41 lines
1.4 KiB
JavaScript
41 lines
1.4 KiB
JavaScript
module.exports = Self => {
|
|
Self.remoteMethodCtx('isEditable', {
|
|
description: 'Check if the ticket state is editable',
|
|
accessType: 'READ',
|
|
accepts: [{
|
|
arg: 'stateId',
|
|
type: 'number',
|
|
required: true,
|
|
http: {source: 'path'}
|
|
}],
|
|
returns: {
|
|
type: 'boolean',
|
|
root: true
|
|
},
|
|
http: {
|
|
path: `/:stateId/isEditable`,
|
|
verb: 'get'
|
|
}
|
|
});
|
|
|
|
Self.isEditable = async(ctx, stateId, options) => {
|
|
const accessToken = ctx.req.accessToken;
|
|
const models = Self.app.models;
|
|
const userId = accessToken.userId;
|
|
const myOptions = {};
|
|
|
|
if (typeof options == 'object')
|
|
Object.assign(myOptions, options);
|
|
|
|
const isProduction = await models.Account.hasRole(userId, 'production', myOptions);
|
|
const isSalesPerson = await models.Account.hasRole(userId, 'salesPerson', myOptions);
|
|
const isAdministrative = await models.Account.hasRole(userId, 'administrative', myOptions);
|
|
const state = await models.State.findById(stateId, null, myOptions);
|
|
|
|
const salesPersonAllowed = (isSalesPerson && (state.code == 'PICKER_DESIGNED' || state.code == 'PRINTED'));
|
|
|
|
const isAllowed = isProduction || isAdministrative || salesPersonAllowed || state.alertLevel == 0;
|
|
return isAllowed;
|
|
};
|
|
};
|