refactor!: change branch to registered branch scope

prisma/migrations/20241015100831_update_quotation_structure/migration.sql

@@ -0,0 +1,11 @@
+/*
+  Warnings:
+
+  - Added the required column `registeredBranchId` to the `Quotation` table without a default value. This is not possible if the table is not empty.
+
+*/
+-- AlterTable
+ALTER TABLE "Quotation" ADD COLUMN     "registeredBranchId" TEXT NOT NULL;
+
+-- AddForeignKey
+ALTER TABLE "Quotation" ADD CONSTRAINT "Quotation_registeredBranchId_fkey" FOREIGN KEY ("registeredBranchId") REFERENCES "Branch"("id") ON DELETE RESTRICT ON UPDATE CASCADE;

prisma/schema.prisma

@@ -258,6 +258,7 @@ model Branch {
 
   customerRegistration Customer[]
   productGroup         ProductGroup[]
+  quotation            Quotation[]
 }
 
 model BranchBank {
@@ -1090,6 +1091,9 @@ enum PayCondition {
 model Quotation {
   id String @id @default(cuid())
 
+  registeredBranch   Branch @relation(fields: [registeredBranchId], references: [id])
+  registeredBranchId String
+
   customerBranchId String
   customerBranch   CustomerBranch @relation(fields: [customerBranchId], references: [id])
 

src/controllers/05-quotation-controller.ts

@@ -26,6 +26,7 @@ import { isUsedError, notFoundError, relationError } from "../utils/error";
 import { precisionRound } from "../utils/arithmetic";
 
 type QuotationCreate = {
+  registeredBranchId: string;
   status?: Status;
 
   workName: string;
@@ -80,6 +81,7 @@ type QuotationCreate = {
 };
 
 type QuotationUpdate = {
+  registeredBranchId?: string;
   status?: "ACTIVE" | "INACTIVE";
 
   workName?: string;
@@ -150,6 +152,7 @@ function globalAllow(user: RequestWithUser["user"]) {
   return allowList.some((v) => user.roles?.includes(v));
 }
 
+const permissionCheckCompany = createPermCheck((_) => true);
 const permissionCheck = createPermCheck(globalAllow);
 const permissionCond = createPermCondition(globalAllow);
 
@@ -163,11 +166,7 @@ export class QuotationController extends Controller {
       _count: true,
       by: "payCondition",
       where: {
-        customerBranch: {
-          customer: {
-            registeredBranch: isSystem(req.user) ? undefined : { OR: permissionCond(req.user) },
-          },
-        },
+        registeredBranch: isSystem(req.user) ? undefined : { OR: permissionCond(req.user) },
       },
     });
 
@@ -186,11 +185,7 @@ export class QuotationController extends Controller {
   ) {
     const where = {
       payCondition,
-      customerBranch: {
-        customer: {
-          registeredBranch: isSystem(req.user) ? undefined : { OR: permissionCond(req.user) },
-        },
-      },
+      registeredBranch: isSystem(req.user) ? undefined : { OR: permissionCond(req.user) },
     } satisfies Prisma.QuotationWhereInput;
 
     const [result, total] = await prisma.$transaction([
@@ -228,6 +223,7 @@ export class QuotationController extends Controller {
         _count: {
           select: { worker: true },
         },
+        registeredBranch: true,
         customerBranch: true,
         worker: {
           include: { employee: true },
@@ -317,7 +313,7 @@ export class QuotationController extends Controller {
       throw relationError("Service");
     }
 
-    await permissionCheck(req.user, customerBranch.customer.registeredBranch);
+    await permissionCheckCompany(req.user, customerBranch.customer.registeredBranch);
 
     const { productServiceList: _productServiceList, worker: _worker, ...rest } = body;
 
@@ -490,6 +486,7 @@ export class QuotationController extends Controller {
   ) {
     const record = await prisma.quotation.findUnique({
       include: {
+        registeredBranch: { include: branchRelationPermInclude(req.user) },
         customerBranch: {
           include: {
             customer: {
@@ -505,6 +502,8 @@ export class QuotationController extends Controller {
 
     if (!record) throw notFoundError("Quotation");
 
+    await permissionCheck(req.user, record.registeredBranch);
+
     const ids = {
       employee: body.worker?.filter((v) => typeof v === "string"),
       product: body.productServiceList
@@ -552,9 +551,9 @@ export class QuotationController extends Controller {
       throw relationError("Service");
     }
 
-    await permissionCheck(req.user, record.customerBranch.customer.registeredBranch);
+    await permissionCheckCompany(req.user, record.customerBranch.customer.registeredBranch);
     if (customerBranch && record.customerBranchId !== body.customerBranchId) {
-      await permissionCheck(req.user, customerBranch.customer.registeredBranch);
+      await permissionCheckCompany(req.user, customerBranch.customer.registeredBranch);
     }
 
     const { productServiceList: _productServiceList, worker: _worker, ...rest } = body;
@@ -722,22 +721,14 @@ export class QuotationController extends Controller {
   async deleteQuotationById(@Request() req: RequestWithUser, @Path() quotationId: string) {
     const record = await prisma.quotation.findUnique({
       include: {
-        customerBranch: {
-          include: {
-            customer: {
-              include: {
-                registeredBranch: { include: branchRelationPermInclude(req.user) },
-              },
-            },
-          },
-        },
+        registeredBranch: { include: branchRelationPermInclude(req.user) },
       },
       where: { id: quotationId },
     });
 
     if (!record) throw notFoundError("Quotation");
 
-    await permissionCheck(req.user, record.customerBranch.customer.registeredBranch);
+    await permissionCheck(req.user, record.registeredBranch);
 
     if (record.status !== Status.CREATED) throw isUsedError("Quotation");