From a6c0c7294bede2cea24fded1d52915dc35e4e30a Mon Sep 17 00:00:00 2001 From: ajugo Date: Tue, 9 Jan 2024 09:37:50 +0100 Subject: [PATCH] Improve objects loading and permissions checking for repository rows [SCI-9763] (#6875) --- .../repositories/repository_datatable.js | 1 + .../sitewide/repository_row_card.js | 2 + .../javascripts/sitewide/zebra_print.js | 3 +- app/controllers/repository_rows_controller.rb | 53 +++++++------------ .../RepositoryItemSidebar.vue | 3 +- .../vue/repository_print_modal/container.vue | 15 ++++-- .../label_templates/repository_row_service.rb | 3 +- .../_label_printer_modal.html.erb | 9 ++-- app/views/repositories/show.html.erb | 2 +- config/routes.rb | 18 +++---- 10 files changed, 54 insertions(+), 55 deletions(-) diff --git a/app/assets/javascripts/repositories/repository_datatable.js b/app/assets/javascripts/repositories/repository_datatable.js index 1e02d0284..0f7285c4c 100644 --- a/app/assets/javascripts/repositories/repository_datatable.js +++ b/app/assets/javascripts/repositories/repository_datatable.js @@ -1144,6 +1144,7 @@ var RepositoryDatatable = (function(global) { clearRowSelection(); }, selectedRows: () => { return rowsSelected; }, + repositoryId: () => $(TABLE_ID).data('repository-id'), redrawTableOnSidebarToggle: redrawTableOnSidebarToggle, checkAvailableColumns: checkAvailableColumns }); diff --git a/app/assets/javascripts/sitewide/repository_row_card.js b/app/assets/javascripts/sitewide/repository_row_card.js index 8f837afac..0fdb8c3f6 100644 --- a/app/assets/javascripts/sitewide/repository_row_card.js +++ b/app/assets/javascripts/sitewide/repository_row_card.js @@ -33,8 +33,10 @@ PrintModalComponent.openModal(); if (selectedRows && selectedRows.length) { $('#modal-info-repository-row').modal('hide'); + PrintModalComponent.repository_id = $(this).data('repositoryId'); PrintModalComponent.row_ids = selectedRows; } else { + PrintModalComponent.repository_id = RepositoryDatatable.repositoryId(); PrintModalComponent.row_ids = [...RepositoryDatatable.selectedRows()]; } } diff --git a/app/assets/javascripts/sitewide/zebra_print.js b/app/assets/javascripts/sitewide/zebra_print.js index 23cb1ebce..25d94b5d1 100644 --- a/app/assets/javascripts/sitewide/zebra_print.js +++ b/app/assets/javascripts/sitewide/zebra_print.js @@ -178,7 +178,8 @@ var zebraPrint = (function() { printer_name: string, number_of_copies: int, label_template_id: int, - repository_row_ids: array[] + repository_row_ids: array[], + repository_id: int } */ print: function(modalUrl, progressModal, printModal, printData) { diff --git a/app/controllers/repository_rows_controller.rb b/app/controllers/repository_rows_controller.rb index 1aba073bb..239e948a3 100644 --- a/app/controllers/repository_rows_controller.rb +++ b/app/controllers/repository_rows_controller.rb @@ -5,18 +5,15 @@ class RepositoryRowsController < ApplicationController include MyModulesHelper include RepositoryDatatableHelper - MAX_PRINTABLE_ITEM_NAME_LENGTH = 64 - before_action :load_repository, except: %i(show print rows_to_print print_zpl - validate_label_template_columns actions_toolbar) - before_action :load_repository_row_print, only: %i(print rows_to_print print_zpl validate_label_template_columns) - before_action :load_show_vars, only: %i(show) - before_action :load_repository_or_snapshot, only: %i(print rows_to_print print_zpl validate_label_template_columns) - before_action :load_repository_row, only: %i(update update_cell assigned_task_list + before_action :load_repository, except: %i(show print rows_to_print print_zpl validate_label_template_columns) + before_action :load_repository_or_snapshot, only: %i(show print rows_to_print print_zpl + validate_label_template_columns) + before_action :load_repository_row, only: %i(show update update_cell assigned_task_list active_reminder_repository_cells relationships) - before_action :check_read_permissions, except: %i(create update delete_records - copy_records reminder_repository_cells - delete_records archive_records restore_records - actions_toolbar) + before_action :load_repository_rows, only: %i(print rows_to_print print_zpl validate_label_template_columns) + + before_action :check_read_permissions, except: %i(create update update_cell delete_records + copy_records archive_records restore_records) before_action :check_snapshotting_status, only: %i(create update delete_records copy_records) before_action :check_create_permissions, only: :create before_action :check_delete_permissions, only: %i(delete_records archive_records restore_records) @@ -101,7 +98,7 @@ class RepositoryRowsController < ApplicationController def validate_label_template_columns label_template = LabelTemplate.where(team_id: current_team.id).find(params[:label_template_id]) - label_code = LabelTemplates::RepositoryRowService.new(label_template, @repository_row.first).render + label_code = LabelTemplates::RepositoryRowService.new(label_template, @repository_rows.first).render if label_code[:error].empty? render json: { label_code: label_code[:label] } else @@ -111,7 +108,7 @@ class RepositoryRowsController < ApplicationController def print_zpl label_template = LabelTemplate.find_by(id: params[:label_template_id]) - labels = @repository_row.flat_map do |repository_row| + labels = @repository_rows.flat_map do |repository_row| LabelTemplates::RepositoryRowService.new(label_template, repository_row).render[:label] end @@ -128,7 +125,7 @@ class RepositoryRowsController < ApplicationController end def rows_to_print - render json: @repository_row, each_serializer: RepositoryRowSerializer, user: current_user + render json: @repository_rows, each_serializer: RepositoryRowSerializer, user: current_user end def print @@ -141,7 +138,7 @@ class RepositoryRowsController < ApplicationController label_printer = LabelPrinter.find(params[:label_printer_id]) label_template = LabelTemplate.find_by(id: params[:label_template_id]) - job_ids = @repository_row.flat_map do |repository_row| + job_ids = @repository_rows.flat_map do |repository_row| LabelPrinters::PrintJob.perform_later( label_printer, LabelTemplates::RepositoryRowService.new(label_template, @@ -369,26 +366,10 @@ class RepositoryRowsController < ApplicationController render_404 unless @repository end - def load_repository_row_print - @repository_row = RepositoryRow.where(id: params[:rows]) - - render_404 unless @repository_row - end - def load_repository_or_snapshot - @repository = Repository.accessible_by_teams(current_team).find_by(id: @repository_row&.first&.repository_id) - @repository ||= RepositorySnapshot.find_by(id: @repository_row&.first&.repository_id) - - render_404 unless @repository - end - - def load_show_vars - @repository = Repository.accessible_by_teams(current_team).find_by(id: params[:repository_id]) - @repository ||= RepositorySnapshot.find_by(id: params[:repository_id]) + @repository = Repository.accessible_by_teams(current_team).find_by(id: params[:repository_id]) || + RepositorySnapshot.find_by(id: params[:repository_id]) return render_404 unless @repository - - @repository_row = @repository.repository_rows.eager_load(:repository_columns).find_by(id: params[:id]) - render_404 unless @repository_row end def load_repository_row @@ -396,6 +377,12 @@ class RepositoryRowsController < ApplicationController render_404 unless @repository_row end + def load_repository_rows + @repository_rows = @repository.repository_rows.eager_load(:repository_columns).where(id: params[:row_ids]) + + render_404 if @repository_rows.blank? + end + def check_read_permissions render_403 unless can_read_repository?(@repository) end diff --git a/app/javascript/vue/repository_item_sidebar/RepositoryItemSidebar.vue b/app/javascript/vue/repository_item_sidebar/RepositoryItemSidebar.vue index 4892250b1..0a8b2744a 100644 --- a/app/javascript/vue/repository_item_sidebar/RepositoryItemSidebar.vue +++ b/app/javascript/vue/repository_item_sidebar/RepositoryItemSidebar.vue @@ -308,7 +308,8 @@
diff --git a/app/javascript/vue/repository_print_modal/container.vue b/app/javascript/vue/repository_print_modal/container.vue index 491e82ab4..bcd560ffb 100644 --- a/app/javascript/vue/repository_print_modal/container.vue +++ b/app/javascript/vue/repository_print_modal/container.vue @@ -99,6 +99,7 @@ export default { props: { showModal: Boolean, row_ids: Array, + repository_id: Number, urls: Object }, data() { @@ -166,7 +167,7 @@ export default { } }, row_ids() { - $.get(this.urls.rows, { rows: this.row_ids }, (result) => { + $.get(this.urls.rows, { repository_id: this.repository_id, row_ids: this.row_ids }, (result) => { this.rows = result.data; }); } @@ -194,7 +195,11 @@ export default { validateTemplate() { if (!this.selectedTemplate || this.row_ids.length == 0) return; - $.post(this.urls.printValidation, { label_template_id: this.selectedTemplate.id, rows: this.row_ids }, (result) => { + $.post(this.urls.printValidation, { + repository_id: this.repository_id, + label_template_id: this.selectedTemplate.id, + row_ids: this.row_ids + }, (result) => { this.labelTemplateError = null; this.labelTemplateCode = result.label_code; }).fail((result) => { @@ -213,12 +218,14 @@ export default { printer_name: this.selectedPrinter.attributes.name, number_of_copies: this.copies, label_template_id: this.selectedTemplate.id, - rows: this.row_ids + row_ids: this.row_ids, + repository_id: this.repository_id } ); } else { $.post(this.urls.print, { - rows: this.row_ids, + row_ids: this.row_ids, + repository_id: this.repository_id, label_printer_id: this.selectedPrinter.id, label_template_id: this.selectedTemplate.id, copies: this.copies diff --git a/app/services/label_templates/repository_row_service.rb b/app/services/label_templates/repository_row_service.rb index 2b27a6292..912386e0e 100644 --- a/app/services/label_templates/repository_row_service.rb +++ b/app/services/label_templates/repository_row_service.rb @@ -11,7 +11,6 @@ module LabelTemplates def initialize(label_template, repository_row) @label_template = label_template @repository_row = repository_row - @repository_columns = RepositoryColumn.where(repository_id: @repository_row.repository_id).pluck(:name) end def render @@ -48,7 +47,7 @@ module LabelTemplates case key when /^c_(.*)/ name = Regexp.last_match(1) - unless @repository_columns.include?(name) + unless @repository_row.repository_columns.find_by(name: name) raise LabelTemplates::ColumnNotFoundError, I18n.t('label_templates.repository_row.errors.column_not_found') end diff --git a/app/views/label_printers/_label_printer_modal.html.erb b/app/views/label_printers/_label_printer_modal.html.erb index cb3288a15..68579dc8b 100644 --- a/app/views/label_printers/_label_printer_modal.html.erb +++ b/app/views/label_printers/_label_printer_modal.html.erb @@ -1,16 +1,17 @@
diff --git a/app/views/repositories/show.html.erb b/app/views/repositories/show.html.erb index 818d1c1da..dbfb517a0 100644 --- a/app/views/repositories/show.html.erb +++ b/app/views/repositories/show.html.erb @@ -60,7 +60,7 @@ %>
- +
diff --git a/config/routes.rb b/config/routes.rb index 121f1b213..fef7039ca 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -673,15 +673,6 @@ Rails.application.routes.draw do resources :comments, only: %i(index create update destroy) - resources :repository_rows, only: %i() do - collection do - get :rows_to_print - post :print - get :print_zpl - post :validate_label_template_columns - get :actions_toolbar - end - end resources :repositories do post 'repository_index', to: 'repository_rows#index', @@ -739,6 +730,11 @@ Rails.application.routes.draw do get :active_reminder_repository_cells put :update_cell end + + collection do + get :actions_toolbar + end + resources :repository_row_connections, only: %i(index create destroy) member do get 'repository_stock_value/new', to: 'repository_stock_values#new', as: 'new_repository_stock' @@ -755,6 +751,10 @@ Rails.application.routes.draw do get :sidebar post 'available_rows', to: 'repository_rows#available_rows', defaults: { format: 'json' } get 'export_repository_stock_items_modal' + get :rows_to_print, to: 'repository_rows#rows_to_print' + get :print_zpl, to: 'repository_rows#print_zpl' + post :validate_label_template_columns, to: 'repository_rows#validate_label_template_columns' + post :print, to: 'repository_rows#print' end member do