salix/modules/ticket/back/methods/state/isEditable.js

38 lines
1.2 KiB
JavaScript

module.exports = Self => {
Self.remoteMethodCtx('isEditable', {
description: 'Check if the ticket state is editable',
accessType: 'READ',
accepts: [{
arg: 'stateId',
type: 'number',
required: true,
http: {source: 'path'}
}],
returns: {
type: 'boolean',
root: true
},
http: {
path: `/:stateId/isEditable`,
verb: 'get'
}
});
Self.isEditable = async(ctx, stateId) => {
const accessToken = ctx.req.accessToken;
const models = Self.app.models;
const userId = accessToken.userId;
let isProduction = await models.Account.hasRole(userId, 'production');
let isSalesPerson = await models.Account.hasRole(userId, 'salesPerson');
let isAdministrative = await models.Account.hasRole(userId, 'administrative');
let state = await models.State.findById(stateId);
let salesPersonAllowed = (isSalesPerson && state.code == 'PICKER_DESIGNED');
let isAllowed = isProduction || isAdministrative || salesPersonAllowed || state.alertLevel == 0;
return isAllowed;
};
};