a/modules/client/back/models/client.json
+++ b/modules/client/back/models/client.json
@ -158,7 +158,7 @@
 		},
 		"user": {
 			"type": "belongsTo",
-			"model": "Account",
+			"model": "VnUser",
 			"foreignKey": "id"
 		},
 		"payMethod": {
--- a/modules/worker/front/index.js
+++ b/modules/worker/front/index.js
@ -20,4 +20,5 @@ import './dms/create';
 import './dms/edit';
 import './note/index';
 import './note/create';
+import './notifications';

--- a/modules/worker/front/notifications/index.html
+++ b/modules/worker/front/notifications/index.html
@ -0,0 +1,2 @@
+<vn-card>
+</vn-card>
--- a/modules/worker/front/notifications/index.js
+++ b/modules/worker/front/notifications/index.js
@ -0,0 +1,21 @@
+import ngModule from '../module';
+import Section from 'salix/components/section';
+
+class Controller extends Section {
+    constructor($element, $) {
+        super($element, $);
+    }
+
+    async $onInit() {
+        const url = await this.vnApp.getUrl(`worker/${this.$params.id}/notifications`);
+        window.open(url).focus();
+    }
+}
+
+ngModule.vnComponent('vnWorkerNotifications', {
+    template: require('./index.html'),
+    controller: Controller,
+    bindings: {
+        ticket: '<'
+    }
+});
--- a/modules/worker/front/routes.json
+++ b/modules/worker/front/routes.json
@ -15,6 +15,7 @@
            {"state": "worker.card.timeControl", "icon": "access_time"},
            {"state": "worker.card.calendar", "icon": "icon-calendar"},
            {"state": "worker.card.pda", "icon": "phone_android"},
+            {"state": "worker.card.notifications", "icon": "notifications"},
            {"state": "worker.card.pbx", "icon": "icon-pbx"},
            {"state": "worker.card.dms.index", "icon": "cloud_upload"},
            {
@ -112,6 +113,14 @@
            "params": {
                "worker": "$ctrl.worker"
            }
+        }, {
+            "url": "/notifications",
+            "state": "worker.card.notifications",
+            "component": "vn-worker-notifications",
+            "description": "Notifications",
+            "params": {
+                "worker": "$ctrl.worker"
+            }
        }, {
            "url": "/time-control?timestamp",
            "state": "worker.card.timeControl",