verdnatura/salix
verdnatura
/
salix
3
4
Fork 0
Code Issues Pull Requests 57 Releases Wiki Activity

#7648 - Customer View Entries #2659

Merged
jsegarra merged 17 commits from 7648_dev_customerEntries into dev 2024-07-03 07:29:02 +00:00
Conversation 0 Commits 17 Files Changed 8 +212 -50
8 changed files with 212 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
db/dump/fixtures.before.sql
View File

@ -3911,4 +3911,3 @@ VALUES(1, '');
INSERT INTO dipole.expedition_PrintOut (expeditionFk, ticketFk, addressFk, street, postalCode, city, shopName, isPrinted, created, printerFk, routeFk, parkingCode, INSERT INTO dipole.expedition_PrintOut (expeditionFk, ticketFk, addressFk, street, postalCode, city, shopName, isPrinted, created, printerFk, routeFk, parkingCode,
truckName, clientFk, phone, province, agency, m3, workerCode, itemFk, quantity, longName, shelvingFk, comments) truckName, clientFk, phone, province, agency, m3, workerCode, itemFk, quantity, longName, shelvingFk, comments)
VALUES(1, 1, 0, ' ', ' ', ' ', ' ', 0, '2001-01-01 00:00:00', 1, 0, ' ', ' ', 0, NULL, '', NULL, 0.000, NULL, 10, NULL, NULL, 'NCC', NULL); VALUES(1, 1, 0, ' ', ' ', ' ', ' ', 0, '2001-01-01 00:00:00', 1, 0, ' ', ' ', 0, NULL, '', NULL, 0.000, NULL, 10, NULL, NULL, 'NCC', NULL);

21
db/versions/11118-limeCymbidium/00-firstScript.sql Normal file
View File

@ -0,0 +1,21 @@
INSERT IGNORE INTO salix.ACL (`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`)
VALUES ('Entry','filter','READ','ALLOW','ROLE','supplier');
jsegarra marked this conversation as resolved Outdated
jgallego commented 2024-07-01 13:34:24 +00:00
Outdated
Review
Copy Link

Creo que esto si eres un customer te dejaria ver todas la entries
solucion:
VALUES ('Entry','filter','READ','ALLOW','ROLE','supplier');

Crear rol supplier que hereda de account igual que customer.

Creo que esto si eres un customer te dejaria ver todas la entries solucion: VALUES ('Entry','filter','READ','ALLOW','ROLE','supplier'); Crear rol supplier que hereda de account igual que customer.
jsegarra commented 2024-07-01 16:39:44 +00:00
Outdated
Review
Copy Link

a0185dca04

a0185dca0486a339ba41ab8822ff4e767e19be1b
INSERT IGNORE INTO salix.ACL (`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`)
VALUES ('Entry','getBuys','READ','ALLOW','ROLE','supplier');
INSERT IGNORE INTO salix.ACL (`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`)
VALUES ('Entry','buyLabel','READ','ALLOW','ROLE','supplier');
INSERT IGNORE INTO `account`.`role` (`name`,`description`,`hasLogin`,`created`,`modified`)
VALUES ('supplier','Proveedores',1,'2017-10-10 14:58:58.000','2017-10-10 14:59:20.000');
SET @supplierFk =LAST_INSERT_ID();
INSERT IGNORE INTO account.roleInherit (`role`,`inheritsFrom`)
VALUES (@supplierFk,2);
UPDATE salix.ACL
SET principalId='$authenticated'
WHERE id=264;

1
loopback/common/methods/schema/model-info.js
View File

@ -92,6 +92,7 @@ module.exports = Self => {
const locale = modelLocale && modelLocale.get(lang); const locale = modelLocale && modelLocale.get(lang);
json[modelName] = { json[modelName] = {
http: model.sharedClass.http.path,
properties: model.definition.rawProperties, properties: model.definition.rawProperties,
validations: jsonValidations, validations: jsonValidations,
locale locale

3
modules/entry/back/methods/entry/buyLabel.js
View File

@ -29,7 +29,8 @@ module.exports = Self => {
http: { http: {
path: '/:id/buy-label', path: '/:id/buy-label',
verb: 'GET' verb: 'GET'
} },
accessScopes: ['DEFAULT', 'read:multimedia']
}); });
Self.buyLabel = (ctx, id) => Self.printReport(ctx, id, 'buy-label'); Self.buyLabel = (ctx, id) => Self.printReport(ctx, id, 'buy-label');

23
modules/entry/back/methods/entry/filter.js
View File

@ -112,7 +112,6 @@ module.exports = Self => {
if (typeof options == 'object') if (typeof options == 'object')
Object.assign(myOptions, options); Object.assign(myOptions, options);
const conn = Self.dataSource.connector; const conn = Self.dataSource.connector;
const where = buildFilter(ctx.args, (param, value) => { const where = buildFilter(ctx.args, (param, value) => {
switch (param) { switch (param) {
@ -146,7 +145,12 @@ module.exports = Self => {
} }
}); });
filter = mergeFilters(ctx.args.filter, {where}); filter = mergeFilters(ctx.args.filter, {where});
const userId = ctx.req.accessToken.userId;
const isSupplier = await Self.app.models.Supplier.findById(userId, options);
if (isSupplier) {
if (!filter.where) filter.where = {};
filter.where[`e.supplierFk`] = ctx.req.accessToken.userId;
}
const stmts = []; const stmts = [];
let stmt; let stmt;
stmt = new ParameterizedSQL( stmt = new ParameterizedSQL(
@ -158,7 +162,7 @@ module.exports = Self => {
e.invoiceNumber, e.invoiceNumber,
e.isBooked, e.isBooked,
e.isExcludedFromAvailable, e.isExcludedFromAvailable,
e.evaNotes AS observation, e.evaNotes observation,
e.isConfirmed, e.isConfirmed,
e.isOrdered, e.isOrdered,
e.isRaid, e.isRaid,
@ -170,13 +174,18 @@ module.exports = Self => {
e.gestDocFk, e.gestDocFk,
e.invoiceInFk, e.invoiceInFk,
t.landed, t.landed,
s.name AS supplierName, s.name supplierName,
s.nickname AS supplierAlias, s.nickname supplierAlias,
co.code AS companyCode, co.code companyCode,
cu.code AS currencyCode cu.code currencyCode,
jsegarra marked this conversation as resolved Outdated
jgallego commented 2024-07-03 05:39:22 +00:00
Outdated
Review
Copy Link

por convencion va sin AS
cu.code currencyCode,
esta linea y las demás tb

por convencion va sin AS `cu.code currencyCode,` esta linea y las demás tb
jsegarra commented 2024-07-03 06:17:28 +00:00
Outdated
Review
Copy Link

946d6f553a

https://gitea.verdnatura.es/verdnatura/salix/commit/946d6f553af0be220e5b9d882397c6fda4252daf
t.shipped,
t.landed,
t.warehouseInFk,
jsegarra marked this conversation as resolved Outdated
jgallego commented 2024-07-02 16:05:06 +00:00
Outdated
Review
Copy Link

se podria devolver el warehouseInFk tal cual sin el alias..lo apruebo porque no es un fallo, pero si lo ves mas conveniente lo cambias para la proxima

se podria devolver el warehouseInFk tal cual sin el alias..lo apruebo porque no es un fallo, pero si lo ves mas conveniente lo cambias para la proxima
jsegarra commented 2024-07-02 18:41:04 +00:00
Outdated
Review
Copy Link

Lo cambio porque tampoco es correcto que t.shipped y t.landed lleven alias.
Además, queremos mostrar el almacén de entrada así que el alias de warehouseName no es correcto, debería ser warehouseInName,
Puede llevar a confusión, así que lo cambio

Lo cambio porque tampoco es correcto que t.shipped y t.landed lleven alias. Además, queremos mostrar el almacén de entrada así que el alias de warehouseName no es correcto, debería ser warehouseInName, Puede llevar a confusión, así que lo cambio
w.name warehouseInName
FROM vn.entry e FROM vn.entry e
JOIN vn.supplier s ON s.id = e.supplierFk JOIN vn.supplier s ON s.id = e.supplierFk
JOIN vn.travel t ON t.id = e.travelFk JOIN vn.travel t ON t.id = e.travelFk
JOIN vn.warehouse w ON w.id = t.warehouseInFk
JOIN vn.company co ON co.id = e.companyFk JOIN vn.company co ON co.id = e.companyFk
JOIN vn.currency cu ON cu.id = e.currencyFk` JOIN vn.currency cu ON cu.id = e.currencyFk`
); );

33
modules/entry/back/methods/entry/getBuys.js
View File

@ -1,7 +1,9 @@
const UserError = require('vn-loopback/util/user-error');
const mergeFilters = require('vn-loopback/util/filter').mergeFilters; const mergeFilters = require('vn-loopback/util/filter').mergeFilters;
module.exports = Self => { module.exports = Self => {
Self.remoteMethod('getBuys', { Self.remoteMethodCtx('getBuys', {
description: 'Returns buys for one entry', description: 'Returns buys for one entry',
accessType: 'READ', accessType: 'READ',
accepts: [{ accepts: [{
@ -27,13 +29,19 @@ module.exports = Self => {
} }
}); });
Self.getBuys = async(id, filter, options) => { Self.getBuys = async(ctx, id, filter, options) => {
const userId = ctx.req.accessToken.userId;
const models = Self.app.models; const models = Self.app.models;
const myOptions = {}; const myOptions = {};
if (typeof options == 'object') if (typeof options == 'object')
Object.assign(myOptions, options); Object.assign(myOptions, options);
const isSupplier = await Self.app.models.Supplier.findById(userId, myOptions);
if (isSupplier) {
const isEntryOwner = (await Self.findById(id)).supplierFk === userId;
if (!isEntryOwner) throw new UserError('Access Denied');
jsegarra marked this conversation as resolved Outdated
jgallego commented 2024-07-01 13:18:45 +00:00
Outdated
Review
Copy Link

!

!
}
let defaultFilter = { let defaultFilter = {
where: {entryFk: id}, where: {entryFk: id},
fields: [ fields: [
@ -49,9 +57,23 @@ module.exports = Self => {
'buyingValue', 'buyingValue',
'price2', 'price2',
'price3', 'price3',
'printedStickers' 'printedStickers',
'entryFk'
], ],
include: { include: [{
relation: 'entry',
scope: {
fields: [
'id', 'supplierFk'
],
include: {
relation: 'supplier', scope: {
fields: ['id']
}
}
}
},
{
relation: 'item', relation: 'item',
scope: { scope: {
fields: [ fields: [
@ -82,9 +104,8 @@ module.exports = Self => {
} }
} }
} }
} }]
}; };
defaultFilter = mergeFilters(defaultFilter, filter); defaultFilter = mergeFilters(defaultFilter, filter);
jsegarra marked this conversation as resolved Outdated
jgallego commented 2024-07-01 13:19:27 +00:00
Outdated
Review
Copy Link

quitar

quitar
return models.Buy.find(defaultFilter, myOptions); return models.Buy.find(defaultFilter, myOptions);

94
modules/entry/back/methods/entry/specs/filter.spec.js
View File

@ -9,7 +9,8 @@ describe('Entry filter()', () => {
const ctx = { const ctx = {
args: { args: {
search: 1 search: 1
} },
req: {accessToken: {userId: 9}}
}; };
const result = await models.Entry.filter(ctx, options); const result = await models.Entry.filter(ctx, options);
@ -32,7 +33,8 @@ describe('Entry filter()', () => {
const ctx = { const ctx = {
args: { args: {
currencyFk: 1 currencyFk: 1
} },
req: {accessToken: {userId: 9}}
}; };
const result = await models.Entry.filter(ctx, options); const result = await models.Entry.filter(ctx, options);
@ -46,26 +48,73 @@ describe('Entry filter()', () => {
} }
}); });
it('should return the entry matching the supplier', async() => { describe('should return the entry matching the supplier', () => {
const tx = await models.Entry.beginTransaction({}); it('when userId is supplier ', async() => {
const options = {transaction: tx}; const tx = await models.Entry.beginTransaction({});
const options = {transaction: tx};
try { try {
const ctx = { const ctx = {
args: { args: {},
supplierFk: 2 req: {accessToken: {userId: 2}}
} };
};
const result = await models.Entry.filter(ctx, options); const result = await models.Entry.filter(ctx, options);
expect(result.length).toEqual(6); expect(result.length).toEqual(6);
await tx.rollback(); await tx.rollback();
} catch (e) { } catch (e) {
await tx.rollback(); await tx.rollback();
throw e; throw e;
} }
});
it('when userId is supplier fetching other supplier', async() => {
const tx = await models.Entry.beginTransaction({});
const options = {transaction: tx};
try {
const ctx = {
args: {
supplierFk: 1
},
req: {accessToken: {userId: 2}}
};
const result = await models.Entry.filter(ctx, options);
expect(result.length).toEqual(6);
await tx.rollback();
} catch (e) {
await tx.rollback();
throw e;
}
});
it('when userId is not supplier', async() => {
const tx = await models.Entry.beginTransaction({});
const options = {transaction: tx};
try {
const ctx = {
args: {
supplierFk: 2
},
req: {accessToken: {userId: 9}}
};
const result = await models.Entry.filter(ctx, options);
expect(result.length).toEqual(6);
await tx.rollback();
} catch (e) {
await tx.rollback();
throw e;
}
});
}); });
it('should return the entry matching the company', async() => { it('should return the entry matching the company', async() => {
@ -76,7 +125,8 @@ describe('Entry filter()', () => {
const ctx = { const ctx = {
args: { args: {
companyFk: 442 companyFk: 442
} },
req: {accessToken: {userId: 9}}
}; };
const result = await models.Entry.filter(ctx, options); const result = await models.Entry.filter(ctx, options);
@ -98,7 +148,8 @@ describe('Entry filter()', () => {
const ctx = { const ctx = {
args: { args: {
isBooked: true, isBooked: true,
} },
req: {accessToken: {userId: 9}}
}; };
const result = await models.Entry.filter(ctx, options); const result = await models.Entry.filter(ctx, options);
@ -121,7 +172,8 @@ describe('Entry filter()', () => {
args: { args: {
reference: 'movement', reference: 'movement',
travelFk: '2' travelFk: '2'
} },
req: {accessToken: {userId: 9}}
}; };
const result = await models.Entry.filter(ctx, options); const result = await models.Entry.filter(ctx, options);

86
modules/entry/back/methods/entry/specs/getBuys.spec.js
View File

@ -1,24 +1,82 @@
const UserError = require('vn-loopback/util/user-error');
const models = require('vn-loopback/server/server').models; const models = require('vn-loopback/server/server').models;
describe('entry getBuys()', () => { describe('entry getBuys()', () => {
const entryId = 4; const entryId = 4;
it('should get the buys and items of an entry', async() => { describe('should get the buys and items of an entry ', () => {
const tx = await models.Entry.beginTransaction({}); it('when is supplier and entry owner', async() => {
const options = {transaction: tx}; const tx = await models.Entry.beginTransaction({});
const options = {transaction: tx};
try { try {
const result = await models.Entry.getBuys(entryId, options); const ctx = {
args: {
search: 1
},
req: {accessToken: {userId: 2}}
};
const length = result.length; const result = await models.Entry.getBuys(ctx, entryId, options);
const anyResult = result[Math.floor(Math.random() * Math.floor(length))];
expect(result.length).toEqual(4); const length = result.length;
expect(anyResult.item).toBeDefined(); const anyResult = result[Math.floor(Math.random() * Math.floor(length))];
await tx.rollback(); expect(result.length).toEqual(4);
} catch (e) { expect(anyResult.item).toBeDefined();
await tx.rollback();
throw e; await tx.rollback();
} } catch (e) {
await tx.rollback();
throw e;
}
});
it('when is supplier but not entry owner', async() => {
const tx = await models.Entry.beginTransaction({});
const options = {transaction: tx};
const entryId = 1;
try {
const ctx = {
args: {
search: 1
},
req: {accessToken: {userId: 2}}
};
const result = await models.Entry.getBuys(ctx, entryId, options);
expect(result).toBeUndefined();
} catch (error) {
expect(error).toBeInstanceOf(UserError);
expect(error.message).toBe('Access Denied');
}
});
it('when is not supplier', async() => {
const tx = await models.Entry.beginTransaction({});
const options = {transaction: tx};
try {
const ctx = {
args: {
search: 1
},
req: {accessToken: {userId: 9}}
};
const result = await models.Entry.getBuys(ctx, entryId, options);
const length = result.length;
const anyResult = result[Math.floor(Math.random() * Math.floor(length))];
expect(result.length).toEqual(4);
expect(anyResult.item).toBeDefined();
await tx.rollback();
} catch (e) {
await tx.rollback();
throw e;
}
});
}); });
}); });