From 7eeb1737abb0fb4df89df23896ac612752ade8a4 Mon Sep 17 00:00:00 2001 From: Bryce Covert Date: Tue, 26 Jan 2021 09:52:28 -0800 Subject: [PATCH] adding power user role. --- src/clj/auto_ap/datomic/migrate.clj | 8 ++++--- src/clj/auto_ap/graphql/transactions.clj | 21 ++++++++++++------- src/clj/auto_ap/graphql/users.clj | 1 + src/clj/auto_ap/graphql/utils.clj | 7 ++++++- src/cljs/auto_ap/subs.cljs | 7 +++++++ .../auto_ap/views/pages/admin/users/form.cljs | 3 ++- .../views/pages/transactions/form.cljs | 12 ++++++----- 7 files changed, 42 insertions(+), 17 deletions(-) diff --git a/src/clj/auto_ap/datomic/migrate.clj b/src/clj/auto_ap/datomic/migrate.clj index 0e1fc0e6..3fdc47a7 100644 --- a/src/clj/auto_ap/datomic/migrate.clj +++ b/src/clj/auto_ap/datomic/migrate.clj @@ -167,7 +167,7 @@ :requires [:auto-ap/add-hidden-to-vendor]} #_#_:auto-ap/convert-invoices {:txes-fn `add-general-ledger/convert-invoices :requires [:auto-ap/convert-vendors]} - :auto-ap/add-yodlee-merchant2 {:txes add-general-ledger/add-yodlee-merchant :requires [:auto-ap/convert-vendors]} + :auto-ap/add-yodlee-merchant2 {:txes add-general-ledger/add-yodlee-merchant } :auto-ap/add-external-id-to-ledger {:txes add-general-ledger/add-external-id-to-ledger :requires [:auto-ap/add-yodlee-merchant2]} :auto-ap/add-exclude-to-transaction {:txes add-general-ledger/add-exclude-to-transaction :requires [:auto-ap/add-external-id-to-ledger]} :auto-ap/add-client-identifier2 {:txes add-client-identifier :requires [:auto-ap/make-every-account-visible]} @@ -176,7 +176,7 @@ ;; should not be needed. #_#_:auto-ap/convert-transactions {:txes-fn `add-general-ledger/convert-transactions :requires [:auto-ap/add-bank-account-locations]} - :auto-ap/add-exclude-to-invoice {:txes add-general-ledger/add-exclude-to-invoice :requires [:auto-ap/convert-transactions]} + :auto-ap/add-exclude-to-invoice {:txes add-general-ledger/add-exclude-to-invoice } :auto-ap/add-terms {:txes [[{:db/ident :vendor/terms :db/doc "How many days till you pay" :db/valueType :db.type/long @@ -331,7 +331,9 @@ {:db/ident :vendor-schedule-payment-dom/dom :db/doc "What day of the month" :db/valueType :db.type/long - :db/cardinality :db.cardinality/one}]]}} + :db/cardinality :db.cardinality/one}]]} + :auto-ap/add-power-user-schema {:txes [[{:db/ident :user-role/power-user}]]}} + sales/norms-map clients/norms-map diff --git a/src/clj/auto_ap/graphql/transactions.clj b/src/clj/auto_ap/graphql/transactions.clj index 79012012..46266d53 100644 --- a/src/clj/auto_ap/graphql/transactions.clj +++ b/src/clj/auto_ap/graphql/transactions.clj @@ -13,6 +13,7 @@ [->graphql <-graphql assert-admin + assert-power-user assert-can-see-client enum->keyword ident->enum-f @@ -84,8 +85,10 @@ {:message (str "Succesfully deleted " (count all-ids) " transactions.")})) (defn get-potential-autopay-invoices-matches [context args value] - (assert-admin (:id context)) - (let [transaction (d-transactions/get-by-id (:transaction_id args))] + (assert-power-user (:id context)) + + (let [transaction (d-transactions/get-by-id (:transaction_id args)) + _ (assert-can-see-client (:id context) (:transaction/client transaction) )] (let [matches-set (import/match-transaction-to-unfulfilled-autopayments (:transaction/amount transaction) (:db/id (:transaction/client transaction)))] @@ -94,8 +97,9 @@ (d-invoices/get-by-id invoice-id))))))) (defn get-potential-unpaid-invoices-matches [context args value] - (assert-admin (:id context)) - (let [transaction (d-transactions/get-by-id (:transaction_id args))] + (assert-power-user (:id context)) + (let [transaction (d-transactions/get-by-id (:transaction_id args)) + _ (assert-can-see-client (:id context) (:transaction/client transaction) )] (let [matches-set (import/match-transaction-to-unpaid-invoices (:transaction/amount transaction) (:db/id (:transaction/client transaction)))] @@ -104,7 +108,8 @@ (d-invoices/get-by-id invoice-id))))))) (defn unlink-transaction [context args value] - (let [_ (assert-admin (:id context)) + (let [_ (assert-power-user (:id context)) + args (assoc args :id (:id context)) transaction-id (:transaction_id args) transaction (d/pull (d/db conn) @@ -113,9 +118,11 @@ :transaction/location :transaction/vendor :transaction/accounts + :transaction/client [:db/id] {:transaction/payment [{:payment/status [:db/ident]} :db/id]} ] transaction-id) + _ (assert-can-see-client (:id context) (:transaction/client transaction) ) _ (log/info "Unlinking" transaction) payment (-> transaction :transaction/payment ) is-autopay-payment? (some->> (doto (d/query {:query {:find ['?sp] @@ -296,7 +303,7 @@ ->graphql)) (defn match-transaction-autopay-invoices [context {:keys [transaction_id autopay_invoice_ids]} value] - (let [_ (assert-admin (:id context)) + (let [_ (assert-power-user (:id context)) transaction (d-transactions/get-by-id transaction_id) _ (assert-can-see-client (:id context) (:transaction/client transaction) ) db (d/db conn) @@ -334,7 +341,7 @@ ->graphql))) (defn match-transaction-unpaid-invoices [context {:keys [transaction_id unpaid_invoice_ids]} value] - (let [_ (assert-admin (:id context)) + (let [_ (assert-power-user (:id context)) transaction (d-transactions/get-by-id transaction_id) _ (assert-can-see-client (:id context) (:transaction/client transaction) ) db (d/db conn) diff --git a/src/clj/auto_ap/graphql/users.clj b/src/clj/auto_ap/graphql/users.clj index 58290ff5..bf2fc5f6 100644 --- a/src/clj/auto_ap/graphql/users.clj +++ b/src/clj/auto_ap/graphql/users.clj @@ -5,6 +5,7 @@ (def role->datomic-role {":none" :user-role/none ":admin" :user-role/admin + ":power_user" :user-role/power-user ":manager" :user-role/manager ":user" :user-role/user}) diff --git a/src/clj/auto_ap/graphql/utils.clj b/src/clj/auto_ap/graphql/utils.clj index 6699906e..e8806938 100644 --- a/src/clj/auto_ap/graphql/utils.clj +++ b/src/clj/auto_ap/graphql/utils.clj @@ -51,6 +51,11 @@ (log/warn "user " id " not an admin!") (throw-unauthorized))) +(defn assert-power-user [id] + (when-not (#{"power-user" "admin"} (:user/role id)) + (log/warn "user " id " not an power-user!") + (throw-unauthorized))) + (defn can-see-client? [identity client] (when (not client) (log/warn "WARNING - permission checking for null client")) @@ -72,7 +77,7 @@ (= (:user/role id) "admin") nil - (#{"manager" "user"} (:user/role id)) + (#{"manager" "user" "power-user"} (:user/role id)) (:user/clients id []))) (defn result->page [results result-count key args] diff --git a/src/cljs/auto_ap/subs.cljs b/src/cljs/auto_ap/subs.cljs index 10cb836b..5777b929 100644 --- a/src/cljs/auto_ap/subs.cljs +++ b/src/cljs/auto_ap/subs.cljs @@ -251,6 +251,13 @@ (fn [user] (= "admin" (:user/role user)))) +(re-frame/reg-sub + ::is-power-user? + :<- [::user] + (fn [user] + (or (= "power-user" (:user/role user)) + (= "power_user" (:user/role user))))) + (re-frame/reg-sub ::user (fn [db] diff --git a/src/cljs/auto_ap/views/pages/admin/users/form.cljs b/src/cljs/auto_ap/views/pages/admin/users/form.cljs index c4db41a7..3942de13 100644 --- a/src/cljs/auto_ap/views/pages/admin/users/form.cljs +++ b/src/cljs/auto_ap/views/pages/admin/users/form.cljs @@ -91,8 +91,9 @@ [:option {:value ":none"} "None"] [:option {:value ":user"} "User"] [:option {:value ":manager"} "Manager"] + [:option {:value ":power_user"} "Power User"] [:option {:value ":admin"} "Admin"]]]]]] - (when (#{":user" ":manager"} (:role data)) + (when (#{":user" ":manager" ":power_user"} (:role data)) [:div.field [:p.help "Clients"] [:div.control diff --git a/src/cljs/auto_ap/views/pages/transactions/form.cljs b/src/cljs/auto_ap/views/pages/transactions/form.cljs index 54389a64..4ac2092c 100644 --- a/src/cljs/auto_ap/views/pages/transactions/form.cljs +++ b/src/cljs/auto_ap/views/pages/transactions/form.cljs @@ -331,7 +331,9 @@ locations @(re-frame/subscribe [::subs/locations-for-client (:id (:client data))]) {:keys [form-inline form field raw-field error-notification submit-button ]} transaction-form is-admin? @(re-frame/subscribe [::subs/is-admin?]) - should-disable-for-client? (and (not is-admin?) + is-power-user? @(re-frame/subscribe [::subs/is-power-user?]) + + should-disable-for-client? (and (not (or is-admin? is-power-user?)) (not= :requires-feedback (:original-status data))) is-already-matched? (:payment data)] (form-inline {:title "Transaction"} @@ -368,7 +370,7 @@ (when (and (:payment data) - is-admin?) + (or is-admin? is-power-user?)) [:p.notification.is-info.is-light>div.level>div.level-left [:div.level-item "This transaction is linked to a payment "] [:div.level-item [:button.button.is-warning {:on-click (dispatch-event [::unlink])} "Unlink"]]]) @@ -383,21 +385,21 @@ (when (and (seq (:potential-autopay-invoices-matches data)) #_(not is-already-matched?) - is-admin?) + (or is-admin? is-power-user?)) [tab {:title "Autopay Invoices" :key :autopay-invoices} [potential-autopay-invoices-matches-box {:potential-autopay-invoices-matches (:potential-autopay-invoices-matches data)}]]) (when (and (seq (:potential-unpaid-invoices-matches data)) (not is-already-matched?) - is-admin?) + (or is-admin? is-power-user?)) [tab {:title "Unpaid Invoices" :key :unpaid-invoices} [potential-unpaid-invoices-matches-box {:potential-unpaid-invoices-matches (:potential-unpaid-invoices-matches data)}]]) (when (and (seq (:potential-payment-matches data)) (not is-already-matched?) - ) + (or is-admin? is-power-user?)) [tab {:title "Payment" :key :payment} [potential-payment-matches-box {:potential-payment-matches (:potential-payment-matches data)}]])