androidlover5842/TrisolarisServer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow managers to revoke temp cards
All checks were successful
build-and-deploy / build-deploy (push) Successful in 32s
Details

Browse Source
This commit is contained in:
androidlover5842
2026-01-28 18:34:53 +05:30
parent ba88aae4cf
commit 10d62c683f
1 changed files with 7 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/main/kotlin/com/android/trisolarisserver/controller/IssuedCards.kt
View File

@@ -157,9 +157,9 @@ class IssuedCards(
@PathVariable cardIndex: Int, @PathVariable cardIndex: Int,
@AuthenticationPrincipal principal: MyPrincipal? @AuthenticationPrincipal principal: MyPrincipal?
): CardRevokeResponse { ): CardRevokeResponse {
requireRevokeActor(propertyId, principal)
val card = issuedCardRepo.findByPropertyIdAndCardIndex(propertyId, cardIndex) val card = issuedCardRepo.findByPropertyIdAndCardIndex(propertyId, cardIndex)
?: throw ResponseStatusException(HttpStatus.NOT_FOUND, "Card not found") ?: throw ResponseStatusException(HttpStatus.NOT_FOUND, "Card not found")
requireRevokeActor(propertyId, principal, card.roomStay == null)
if (card.revokedAt == null) { if (card.revokedAt == null) {
val now = nowForProperty(card.property.timezone) val now = nowForProperty(card.property.timezone)
card.revokedAt = now card.revokedAt = now
@@ -231,13 +231,17 @@ class IssuedCards(
} }
} }
private fun requireRevokeActor(propertyId: UUID, principal: MyPrincipal?) { private fun requireRevokeActor(propertyId: UUID, principal: MyPrincipal?, isTempCard: Boolean) {
if (principal == null) { if (principal == null) {
throw ResponseStatusException(HttpStatus.UNAUTHORIZED, "Missing principal") throw ResponseStatusException(HttpStatus.UNAUTHORIZED, "Missing principal")
} }
propertyAccess.requireMember(propertyId, principal.userId) propertyAccess.requireMember(propertyId, principal.userId)
if (isTempCard) {
propertyAccess.requireAnyRole(propertyId, principal.userId, Role.ADMIN, Role.MANAGER)
} else {
propertyAccess.requireAnyRole(propertyId, principal.userId, Role.ADMIN) propertyAccess.requireAnyRole(propertyId, principal.userId, Role.ADMIN)
} }
}
private fun nextCardIndex(propertyId: UUID): Int { private fun nextCardIndex(propertyId: UUID): Int {