From a167e7fada35749dbdf28bcd2b6f7076b9c9e079 Mon Sep 17 00:00:00 2001
From: jtubau <jtubau@verdnatura.es>
Date: Fri, 10 Jan 2025 13:42:29 +0100
Subject: [PATCH 1/4] feat: refs #8304 add ACL entry for WorkerDms with high
 privileges

---
 db/versions/11404-azureAnthurium/00-firstScript.sql | 2 ++
 1 file changed, 2 insertions(+)
 create mode 100644 db/versions/11404-azureAnthurium/00-firstScript.sql

diff --git a/db/versions/11404-azureAnthurium/00-firstScript.sql b/db/versions/11404-azureAnthurium/00-firstScript.sql
new file mode 100644
index 000000000..7a4dfe9bc
--- /dev/null
+++ b/db/versions/11404-azureAnthurium/00-firstScript.sql
@@ -0,0 +1,2 @@
+INSERT INTO salix.ACL (model, property, accessType, permission, principalType, principalId)
+VALUES('WorkerDms', 'hasHighPrivs', 'READ', 'ALLOW', 'ROLE', 'hr');
\ No newline at end of file
-- 
2.40.1


From 0e8d9137edfdcffebf73f84672c1d58ccd3a10a5 Mon Sep 17 00:00:00 2001
From: jtubau <jtubau@verdnatura.es>
Date: Fri, 10 Jan 2025 13:48:03 +0100
Subject: [PATCH 2/4] feat: refs #8304 add privilege check for WorkerDms filter
 method

---
 modules/worker/back/methods/worker-dms/filter.js | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/modules/worker/back/methods/worker-dms/filter.js b/modules/worker/back/methods/worker-dms/filter.js
index 240a905d2..a6e5d67e7 100644
--- a/modules/worker/back/methods/worker-dms/filter.js
+++ b/modules/worker/back/methods/worker-dms/filter.js
@@ -1,5 +1,6 @@
 const ParameterizedSQL = require('loopback-connector').ParameterizedSQL;
 const {mergeFilters, mergeWhere} = require('vn-loopback/util/filter');
+const UserError = require('vn-loopback/util/user-error');
 
 module.exports = Self => {
     Self.remoteMethodCtx('filter', {
@@ -33,7 +34,10 @@ module.exports = Self => {
         const conn = Self.dataSource.connector;
         const userId = ctx.req.accessToken.userId;
         const models = Self.app.models;
+        const hasPrivs = await models.ACL.checkAccessAcl(ctx, 'WorkerDms', 'hasHighPrivs', '*');
 
+        if (!hasPrivs && userId !== id)
+            throw new UserError('You don\'t have enough privileges');
         // Get ids alloweds
         const account = await models.VnUser.findById(userId);
 
-- 
2.40.1


From b20dee8382b896965cfd8bdbf0fb35d3305e3437 Mon Sep 17 00:00:00 2001
From: jtubau <jtubau@verdnatura.es>
Date: Tue, 21 Jan 2025 12:28:34 +0100
Subject: [PATCH 3/4] feat: refs #8304 add notes field to business model

---
 modules/client/back/models/business.json | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/modules/client/back/models/business.json b/modules/client/back/models/business.json
index 58e989ae0..416845842 100644
--- a/modules/client/back/models/business.json
+++ b/modules/client/back/models/business.json
@@ -13,7 +13,10 @@
         },
         "workcenterFk" : {
             "type": "number"
-        }
+        },
+        "notes" : {
+            "type": "string"
+        }        
     },
     "relations": {
         "worker": {
-- 
2.40.1


From 7f5224ebcabe7c504ac67123aed95e5b079877fd Mon Sep 17 00:00:00 2001
From: jtubau <jtubau@verdnatura.es>
Date: Tue, 21 Jan 2025 14:45:13 +0100
Subject: [PATCH 4/4] feat: refs #8304 add ACL entries for Business and Worker
 models and update worker model relationships

---
 db/versions/11404-azureAnthurium/00-firstScript.sql | 6 +++++-
 modules/worker/back/models/worker.json              | 5 +++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/db/versions/11404-azureAnthurium/00-firstScript.sql b/db/versions/11404-azureAnthurium/00-firstScript.sql
index 7a4dfe9bc..58e74cbfb 100644
--- a/db/versions/11404-azureAnthurium/00-firstScript.sql
+++ b/db/versions/11404-azureAnthurium/00-firstScript.sql
@@ -1,2 +1,6 @@
 INSERT INTO salix.ACL (model, property, accessType, permission, principalType, principalId)
-VALUES('WorkerDms', 'hasHighPrivs', 'READ', 'ALLOW', 'ROLE', 'hr');
\ No newline at end of file
+VALUES
+    ('WorkerDms', 'hasHighPrivs', 'READ', 'ALLOW', 'ROLE', 'hr'),
+    ('Business', 'updateAttributes', 'WRITE', 'ALLOW', 'ROLE', 'hr'),
+    ('Worker', '__get__business', 'READ', 'ALLOW', 'ROLE', 'hr')
+    ;
\ No newline at end of file
diff --git a/modules/worker/back/models/worker.json b/modules/worker/back/models/worker.json
index 705851963..fbba4c227 100644
--- a/modules/worker/back/models/worker.json
+++ b/modules/worker/back/models/worker.json
@@ -142,6 +142,11 @@
             "type": "hasMany",
             "model": "WorkerRelative",
             "foreignKey": "workerFK"
+        },
+        "business": {         
+            "type": "hasMany",
+            "model": "Business",
+            "foreignKey": "workerFk"
         }
     },
     "acls": [
-- 
2.40.1