nadeocfg · ironslee · May 20, 2024 · May 26, 2024
diff --git a/backend/controllers/customers.controller.ts b/backend/controllers/customers.controller.ts
@@ -4,6 +4,7 @@ import dotenv from 'dotenv';
 import format from 'pg-format';
 import moment from 'moment';
 import { UserRequest } from '../../global';
+import { UserRolesEnum } from '../../frontend/src/models/userModel';
 
 dotenv.config();
 
@@ -171,8 +172,8 @@ const updateCustomer = async (
   try {
     if (
       request.user &&
-      request.user.roleCode !== 'ADMIN' &&
-      request.user.roleCode !== 'SUPER_ADMIN'
+      request.user.roleCode !== UserRolesEnum.ADMIN &&
+      request.user.roleCode !== UserRolesEnum.SUPER_ADMIN
     ) {
       return response.status(401).json({
         message: `Current user don't have permission to this request`,

diff --git a/backend/controllers/dashboard.controller.ts b/backend/controllers/dashboard.controller.ts
@@ -2,6 +2,8 @@ import { NextFunction, Response } from 'express';
 import db from '../config/db';
 import dotenv from 'dotenv';
 import { UserRequest } from '../../global';
+import { UserRolesEnum } from '../../frontend/src/models/userModel';
+import { OrderStatusEnum } from '../../frontend/src/models/orderModel';
 
 dotenv.config();
 
@@ -15,8 +17,8 @@ const getOrdersInfo = async (
 ) => {
   try {
     const isAdmin =
-      request.user?.roleCode === 'ADMIN' ||
-      request.user?.roleCode === 'SUPER_ADMIN';
+      request.user?.roleCode === UserRolesEnum.ADMIN ||
+      request.user?.roleCode === UserRolesEnum.SUPER_ADMIN;
 
     const ordersCount = isAdmin
       ? await db.query(
@@ -52,7 +54,7 @@ const getOrdersInfo = async (
           "${process.env.DB_NAME}".orders
         WHERE
           orders."isActive" = true AND
-          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = 'SERVICE_DONE');
+          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = '${OrderStatusEnum.SERVICE_DONE}');
           ;
       `,
           []
@@ -66,7 +68,7 @@ const getOrdersInfo = async (
         WHERE
           orders."isActive" = true AND
           orders."serviceManId" = $1 AND
-          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = 'SERVICE_DONE');
+          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = '${OrderStatusEnum.SERVICE_DONE}');
       `,
           [request.user?.id]
         );
@@ -80,7 +82,7 @@ const getOrdersInfo = async (
           "${process.env.DB_NAME}".orders
         WHERE
           orders."isActive" = true AND
-          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = 'IN_PROGRESS');
+          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = '${OrderStatusEnum.IN_PROGRESS}');
           ;
       `,
           []
@@ -94,7 +96,7 @@ const getOrdersInfo = async (
         WHERE
           orders."isActive" = true AND
           orders."serviceManId" = $1 AND
-          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = 'IN_PROGRESS');
+          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = '${OrderStatusEnum.IN_PROGRESS}');
       `,
           [request.user?.id]
         );
@@ -108,7 +110,7 @@ const getOrdersInfo = async (
           "${process.env.DB_NAME}".orders
         WHERE
           orders."isActive" = true AND
-          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = 'CREATED');
+          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = '${OrderStatusEnum.CREATED}');
           ;
       `,
           []
@@ -122,7 +124,7 @@ const getOrdersInfo = async (
         WHERE
           orders."isActive" = true AND
           orders."serviceManId" = $1 AND
-          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = 'CREATED');
+          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = '${OrderStatusEnum.CREATED}');
       `,
           [request.user?.id]
         );
@@ -136,7 +138,7 @@ const getOrdersInfo = async (
           "${process.env.DB_NAME}".orders
         WHERE
           orders."isActive" = true AND
-          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = 'CANCELED');
+          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = '${OrderStatusEnum.CANCELED}');
           ;
       `,
           []
@@ -150,7 +152,7 @@ const getOrdersInfo = async (
         WHERE
           orders."isActive" = true AND
           orders."serviceManId" = $1 AND
-          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = 'CANCELED');
+          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = '${OrderStatusEnum.CANCELED}');
       `,
           [request.user?.id]
         );
@@ -164,7 +166,7 @@ const getOrdersInfo = async (
           "${process.env.DB_NAME}".orders
         WHERE
           orders."isActive" = true AND
-          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = 'ON_HOLD');
+          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = '${OrderStatusEnum.ON_HOLD}');
           ;
       `,
           []
@@ -178,7 +180,7 @@ const getOrdersInfo = async (
         WHERE
           orders."isActive" = true AND
           orders."serviceManId" = $1 AND
-          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = 'ON_HOLD');
+          orders.status = (SELECT id FROM "${process.env.DB_NAME}"."dictOrderStatuses" WHERE code = '${OrderStatusEnum.ON_HOLD}');
       `,
           [request.user?.id]
         );
@@ -209,8 +211,8 @@ const getCashInfo = async (
 ) => {
   try {
     const isAdmin =
-      request.user?.roleCode === 'ADMIN' ||
-      request.user?.roleCode === 'SUPER_ADMIN';
+      request.user?.roleCode === UserRolesEnum.ADMIN ||
+      request.user?.roleCode === UserRolesEnum.SUPER_ADMIN;
 
     if (isAdmin) {
       const readySum = await db.query(

diff --git a/backend/controllers/orders.controller.ts b/backend/controllers/orders.controller.ts
@@ -4,6 +4,8 @@ import dotenv from 'dotenv';
 import format from 'pg-format';
 import moment from 'moment';
 import { UserRequest } from '../../global';
+import { UserRolesEnum } from '../../frontend/src/models/userModel';
+import { OrderStatusEnum } from '../../frontend/src/models/orderModel';
 
 dotenv.config();
 
@@ -81,7 +83,7 @@ const createOrder = async (
         RETURNING
           *;
       `,
-      [insertOrder.rows[0].id, 'CREATED', comment, createdBy]
+      [insertOrder.rows[0].id, OrderStatusEnum.CREATED, comment, createdBy]
     );
 
     let partsTotal: number = 0;
@@ -268,8 +270,8 @@ const updateOrder = async (
 
     for (let i = 0; i < checkStatus.rows.length; i += 1) {
       if (
-        request.user?.roleCode !== 'SUPER_ADMIN' &&
-        request.user?.roleCode !== 'ADMIN' &&
+        request.user?.roleCode !== UserRolesEnum.SUPER_ADMIN &&
+        request.user?.roleCode !== UserRolesEnum.ADMIN &&
         checkStatus.rows[i].serviceManId !== request.user?.id
       ) {
         return response.status(400).json({
@@ -278,8 +280,8 @@ const updateOrder = async (
       }
 
       if (
-        checkStatus.rows[i].code === 'DONE' ||
-        checkStatus.rows[i].code === 'CANCELED'
+        checkStatus.rows[i].code === OrderStatusEnum.DONE ||
+        checkStatus.rows[i].code === OrderStatusEnum.CANCELED
       ) {
         return response.status(400).json({
           message: `Order cannot be edit on status DONE or CANCELED`,
@@ -532,8 +534,8 @@ const getOrderById = async (
 
     if (
       getOrderById.rows[0]?.serviceManId !== user?.id &&
-      user?.roleCode !== 'SUPER_ADMIN' &&
-      user?.roleCode !== 'ADMIN'
+      user?.roleCode !== UserRolesEnum.SUPER_ADMIN &&
+      user?.roleCode !== UserRolesEnum.ADMIN
     ) {
       return response.status(401).json({
         message: 'Нет доступа к заказу',
@@ -819,7 +821,10 @@ const getOrders = async (
     let orders = [];
     let total = null;
 
-    if (roleCode === 'ADMIN' || roleCode === 'SUPER_ADMIN') {
+    if (
+      roleCode === UserRolesEnum.ADMIN ||
+      roleCode === UserRolesEnum.SUPER_ADMIN
+    ) {
       const query = `
         SELECT
           orders.id,
@@ -1199,14 +1204,14 @@ const getOrderActions = async (
       [id]
     );
 
-    if (order.rows[0]?.statusCode === 'DONE') {
+    if (order.rows[0]?.statusCode === OrderStatusEnum.DONE) {
       return response.json([]);
     }
 
     if (
       order.rows[0]?.serviceManId !== user?.id &&
-      user?.roleCode !== 'SUPER_ADMIN' &&
-      user?.roleCode !== 'ADMIN'
+      user?.roleCode !== UserRolesEnum.SUPER_ADMIN &&
+      user?.roleCode !== UserRolesEnum.ADMIN
     ) {
       return response.status(401).json({
         message: 'Нет доступа к изменению статуса',
@@ -1230,9 +1235,9 @@ const getOrderActions = async (
     );
 
     if (
-      availableStatuses.rows[0]?.availableOn === 'SERVICE_DONE' &&
-      user?.roleCode !== 'SUPER_ADMIN' &&
-      user?.roleCode !== 'ADMIN'
+      availableStatuses.rows[0]?.availableOn === OrderStatusEnum.SERVICE_DONE &&
+      user?.roleCode !== UserRolesEnum.SUPER_ADMIN &&
+      user?.roleCode !== UserRolesEnum.ADMIN
     ) {
       return response.json([]);
     }
@@ -1287,8 +1292,8 @@ const executeAction = async (
 
     if (
       order.rows[0]?.serviceManId !== user?.id &&
-      user?.roleCode !== 'SUPER_ADMIN' &&
-      user?.roleCode !== 'ADMIN'
+      user?.roleCode !== UserRolesEnum.SUPER_ADMIN &&
+      user?.roleCode !== UserRolesEnum.ADMIN
     ) {
       return response.status(401).json({
         message: 'Нет доступа к изменению статуса',
@@ -1302,7 +1307,7 @@ const executeAction = async (
         SET
           status = $1,
           "updatedDate" = NOW()
-          ${code === 'DONE' ? ', "doneDate" = NOW()' : ''}
+          ${code === OrderStatusEnum.DONE ? ', "doneDate" = NOW()' : ''}
         WHERE
           orders.id = $2
         RETURNING
@@ -1311,8 +1316,8 @@ const executeAction = async (
       [getStatusInfo.rows[0].id, orderId]
     );
 
-    // UPDATE CASH TABLE IF ORDER STATUS === 'DONE'
-    if (code === 'DONE') {
+    // UPDATE CASH TABLE IF ORDER STATUS === OrderStatusEnum.DONE
+    if (code === OrderStatusEnum.DONE) {
       const paidOutSum = await db.query(
         `
           SELECT
@@ -1388,8 +1393,8 @@ const executeAction = async (
       [orderId, getStatusInfo.rows[0].id, comment, user?.id || 1]
     );
 
-    // Return quantity, if code === 'CANCELED'
-    if (code === 'CANCELED') {
+    // Return quantity, if code === OrderStatusEnum.CANCELED
+    if (code === OrderStatusEnum.CANCELED) {
       const disableOldSoldParts = await db.query(
         `
           SELECT

diff --git a/backend/controllers/paidOuts.controller.ts b/backend/controllers/paidOuts.controller.ts
@@ -3,6 +3,8 @@ import db from '../config/db';
 import dotenv from 'dotenv';
 import moment from 'moment';
 import { UserRequest } from '../../global';
+import { UserRolesEnum } from '../../frontend/src/models/userModel';
+import { OrderStatusEnum } from '../../frontend/src/models/orderModel';
 
 dotenv.config();
 
@@ -37,8 +39,8 @@ const getPaidsByUser = async (
     let getPaidsByUser = null;
 
     if (
-      request.user?.roleCode === 'ADMIN' ||
-      request.user?.roleCode === 'SUPER_ADMIN'
+      request.user?.roleCode === UserRolesEnum.ADMIN ||
+      request.user?.roleCode === UserRolesEnum.SUPER_ADMIN
     ) {
       getPaidsByUser = await db.query(
         `
@@ -63,7 +65,7 @@ const getPaidsByUser = async (
               FROM
                 "${process.env.DB_NAME}"."dictOrderStatuses" as status
               WHERE
-                status.code = 'DONE'
+                status.code = '${OrderStatusEnum.DONE}'
             )
             ${
               searchValue
@@ -104,7 +106,7 @@ const getPaidsByUser = async (
               FROM
                 "${process.env.DB_NAME}"."dictOrderStatuses" as status
               WHERE
-                status.code = 'DONE'
+                status.code = '${OrderStatusEnum.DONE}'
             )
             ${
               searchValue
@@ -160,8 +162,8 @@ const getPaidsByUser = async (
     let total = null;
 
     if (
-      request.user?.roleCode === 'ADMIN' ||
-      request.user?.roleCode === 'SUPER_ADMIN'
+      request.user?.roleCode === UserRolesEnum.ADMIN ||
+      request.user?.roleCode === UserRolesEnum.SUPER_ADMIN
     ) {
       total = await db.query(
         `
@@ -180,7 +182,7 @@ const getPaidsByUser = async (
               FROM
                 "${process.env.DB_NAME}"."dictOrderStatuses" as status
               WHERE
-                status.code = 'DONE'
+                status.code = '${OrderStatusEnum.DONE}'
             );
         `
       );
@@ -204,7 +206,7 @@ const getPaidsByUser = async (
               FROM
                 "${process.env.DB_NAME}"."dictOrderStatuses" as status
               WHERE
-                status.code = 'DONE'
+                status.code = '${OrderStatusEnum.DONE}'
             );
         `,
         [userId]

diff --git a/backend/controllers/tgBot.controller.ts b/backend/controllers/tgBot.controller.ts
@@ -4,6 +4,7 @@ import db from '../config/db';
 import dotenv from 'dotenv';
 import axios from 'axios';
 import { UserRequest } from '../../global';
+import { UserRolesEnum } from '../../frontend/src/models/userModel';
 
 dotenv.config();
 
@@ -50,8 +51,8 @@ const sendUpdateOrderStatusMessage = async (
           "${process.env.DB_NAME}"."users" as users
         WHERE
           users.id = $1 OR
-          users."roleId" = (SELECT id FROM "service-crm"."dictRoles" WHERE code = 'ADMIN') OR
-          users."roleId" = (SELECT id FROM "service-crm"."dictRoles" WHERE code = 'SUPER_ADMIN');
+          users."roleId" = (SELECT id FROM "service-crm"."dictRoles" WHERE code = '${UserRolesEnum.ADMIN}') OR
+          users."roleId" = (SELECT id FROM "service-crm"."dictRoles" WHERE code = '${UserRolesEnum.SUPER_ADMIN}');
       `,
       [serviceManId.rows[0].serviceManId]
     );
@@ -157,8 +158,8 @@ const sendCreateOrderMessage = async (
           "${process.env.DB_NAME}"."users" as users
         WHERE
           users.id = $1 OR
-          users."roleId" = (SELECT id FROM "service-crm"."dictRoles" WHERE code = 'ADMIN') OR
-          users."roleId" = (SELECT id FROM "service-crm"."dictRoles" WHERE code = 'SUPER_ADMIN');
+          users."roleId" = (SELECT id FROM "service-crm"."dictRoles" WHERE code = '${UserRolesEnum.ADMIN}') OR
+          users."roleId" = (SELECT id FROM "service-crm"."dictRoles" WHERE code = '${UserRolesEnum.SUPER_ADMIN}');
       `,
       [serviceManId.rows[0].serviceManId]
     );
@@ -266,8 +267,8 @@ const sendUpdateOrderMessage = async (
           "${process.env.DB_NAME}"."users" as users
         WHERE
           users.id = $1 OR
-          users."roleId" = (SELECT id FROM "service-crm"."dictRoles" WHERE code = 'ADMIN') OR
-          users."roleId" = (SELECT id FROM "service-crm"."dictRoles" WHERE code = 'SUPER_ADMIN');
+          users."roleId" = (SELECT id FROM "service-crm"."dictRoles" WHERE code = '${UserRolesEnum.ADMIN}') OR
+          users."roleId" = (SELECT id FROM "service-crm"."dictRoles" WHERE code = '${UserRolesEnum.SUPER_ADMIN}');
       `,
       [serviceManId.rows[0].serviceManId]
     );