From 375f71699cedc82ee0868854a2ded8b582af9a29 Mon Sep 17 00:00:00 2001 From: amansinghbais Date: Wed, 17 Jan 2024 16:29:38 +0530 Subject: [PATCH] Improved: permission management and app access restrictions (#263) --- .env.example | 2 +- src/authorization/Rules.ts | 4 +++- src/services/UserService.ts | 12 ++++++++---- src/store/modules/user/actions.ts | 8 +++++--- 4 files changed, 17 insertions(+), 9 deletions(-) diff --git a/.env.example b/.env.example index 6002fc9c..0e210be3 100644 --- a/.env.example +++ b/.env.example @@ -9,7 +9,7 @@ VUE_APP_POLL_TIME=10000 VUE_APP_ORDER_FILTERS=["orderTypeId: SALES_ORDER", "facilityId:PRE_ORDER_PARKING OR facilityId:BACKORDER_PARKING", "orderStatusId: ORDER_APPROVED", "!orderItemStatusId: ITEM_CANCELLED" ] VUE_APP_BASE_URL= VUE_APP_ORDER_IN_BRKRNG_FILTERS=["orderTypeId: SALES_ORDER", "facilityId: _NA_", "orderStatusId: ORDER_APPROVED", "!orderItemStatusId: ITEM_CANCELLED" ] -VUE_APP_PERMISSION_ID= +VUE_APP_PERMISSION_ID="PREORDER_APP_VIEW" VUE_APP_ALIAS= VUE_APP_CTGRY_AND_BRKRNG_JOB=["JOB_REL_PREODR_CAT", "JOB_BKR_ORD", "JOB_RLS_ORD_DTE"] VUE_APP_DEFAULT_ALIAS= diff --git a/src/authorization/Rules.ts b/src/authorization/Rules.ts index d2e8f294..a94b75b9 100644 --- a/src/authorization/Rules.ts +++ b/src/authorization/Rules.ts @@ -4,5 +4,7 @@ export default { "APP_CATALOG_VIEW": "", "APP_PRDT_DTLS_VIEW": "", "APP_CTLG_PRDT_DTLS_VIEW": "", - "APP_INV_CNFG_UPDT": "COMMON_ADMIN" + "APP_INV_CNFG_UPDT": "COMMON_ADMIN", + "MERCHANDISING_ADMIN": "MERCHANDISING_ADMIN", + "PREORDER_APP_VIEW": "PREORDER_APP_VIEW" } as any \ No newline at end of file diff --git a/src/services/UserService.ts b/src/services/UserService.ts index d5262262..775b3c94 100644 --- a/src/services/UserService.ts +++ b/src/services/UserService.ts @@ -35,17 +35,21 @@ const setUserPreference = async (payload: any): Promise => { }); } -const getEComStores = async (token: any, partyId: any): Promise => { +const getEComStores = async (token: any, partyId: any, isAdminUser = false): Promise => { try { const params = { "inputFields": { - "storeName_op": "not-empty", - "partyId": partyId + "storeName_op": "not-empty" }, "fieldList": ["productStoreId", "storeName"], "entityName": "ProductStoreAndRole", "distinct": "Y", - "noConditionFind": "Y" + "noConditionFind": "Y", + "filterByDate": 'Y' + } as any; + + if(!isAdminUser) { + params.inputFields['partyId'] = partyId } const baseURL = store.getters['user/getBaseUrl']; diff --git a/src/store/modules/user/actions.ts b/src/store/modules/user/actions.ts index 02f2eb0d..8e3fd5e0 100644 --- a/src/store/modules/user/actions.ts +++ b/src/store/modules/user/actions.ts @@ -39,9 +39,9 @@ const actions: ActionTree = { if (permissionId) { // As the token is not yet set in the state passing token headers explicitly // TODO Abstract this out, how token is handled should be part of the method not the callee - const hasPermission = appPermissions.some((appPermissionId: any) => appPermissionId === permissionId ); + const hasPermission = appPermissions.some((appPermission: any) => appPermission.action === permissionId ); // If there are any errors or permission check fails do not allow user to login - if (hasPermission) { + if (!hasPermission) { const permissionError = 'You do not have permission to access the app.'; showToast(translate(permissionError)); console.error("error", permissionError); @@ -49,9 +49,11 @@ const actions: ActionTree = { } } + const isAdminUser = appPermissions.some((appPermission: any) => appPermission?.action === "MERCHANDISING_ADMIN"); + // Getting user profile const userProfile = await UserService.getUserProfile(token); - userProfile.stores = await UserService.getEComStores(token, userProfile.partyId); + userProfile.stores = await UserService.getEComStores(token, userProfile.partyId, isAdminUser); // Getting user preferred store let preferredStore = userProfile.stores[0];