37 lines
1.2 KiB
JavaScript
37 lines
1.2 KiB
JavaScript
module.exports = Self => {
|
|
Self.remoteMethodCtx('isEditable', {
|
|
description: 'Check if the ticket state is editable',
|
|
accessType: 'READ',
|
|
accepts: [{
|
|
arg: 'stateId',
|
|
type: 'number',
|
|
required: true,
|
|
http: {source: 'path'}
|
|
}],
|
|
returns: {
|
|
type: 'boolean',
|
|
root: true
|
|
},
|
|
http: {
|
|
path: `/:stateId/isEditable`,
|
|
verb: 'get'
|
|
}
|
|
});
|
|
|
|
Self.isEditable = async(ctx, stateId) => {
|
|
const accessToken = ctx.req.accessToken;
|
|
const models = Self.app.models;
|
|
const userId = accessToken.userId;
|
|
|
|
let isProduction = await models.Account.hasRole(userId, 'production');
|
|
let isSalesPerson = await models.Account.hasRole(userId, 'salesPerson');
|
|
let isAdministrative = await models.Account.hasRole(userId, 'administrative');
|
|
let state = await models.State.findById(stateId);
|
|
|
|
let salesPersonAllowed = (isSalesPerson && (state.code == 'PICKER_DESIGNED' || state.code == 'PRINTED'));
|
|
|
|
let isAllowed = isProduction || isAdministrative || salesPersonAllowed || state.alertLevel == 0;
|
|
return isAllowed;
|
|
};
|
|
};
|