verdnatura/salix
verdnatura
/
salix
3
4
Fork 0
Code Issues Pull Requests 57 Releases Wiki Activity

#6286 set right workerTimeControl acls #2557

Merged
jorgep merged 10 commits from 6286-setRightWorkerTimeControlAcls into dev 2024-06-27 08:50:10 +00:00
Conversation 1 Commits 10 Files Changed 11 +87 -43
9 changed files with 87 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 784bd91e04 - Show all commits

18
db/versions/11100-silverGerbera/00-modifyTimeControlAcls.sql Normal file
View File

@ -0,0 +1,18 @@
UPDATE salix.ACL
SET principalId = 'teamBoss'
WHERE property IN ('addTimeEntry', 'deleteTimeEntry', 'updateTimeEntry', 'weeklyHourRecordEmail');
UPDATE salix.ACL SET principalId = 'developer' WHERE property = 'sendMail';
UPDATE salix.ACL
SET property = 'updateMailState'
WHERE property = 'updateWorkerTimeControlMail';
INSERT INTO salix.ACL(model, property, accessType, permission, principalType, principalId)
VALUES
('WorkerTimeControl', 'addTimeEntry', 'WRITE', 'ALLOW', 'ROLE', 'hr'),
('WorkerTimeControl', 'deleteTimeEntry', 'WRITE', 'ALLOW', 'ROLE', 'hr'),
('WorkerTimeControl', 'updateTimeEntry', 'WRITE', 'ALLOW', 'ROLE', 'hr'),
('WorkerTimeControl', 'weeklyHourRecordEmail', 'WRITE', 'ALLOW', 'ROLE', 'hr'),
('WorkerTimeControl', 'sendMail', 'WRITE', 'ALLOW', 'ROLE', 'hr'),
('WorkerTimeControl', 'updateMailState', 'WRITE', 'ALLOW', 'ROLE', 'hr');

4
modules/worker/back/methods/worker-time-control/getMailStates.js
View File

@ -1,3 +1,5 @@
const UserError = require('vn-loopback/util/user-error');
module.exports = Self => { module.exports = Self => {
Self.remoteMethodCtx('getMailStates', { Self.remoteMethodCtx('getMailStates', {
description: 'Get the states of a month about time control mail', description: 'Get the states of a month about time control mail',
@ -36,6 +38,8 @@ module.exports = Self => {
if (typeof options == 'object') if (typeof options == 'object')
Object.assign(myOptions, options); Object.assign(myOptions, options);
if (!await models.Worker.isSubordinate(ctx, workerId)) throw new UserError(`You don't have enough privileges`);
const times = await models.Time.find({ const times = await models.Time.find({
fields: ['week'], fields: ['week'],
where: { where: {

4
modules/worker/back/methods/worker-time-control/resendWeeklyHourEmail.js
View File

@ -1,4 +1,5 @@
const moment = require('moment'); const moment = require('moment');
const UserError = require('vn-loopback/util/user-error');
module.exports = Self => { module.exports = Self => {
Self.remoteMethodCtx('resendWeeklyHourEmail', { Self.remoteMethodCtx('resendWeeklyHourEmail', {
@ -35,6 +36,9 @@ module.exports = Self => {
const yearNumber = dated.getFullYear(); const yearNumber = dated.getFullYear();
const weekNumber = moment(dated).isoWeek(); const weekNumber = moment(dated).isoWeek();
if (!await models.Worker.isSubordinate(ctx, workerId) || workerId === ctx.req.accessToken.userId)
throw new UserError(`You don't have enough privileges`);
jgallego marked this conversation as resolved
jgallego commented 2024-06-25 17:27:53 +00:00
Review
Copy Link

Aquí uno se puede autoenviar sus fichadas, se quiere eso?

Aquí uno se puede autoenviar sus fichadas, se quiere eso?
jorgep commented 2024-06-26 07:37:01 +00:00
Review
Copy Link

Aquí solo se puede si eres teamBoss. Lo hablé con @carlosap, quedamos en hacerlo así porque al llamar deleteTimeEntry, se llama a resendWeelyHourEmail y falla esa parte.

Aquí solo se puede si eres teamBoss. Lo hablé con @carlosap, quedamos en hacerlo así porque al llamar deleteTimeEntry, se llama a resendWeelyHourEmail y falla esa parte.
const workerTimeControlMail = await models.WorkerTimeControlMail.findOne({ const workerTimeControlMail = await models.WorkerTimeControlMail.findOne({
where: { where: {
workerFk: workerId, workerFk: workerId,

42
modules/worker/back/methods/worker-time-control/specs/getMailStates.spec.js
View File

@ -1,28 +1,36 @@
const models = require('vn-loopback/server/server').models; const models = require('vn-loopback/server/server').models;
describe('workerTimeControl getMailStates()', () => { describe('workerTimeControl getMailStates()', () => {
const workerId = 9; const developerId = 9;
const ctx = {args: { const developerBossId = 120;
month: 12, const employeeId = 1;
year: 2000
}}; let ctx;
let tx;
let opts;
beforeEach(async() => {
ctx = {req: {accessToken: {userId: developerBossId}}, args: {month: 12, year: 2000}};
tx = await models.WorkerTimeControl.beginTransaction({});
opts = {transaction: tx};
});
afterEach(async() => await tx.rollback());
it('should get the states of a month about time control mail', async() => { it('should get the states of a month about time control mail', async() => {
const tx = await models.WorkerTimeControl.beginTransaction({}); const response = await models.WorkerTimeControl.getMailStates(ctx, developerId, opts);
expect(response[0].state).toEqual('REVISE');
expect(response[1].state).toEqual('SENDED');
expect(response[2].state).toEqual('CONFIRMED');
});
it('should throw an error if they are not subordinates', async() => {
ctx.req.accessToken.userId = employeeId;
try { try {
const options = {transaction: tx}; await models.WorkerTimeControl.getMailStates(ctx, developerId, opts);
const response = await models.WorkerTimeControl.getMailStates(ctx, workerId, options);
expect(response[0].state).toEqual('REVISE');
expect(response[1].state).toEqual('SENDED');
expect(response[2].state).toEqual('CONFIRMED');
await tx.rollback();
} catch (e) { } catch (e) {
await tx.rollback(); expect(e.message).toEqual('You don\'t have enough privileges');
throw e;
} }
}); });
}); });

22
modules/worker/back/methods/worker-time-control/specs/updateWorkerTimeControlMail.spec.js → modules/worker/back/methods/worker-time-control/specs/updateMailState.spec.js
View File

@ -1,10 +1,11 @@
const models = require('vn-loopback/server/server').models; const models = require('vn-loopback/server/server').models;
describe('updateWorkerTimeControlMail()', () => { describe('updateMailState()', () => {
const developerId = 9;
const employeeId = 1;
it('should update WorkerTimeControlMail if exist record', async() => { it('should update WorkerTimeControlMail if exist record', async() => {
const tx = await models.WorkerTimeControlMail.beginTransaction({}); const tx = await models.WorkerTimeControlMail.beginTransaction({});
const args = { const args = {
workerId: 9,
week: 50, week: 50,
year: 2000, year: 2000,
state: 'CONFIRMED' state: 'CONFIRMED'
@ -15,15 +16,15 @@ describe('updateWorkerTimeControlMail()', () => {
const options = {transaction: tx}; const options = {transaction: tx};
const beforeMail = await models.WorkerTimeControlMail.findOne({ const beforeMail = await models.WorkerTimeControlMail.findOne({
where: { where: {
workerFk: args.workerId, workerFk: developerId,
year: args.year, year: args.year,
week: args.week, week: args.week,
} }
}, options); }, options);
await models.WorkerTimeControl.updateWorkerTimeControlMail(ctx, options); await models.WorkerTimeControl.updateMailState(ctx, developerId, options);
const afterMail = await models.WorkerTimeControlMail.findOne({ const afterMail = await models.WorkerTimeControlMail.findOne({
where: { where: {
workerFk: args.workerId, workerFk: developerId,
year: args.year, year: args.year,
week: args.week, week: args.week,
} }
@ -42,7 +43,6 @@ describe('updateWorkerTimeControlMail()', () => {
it('should insert WorkerTimeControlMail if exist record', async() => { it('should insert WorkerTimeControlMail if exist record', async() => {
const tx = await models.WorkerTimeControlMail.beginTransaction({}); const tx = await models.WorkerTimeControlMail.beginTransaction({});
const args = { const args = {
workerId: 1,
week: 51, week: 51,
year: 2000, year: 2000,
state: 'SENDED' state: 'SENDED'
@ -53,15 +53,15 @@ describe('updateWorkerTimeControlMail()', () => {
const options = {transaction: tx}; const options = {transaction: tx};
const beforeMail = await models.WorkerTimeControlMail.find({ const beforeMail = await models.WorkerTimeControlMail.find({
where: { where: {
workerFk: args.workerId, workerFk: employeeId,
year: args.year, year: args.year,
week: args.week, week: args.week,
} }
}, options); }, options);
await models.WorkerTimeControl.updateWorkerTimeControlMail(ctx, options); await models.WorkerTimeControl.updateMailState(ctx, employeeId, options);
const afterMail = await models.WorkerTimeControlMail.find({ const afterMail = await models.WorkerTimeControlMail.find({
where: { where: {
workerFk: args.workerId, workerFk: employeeId,
year: args.year, year: args.year,
week: args.week, week: args.week,
} }
@ -80,7 +80,7 @@ describe('updateWorkerTimeControlMail()', () => {
it('should throw error if not exist any record in this week', async() => { it('should throw error if not exist any record in this week', async() => {
const tx = await models.WorkerTimeControlMail.beginTransaction({}); const tx = await models.WorkerTimeControlMail.beginTransaction({});
const ctx = {args: { const ctx = {args: {
workerId: 1, workerId: employeeId,
week: 1, week: 1,
year: 0, year: 0,
state: 'SENDED' state: 'SENDED'
@ -89,7 +89,7 @@ describe('updateWorkerTimeControlMail()', () => {
let error; let error;
try { try {
const options = {transaction: tx}; const options = {transaction: tx};
await models.WorkerTimeControl.updateWorkerTimeControlMail(ctx, options); await models.WorkerTimeControl.updateMailState(ctx, employeeId, options);
await tx.rollback(); await tx.rollback();
} catch (e) { } catch (e) {

15
modules/worker/back/methods/worker-time-control/updateWorkerTimeControlMail.js → modules/worker/back/methods/worker-time-control/updateMailState.js
View File

@ -1,12 +1,13 @@
const UserError = require('vn-loopback/util/user-error'); const UserError = require('vn-loopback/util/user-error');
module.exports = Self => { module.exports = Self => {
Self.remoteMethodCtx('updateWorkerTimeControlMail', { Self.remoteMethodCtx('updateMailState', {
description: 'Updates the state of WorkerTimeControlMail', description: 'Updates the state of WorkerTimeControlMail',
accessType: 'WRITE', accessType: 'WRITE',
accepts: [{ accepts: [{
arg: 'workerId', arg: 'id',
type: 'number', type: 'number',
required: true description: 'The worker id',
http: {source: 'path'}
}, },
{ {
arg: 'year', arg: 'year',
@ -32,12 +33,12 @@ module.exports = Self => {
root: true root: true
}, },
http: { http: {
path: `/updateWorkerTimeControlMail`, path: `/:id/updateMailState`,
verb: 'POST' verb: 'POST'
} }
}); });
Self.updateWorkerTimeControlMail = async(ctx, options) => { Self.updateMailState = async(ctx, id, options) => {
const models = Self.app.models; const models = Self.app.models;
const args = ctx.args; const args = ctx.args;
const myOptions = {}; const myOptions = {};
@ -59,14 +60,14 @@ module.exports = Self => {
{ {
year: args.year, year: args.year,
week: args.week, week: args.week,
workerFk: args.workerId workerFk: id
}, },
{ {
state: args.state, state: args.state,
reason: args.reason, reason: args.reason,
year: args.year, year: args.year,
week: args.week, week: args.week,
workerFk: args.workerId workerFk: id
}, },
myOptions); myOptions);

2
modules/worker/back/methods/worker-time-control/weeklyHourRecordEmail.js
View File

@ -61,7 +61,7 @@ module.exports = Self => {
const url = `${salix.url}worker/${args.workerId}/time-control?timestamp=${timestamp}`; const url = `${salix.url}worker/${args.workerId}/time-control?timestamp=${timestamp}`;
ctx.args.url = url; ctx.args.url = url;
await models.WorkerTimeControl.updateWorkerTimeControlMail(ctx, myOptions); await models.WorkerTimeControl.updateMailState(ctx, ctx.workerId, myOptions);
return Self.sendTemplate(ctx, 'weekly-hour-record'); return Self.sendTemplate(ctx, 'weekly-hour-record');
}; };

2
modules/worker/back/models/worker-time-control.js
View File

@ -6,7 +6,7 @@ module.exports = Self => {
require('../methods/worker-time-control/deleteTimeEntry')(Self); require('../methods/worker-time-control/deleteTimeEntry')(Self);
require('../methods/worker-time-control/updateTimeEntry')(Self); require('../methods/worker-time-control/updateTimeEntry')(Self);
require('../methods/worker-time-control/sendMail')(Self); require('../methods/worker-time-control/sendMail')(Self);
require('../methods/worker-time-control/updateWorkerTimeControlMail')(Self); require('../methods/worker-time-control/updateMailState')(Self);
require('../methods/worker-time-control/weeklyHourRecordEmail')(Self); require('../methods/worker-time-control/weeklyHourRecordEmail')(Self);
require('../methods/worker-time-control/getMailStates')(Self); require('../methods/worker-time-control/getMailStates')(Self);
require('../methods/worker-time-control/resendWeeklyHourEmail')(Self); require('../methods/worker-time-control/resendWeeklyHourEmail')(Self);

19
modules/worker/back/models/worker-time-control.json
View File

@ -36,15 +36,24 @@
"model": "VnUser", "model": "VnUser",
"foreignKey": "userFk" "foreignKey": "userFk"
}, },
"worker": { "worker": {
"type": "hasOne", "type": "hasOne",
"model": "Worker", "model": "Worker",
"foreignKey": "id" "foreignKey": "id"
}, },
"warehouse": { "warehouse": {
"type": "belongsTo", "type": "belongsTo",
"model": "Warehouse", "model": "Warehouse",
"foreignKey": "warehouseFk" "foreignKey": "warehouseFk"
} }
} },
"acls": [
{
"property": "updateMailState",
"accessType": "WRITE",
"permission": "ALLOW",
"principalType": "ROLE",
"principalId": "$owner"
jgallego commented 2024-06-25 17:31:19 +00:00
Review
Copy Link

Pregunta a @alexm si esto funciona

Pregunta a @alexm si esto funciona
alexm commented 2024-06-26 06:18:18 +00:00
Review
Copy Link

Si $owner, hace que solo tenga permiso para el propio usuario. Para que funcione la tabla debe tener relación con la tabla user (vn-user)

Si $owner, hace que solo tenga permiso para el propio usuario. Para que funcione la tabla debe tener relación con la tabla user (vn-user)
}
]
} }