7648_myEntries #2744
|
@ -314,5 +314,4 @@ INSERT INTO mysql.roles_mapping (`User`, `Host`, `Role`, `Admin_option`)
|
|||
SELECT SUBSTR(`User`, @prefixLen + 1), `Host`, `Role`, `Admin_option`
|
||||
FROM mysql.roles_mapping
|
||||
WHERE `User` LIKE @prefixedLike AND `Host` = @genRoleHost;
|
||||
|
||||
FLUSH PRIVILEGES;
|
||||
|
|
|
@ -118,7 +118,7 @@ INSERT INTO `hedera`.`tpvConfig`(`id`, `currency`, `terminal`, `transactionType`
|
|||
INSERT INTO `account`.`user`(`id`,`name`,`nickname`, `password`,`role`,`active`,`email`,`lang`, `image`)
|
||||
VALUES
|
||||
(1101, 'brucewayne', 'Bruce Wayne', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'BruceWayne@mydomain.com', 'es','1101'),
|
||||
(1102, 'petterparker', 'Petter Parker', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'PetterParker@mydomain.com', 'en','1102'),
|
||||
(1102, 'petterparker', 'Petter Parker', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 131, 1, 'PetterParker@mydomain.com', 'en','1102'),
|
||||
(1103, 'clarkkent', 'Clark Kent', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'ClarkKent@mydomain.com', 'fr','1103'),
|
||||
(1104, 'tonystark', 'Tony Stark', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'TonyStark@mydomain.com', 'es','1104'),
|
||||
(1105, 'maxeisenhardt', 'Max Eisenhardt', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'MaxEisenhardt@mydomain.com', 'pt','1105'),
|
||||
|
@ -1477,7 +1477,8 @@ INSERT INTO `vn`.`travel`(`id`,`shipped`, `landed`, `warehouseInFk`, `warehouseO
|
|||
(5, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 3, 3, 1, 50.00, 500, 'fifth travel', 1, 1, 5),
|
||||
(6, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 4, 4, 1, 50.00, 500, 'sixth travel', 1, 2, 6),
|
||||
(7, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 5, 4, 1, 50.00, 500, 'seventh travel', 2, 1, 7),
|
||||
(8, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 5, 1, 1, 50.00, 500, 'eight travel', 1, 2, 10);
|
||||
(8, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 5, 1, 1, 50.00, 500, 'eight travel', 1, 2, 10),
|
||||
(10, DATE_ADD(util.VN_CURDATE(), INTERVAL + 5 DAY), DATE_ADD(util.VN_CURDATE(), INTERVAL + 5 DAY), 5, 1, 1, 50.00, 500, 'nineth travel', 1, 2, 10);
|
||||
|
||||
INSERT INTO `vn`.`entry`(`id`, `supplierFk`, `created`, `travelFk`, `isConfirmed`, `companyFk`, `invoiceNumber`, `reference`, `isExcludedFromAvailable`, `isRaid`, `evaNotes`)
|
||||
VALUES
|
||||
|
@ -1488,7 +1489,9 @@ INSERT INTO `vn`.`entry`(`id`, `supplierFk`, `created`, `travelFk`, `isConfirmed
|
|||
(5, 2, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 5, 0, 442, 'IN2005', 'Movement 5', 0, 0, 'observation five'),
|
||||
(6, 2, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 6, 0, 442, 'IN2006', 'Movement 6', 0, 0, 'observation six'),
|
||||
(7, 2, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 7, 0, 442, 'IN2007', 'Movement 7', 0, 0, 'observation seven'),
|
||||
(8, 2, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 7, 0, 442, 'IN2008', 'Movement 8', 1, 1, '');
|
||||
(8, 2, DATE_ADD(util.VN_CURDATE(), INTERVAL -1 MONTH), 7, 0, 442, 'IN2008', 'Movement 8', 1, 1, ''),
|
||||
(9, 2, DATE_ADD(util.VN_CURDATE(), INTERVAL +2 DAY), 10, 0, 442, 'IN2009', 'Movement 9', 1, 1, ''),
|
||||
(10, 2, DATE_ADD(util.VN_CURDATE(), INTERVAL +2 DAY), 10, 0, 442, 'IN2009', 'Movement 9', 1, 1, '');
|
||||
|
||||
INSERT INTO `bs`.`waste`(`buyer`, `year`, `week`, `family`, `itemFk`, `itemTypeFk`, `saleTotal`, `saleWaste`, `rate`)
|
||||
VALUES
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
|
||||
INSERT IGNORE INTO salix.ACL (`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`)
|
||||
VALUES ('Entry','filter','READ','ALLOW','ROLE','supplier');
|
||||
|
||||
INSERT IGNORE INTO salix.ACL (`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`)
|
||||
VALUES ('Entry','getBuys','READ','ALLOW','ROLE','supplier');
|
||||
|
||||
INSERT IGNORE INTO salix.ACL (`model`,`property`,`accessType`,`permission`,`principalType`,`principalId`)
|
||||
VALUES ('Entry','buyLabel','READ','ALLOW','ROLE','supplier');
|
||||
|
||||
INSERT IGNORE INTO `account`.`role` (`name`,`description`,`hasLogin`,`created`,`modified`)
|
||||
VALUES ('supplier','Proveedores',1,'2017-10-10 14:58:58.000','2017-10-10 14:59:20.000');
|
||||
|
||||
SET @supplierFk =LAST_INSERT_ID();
|
||||
alexm
commented
Podias haber puesto directamente ese where jajaja Podias haber puesto directamente ese where jajaja
|
||||
INSERT IGNORE INTO account.roleInherit (`role`,`inheritsFrom`)
|
||||
jsegarra marked this conversation as resolved
alexm
commented
Despues de esto hace falta hacer un Despues de esto hace falta hacer un `CALL account.role_sync()`
jsegarra
commented
Ya existe en prod Ya existe en prod
|
||||
VALUES (@supplierFk,2);
|
||||
|
||||
UPDATE salix.ACL
|
||||
SET principalId='$authenticated'
|
||||
WHERE id=264;
|
||||
jsegarra marked this conversation as resolved
Outdated
alexm
commented
No poner id, poner a que hacer referencia (model, property, etc) No poner id, poner a que hacer referencia (model, property, etc)
|
||||
|
||||
|
|
@ -95,6 +95,11 @@ module.exports = Self => {
|
|||
arg: 'to',
|
||||
type: 'date',
|
||||
description: `The to date filter`
|
||||
},
|
||||
{
|
||||
arg: 'days',
|
||||
type: 'number',
|
||||
description: `N days interval`
|
||||
}
|
||||
],
|
||||
returns: {
|
||||
|
@ -112,7 +117,6 @@ module.exports = Self => {
|
|||
|
||||
if (typeof options == 'object')
|
||||
Object.assign(myOptions, options);
|
||||
|
||||
const conn = Self.dataSource.connector;
|
||||
const where = buildFilter(ctx.args, (param, value) => {
|
||||
switch (param) {
|
||||
|
@ -146,7 +150,13 @@ module.exports = Self => {
|
|||
}
|
||||
});
|
||||
filter = mergeFilters(ctx.args.filter, {where});
|
||||
|
||||
const userId = ctx.req.accessToken.userId;
|
||||
const client = await Self.app.models.Client.findById(userId, myOptions);
|
||||
const supplier = await Self.app.models.Supplier.findOne({where: {nif: client.fi}}, myOptions);
|
||||
if (supplier) {
|
||||
if (!filter.where) filter.where = {};
|
||||
filter.where[`e.supplierFk`] = supplier.id;
|
||||
}
|
||||
const stmts = [];
|
||||
let stmt;
|
||||
stmt = new ParameterizedSQL(
|
||||
|
@ -158,7 +168,7 @@ module.exports = Self => {
|
|||
e.invoiceNumber,
|
||||
e.isBooked,
|
||||
e.isExcludedFromAvailable,
|
||||
e.evaNotes AS observation,
|
||||
e.evaNotes observation,
|
||||
e.isConfirmed,
|
||||
e.isOrdered,
|
||||
e.isRaid,
|
||||
|
@ -170,17 +180,32 @@ module.exports = Self => {
|
|||
e.gestDocFk,
|
||||
e.invoiceInFk,
|
||||
t.landed,
|
||||
s.name AS supplierName,
|
||||
s.nickname AS supplierAlias,
|
||||
co.code AS companyCode,
|
||||
cu.code AS currencyCode
|
||||
s.name supplierName,
|
||||
s.nickname supplierAlias,
|
||||
co.code companyCode,
|
||||
cu.code currencyCode,
|
||||
t.shipped,
|
||||
t.landed,
|
||||
t.ref AS travelRef,
|
||||
t.warehouseInFk,
|
||||
w.name warehouseInName
|
||||
FROM vn.entry e
|
||||
JOIN vn.supplier s ON s.id = e.supplierFk
|
||||
JOIN vn.travel t ON t.id = e.travelFk
|
||||
JOIN vn.warehouse w ON w.id = t.warehouseInFk
|
||||
JOIN vn.company co ON co.id = e.companyFk
|
||||
JOIN vn.currency cu ON cu.id = e.currencyFk`
|
||||
);
|
||||
|
||||
if (ctx.args.days) {
|
||||
stmt.merge({
|
||||
sql: `
|
||||
AND t.shipped <= util.VN_CURDATE() + INTERVAL ? DAY
|
||||
AND t.shipped >= util.VN_CURDATE()
|
||||
`,
|
||||
params: [ctx.args.days]
|
||||
});
|
||||
}
|
||||
stmt.merge(conn.makeSuffix(filter));
|
||||
const itemsIndex = stmts.push(stmt) - 1;
|
||||
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
const UserError = require('vn-loopback/util/user-error');
|
||||
const mergeFilters = require('vn-loopback/util/filter').mergeFilters;
|
||||
|
||||
module.exports = Self => {
|
||||
Self.remoteMethod('getBuys', {
|
||||
Self.remoteMethodCtx('getBuys', {
|
||||
description: 'Returns buys for one entry',
|
||||
accessType: 'READ',
|
||||
accepts: [{
|
||||
|
@ -27,13 +28,20 @@ module.exports = Self => {
|
|||
}
|
||||
});
|
||||
|
||||
Self.getBuys = async(id, filter, options) => {
|
||||
Self.getBuys = async(ctx, id, filter, options) => {
|
||||
const userId = ctx.req.accessToken.userId;
|
||||
const models = Self.app.models;
|
||||
const myOptions = {};
|
||||
|
||||
if (typeof options == 'object')
|
||||
Object.assign(myOptions, options);
|
||||
const client = await Self.app.models.Client.findById(userId, myOptions);
|
||||
const supplier = await Self.app.models.Supplier.findOne({where: {nif: client.fi}}, myOptions);
|
||||
if (supplier) {
|
||||
const isEntryOwner = (await Self.findById(id)).supplierFk === supplier.id;
|
||||
|
||||
if (!isEntryOwner) throw new UserError('Access Denied');
|
||||
jsegarra marked this conversation as resolved
alexm
commented
Diria que mejor usar un Diria que mejor usar un `throw new ForbiddenError(`...`);`
jsegarra
commented
lo vemos porque en el proyecto también se usa UserError para casos similares lo vemos porque en el proyecto también se usa UserError para casos similares
|
||||
}
|
||||
let defaultFilter = {
|
||||
where: {entryFk: id},
|
||||
fields: [
|
||||
|
@ -49,9 +57,23 @@ module.exports = Self => {
|
|||
'buyingValue',
|
||||
'price2',
|
||||
'price3',
|
||||
'printedStickers'
|
||||
'printedStickers',
|
||||
'entryFk'
|
||||
],
|
||||
include: [{
|
||||
relation: 'entry',
|
||||
scope: {
|
||||
fields: [
|
||||
'id', 'supplierFk'
|
||||
],
|
||||
include: {
|
||||
relation: 'supplier', scope: {
|
||||
fields: ['id']
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
relation: 'item',
|
||||
scope: {
|
||||
fields: [
|
||||
|
@ -82,9 +104,8 @@ module.exports = Self => {
|
|||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}]
|
||||
};
|
||||
|
||||
defaultFilter = mergeFilters(defaultFilter, filter);
|
||||
|
||||
return models.Buy.find(defaultFilter, myOptions);
|
||||
|
|
Loading…
Reference in New Issue
Created 2017?, mejor no ponerlo y que se ponga automatico
Cierto, aunque este rol ya está creado asi que lo podriamos evitar