gitea-admin/lti-api
1
0
Fork 0
mirror of https://gitlab.com/mbugroup/lti-api.git synced 2026-05-20 13:31:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'feat/BE/sso-adjustment' into 'development'

Browse Source 
[FIX/BE-US]add feature restrict by location and areas in roles

See merge request mbugroup/lti-api!189
This commit is contained in:
Adnan Zahir
2026-01-28 11:22:47 +07:00
parent b468ba3df9 8410573ee6
commit 9dd4a93476
50 changed files with 2584 additions and 171 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/modules/purchases/services/purchase.service.go
+56 -1
View File
@@ -125,6 +125,11 @@ func (s *purchaseService) GetAll(c *fiber.Ctx, params *validation.Query) ([]enti
return nil, 0, err
}
scope, err := m.ResolveLocationScope(c, s.PurchaseRepo.DB())
if err != nil {
return nil, 0, err
}
offset := (params.Page - 1) * params.Limit
createdFrom, createdTo, err := utils.ParseDateRangeForQuery(params.CreatedFrom, params.CreatedTo)
@@ -148,6 +153,21 @@ func (s *purchaseService) GetAll(c *fiber.Ctx, params *validation.Query) ([]enti
db = db.Where("created_at < ?", *createdTo)
}
if scope.Restrict {
if len(scope.IDs) == 0 {
return db.Where("1 = 0")
}
db = db.Where(
`EXISTS (
SELECT 1
FROM purchase_items pi
JOIN warehouses w ON w.id = pi.warehouse_id
WHERE pi.purchase_id = purchases.id AND w.location_id IN ?
)`,
scope.IDs,
)
}
if params.AreaID > 0 {
db = db.Where(
`EXISTS (
@@ -202,7 +222,42 @@ func (s *purchaseService) GetAll(c *fiber.Ctx, params *validation.Query) ([]enti
}
func (s *purchaseService) GetOne(c *fiber.Ctx, id uint) (*entity.Purchase, error) {
return s.loadPurchase(c.Context(), id)
scope, err := m.ResolveLocationScope(c, s.PurchaseRepo.DB())
if err != nil {
return nil, err
}
purchase, err := s.PurchaseRepo.GetByID(c.Context(), id, func(db *gorm.DB) *gorm.DB {
db = s.withRelations(db)
if scope.Restrict {
if len(scope.IDs) == 0 {
return db.Where("1 = 0")
}
db = db.Where(
`EXISTS (
SELECT 1
FROM purchase_items pi
JOIN warehouses w ON w.id = pi.warehouse_id
WHERE pi.purchase_id = purchases.id AND w.location_id IN ?
)`,
scope.IDs,
)
}
return db
})
if err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
return nil, utils.NotFound("Purchase not found")
}
s.Log.Errorf("Failed to get purchase %d: %+v", id, err)
return nil, utils.Internal("Failed to get purchase")
}
if err := s.attachLatestApproval(c.Context(), purchase); err != nil {
s.Log.Warnf("Unable to attach latest approval for purchase %d: %+v", id, err)
}
s.applyTravelDocumentURLs(c.Context(), purchase)
return purchase, nil
}
func (s *purchaseService) CreateOne(c *fiber.Ctx, req *validation.CreatePurchaseRequest) (*entity.Purchase, error) {