Merge branch '3569-refactor_isEditable-canEdit' of https://gitea.verdnatura.es/verdnatura/salix into 3569-refactor_isEditable-canEdit
This commit is contained in:
commit
f9e6cbc0dd
|
|
@ -1,47 +0,0 @@
|
|||
module.exports = Self => {
|
||||
Self.remoteMethod('hasFuncionalityAcl', {
|
||||
description: 'Return if user has permissions',
|
||||
accepts: [
|
||||
{
|
||||
arg: 'model',
|
||||
type: 'String',
|
||||
description: 'The model',
|
||||
required: true
|
||||
},
|
||||
{
|
||||
arg: 'property',
|
||||
type: 'String',
|
||||
description: 'The property',
|
||||
required: true
|
||||
}
|
||||
],
|
||||
returns: {
|
||||
type: 'Object',
|
||||
root: true
|
||||
},
|
||||
http: {
|
||||
path: `/hasFuncionalityAcl`,
|
||||
verb: 'GET'
|
||||
}
|
||||
});
|
||||
|
||||
Self.hasFuncionalityAcl = async function(ctx, model, property) {
|
||||
const userId = ctx.req.accessToken.userId;
|
||||
const models = Self.app.models;
|
||||
|
||||
const acls = await models.FuncionalityAcl.find({
|
||||
where: {
|
||||
model: model,
|
||||
property: property
|
||||
}
|
||||
});
|
||||
|
||||
let hasPermissions;
|
||||
for (let acl of acls)
|
||||
if (!hasPermissions) hasPermissions = await models.Account.hasRole(userId, acl.role);
|
||||
|
||||
if (hasPermissions)
|
||||
return true;
|
||||
return false;
|
||||
};
|
||||
};
|
||||
|
|
@ -7,7 +7,6 @@ module.exports = Self => {
|
|||
require('../methods/account/change-password')(Self);
|
||||
require('../methods/account/set-password')(Self);
|
||||
require('../methods/account/validate-token')(Self);
|
||||
require('../methods/account/hasFuncionalityAcl')(Self);
|
||||
require('../methods/account/privileges')(Self);
|
||||
|
||||
// Validations
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`)
|
||||
VALUES
|
||||
('Sale', 'editTracked', 'READ', 'ALLOW', 'ROLE', 'production');
|
||||
|
|
@ -1,15 +0,0 @@
|
|||
CREATE TABLE `salix`.`funcionalityAcl` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`model` varchar(255) COLLATE utf8mb3_unicode_ci DEFAULT NULL,
|
||||
`property` varchar(255) COLLATE utf8mb3_unicode_ci DEFAULT NULL,
|
||||
`role` varchar(45) COLLATE utf8mb3_unicode_ci DEFAULT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
CONSTRAINT `role_FK` FOREIGN KEY (`role`) REFERENCES `account`.`role` (`name`) ON UPDATE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
|
||||
|
||||
|
||||
INSERT INTO `salix`.`funcionalityAcl` (`model`, `property`, `role`)
|
||||
VALUES
|
||||
('Sale', 'editTracked', 'production'),
|
||||
('Sale', 'editCloned', 66);
|
||||
('Sale', 'editWeekly', 66);
|
||||
|
|
@ -40,6 +40,7 @@
|
|||
"image/png",
|
||||
"image/jpeg",
|
||||
"image/jpg",
|
||||
"image/webp",
|
||||
"video/mp4"
|
||||
]
|
||||
},
|
||||
|
|
@ -60,7 +61,8 @@
|
|||
"multipart/x-zip",
|
||||
"image/png",
|
||||
"image/jpeg",
|
||||
"image/jpg"
|
||||
"image/jpg",
|
||||
"image/webp"
|
||||
]
|
||||
},
|
||||
"imageStorage": {
|
||||
|
|
@ -72,7 +74,8 @@
|
|||
"allowedContentTypes": [
|
||||
"image/png",
|
||||
"image/jpeg",
|
||||
"image/jpg"
|
||||
"image/jpg",
|
||||
"image/webp"
|
||||
]
|
||||
},
|
||||
"invoiceStorage": {
|
||||
|
|
@ -96,6 +99,7 @@
|
|||
"image/png",
|
||||
"image/jpeg",
|
||||
"image/jpg",
|
||||
"image/webp",
|
||||
"video/mp4"
|
||||
]
|
||||
},
|
||||
|
|
|
|||
|
|
@ -40,16 +40,36 @@ module.exports = Self => {
|
|||
const isTicketWeekly =
|
||||
await models.TicketWeekly.findOne({where: {ticketFk: firstSale.ticketFk}}, myOptions);
|
||||
|
||||
const canEditTracked = await models.Account.hasFuncionalityAcl(ctx, 'Sale', 'editTracked');
|
||||
const canEditCloned = await models.Account.hasFuncionalityAcl(ctx, 'Sale', 'editCloned');
|
||||
const canEditWeekly = await models.Account.hasFuncionalityAcl(ctx, 'Ticket', 'editWeekly');
|
||||
// (principalType, principalId,model, property, accessType,callback);
|
||||
// let canEditTracked = await models.ACL.checkPermission('ROLE', 'employee', 'Sale', 'updateConcept', '*');
|
||||
// let canEditTracked2 = await models.ACL.checkPermission('USER', 'developer', 'Sale', 'editTracked', 'READ');
|
||||
const array = ['editTracked'];
|
||||
let canEditTracked3 = await models.ACL.checkAccessForContext({
|
||||
principals: [{
|
||||
type: 'ROLE',
|
||||
id: 'employee'
|
||||
}],
|
||||
model: 'Sale',
|
||||
property: 'editTracked',
|
||||
methodNames: array,
|
||||
accessType: 'READ'
|
||||
});
|
||||
console.log(canEditTracked3);
|
||||
// canEditTracked = await models.ACL.resolvePermission(canEditTracked);
|
||||
// let canEditCloned = await models.ACL.checkPermission('ROLE', 'employee', 'Sale', 'editCloned', '*');
|
||||
// let canEditWeekly = await models.ACL.checkPermission('ROLE', 'employee', 'Ticket', 'editWeekly', '*');
|
||||
|
||||
// console.log(canEditTracked, canEditTracked2);
|
||||
console.log(canEditTracked3);
|
||||
const shouldEditTracked = canEditTracked || !hasSaleTracking;
|
||||
const shouldEditCloned = canEditCloned || !hasSaleCloned;
|
||||
const shouldEditWeekly = canEditWeekly || !isTicketWeekly;
|
||||
|
||||
const canEdit = shouldEditTracked && shouldEditCloned && shouldEditWeekly;
|
||||
|
||||
return canEdit;
|
||||
if (canEdit)
|
||||
return true;
|
||||
|
||||
return false;
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -91,20 +91,20 @@ describe('sale canEdit()', () => {
|
|||
|
||||
it('should return true if any of the sales is cloned and has the correct role', async() => {
|
||||
const tx = await models.Sale.beginTransaction({});
|
||||
const roleEnabled = await models.FuncionalityAcl.findOne({
|
||||
const roleEnabled = await models.ACL.findOne({
|
||||
where: {
|
||||
model: 'Sale',
|
||||
property: 'editCloned'
|
||||
}
|
||||
});
|
||||
if (!roleEnabled || !roleEnabled.role) return;
|
||||
if (!roleEnabled || !roleEnabled.principalId) return;
|
||||
|
||||
try {
|
||||
const options = {transaction: tx};
|
||||
|
||||
const roleId = await models.Role.findOne({
|
||||
where: {
|
||||
name: roleEnabled.role
|
||||
name: roleEnabled.principalId
|
||||
}
|
||||
});
|
||||
const ctx = {req: {accessToken: {userId: roleId}}};
|
||||
|
|
@ -146,20 +146,20 @@ describe('sale canEdit()', () => {
|
|||
|
||||
it('should return true if any of the sales is of ticketWeekly and has the correct role', async() => {
|
||||
const tx = await models.Sale.beginTransaction({});
|
||||
const roleEnabled = await models.FuncionalityAcl.findOne({
|
||||
const roleEnabled = await models.ACL.findOne({
|
||||
where: {
|
||||
model: 'Sale',
|
||||
property: 'editWeekly'
|
||||
}
|
||||
});
|
||||
if (!roleEnabled || !roleEnabled.role) return;
|
||||
if (!roleEnabled || !roleEnabled.principalId) return;
|
||||
|
||||
try {
|
||||
const options = {transaction: tx};
|
||||
|
||||
const roleId = await models.Role.findOne({
|
||||
where: {
|
||||
name: roleEnabled.role
|
||||
name: roleEnabled.principalId
|
||||
}
|
||||
});
|
||||
const ctx = {req: {accessToken: {userId: roleId}}};
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
const models = require('vn-loopback/server/server').models;
|
||||
|
||||
describe('sale reserve()', () => {
|
||||
fdescribe('sale reserve()', () => {
|
||||
const ctx = {
|
||||
req: {
|
||||
accessToken: {userId: 9},
|
||||
accessToken: {userId: 1},
|
||||
headers: {origin: 'localhost:5000'},
|
||||
__: () => {}
|
||||
}
|
||||
|
|
@ -31,7 +31,7 @@ describe('sale reserve()', () => {
|
|||
expect(error).toEqual(new Error(`The sales of this ticket can't be modified`));
|
||||
});
|
||||
|
||||
it('should update the given sales of a ticket to reserved', async() => {
|
||||
fit('should update the given sales of a ticket to reserved', async() => {
|
||||
const tx = await models.Sale.beginTransaction({});
|
||||
|
||||
try {
|
||||
|
|
|
|||
Loading…
Reference in New Issue