41 lines
1.1 KiB
JavaScript
41 lines
1.1 KiB
JavaScript
module.exports = Self => {
|
|
Self.remoteMethodCtx('canEdit', {
|
|
description: 'Check if all the received sales are aditable',
|
|
accessType: 'READ',
|
|
accepts: [{
|
|
arg: 'sales',
|
|
type: ['object'],
|
|
required: true
|
|
}],
|
|
returns: {
|
|
type: 'boolean',
|
|
root: true
|
|
},
|
|
http: {
|
|
path: `/isEditable`,
|
|
verb: 'get'
|
|
}
|
|
});
|
|
|
|
Self.canEdit = async(ctx, sales, options) => {
|
|
const models = Self.app.models;
|
|
const userId = ctx.req.accessToken.userId;
|
|
const myOptions = {};
|
|
|
|
if (typeof options == 'object')
|
|
Object.assign(myOptions, options);
|
|
|
|
const idsCollection = sales.map(sale => sale.id);
|
|
|
|
const saleTracking = await models.SaleTracking.find({where: {saleFk: {inq: idsCollection}}}, myOptions);
|
|
|
|
const hasSaleTracking = saleTracking.length;
|
|
|
|
const isProductionRole = await models.Account.hasRole(userId, 'production', myOptions);
|
|
|
|
const canEdit = (isProductionRole || !hasSaleTracking);
|
|
|
|
return canEdit;
|
|
};
|
|
};
|