From 2c8faef25cbd43ed3ebeae56a9edfb6f0062a8d0 Mon Sep 17 00:00:00 2001
From: Methapon Metanipat <methapon@frappet.com>
Date: Tue, 10 Sep 2024 17:00:21 +0700
Subject: [PATCH] feat: shared between company

---
 src/controllers/04-product-controller.ts      | 33 +++++++++++++++--
 .../04-product-group-controller.ts            | 11 ++++++
 src/controllers/04-service-controller.ts      | 37 ++++++++++++++-----
 3 files changed, 67 insertions(+), 14 deletions(-)

diff --git a/src/controllers/04-product-controller.ts b/src/controllers/04-product-controller.ts
index e1a4efb..65bebdb 100644
--- a/src/controllers/04-product-controller.ts
+++ b/src/controllers/04-product-controller.ts
@@ -41,6 +41,7 @@ function globalAllow(user: RequestWithUser["user"]) {
   return allowList.some((v) => user.roles?.includes(v));
 }
 
+const permissionCondShared = createPermCondition((_) => true);
 const permissionCond = createPermCondition(globalAllow);
 const permissionCheck = createPermCheck(globalAllow);
 
@@ -100,9 +101,21 @@ export class ProductController extends Controller {
     return await prisma.product.count({
       where: {
         productGroupId,
-        productGroup: isSystem(req.user)
+        OR: isSystem(req.user)
           ? undefined
-          : { registeredBranch: { OR: permissionCond(req.user) } },
+          : [
+              {
+                productGroup: {
+                  registeredBranch: { OR: permissionCond(req.user) },
+                },
+              },
+              {
+                shared: true,
+                productGroup: {
+                  registeredBranch: { OR: permissionCondShared(req.user) },
+                },
+              },
+            ],
       },
     });
   }
@@ -122,9 +135,21 @@ export class ProductController extends Controller {
       AND: {
         ...filterStatus(status),
         productGroupId,
-        productGroup: isSystem(req.user)
+        OR: isSystem(req.user)
           ? undefined
-          : { registeredBranch: { OR: permissionCond(req.user) } },
+          : [
+              {
+                productGroup: {
+                  registeredBranch: { OR: permissionCond(req.user) },
+                },
+              },
+              {
+                shared: true,
+                productGroup: {
+                  registeredBranch: { OR: permissionCondShared(req.user) },
+                },
+              },
+            ],
       },
     } satisfies Prisma.ProductWhereInput;
 
diff --git a/src/controllers/04-product-group-controller.ts b/src/controllers/04-product-group-controller.ts
index 2365898..362d155 100644
--- a/src/controllers/04-product-group-controller.ts
+++ b/src/controllers/04-product-group-controller.ts
@@ -226,6 +226,17 @@ export class ProductGroup extends Controller {
       );
     }
 
+    let companyBefore = (record.registeredBranch.headOffice || record.registeredBranch).code;
+    let companyAfter = branch ? (branch.headOffice || branch).code : false;
+
+    if (companyBefore && companyAfter && companyBefore !== companyAfter) {
+      throw new HttpError(
+        HttpStatus.BAD_REQUEST,
+        "Cannot move between different headoffice",
+        "crossCompanyNotPermit",
+      );
+    }
+
     const result = await prisma.productGroup.update({
       include: {
         createdBy: true,
diff --git a/src/controllers/04-service-controller.ts b/src/controllers/04-service-controller.ts
index 1d349aa..4b0d68a 100644
--- a/src/controllers/04-service-controller.ts
+++ b/src/controllers/04-service-controller.ts
@@ -42,6 +42,7 @@ function globalAllow(user: RequestWithUser["user"]) {
   return allowList.some((v) => user.roles?.includes(v));
 }
 
+const permissionCondShared = createPermCondition((_) => true);
 const permissionCond = createPermCondition(globalAllow);
 const permissionCheck = createPermCheck(globalAllow);
 
@@ -89,13 +90,21 @@ export class ServiceController extends Controller {
     return await prisma.service.count({
       where: {
         productGroupId,
-        productGroup: isSystem(req.user)
+        OR: isSystem(req.user)
           ? undefined
-          : {
-              registeredBranch: {
-                OR: permissionCond(req.user),
+          : [
+              {
+                productGroup: {
+                  registeredBranch: { OR: permissionCond(req.user) },
+                },
               },
-            },
+              {
+                shared: true,
+                productGroup: {
+                  registeredBranch: { OR: permissionCondShared(req.user) },
+                },
+              },
+            ],
       },
     });
   }
@@ -116,13 +125,21 @@ export class ServiceController extends Controller {
       AND: {
         ...filterStatus(status),
         productGroupId,
-        productGroup: isSystem(req.user)
+        OR: isSystem(req.user)
           ? undefined
-          : {
-              registeredBranch: {
-                OR: permissionCond(req.user),
+          : [
+              {
+                productGroup: {
+                  registeredBranch: { OR: permissionCond(req.user) },
+                },
               },
-            },
+              {
+                shared: true,
+                productGroup: {
+                  registeredBranch: { OR: permissionCondShared(req.user) },
+                },
+              },
+            ],
       },
     } satisfies Prisma.ServiceWhereInput;