From 2a6b509a78e864778db794d8e5c32092474ad51d Mon Sep 17 00:00:00 2001
From: jorgep <jorgep@verdnatura.es>
Date: Fri, 12 Jan 2024 09:54:18 +0100
Subject: [PATCH] fix: refs #6656 change acls

---
 db/changes/240202/.gitkeep                         |  0
 db/changes/240202/00-aclWorkerTimeControl.sql      | 14 ++++++++++++++
 .../methods/worker-time-control/deleteTimeEntry.js |  2 +-
 3 files changed, 15 insertions(+), 1 deletion(-)
 create mode 100644 db/changes/240202/.gitkeep
 create mode 100644 db/changes/240202/00-aclWorkerTimeControl.sql

diff --git a/db/changes/240202/.gitkeep b/db/changes/240202/.gitkeep
new file mode 100644
index 000000000..e69de29bb
diff --git a/db/changes/240202/00-aclWorkerTimeControl.sql b/db/changes/240202/00-aclWorkerTimeControl.sql
new file mode 100644
index 000000000..5ccb3131d
--- /dev/null
+++ b/db/changes/240202/00-aclWorkerTimeControl.sql
@@ -0,0 +1,14 @@
+DELETE FROM salix.ACL
+    WHERE model = 'WorkerTimeControl' 
+        AND property IN ('*','addTime');
+        
+INSERT INTO `salix`.`ACL` (model, property, accessType, permission, principalType, principalId)
+    VALUES 
+        ('WorkerTimeControl', 'addTimeEntry', 'WRITE', 'ALLOW', 'ROLE', 'employee'),
+        ('WorkerTimeControl', 'deleteTimeEntry', 'WRITE', 'ALLOW', 'ROLE', 'employee'),
+        ('WorkerTimeControl', 'updateTimeEntry', 'WRITE', 'ALLOW', 'ROLE', 'employee'),
+        ('WorkerTimeControl', 'sendMail', 'WRITE', 'ALLOW', 'ROLE', 'employee'),
+        ('WorkerTimeControl', 'updateWorkerTimeControlMail', 'WRITE', 'ALLOW', 'ROLE', 'employee'),
+        ('WorkerTimeControl', 'weeklyHourRecordEmail', 'WRITE', 'ALLOW', 'ROLE', 'employee'),
+        ('WorkerTimeControl', 'getMailStates', 'READ', 'ALLOW', 'ROLE', 'employee'),
+        ('WorkerTimeControl', 'resendWeeklyHourEmail', 'WRITE', 'ALLOW', 'ROLE', 'employee');
diff --git a/modules/worker/back/methods/worker-time-control/deleteTimeEntry.js b/modules/worker/back/methods/worker-time-control/deleteTimeEntry.js
index 8f9541596..3e1d731bb 100644
--- a/modules/worker/back/methods/worker-time-control/deleteTimeEntry.js
+++ b/modules/worker/back/methods/worker-time-control/deleteTimeEntry.js
@@ -3,7 +3,7 @@ const UserError = require('vn-loopback/util/user-error');
 module.exports = Self => {
     Self.remoteMethodCtx('deleteTimeEntry', {
         description: 'Deletes a manual time entry for a worker if the user role is above the worker',
-        accessType: 'READ',
+        accessType: 'WRITE',
         accepts: [{
             arg: 'id',
             type: 'number',
-- 
2.40.1