7648_myEntries #2744
|
@ -314,5 +314,4 @@ INSERT INTO mysql.roles_mapping (`User`, `Host`, `Role`, `Admin_option`)
|
||||||
SELECT SUBSTR(`User`, @prefixLen + 1), `Host`, `Role`, `Admin_option`
|
SELECT SUBSTR(`User`, @prefixLen + 1), `Host`, `Role`, `Admin_option`
|
||||||
FROM mysql.roles_mapping
|
FROM mysql.roles_mapping
|
||||||
WHERE `User` LIKE @prefixedLike AND `Host` = @genRoleHost;
|
WHERE `User` LIKE @prefixedLike AND `Host` = @genRoleHost;
|
||||||
|
|
||||||
FLUSH PRIVILEGES;
|
FLUSH PRIVILEGES;
|
||||||
|
|
|
@ -118,7 +118,7 @@ INSERT INTO `hedera`.`tpvConfig`(`id`, `currency`, `terminal`, `transactionType`
|
||||||
INSERT INTO `account`.`user`(`id`,`name`,`nickname`, `password`,`role`,`active`,`email`,`lang`, `image`)
|
INSERT INTO `account`.`user`(`id`,`name`,`nickname`, `password`,`role`,`active`,`email`,`lang`, `image`)
|
||||||
VALUES
|
VALUES
|
||||||
(1101, 'brucewayne', 'Bruce Wayne', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'BruceWayne@mydomain.com', 'es','1101'),
|
(1101, 'brucewayne', 'Bruce Wayne', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'BruceWayne@mydomain.com', 'es','1101'),
|
||||||
(1102, 'petterparker', 'Petter Parker', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'PetterParker@mydomain.com', 'en','1102'),
|
(1102, 'petterparker', 'Petter Parker', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 131, 1, 'PetterParker@mydomain.com', 'en','1102'),
|
||||||
(1103, 'clarkkent', 'Clark Kent', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'ClarkKent@mydomain.com', 'fr','1103'),
|
(1103, 'clarkkent', 'Clark Kent', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'ClarkKent@mydomain.com', 'fr','1103'),
|
||||||
(1104, 'tonystark', 'Tony Stark', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'TonyStark@mydomain.com', 'es','1104'),
|
(1104, 'tonystark', 'Tony Stark', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'TonyStark@mydomain.com', 'es','1104'),
|
||||||
(1105, 'maxeisenhardt', 'Max Eisenhardt', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'MaxEisenhardt@mydomain.com', 'pt','1105'),
|
(1105, 'maxeisenhardt', 'Max Eisenhardt', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'MaxEisenhardt@mydomain.com', 'pt','1105'),
|
||||||
|
@ -1477,7 +1477,8 @@ INSERT INTO `vn`.`travel`(`id`,`shipped`, `landed`, `warehouseInFk`, `warehouseO
|
||||||
(5, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 3, 3, 1, 50.00, 500, 'fifth travel', 1, 1, 5),
|
(5, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 3, 3, 1, 50.00, 500, 'fifth travel', 1, 1, 5),
|
||||||
(6, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 4, 4, 1, 50.00, 500, 'sixth travel', 1, 2, 6),
|
(6, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 4, 4, 1, 50.00, 500, 'sixth travel', 1, 2, 6),
|
||||||
(7, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 5, 4, 1, 50.00, 500, 'seventh travel', 2, 1, 7),
|
(7, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 5, 4, 1, 50.00, 500, 'seventh travel', 2, 1, 7),
|
||||||
(8, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 5, 1, 1, 50.00, 500, 'eight travel', 1, 2, 10);
|
(8, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 5, 1, 1, 50.00, 500, 'eight travel', 1, 2, 10),
|
||||||
|
(10, DATE_ADD(util.VN_CURDATE(), INTERVAL + 5 DAY), DATE_ADD(util.VN_CURDATE(), INTERVAL + 5 DAY), 5, 1, 1, 50.00, 500, 'nineth travel', 1, 2, 10);
|
||||||
|
|
||||||
INSERT INTO `vn`.`entry`(`id`, `supplierFk`, `created`, `travelFk`, `isConfirmed`, `companyFk`, `invoiceNumber`, `reference`, `isExcludedFromAvailable`, `isRaid`, `evaNotes`)
|
INSERT INTO `vn`.`entry`(`id`, `supplierFk`, `created`, `travelFk`, `isConfirmed`, `companyFk`, `invoiceNumber`, `reference`, `isExcludedFromAvailable`, `isRaid`, `evaNotes`)
|
||||||
VALUES
|
VALUES
|
||||||
|
@ -1488,7 +1489,9 @@ INSERT INTO `vn`.`entry`(`id`, `supplierFk`, `created`, `travelFk`, `isConfirmed
|
||||||
(5, 2, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 5, 0, 442, 'IN2005', 'Movement 5', 0, 0, 'observation five'),
|
(5, 2, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 5, 0, 442, 'IN2005', 'Movement 5', 0, 0, 'observation five'),
|
||||||
(6, 2, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 6, 0, 442, 'IN2006', 'Movement 6', 0, 0, 'observation six'),
|
(6, 2, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 6, 0, 442, 'IN2006', 'Movement 6', 0, 0, 'observation six'),
|
||||||
(7, 2, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 7, 0, 442, 'IN2007', 'Movement 7', 0, 0, 'observation seven'),
|
(7, 2, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 7, 0, 442, 'IN2007', 'Movement 7', 0, 0, 'observation seven'),
|
||||||
(8, 2, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 7, 0, 442, 'IN2008', 'Movement 8', 1, 1, '');
|
(8, 2, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 7, 0, 442, 'IN2008', 'Movement 8', 1, 1, ''),
|
||||||
|
(9, 2, DATE_ADD(util.VN_CURDATE(), INTERVAL +2 DAY), 10, 0, 442, 'IN2009', 'Movement 9', 1, 1, ''),
|
||||||
|
(10, 2, DATE_ADD(util.VN_CURDATE(), INTERVAL +2 DAY), 10, 0, 442, 'IN2009', 'Movement 9', 1, 1, '');
|
||||||
|
|
||||||
INSERT INTO `bs`.`waste`(`buyer`, `year`, `week`, `family`, `itemFk`, `itemTypeFk`, `saleTotal`, `saleWaste`, `rate`)
|
INSERT INTO `bs`.`waste`(`buyer`, `year`, `week`, `family`, `itemFk`, `itemTypeFk`, `saleTotal`, `saleWaste`, `rate`)
|
||||||
VALUES
|
VALUES
|
||||||
|
|
|
@ -0,0 +1,21 @@
|
||||||
|
|
||||||
|
INSERT IGNORE INTO salix.ACL (`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`)
|
||||||
|
VALUES ('Entry','filter','READ','ALLOW','ROLE','supplier');
|
||||||
|
|
||||||
|
INSERT IGNORE INTO salix.ACL (`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`)
|
||||||
|
VALUES ('Entry','getBuys','READ','ALLOW','ROLE','supplier');
|
||||||
|
|
||||||
|
INSERT IGNORE INTO salix.ACL (`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`)
|
||||||
|
VALUES ('Entry','buyLabel','READ','ALLOW','ROLE','supplier');
|
||||||
|
|
||||||
|
INSERT IGNORE INTO `account`.`role` (`name`,`description`,`hasLogin`,`created`,`modified`)
|
||||||
|
VALUES ('supplier','Proveedores',1,'2017-10-10 14:58:58.000','2017-10-10 14:59:20.000');
|
||||||
|
|||||||
|
SET @supplierFk =LAST_INSERT_ID();
|
||||||
alexm
commented
Podias haber puesto directamente ese where jajaja Podias haber puesto directamente ese where jajaja
|
|||||||
|
INSERT IGNORE INTO account.roleInherit (`role`,`inheritsFrom`)
|
||||||
jsegarra marked this conversation as resolved
alexm
commented
Despues de esto hace falta hacer un Despues de esto hace falta hacer un `CALL account.role_sync()`
jsegarra
commented
Ya existe en prod Ya existe en prod
|
|||||||
|
VALUES (@supplierFk,2);
|
||||||
|
|
||||||
|
UPDATE salix.ACL
|
||||||
|
SET principalId='$authenticated'
|
||||||
|
WHERE id=264;
|
||||||
jsegarra marked this conversation as resolved
Outdated
alexm
commented
No poner id, poner a que hacer referencia (model, property, etc) No poner id, poner a que hacer referencia (model, property, etc)
|
|||||||
|
|
||||||
|
|
|
@ -95,6 +95,11 @@ module.exports = Self => {
|
||||||
arg: 'to',
|
arg: 'to',
|
||||||
type: 'date',
|
type: 'date',
|
||||||
description: `The to date filter`
|
description: `The to date filter`
|
||||||
|
},
|
||||||
|
{
|
||||||
|
arg: 'days',
|
||||||
|
type: 'number',
|
||||||
|
description: `N days interval`
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
returns: {
|
returns: {
|
||||||
|
@ -112,7 +117,6 @@ module.exports = Self => {
|
||||||
|
|
||||||
if (typeof options == 'object')
|
if (typeof options == 'object')
|
||||||
Object.assign(myOptions, options);
|
Object.assign(myOptions, options);
|
||||||
|
|
||||||
const conn = Self.dataSource.connector;
|
const conn = Self.dataSource.connector;
|
||||||
const where = buildFilter(ctx.args, (param, value) => {
|
const where = buildFilter(ctx.args, (param, value) => {
|
||||||
switch (param) {
|
switch (param) {
|
||||||
|
@ -146,7 +150,13 @@ module.exports = Self => {
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
filter = mergeFilters(ctx.args.filter, {where});
|
filter = mergeFilters(ctx.args.filter, {where});
|
||||||
|
const userId = ctx.req.accessToken.userId;
|
||||||
|
const client = await Self.app.models.Client.findById(userId, myOptions);
|
||||||
|
const supplier = await Self.app.models.Supplier.findOne({where: {nif: client.fi}}, myOptions);
|
||||||
|
if (supplier) {
|
||||||
|
if (!filter.where) filter.where = {};
|
||||||
|
filter.where[`e.supplierFk`] = supplier.id;
|
||||||
|
}
|
||||||
const stmts = [];
|
const stmts = [];
|
||||||
let stmt;
|
let stmt;
|
||||||
stmt = new ParameterizedSQL(
|
stmt = new ParameterizedSQL(
|
||||||
|
@ -158,7 +168,7 @@ module.exports = Self => {
|
||||||
e.invoiceNumber,
|
e.invoiceNumber,
|
||||||
e.isBooked,
|
e.isBooked,
|
||||||
e.isExcludedFromAvailable,
|
e.isExcludedFromAvailable,
|
||||||
e.evaNotes AS observation,
|
e.evaNotes observation,
|
||||||
e.isConfirmed,
|
e.isConfirmed,
|
||||||
e.isOrdered,
|
e.isOrdered,
|
||||||
e.isRaid,
|
e.isRaid,
|
||||||
|
@ -170,17 +180,32 @@ module.exports = Self => {
|
||||||
e.gestDocFk,
|
e.gestDocFk,
|
||||||
e.invoiceInFk,
|
e.invoiceInFk,
|
||||||
t.landed,
|
t.landed,
|
||||||
s.name AS supplierName,
|
s.name supplierName,
|
||||||
s.nickname AS supplierAlias,
|
s.nickname supplierAlias,
|
||||||
co.code AS companyCode,
|
co.code companyCode,
|
||||||
cu.code AS currencyCode
|
cu.code currencyCode,
|
||||||
|
t.shipped,
|
||||||
|
t.landed,
|
||||||
|
t.ref AS travelRef,
|
||||||
|
t.warehouseInFk,
|
||||||
|
w.name warehouseInName
|
||||||
FROM vn.entry e
|
FROM vn.entry e
|
||||||
JOIN vn.supplier s ON s.id = e.supplierFk
|
JOIN vn.supplier s ON s.id = e.supplierFk
|
||||||
JOIN vn.travel t ON t.id = e.travelFk
|
JOIN vn.travel t ON t.id = e.travelFk
|
||||||
|
JOIN vn.warehouse w ON w.id = t.warehouseInFk
|
||||||
JOIN vn.company co ON co.id = e.companyFk
|
JOIN vn.company co ON co.id = e.companyFk
|
||||||
JOIN vn.currency cu ON cu.id = e.currencyFk`
|
JOIN vn.currency cu ON cu.id = e.currencyFk`
|
||||||
);
|
);
|
||||||
|
|
||||||
|
if (ctx.args.days) {
|
||||||
|
stmt.merge({
|
||||||
|
sql: `
|
||||||
|
AND t.shipped <= util.VN_CURDATE() + INTERVAL ? DAY
|
||||||
|
AND t.shipped >= util.VN_CURDATE()
|
||||||
|
`,
|
||||||
|
params: [ctx.args.days]
|
||||||
|
});
|
||||||
|
}
|
||||||
stmt.merge(conn.makeSuffix(filter));
|
stmt.merge(conn.makeSuffix(filter));
|
||||||
const itemsIndex = stmts.push(stmt) - 1;
|
const itemsIndex = stmts.push(stmt) - 1;
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,8 @@
|
||||||
|
const UserError = require('vn-loopback/util/user-error');
|
||||||
const mergeFilters = require('vn-loopback/util/filter').mergeFilters;
|
const mergeFilters = require('vn-loopback/util/filter').mergeFilters;
|
||||||
|
|
||||||
module.exports = Self => {
|
module.exports = Self => {
|
||||||
Self.remoteMethod('getBuys', {
|
Self.remoteMethodCtx('getBuys', {
|
||||||
description: 'Returns buys for one entry',
|
description: 'Returns buys for one entry',
|
||||||
accessType: 'READ',
|
accessType: 'READ',
|
||||||
accepts: [{
|
accepts: [{
|
||||||
|
@ -27,13 +28,20 @@ module.exports = Self => {
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
Self.getBuys = async(id, filter, options) => {
|
Self.getBuys = async(ctx, id, filter, options) => {
|
||||||
|
const userId = ctx.req.accessToken.userId;
|
||||||
const models = Self.app.models;
|
const models = Self.app.models;
|
||||||
const myOptions = {};
|
const myOptions = {};
|
||||||
|
|
||||||
if (typeof options == 'object')
|
if (typeof options == 'object')
|
||||||
Object.assign(myOptions, options);
|
Object.assign(myOptions, options);
|
||||||
|
const client = await Self.app.models.Client.findById(userId, myOptions);
|
||||||
|
const supplier = await Self.app.models.Supplier.findOne({where: {nif: client.fi}}, myOptions);
|
||||||
|
if (supplier) {
|
||||||
|
const isEntryOwner = (await Self.findById(id)).supplierFk === supplier.id;
|
||||||
|
|
||||||
|
if (!isEntryOwner) throw new UserError('Access Denied');
|
||||||
jsegarra marked this conversation as resolved
alexm
commented
Diria que mejor usar un Diria que mejor usar un `throw new ForbiddenError(`...`);`
jsegarra
commented
lo vemos porque en el proyecto también se usa UserError para casos similares lo vemos porque en el proyecto también se usa UserError para casos similares
|
|||||||
|
}
|
||||||
let defaultFilter = {
|
let defaultFilter = {
|
||||||
where: {entryFk: id},
|
where: {entryFk: id},
|
||||||
fields: [
|
fields: [
|
||||||
|
@ -49,9 +57,23 @@ module.exports = Self => {
|
||||||
'buyingValue',
|
'buyingValue',
|
||||||
'price2',
|
'price2',
|
||||||
'price3',
|
'price3',
|
||||||
'printedStickers'
|
'printedStickers',
|
||||||
|
'entryFk'
|
||||||
|
],
|
||||||
|
include: [{
|
||||||
|
relation: 'entry',
|
||||||
|
scope: {
|
||||||
|
fields: [
|
||||||
|
'id', 'supplierFk'
|
||||||
],
|
],
|
||||||
include: {
|
include: {
|
||||||
|
relation: 'supplier', scope: {
|
||||||
|
fields: ['id']
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
relation: 'item',
|
relation: 'item',
|
||||||
scope: {
|
scope: {
|
||||||
fields: [
|
fields: [
|
||||||
|
@ -82,9 +104,8 @@ module.exports = Self => {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}]
|
||||||
};
|
};
|
||||||
|
|
||||||
defaultFilter = mergeFilters(defaultFilter, filter);
|
defaultFilter = mergeFilters(defaultFilter, filter);
|
||||||
|
|
||||||
return models.Buy.find(defaultFilter, myOptions);
|
return models.Buy.find(defaultFilter, myOptions);
|
||||||
|
|
Loading…
Reference in New Issue
Created 2017?, mejor no ponerlo y que se ponga automatico
Cierto, aunque este rol ya está creado asi que lo podriamos evitar