skrd/unified-restaurant-original
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Mas validaciones

Browse Source
This commit is contained in:
Daniel Cortés
2021-07-20 23:55:49 -04:00
parent 1d6082a590
commit 738860296c
8 changed files with 59 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/app/Http/Controllers/UsuariosController.php
View File

@@ -21,11 +21,7 @@ class UsuariosController extends Controller {
* Obtiene de forma paginada los usuarios registrados en el backend * Obtiene de forma paginada los usuarios registrados en el backend
*/ */
public function all(Request $request) { public function all(Request $request) {
if($request->user->isGlobalAdmin()) { $usuarios = $request->user->colegas();
$usuarios = Usuario::all();
} else {
$usuarios = Restaurante::all()->intersect($request->user->restaurantes);
}
$paginate = app(PaginatorService::class)->paginate( $paginate = app(PaginatorService::class)->paginate(
perPage: $request->input('per_page', 15), perPage: $request->input('per_page', 15),

30
backend/app/Http/Middleware/IsColegaMiddleware.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Log;
use App\Exceptions\ModelNotFoundException;
use App\Models\Usuario;
class IsColegaMiddleware {
public function handle($request, Closure $next) {
$loged_user = $request->user;
$user = Usuario::findOrFail($request->route('id'));
if(!$loged_user->isColega($user)) {
Log::debug('El usuario intento acceder a los datos de otro usuario que no es su colega', [
'loged_user' => $loged_user->id,
'user' => $user->id
]);
throw new ModelNotFoundException('usuario', $user->id);
} else {
Log::debug('El usuario accedio a los datos de otro usuario que si es su colega', [
'loged_user' => $loged_user->id,
'user' => $user->id
]);
}
return $next($request);
}
}

17
backend/app/Models/Usuario.php
View File

@@ -49,6 +49,23 @@ class Usuario extends Model {
return $this->restaurantes()->where('id', $restaurante->id)->count() > 0; return $this->restaurantes()->where('id', $restaurante->id)->count() > 0;
} }
public function isColega($usuario) {
return $this->colegas()->contains($usuario);
}
public function colegas() {
if($this->isGlobalAdmin()) return Usuario::all();
$restaurantes = $this->restaurantes;
$colegas = collect([]);
foreach($restaurantes as $restaurant) {
$colegas = $colegas->merge($restaurant->usuarios);
}
return $colegas->unique('id');
}
public function restaurantes() { public function restaurantes() {
return $this->belongsToMany(Restaurante::class, 'usuarios_restaurantes', 'usuario_id', 'restaurante_id'); return $this->belongsToMany(Restaurante::class, 'usuarios_restaurantes', 'usuario_id', 'restaurante_id');
} }

3
backend/bootstrap/app.php
View File

@@ -78,7 +78,8 @@ $app->routeMiddleware([
'auth' => App\Http\Middleware\Auth0Middleware::class, 'auth' => App\Http\Middleware\Auth0Middleware::class,
'log_endpoint' => App\Http\Middleware\LogEndpointHitMiddleware::class, 'log_endpoint' => App\Http\Middleware\LogEndpointHitMiddleware::class,
'role' => App\Http\Middleware\RoleMiddleware::class, 'role' => App\Http\Middleware\RoleMiddleware::class,
'in_restaurante' => App\Http\Middleware\InRestauranteMiddleware::class 'in_restaurante' => App\Http\Middleware\InRestauranteMiddleware::class,
'is_colega' => App\Http\Middleware\IsColegaMiddleware::class
]); ]);
$app->middleware([ $app->middleware([

12
backend/routes/web.php
View File

@@ -9,13 +9,13 @@ $router->get('/', function () use ($router) {
$router->group(['prefix' => 'api/v1', 'middleware' => ['auth', 'log_endpoint']], function () use ($router) { $router->group(['prefix' => 'api/v1', 'middleware' => ['auth', 'log_endpoint']], function () use ($router) {
$router->group(['prefix' => '/users'], function () use ($router) { $router->group(['prefix' => '/users'], function () use ($router) {
$router->get( '/', ['as' => 'users.all', 'uses' => 'UsuariosController@all', 'middleware' => ['role:admin|global_admin']]); $router->get( '/', ['as' => 'users.all', 'uses' => 'UsuariosController@all', 'middleware' => ['role:admin|global_admin']]);
$router->get( '/{id}', ['as' => 'users.get', 'uses' => 'UsuariosController@get', 'middleware' => ['role:admin|global_admin']]); $router->get( '/{id}', ['as' => 'users.get', 'uses' => 'UsuariosController@get', 'middleware' => ['role:admin|global_admin', 'is_colega']]);
$router->post( '/', ['as' => 'users.create', 'uses' => 'UsuariosController@create', 'middleware' => ['role:admin|global_admin']]); $router->post( '/', ['as' => 'users.create', 'uses' => 'UsuariosController@create', 'middleware' => ['role:admin|global_admin']]);
$router->put( '/{id}', ['as' => 'users.update', 'uses' => 'UsuariosController@update', 'middleware' => ['role:admin|global_admin']]); $router->put( '/{id}', ['as' => 'users.update', 'uses' => 'UsuariosController@update', 'middleware' => ['role:admin|global_admin', 'is_colega']]);
$router->delete('/{id}', ['as' => 'users.delete', 'uses' => 'UsuariosController@delete', 'middleware' => ['role:admin|global_admin']]); $router->delete('/{id}', ['as' => 'users.delete', 'uses' => 'UsuariosController@delete', 'middleware' => ['role:admin|global_admin', 'is_colega']]);
$router->get( '/{id}/restaurantes/', ['as' => 'users.get_restaurantes', 'uses' => 'UsuariosController@getRestaurantes', 'middleware' => ['role:admin|global_admin']]); $router->get( '/{id}/restaurantes/', ['as' => 'users.get_restaurantes', 'uses' => 'UsuariosController@getRestaurantes', 'middleware' => ['role:admin|global_admin', 'is_colega']]);
$router->put( '/{id}/restaurantes/{restaurant}', ['as' => 'users.add_to_restaurant', 'uses' => 'UsuariosController@addToRestaurant', 'middleware' => ['role:admin|global_admin']]); $router->put( '/{id}/restaurantes/{restaurant}', ['as' => 'users.add_to_restaurant', 'uses' => 'UsuariosController@addToRestaurant', 'middleware' => ['role:admin|global_admin', 'is_colega']]);
$router->delete('/{id}/restaurantes/{restaurant}', ['as' => 'users.remove_from_restaurant', 'uses' => 'UsuariosController@removeFromRestaurant', 'middleware' => ['role:admin|global_admin']]); $router->delete('/{id}/restaurantes/{restaurant}', ['as' => 'users.remove_from_restaurant', 'uses' => 'UsuariosController@removeFromRestaurant', 'middleware' => ['role:admin|global_admin', 'is_colega']]);
}); });
$router->group(['prefix' => '/restaurantes'], function () use ($router) { $router->group(['prefix' => '/restaurantes'], function () use ($router) {

37
database/init/00-schema.sql
View File

@@ -7,8 +7,6 @@ drop view if exists bodega_actual cascade;
drop table if exists usuarios_restaurantes cascade; drop table if exists usuarios_restaurantes cascade;
drop table if exists productores cascade; drop table if exists productores cascade;
drop table if exists recaudadores cascade;
drop table if exists administradores cascade;
drop table if exists recetas cascade; drop table if exists recetas cascade;
drop table if exists facturas cascade; drop table if exists facturas cascade;
drop table if exists compra_ingredientes cascade; drop table if exists compra_ingredientes cascade;
@@ -23,7 +21,6 @@ drop table if exists productos cascade;
drop table if exists categorias cascade; drop table if exists categorias cascade;
drop table if exists zonas_produccion cascade; drop table if exists zonas_produccion cascade;
drop table if exists ventas cascade; drop table if exists ventas cascade;
drop table if exists meseros cascade;
drop table if exists usuarios cascade; drop table if exists usuarios cascade;
drop table if exists canales_venta cascade; drop table if exists canales_venta cascade;
drop table if exists sectores cascade; drop table if exists sectores cascade;
@@ -92,33 +89,6 @@ create table productores
deleted_at timestamptz deleted_at timestamptz
); );
create table recaudadores
(
id uuid primary key default gen_random_uuid(),
usuario_id uuid references usuarios,
created_at timestamptz not null default current_timestamp,
updated_at timestamptz not null default current_timestamp,
deleted_at timestamptz
);
create table meseros
(
id uuid primary key default gen_random_uuid(),
usuario_id uuid references usuarios,
created_at timestamptz not null default current_timestamp,
updated_at timestamptz not null default current_timestamp,
deleted_at timestamptz
);
create table administradores
(
id uuid primary key default gen_random_uuid(),
usuario_id uuid references usuarios,
created_at timestamptz not null default current_timestamp,
updated_at timestamptz not null default current_timestamp,
deleted_at timestamptz
);
create table ingredientes create table ingredientes
( (
id uuid primary key default gen_random_uuid(), id uuid primary key default gen_random_uuid(),
@@ -277,7 +247,7 @@ create table ventas
( (
id uuid primary key default gen_random_uuid(), id uuid primary key default gen_random_uuid(),
tiempo_venta timestamptz, tiempo_venta timestamptz,
mesero_id uuid references meseros, usuario_id uuid references usuarios,
canal_id uuid references canales_venta, canal_id uuid references canales_venta,
restaurante_id uuid references restaurantes, restaurante_id uuid references restaurantes,
medio_pago_id uuid references medios_pago, medio_pago_id uuid references medios_pago,
@@ -359,9 +329,6 @@ create index categorias_restaurante_id on categorias (restaurante_id);
create index zonas_produccion_restaurante_id on zonas_produccion (restaurante_id); create index zonas_produccion_restaurante_id on zonas_produccion (restaurante_id);
create index productores_usuario_id on productores (usuario_id); create index productores_usuario_id on productores (usuario_id);
create index productores_zona_produccion_id on productores (zona_produccion_id); create index productores_zona_produccion_id on productores (zona_produccion_id);
create index recaudadores_usuario_id on recaudadores (usuario_id);
create index meseros_usuario_id on meseros (usuario_id);
create index administradores_usuario_id on administradores (usuario_id);
create index ingredientes_restaurante_id on ingredientes (restaurante_id); create index ingredientes_restaurante_id on ingredientes (restaurante_id);
create index productos_categoria_id on productos (categoria_id); create index productos_categoria_id on productos (categoria_id);
create index productos_zona_produccion_id on productos (zona_produccion_id); create index productos_zona_produccion_id on productos (zona_produccion_id);
@@ -376,8 +343,8 @@ create index sectores_restaurante_id on sectores (restaurante_id);
create index canales_venta_sector_id on canales_venta (sector_id); create index canales_venta_sector_id on canales_venta (sector_id);
create index canales_venta_tipo_canal_id on canales_venta (tipo_canal_id); create index canales_venta_tipo_canal_id on canales_venta (tipo_canal_id);
create index canales_venta_restaurante_id on canales_venta (restaurante_id); create index canales_venta_restaurante_id on canales_venta (restaurante_id);
create index ventas_mesero_id on ventas (mesero_id);
create index ventas_canal_id on ventas (canal_id); create index ventas_canal_id on ventas (canal_id);
create index ventas_usuario_id on ventas (usuario_id);
create index ventas_restaurante_id on ventas (restaurante_id); create index ventas_restaurante_id on ventas (restaurante_id);
create index boletas_electronicas_venta_id on boletas_electronicas (venta_id); create index boletas_electronicas_venta_id on boletas_electronicas (venta_id);
create index boletas_electronicas_restaurante_id on boletas_electronicas (restaurante_id); create index boletas_electronicas_restaurante_id on boletas_electronicas (restaurante_id);

BIN
database/modelo.vpp
View File

Binary file not shown.

1
database/modifications/06-cajas-has-restaurant.sql Normal file
View File

@@ -0,0 +1 @@
alter table cajas add column restaurante_id uuid references restaurantes;