CHANGELOG.md

@@ -5,18 +5,33 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2346.01] - 2023-11-16
+
+### Added
+### Changed
+### Fixed
+
+## [2342.01] - 2023-11-02
+
+### Added
+### Changed
+### Fixed
 
 ## [2340.01] - 2023-10-05
 
 ### Added
-### Changed
+- (Usuarios -> Foto) Se muestra la foto del trabajador
 
+### Changed
 ### Fixed
+- (Usuarios -> Historial) Abre el descriptor del usuario correctamente
 
 ## [2338.01] - 2023-09-21
 
 ### Added
 - (Ticket -> Servicios) Se pueden abonar servicios
+- (Facturas -> Datos básicos) Muestra valores por defecto
+- (Facturas -> Borrado) Notificación al borrar un asiento ya enlazado en Sage
 ### Changed
 - (Trabajadores -> Calendario) Icono de check arreglado cuando pulsas un tipo de dia
 

back/methods/chat/sendCheckingPresence.js

@@ -26,15 +26,14 @@ module.exports = Self => {
 
     Self.sendCheckingPresence = async(ctx, recipientId, message) => {
         if (!recipientId) return false;
-
         const models = Self.app.models;
+
         const userId = ctx.req.accessToken.userId;
         const sender = await models.VnUser.findById(userId, {fields: ['id']});
         const recipient = await models.VnUser.findById(recipientId, null);
 
         // Prevent sending messages to yourself
         if (recipientId == userId) return false;
-
         if (!recipient)
             throw new Error(`Could not send message "${message}" to worker id ${recipientId} from user ${userId}`);
 

back/methods/collection/getTickets.js

@@ -0,0 +1,135 @@
+
+module.exports = Self => {
+    Self.remoteMethodCtx('getTickets', {
+        description: 'Make a new collection of tickets',
+        accessType: 'WRITE',
+        accepts: [{
+            arg: 'id',
+            type: 'number',
+            description: 'The collection id',
+            required: true,
+            http: {source: 'path'}
+        }, {
+            arg: 'print',
+            type: 'boolean',
+            description: 'True if you want to print'
+        }],
+        returns: {
+            type: ['object'],
+            root: true
+        },
+        http: {
+            path: `/:id/getTickets`,
+            verb: 'POST'
+        }
+    });
+
+    Self.getTickets = async(ctx, id, print, options) => {
+        const userId = ctx.req.accessToken.userId;
+        const url = await Self.app.models.Url.getUrl();
+        const $t = ctx.req.__;
+        const myOptions = {};
+
+        if (typeof options == 'object')
+            Object.assign(myOptions, options);
+
+        myOptions.userId = userId;
+
+        const promises = [];
+        const [tickets] = await Self.rawSql(`CALL vn.collection_getTickets(?)`, [id], myOptions);
+        const sales = await Self.rawSql(`
+            SELECT s.ticketFk,
+                    sgd.saleGroupFk,
+                    s.id saleFk,
+                    s.itemFk,
+                    i.longName,
+                    i.size,
+                    ic.color,
+                    o.code origin,
+                    ish.packing,
+                    ish.grouping,
+                    s.isAdded,
+                    s.originalQuantity, 
+                    s.quantity saleQuantity,
+                    iss.quantity reservedQuantity,
+                    SUM(iss.quantity) OVER (PARTITION BY s.id ORDER BY ish.id) accumulatedQuantity,
+                    ROW_NUMBER () OVER (PARTITION BY s.id ORDER BY pickingOrder) currentItemShelving,
+                    COUNT(*) OVER (PARTITION BY s.id ORDER BY s.id) totalItemShelving,
+                    sh.code,
+                    IFNULL(p2.code, p.code) parkingCode,
+                    IFNULL(p2.pickingOrder, p.pickingOrder) pickingOrder,
+                    iss.id itemShelvingSaleFk,
+                    iss.isPicked
+                FROM ticketCollection tc
+                    LEFT JOIN collection c ON c.id = tc.collectionFk
+                    JOIN ticket t ON t.id = tc.ticketFk
+                    JOIN sale s ON s.ticketFk = t.id
+                    LEFT JOIN saleGroupDetail sgd ON sgd.saleFk = s.id
+                    LEFT JOIN saleGroup sg ON sg.id = sgd.saleGroupFk
+                    LEFT JOIN parking p2 ON p2.id = sg.parkingFk
+                    JOIN item i ON i.id = s.itemFk
+                    LEFT JOIN itemShelvingSale iss ON iss.saleFk = s.id
+                    LEFT JOIN itemShelving ish ON ish.id = iss.itemShelvingFk
+                    LEFT JOIN shelving sh ON sh.code = ish.shelvingFk
+                    LEFT JOIN parking p ON p.id = sh.parkingFk
+                    LEFT JOIN itemColor ic ON ic.itemFk = s.itemFk
+                    LEFT JOIN origin o ON o.id = i.originFk
+                WHERE tc.collectionFk = ?
+                GROUP BY ish.id, p.code, p2.code
+                ORDER BY pickingOrder;`, [id], myOptions);
+
+        if (print)
+            await Self.rawSql(`CALL vn.collection_printSticker(?, ?)`, [id, null], myOptions);
+
+        const collection = {collectionFk: id, tickets: []};
+        if (tickets && tickets.length) {
+            for (const ticket of tickets) {
+                const ticketId = ticket.ticketFk;
+                if (ticket.observaciones != '') {
+                    for (observation of ticket.observaciones.split(' ')) {
+                        if (['#', '@'].includes(observation.charAt(0))) {
+                            promises.push(Self.app.models.Chat.send(ctx, observation,
+                                $t('The ticket is in preparation', {
+                                    ticketId: ticketId,
+                                    ticketUrl: `${url}ticket/${ticketId}/summary`,
+                                    salesPersonId: ticket.salesPersonFk
+                                })));
+                        }
+                    }
+                }
+                if (sales && sales.length) {
+                    const barcodes = await Self.rawSql(`
+                        SELECT s.id saleFk, b.code, c.id
+                            FROM vn.sale s
+                                LEFT JOIN vn.itemBarcode b ON b.itemFk = s.itemFk
+                                LEFT JOIN vn.buy c ON c.itemFk = s.itemFk
+                                LEFT JOIN vn.entry e ON e.id = c.entryFk
+                                LEFT JOIN vn.travel tr ON tr.id = e.travelFk
+                            WHERE s.ticketFk = ? 
+                                AND tr.landed >= util.VN_CURDATE() - INTERVAL 1 YEAR`,
+                    [ticketId], myOptions);
+                    ticket.sales = [];
+                    for (const sale of sales) {
+                        if (sale.ticketFk === ticketId) {
+                            sale.Barcodes = [];
+                            if (barcodes && barcodes.length) {
+                                for (const barcode of barcodes) {
+                                    if (barcode.saleFk === sale.saleFk) {
+                                        for (const prop in barcode) {
+                                            if (['id', 'code'].includes(prop) && barcode[prop])
+                                                sale.Barcodes.push(barcode[prop].toString(), '0' + barcode[prop]);
+                                        }
+                                    }
+                                }
+                            }
+                            ticket.sales.push(sale);
+                        }
+                    }
+                }
+                collection.tickets.push(ticket);
+            }
+        }
+        await Promise.all(promises);
+        return collection;
+    };
+};

back/methods/collection/spec/getTickets.spec.js

@@ -0,0 +1,39 @@
+const models = require('vn-loopback/server/server').models;
+
+describe('collection getTickets()', () => {
+    let ctx;
+    beforeAll(async() => {
+        ctx = {
+            req: {
+                accessToken: {userId: 9},
+                headers: {origin: 'http://localhost'}
+            }
+        };
+    });
+
+    it('should get tickets, sales and barcodes from collection', async() => {
+        const tx = await models.Collection.beginTransaction({});
+
+        try {
+            const options = {transaction: tx};
+            const collectionId = 1;
+
+            const collectionTickets = await models.Collection.getTickets(ctx, collectionId, null, options);
+
+            expect(collectionTickets.collectionFk).toEqual(collectionId);
+            expect(collectionTickets.tickets.length).toEqual(3);
+            expect(collectionTickets.tickets[0].ticketFk).toEqual(1);
+            expect(collectionTickets.tickets[1].ticketFk).toEqual(2);
+            expect(collectionTickets.tickets[2].ticketFk).toEqual(23);
+            expect(collectionTickets.tickets[0].sales[0].ticketFk).toEqual(1);
+            expect(collectionTickets.tickets[0].sales[1].ticketFk).toEqual(1);
+            expect(collectionTickets.tickets[0].sales[2].ticketFk).toEqual(1);
+            expect(collectionTickets.tickets[0].sales[0].Barcodes.length).toBeTruthy();
+
+            await tx.rollback();
+        } catch (e) {
+            await tx.rollback();
+            throw e;
+        }
+    });
+});

back/methods/collection/spec/setSaleQuantity.spec.js

@@ -18,6 +18,14 @@ describe('setSaleQuantity()', () => {
 
     it('should change quantity sale', async() => {
         const tx = await models.Ticket.beginTransaction({});
+        spyOn(models.Sale, 'rawSql').and.callFake((sqlStatement, params, options) => {
+            if (sqlStatement.includes('catalog_calcFromItem')) {
+                sqlStatement = `CREATE OR REPLACE TEMPORARY TABLE tmp.ticketCalculateItem ENGINE = MEMORY
+                        SELECT 100 as available;`;
+                params = null;
+            }
+            return models.Ticket.rawSql(sqlStatement, params, options);
+        });
 
         try {
             const options = {transaction: tx};

back/methods/url/getByUser.js

@@ -0,0 +1,40 @@
+module.exports = function(Self) {
+    Self.remoteMethod('getByUser', {
+        description: 'returns the starred modules for the current user',
+        accessType: 'READ',
+        accepts: [{
+            arg: 'userId',
+            type: 'number',
+            description: 'The user id',
+            required: true,
+            http: {source: 'path'}
+        }],
+        returns: {
+            type: 'object',
+            root: true
+        },
+        http: {
+            path: `/:userId/get-by-user`,
+            verb: 'GET'
+        }
+    });
+
+    Self.getByUser = async userId => {
+        const models = Self.app.models;
+        const appNames = ['hedera'];
+        const filter = {
+            fields: ['appName', 'url'],
+            where: {
+                appName: {inq: appNames},
+                environment: process.env.NODE_ENV ?? 'development',
+            }
+        };
+
+        const isWorker = await models.Account.findById(userId, {fields: ['id']});
+        if (!isWorker)
+            return models.Url.find(filter);
+
+        appNames.push('salix');
+        return models.Url.find(filter);
+    };
+};

back/methods/url/getUrl.js

@@ -0,0 +1,30 @@
+module.exports = Self => {
+    Self.remoteMethod('getUrl', {
+        description: 'Returns the colling app name',
+        accessType: 'READ',
+        accepts: [
+            {
+                arg: 'app',
+                type: 'string',
+                required: false
+            }
+        ],
+        returns: {
+            type: 'object',
+            root: true
+        },
+        http: {
+            path: `/getUrl`,
+            verb: 'get'
+        }
+    });
+    Self.getUrl = async(appName = 'salix') => {
+        const {url} = await Self.app.models.Url.findOne({
+            where: {
+                appName,
+                enviroment: process.env.NODE_ENV || 'development'
+            }
+        });
+        return url;
+    };
+};

back/methods/url/specs/getByUser.spec.js

@@ -0,0 +1,19 @@
+const {models} = require('vn-loopback/server/server');
+
+describe('getByUser()', () => {
+    const worker = 1;
+    const notWorker = 2;
+    it(`should return only hedera url if not is worker`, async() => {
+        const urls = await models.Url.getByUser(notWorker);
+
+        expect(urls.length).toEqual(1);
+        expect(urls[0].appName).toEqual('hedera');
+    });
+
+    it(`should return more than hedera url`, async() => {
+        const urls = await models.Url.getByUser(worker);
+
+        expect(urls.length).toBeGreaterThan(1);
+        expect(urls.find(url => url.appName == 'salix').appName).toEqual('salix');
+    });
+});

back/methods/vn-user/update-user.js

@@ -0,0 +1,39 @@
+module.exports = Self => {
+    Self.remoteMethodCtx('updateUser', {
+        description: 'Update user data',
+        accepts: [
+            {
+                arg: 'id',
+                type: 'integer',
+                description: 'The user id',
+                required: true,
+                http: {source: 'path'}
+            }, {
+                arg: 'name',
+                type: 'string',
+                description: 'The user name',
+            }, {
+                arg: 'nickname',
+                type: 'string',
+                description: 'The user nickname',
+            }, {
+                arg: 'email',
+                type: 'string',
+                description: 'The user email'
+            }, {
+                arg: 'lang',
+                type: 'string',
+                description: 'The user lang'
+            }
+        ],
+        http: {
+            path: `/:id/update-user`,
+            verb: 'PATCH'
+        }
+    });
+
+    Self.updateUser = async(ctx, id, name, nickname, email, lang) => {
+        await Self.userSecurity(ctx, id);
+        await Self.upsertWithWhere({id}, {name, nickname, email, lang});
+    };
+};

back/models/chat.js

@@ -7,17 +7,14 @@ module.exports = Self => {
 
     Self.observe('before save', async function(ctx) {
         if (!ctx.isNewInstance) return;
-
         let {message} = ctx.instance;
         if (!message) return;
 
         const parts = message.match(/(?<=\[)[a-zA-Z0-9_\-+!@#$%^&*()={};':"\\|,.<>/?\s]*(?=])/g);
         if (!parts) return;
-
         const replacedParts = parts.map(part => {
             return part.replace(/[!$%^&*()={};':"\\,.<>/?]/g, '');
         });
-
         for (const [index, part] of parts.entries())
             message = message.replace(part, replacedParts[index]);
 

back/models/collection.js

@@ -4,4 +4,5 @@ module.exports = Self => {
     require('../methods/collection/getSectors')(Self);
     require('../methods/collection/setSaleQuantity')(Self);
     require('../methods/collection/previousLabel')(Self);
+    require('../methods/collection/getTickets')(Self);
 };

back/models/specs/vn-user.spec.js

@@ -1,4 +1,5 @@
 const models = require('vn-loopback/server/server').models;
+const ForbiddenError = require('vn-loopback/util/forbiddenError');
 
 describe('loopback model VnUser', () => {
     it('should return true if the user has the given role', async() => {
@@ -12,4 +13,42 @@ describe('loopback model VnUser', () => {
 
         expect(result).toBeFalsy();
     });
+
+    describe('userSecurity', () => {
+        const itManagementId = 115;
+        const hrId = 37;
+        const employeeId = 1;
+
+        it('should check if you are the same user', async() => {
+            const ctx = {options: {accessToken: {userId: employeeId}}};
+            await models.VnUser.userSecurity(ctx, employeeId);
+        });
+
+        it('should check for higher privileges', async() => {
+            const ctx = {options: {accessToken: {userId: itManagementId}}};
+            await models.VnUser.userSecurity(ctx, employeeId);
+        });
+
+        it('should check if you have medium privileges and the user email is not verified', async() => {
+            const ctx = {options: {accessToken: {userId: hrId}}};
+            await models.VnUser.userSecurity(ctx, employeeId);
+        });
+
+        it('should throw an error if you have medium privileges and the users email is verified', async() => {
+            const tx = await models.VnUser.beginTransaction({});
+            const ctx = {options: {accessToken: {userId: hrId}}};
+            try {
+                const options = {transaction: tx};
+                const userToUpdate = await models.VnUser.findById(1, null, options);
+                userToUpdate.updateAttribute('emailVerified', 1, options);
+
+                await models.VnUser.userSecurity(ctx, employeeId, options);
+                await tx.rollback();
+            } catch (error) {
+                await tx.rollback();
+
+                expect(error).toEqual(new ForbiddenError());
+            }
+        });
+    });
 });

back/models/url.js

@@ -0,0 +1,4 @@
+module.exports = Self => {
+    require('../methods/url/getByUser')(Self);
+    require('../methods/url/getUrl')(Self);
+};

back/models/vn-user.js

@@ -1,6 +1,7 @@
 const vnModel = require('vn-loopback/common/models/vn-model');
-const LoopBackContext = require('loopback-context');
 const {Email} = require('vn-print');
+const ForbiddenError = require('vn-loopback/util/forbiddenError');
+const LoopBackContext = require('loopback-context');
 
 module.exports = function(Self) {
     vnModel(Self);
@@ -12,6 +13,7 @@ module.exports = function(Self) {
     require('../methods/vn-user/privileges')(Self);
     require('../methods/vn-user/validate-auth')(Self);
     require('../methods/vn-user/renew-token')(Self);
+    require('../methods/vn-user/update-user')(Self);
 
     Self.definition.settings.acls = Self.definition.settings.acls.filter(acl => acl.property !== 'create');
 
@@ -90,11 +92,7 @@ module.exports = function(Self) {
     };
 
     Self.on('resetPasswordRequest', async function(info) {
-        const loopBackContext = LoopBackContext.getCurrentContext();
-        const httpCtx = {req: loopBackContext.active};
-        const httpRequest = httpCtx.req.http.req;
-        const headers = httpRequest.headers;
-        const origin = headers.origin;
+        const url = await Self.app.models.Url.getUrl();
 
         const defaultHash = '/reset-password?access_token=$token$';
         const recoverHashes = {
@@ -110,7 +108,7 @@ module.exports = function(Self) {
         const params = {
             recipient: info.email,
             lang: user.lang,
-            url: origin + '/#!' + recoverHash
+            url: url.slice(0, -1) + recoverHash
         };
 
         const options = Object.assign({}, info.options);
@@ -178,45 +176,75 @@ module.exports = function(Self) {
     Self.sharedClass._methods.find(method => method.name == 'changePassword').ctor.settings.acls
         .filter(acl => acl.property != 'changePassword');
 
-    // FIXME: https://redmine.verdnatura.es/issues/5761
-    // Self.afterRemote('prototype.patchAttributes', async(ctx, instance) => {
-    //     if (!ctx.args || !ctx.args.data.email) return;
+    Self.userSecurity = async(ctx, userId, options) => {
+        const models = Self.app.models;
+        const accessToken = ctx?.options?.accessToken || LoopBackContext.getCurrentContext().active.accessToken;
+        const ctxToken = {req: {accessToken}};
 
-    //     const loopBackContext = LoopBackContext.getCurrentContext();
-    //     const httpCtx = {req: loopBackContext.active};
-    //     const httpRequest = httpCtx.req.http.req;
-    //     const headers = httpRequest.headers;
-    //     const origin = headers.origin;
-    //     const url = origin.split(':');
+        if (userId === accessToken.userId) return;
 
-    //     class Mailer {
-    //         async send(verifyOptions, cb) {
-    //             const params = {
-    //                 url: verifyOptions.verifyHref,
-    //                 recipient: verifyOptions.to,
-    //                 lang: ctx.req.getLocale()
-    //             };
+        const myOptions = {};
+        if (typeof options == 'object')
+            Object.assign(myOptions, options);
 
-    //             const email = new Email('email-verify', params);
-    //             email.send();
+        const hasHigherPrivileges = await models.ACL.checkAccessAcl(ctxToken, 'VnUser', 'higherPrivileges', myOptions);
+        if (hasHigherPrivileges) return;
 
-    //             cb(null, verifyOptions.to);
-    //         }
-    //     }
+        const hasMediumPrivileges = await models.ACL.checkAccessAcl(ctxToken, 'VnUser', 'mediumPrivileges', myOptions);
+        const user = await models.VnUser.findById(userId, {fields: ['id', 'emailVerified']}, myOptions);
+        if (!user.emailVerified && hasMediumPrivileges) return;
 
-    //     const options = {
-    //         type: 'email',
-    //         to: instance.email,
-    //         from: {},
-    //         redirect: `${origin}/#!/account/${instance.id}/basic-data?emailConfirmed`,
-    //         template: false,
-    //         mailer: new Mailer,
-    //         host: url[1].split('/')[2],
-    //         port: url[2],
-    //         protocol: url[0],
-    //         user: Self
-    //     };
+        throw new ForbiddenError();
+    };
 
-    //     await instance.verify(options);
-    // });
+    Self.observe('after save', async ctx => {
+        const instance = ctx?.instance;
+        const newEmail = instance?.email;
+        const oldEmail = ctx?.hookState?.oldInstance?.email;
+        if (!ctx.isNewInstance && (!newEmail || !oldEmail || newEmail == oldEmail)) return;
+
+        const loopBackContext = LoopBackContext.getCurrentContext();
+        const httpCtx = {req: loopBackContext.active};
+        const httpRequest = httpCtx.req.http.req;
+        const headers = httpRequest.headers;
+        const origin = headers.origin;
+        const url = origin.split(':');
+
+        const env = process.env.NODE_ENV;
+        const liliumUrl = await Self.app.models.Url.findOne({
+            where: {and: [
+                {appName: 'lilium'},
+                {environment: env}
+            ]}
+        });
+
+        class Mailer {
+            async send(verifyOptions, cb) {
+                const params = {
+                    url: verifyOptions.verifyHref,
+                    recipient: verifyOptions.to
+                };
+
+                const email = new Email('email-verify', params);
+                email.send();
+
+                cb(null, verifyOptions.to);
+            }
+        }
+
+        const options = {
+            type: 'email',
+            to: newEmail,
+            from: {},
+            redirect: `${liliumUrl.url}verifyEmail?userId=${instance.id}`,
+            template: false,
+            mailer: new Mailer,
+            host: url[1].split('/')[2],
+            port: url[2],
+            protocol: url[0],
+            user: Self
+        };
+
+        await instance.verify(options, ctx.options);
+    });
 };

back/models/vn-user.json

@@ -13,19 +13,12 @@
 			"type": "number",
 			"id": true
 		},
-		"name": {
+        "name": {
 			"type": "string",
 			"required": true
 		},
 		"username": {
-			"type": "string",
-			"mysql": {
-				"columnName": "name"
-			}
-		},
-		"password": {
-			"type": "string",
-			"required": true
+			"type": "string"
 		},
 		"roleFk": {
 			"type": "number",
@@ -45,6 +38,9 @@
 		"email": {
 			"type": "string"
 		},
+		"emailVerified": {
+			"type": "boolean"
+		},
 		"created": {
 			"type": "date"
 		},
@@ -84,7 +80,7 @@
 		"worker": {
 			"type": "hasOne",
 			"model": "Worker",
-			"foreignKey": "userFk"
+			"foreignKey": "id"
 		},
 		"userConfig": {
 			"type": "hasOne",
@@ -144,7 +140,8 @@
                 "image",
                 "hasGrant",
                 "realm",
-                "email"
+                "email",
+				"emailVerified"
             ]
         }
     }

db/.archive/224903/00-timeBusiness_calculate.sql

@@ -34,7 +34,7 @@ BEGIN
 				isAllowedToWork
 			FROM(SELECT t.dated,
 						b.id businessFk,
-						w.userFk,
+						w.id,
 						b.departmentFk,
 						IF(j.start = NULL, NULL, GROUP_CONCAT(DISTINCT LEFT(j.start,5) ORDER BY j.start ASC SEPARATOR ' - ')) hourStart ,
 						IF(j.start = NULL, NULL, GROUP_CONCAT(DISTINCT LEFT(j.end,5) ORDER BY j.end ASC SEPARATOR ' - ')) hourEnd,
@@ -48,14 +48,14 @@ BEGIN
 					FROM time t
 						LEFT JOIN business b ON t.dated BETWEEN b.started AND IFNULL(b.ended, vDatedTo)
 						LEFT JOIN worker w ON w.id = b.workerFk
-						JOIN tmp.`user` u ON u.userFK = w.userFK
+						JOIN tmp.`user` u ON u.userFK = w.id
 						LEFT JOIN workCenter wc ON wc.id = b.workcenterFK
 						LEFT JOIN postgresql.calendar_labour_type cl ON cl.calendar_labour_type_id = b.calendarTypeFk
 						LEFT JOIN postgresql.journey j ON j.business_id = b.id AND j.day_id = WEEKDAY(t.dated) + 1
 						LEFT JOIN postgresql.calendar_employee ce ON ce.businessFk = b.id AND ce.date = t.dated
 						LEFT JOIN absenceType at2 ON at2.id = ce.calendar_state_id
 					WHERE t.dated BETWEEN vDatedFrom AND vDatedTo
-					GROUP BY w.userFk, t.dated
+					GROUP BY w.id, t.dated
 				)sub;
 
 	UPDATE tmp.timeBusinessCalculate t

db/.archive/231401/00-clientBeforeUpdate.sql

@@ -46,7 +46,7 @@ BEGIN
                     CONCAT('Cliente ', NEW.id),
 					CONCAT('Recibida la documentación: ', vText)
 				FROM worker w
-					LEFT JOIN account.user u ON w.userFk = u.id AND u.active
+					LEFT JOIN account.user u ON w.id = u.id AND u.active
 					LEFT JOIN account.account ac ON ac.id = u.id
 				WHERE w.id = NEW.salesPersonFk;
 	END IF;

db/.archive/232601/00-useSpecificsAcls.sql

@@ -3,11 +3,11 @@ INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `pri
         ('Ticket', 'editDiscount', 'WRITE', 'ALLOW', 'ROLE', 'claimManager'),
         ('Ticket', 'editDiscount', 'WRITE', 'ALLOW', 'ROLE', 'salesPerson'),
         ('Ticket', 'isRoleAdvanced', '*', 'ALLOW', 'ROLE', 'salesAssistant'),
-        ('Ticket', 'isRoleAdvanced', '*', 'ALLOW', 'ROLE', 'deliveryBoss'),
+        ('Ticket', 'isRoleAdvanced', '*', 'ALLOW', 'ROLE', 'deliveryAssistant'),
         ('Ticket', 'isRoleAdvanced', '*', 'ALLOW', 'ROLE', 'buyer'),
         ('Ticket', 'isRoleAdvanced', '*', 'ALLOW', 'ROLE', 'claimManager'),
         ('Ticket', 'deleteTicketWithPartPrepared', 'WRITE', 'ALLOW', 'ROLE', 'salesAssistant'),
-        ('Ticket', 'editZone', 'WRITE', 'ALLOW', 'ROLE', 'deliveryBoss'),
+        ('Ticket', 'editZone', 'WRITE', 'ALLOW', 'ROLE', 'deliveryAssistant'),
         ('State', 'editableStates', 'READ', 'ALLOW', 'ROLE', 'employee'),
         ('State', 'seeEditableStates', 'READ', 'ALLOW', 'ROLE', 'administrative'),
         ('State', 'seeEditableStates', 'READ', 'ALLOW', 'ROLE', 'production'),

db/changes/233801/01-deviceLog_acl.sql

@@ -1,6 +1,6 @@
 
-ALTER TABLE `vn`.`deviceLog` ADD serialNumber varchar(45) DEFAULT NULL NULL;
+-- ALTER TABLE `vn`.`deviceLog` ADD serialNumber varchar(45) DEFAULT NULL NULL;
 
-INSERT INTO `salix`.`ACL` ( model, property, accessType, permission, principalType, principalId) 
-VALUES( 'DeviceLog', 'create', 'WRITE', 'ALLOW', 'ROLE', 'employee');
+-- INSERT INTO `salix`.`ACL` ( model, property, accessType, permission, principalType, principalId)
+-- VALUES( 'DeviceLog', 'create', 'WRITE', 'ALLOW', 'ROLE', 'employee');
 

db/changes/233802/00-collectionGetTicketsACL.sql

@@ -0,0 +1,3 @@
+INSERT INTO `salix`.`ACL`(model, property, accessType, permission, principalType, principalId)
+	VALUES
+        ('Collection', 'getTickets', 'WRITE', 'ALLOW', 'ROLE', 'employee');

db/changes/234001/00-aclClient.sql

@@ -0,0 +1,42 @@
+-- No encuentro este back
+DELETE FROM `salix`.`ACL` WHERE property = 'activeWorkersWithRole';
+DELETE FROM `salix`.`ACL` WHERE model = 'Client' AND property = '*';
+
+INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
+	VALUES ('Client','findOne','READ','ALLOW','ROLE','employee');
+INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
+	VALUES ('Client','findById','READ','ALLOW','ROLE','employee');
+INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
+	VALUES ('Client','find','READ','ALLOW','ROLE','employee');
+INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
+	VALUES ('Client','exists','READ','ALLOW','ROLE','employee');
+INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
+	VALUES ('Client','__get__addresses','READ','ALLOW','ROLE','employee');
+
+DELETE FROM `salix`.`ACL` WHERE model = 'Client' AND property = '*' AND accessType IN (
+    'campaignMetricsEmail',
+    'campaignMetricsPdf',
+    'clientDebtStatementEmail',
+    'clientDebtStatementHtml',
+    'clientDebtStatementPdf',
+	'clientWelcomeEmail',
+	'clientWelcomeHtml',
+	'consumptionSendQueued',
+	'creditRequestEmail',
+	'creditRequestHtml',
+	'creditRequestPdf',
+	'getClientOrSupplierReference',
+	'incotermsAuthorizationEmail',
+	'incotermsAuthorizationHtml',
+	'incotermsAuthorizationPdf',
+	'letterDebtorNdEmail',
+	'letterDebtorNdHtml',
+	'letterDebtorPdf',
+	'letterDebtorStEmail',
+	'letterDebtorStHtml',
+	'printerSetupEmail',
+	'printerSetupHtml',
+	'sepaCoreEmail',
+	'setPassword',
+	'updateUser',
+	'uploadFile');

db/changes/234001/00-dropUserFk.sql

@@ -0,0 +1,4 @@
+ALTER TABLE `vn`.`worker` DROP KEY `user_id_UNIQUE`;
+
+ALTER TABLE `vn`.`worker` DROP COLUMN `userFk`;
+

db/changes/234001/00-models.sql

@@ -0,0 +1,11 @@
+INSERT INTO `salix`.`ACL` ( model, property, accessType, permission, principalType, principalId)
+    VALUES
+    ('ExpeditionMistakeType', '*', 'READ', 'ALLOW', 'ROLE', 'employee'),
+    ('WorkerMistakeType', '*', 'READ', 'ALLOW', 'ROLE', 'employee'),
+    ('ExpeditionMistake','*','WRITE','ALLOW','ROLE','employee'),
+    ('WorkerMistake', '*', 'WRITE', 'ALLOW', 'ROLE', 'coolerBoss'),
+    ('MistakesTypes', '*', 'WRITE', 'ALLOW', 'ROLE', 'coolerBoss'),
+    ('MistakeType','*','READ','ALLOW','ROLE','employee'),
+    ('MachineWorker', '*', 'READ', 'ALLOW', 'ROLE', 'coolerAssist'),
+    ('Printer','*','READ','ALLOW','ROLE','employee'),
+    ('SaleMistake', '*', 'WRITE', 'ALLOW', 'ROLE', 'production');

db/changes/234001/00-timeBusiness_calculate.sql

@@ -0,0 +1,86 @@
+DELIMITER $$
+$$
+CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn`.`timeBusiness_calculate`(vDatedFrom DATETIME, vDatedTo DATETIME)
+BEGIN
+/**
+ * Horas que debe trabajar un empleado según contrato y día.
+ * @param vDatedFrom workerTimeControl
+ * @param vDatedTo workerTimeControl
+ * @table tmp.user(userFk)
+ * @return tmp.timeBusinessCalculate
+ */
+	DROP TEMPORARY TABLE IF EXISTS tmp.timeBusinessCalculate;
+	CREATE TEMPORARY TABLE tmp.timeBusinessCalculate
+		(INDEX (departmentFk))
+		SELECT dated,
+				businessFk,
+				sub.id  userFk,
+				departmentFk,
+				hourStart,
+				hourEnd,
+				timeTable,
+				timeWorkSeconds,
+				SEC_TO_TIME(timeWorkSeconds) timeWorkSexagesimal,
+				timeWorkSeconds / 3600 timeWorkDecimal,
+				timeWorkSeconds timeBusinessSeconds,
+				SEC_TO_TIME(timeWorkSeconds) timeBusinessSexagesimal,
+				timeWorkSeconds / 3600 timeBusinessDecimal,
+				name type,
+				permissionRate,
+				hoursWeek,
+				discountRate,
+				isAllowedToWork
+			FROM(SELECT t.dated,
+						b.id businessFk,
+						w.id,
+						b.departmentFk,
+						IF(bs.started = NULL, NULL, GROUP_CONCAT(DISTINCT LEFT(bs.started,5) ORDER BY bs.started ASC SEPARATOR ' - ')) hourStart ,
+						IF(bs.started = NULL, NULL, GROUP_CONCAT(DISTINCT LEFT(bs.ended,5) ORDER BY bs.ended ASC SEPARATOR ' - ')) hourEnd,
+						IF(bs.started = NULL, NULL, GROUP_CONCAT(DISTINCT LEFT(bs.started,5), " - ",  LEFT(bs.ended,5) ORDER BY bs.ended ASC SEPARATOR ' - ')) timeTable,
+						IF(bs.started = NULL, 0, IFNULL(SUM(TIME_TO_SEC(bs.ended)) - SUM(TIME_TO_SEC(bs.started)), 0)) timeWorkSeconds,
+						at2.name,
+						at2.permissionRate,
+						at2.discountRate,
+						ct.hoursWeek hoursWeek,
+						at2.isAllowedToWork
+					FROM time t
+						LEFT JOIN business b ON t.dated BETWEEN b.started AND IFNULL(b.ended, vDatedTo)
+						LEFT JOIN worker w ON w.id = b.workerFk
+						JOIN tmp.`user` u ON u.userFK = w.id
+						LEFT JOIN workCenter wc ON wc.id = b.workcenterFK
+						LEFT JOIN calendarType ct ON ct.id = b.calendarTypeFk
+						LEFT JOIN businessSchedule bs ON bs.businessFk = b.id AND bs.weekday = WEEKDAY(t.dated) + 1
+						LEFT JOIN calendar c ON c.businessFk = b.id AND c.dated = t.dated
+						LEFT JOIN absenceType at2 ON at2.id = c.dayOffTypeFk
+					WHERE t.dated BETWEEN vDatedFrom AND vDatedTo
+					GROUP BY w.id, t.dated
+				)sub;
+
+	UPDATE tmp.timeBusinessCalculate t
+		LEFT JOIN businessSchedule bs ON bs.businessFk = t.businessFk
+		SET t.timeWorkSeconds = t.hoursWeek / 5 * 3600,
+			t.timeWorkSexagesimal = SEC_TO_TIME( t.hoursWeek / 5 * 3600),
+			t.timeWorkDecimal =  t.hoursWeek / 5,
+			t.timeBusinessSeconds = t.hoursWeek / 5 * 3600,
+			t.timeBusinessSexagesimal = SEC_TO_TIME( t.hoursWeek / 5 * 3600),
+			t.timeBusinessDecimal = t.hoursWeek / 5
+		WHERE DAYOFWEEK(t.dated) IN(2,3,4,5,6) AND bs.id IS NULL  ;
+
+	UPDATE tmp.timeBusinessCalculate t
+		SET t.timeWorkSeconds = t.timeWorkSeconds - (t.timeWorkSeconds * permissionRate)  ,
+			t.timeWorkSexagesimal = SEC_TO_TIME ((t.timeWorkDecimal - (t.timeWorkDecimal * permissionRate)) * 3600),
+			t.timeWorkDecimal = t.timeWorkDecimal - (t.timeWorkDecimal * permissionRate)
+		WHERE permissionRate <> 0;
+
+	UPDATE tmp.timeBusinessCalculate t
+			JOIN calendarHolidays ch ON ch.dated = t.dated
+			JOIN business b ON b.id = t.businessFk
+				AND b.workcenterFk = ch.workcenterFk
+		SET t.timeWorkSeconds = 0,
+			t.timeWorkSexagesimal = 0,
+			t.timeWorkDecimal = 0,
+			t.permissionrate = 1,
+			t.type = 'Festivo'
+		WHERE t.type IS NULL;
+END$$
+DELIMITER ;

db/changes/234001/00-updateAfterBusinnesInsert.sql

@@ -0,0 +1,57 @@
+DELIMITER $$
+CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `account`.`account_enable`(vSelf INT)
+BEGIN
+/**
+ * Enables a worker's account and sets up email configurations.
+ */
+    UPDATE user
+        SET active = TRUE
+        WHERE id = vSelf;
+
+    INSERT IGNORE INTO account
+        SET id = vSelf;
+
+    INSERT IGNORE INTO mailAliasAccount (mailAlias, account)
+        SELECT  id, vSelf
+            FROM mailAlias
+            WHERE alias = 'general';
+
+    INSERT IGNORE INTO mailForward (account, forwardTo)
+        SELECT vSelf, email
+            FROM user
+            WHERE id = vSelf;
+END$$
+DELIMITER ;
+
+DELIMITER $$
+CREATE OR REPLACE DEFINER=`root`@`localhost` PROCEDURE `vn`.`worker_updateBusiness`(vSelf INT)
+BEGIN
+/**
+ * Activates an account and configures its email settings.
+ *
+ * @param vSelf account id.
+ */
+    DECLARE vOldBusinessFk INT;
+    DECLARE vNewBusinessFk INT;
+
+    SELECT businessFk INTO vOldBusinessFk FROM worker WHERE id = vSelf;
+
+    SELECT id INTO vNewBusinessFk 
+        FROM business 
+        WHERE workerFk = vSelf
+            AND util.VN_CURDATE() BETWEEN started AND IFNULL(ended, util.VN_CURDATE());
+
+    UPDATE worker
+        SET businessFk = vNewBusinessFk
+        WHERE id = vSelf;
+
+    IF NOT (vOldBusinessFk <=> vNewBusinessFk) THEN
+        IF vNewBusinessFk IS NULL THEN 
+            CALL workerDisable(vSelf);
+        END IF;
+        IF vOldBusinessFk IS NULL THEN 
+            CALL account.account_enable(vSelf);
+        END IF;
+    END IF;
+END$$
+DELIMITER ;