diff --git a/deploy/invoice_product_tax.sql b/deploy/invoice_product_tax.sql new file mode 100644 index 0000000..351051b --- /dev/null +++ b/deploy/invoice_product_tax.sql @@ -0,0 +1,33 @@ +-- Deploy numerus:invoice_product_tax to pg +-- requires: schema_numerus +-- requires: invoice_product +-- requires: tax +-- requires: tax_rate + +begin; + +set search_path to numerus, public; + +create table invoice_product_tax ( + invoice_product_id integer not null references invoice_product, + tax_id integer not null references tax, + tax_rate tax_rate not null, + primary key (invoice_product_id, tax_id) +); + +grant select, insert, update, delete on table invoice_product_tax to invoicer; +grant select, insert, update, delete on table invoice_product_tax to admin; + +alter table invoice_product_tax enable row level security; + +create policy company_policy +on invoice_product_tax +using ( + exists( + select 1 + from invoice_product + where invoice_product.invoice_product_id = invoice_product_tax.invoice_product_id + ) +); + +commit; diff --git a/revert/invoice_product_tax.sql b/revert/invoice_product_tax.sql new file mode 100644 index 0000000..786282e --- /dev/null +++ b/revert/invoice_product_tax.sql @@ -0,0 +1,7 @@ +-- Revert numerus:invoice_product_tax from pg + +begin; + +drop table if exists numerus.invoice_product_tax; + +commit; diff --git a/sqitch.plan b/sqitch.plan index 27c7d7a..49e953d 100644 --- a/sqitch.plan +++ b/sqitch.plan @@ -51,3 +51,4 @@ discount_rate [schema_numerus] 2023-02-10T17:22:40Z jordi fita mas # Add relation for invoice product add_product [schema_numerus product product_tax parse_price company currency] 2023-02-14T10:32:18Z jordi fita mas # Add function to add new products edit_product [schema_numerus product product_tax parse_price company currency] 2023-02-14T11:06:03Z jordi fita mas # Add function to edit products +invoice_product_tax [schema_numerus invoice_product tax tax_rate] 2023-02-15T13:20:30Z jordi fita mas # Add relation for taxes in invoice products diff --git a/test/invoice_product_tax.sql b/test/invoice_product_tax.sql new file mode 100644 index 0000000..3f1f51d --- /dev/null +++ b/test/invoice_product_tax.sql @@ -0,0 +1,137 @@ +-- Test invoice_product_tax +set client_min_messages to warning; +create extension if not exists pgtap; +reset client_min_messages; + +begin; + +select plan(27); + +set search_path to numerus, auth, public; + +select has_table('invoice_product_tax'); +select has_pk('invoice_product_tax' ); +select col_is_pk('invoice_product_tax', array['invoice_product_id', 'tax_id']); +select table_privs_are('invoice_product_tax', 'guest', array []::text[]); +select table_privs_are('invoice_product_tax', 'invoicer', array ['SELECT', 'INSERT', 'UPDATE', 'DELETE']); +select table_privs_are('invoice_product_tax', 'admin', array ['SELECT', 'INSERT', 'UPDATE', 'DELETE']); +select table_privs_are('invoice_product_tax', 'authenticator', array []::text[]); + +select has_column('invoice_product_tax', 'invoice_product_id'); +select col_is_fk('invoice_product_tax', 'invoice_product_id'); +select fk_ok('invoice_product_tax', 'invoice_product_id', 'invoice_product', 'invoice_product_id'); +select col_type_is('invoice_product_tax', 'invoice_product_id', 'integer'); +select col_not_null('invoice_product_tax', 'invoice_product_id'); +select col_hasnt_default('invoice_product_tax', 'invoice_product_id'); + +select has_column('invoice_product_tax', 'tax_id'); +select col_is_fk('invoice_product_tax', 'tax_id'); +select fk_ok('invoice_product_tax', 'tax_id', 'tax', 'tax_id'); +select col_type_is('invoice_product_tax', 'tax_id', 'integer'); +select col_not_null('invoice_product_tax', 'tax_id'); +select col_hasnt_default('invoice_product_tax', 'tax_id'); + +select has_column('invoice_product_tax', 'tax_rate'); +select col_type_is('invoice_product_tax', 'tax_rate', 'tax_rate'); +select col_not_null('invoice_product_tax', 'tax_rate'); +select col_hasnt_default('invoice_product_tax', 'tax_rate'); + + +set client_min_messages to warning; +truncate invoice_product_tax cascade; +truncate invoice_product cascade; +truncate invoice cascade; +truncate product cascade; +truncate tax cascade; +truncate contact cascade; +truncate company_user cascade; +truncate company cascade; +truncate auth."user" cascade; +reset client_min_messages; + +insert into auth."user" (user_id, email, name, password, role, cookie, cookie_expires_at) +values (1, 'demo@tandem.blog', 'Demo', 'test', 'invoicer', '44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e', current_timestamp + interval '1 month') + , (5, 'admin@tandem.blog', 'Demo', 'test', 'admin', '12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524', current_timestamp + interval '1 month') +; + +insert into company (company_id, business_name, vatin, trade_name, phone, email, web, address, city, province, postal_code, country_code, currency_code) +values (2, 'Company 2', 'XX123', '', '555-555-555', 'a@a', '', '', '', '', '', 'ES', 'EUR') + , (4, 'Company 4', 'XX234', '', '666-666-666', 'b@b', '', '', '', '', '', 'FR', 'USD') +; + +insert into company_user (company_id, user_id) +values (2, 1) + , (4, 5) +; + +insert into tax (tax_id, company_id, name, rate) +values (3, 2, 'IVA 21 %', 0.21) + , (6, 4, 'IVA 10 %', 0.10) +; + +insert into product (product_id, company_id, name, description, price) +values (7, 2, 'Product 1', 'Description 1', 1200) + , (8, 4, 'Product 2', 'Description 2', 2400) +; + +insert into contact (contact_id, company_id, business_name, vatin, trade_name, phone, email, web, address, city, province, postal_code, country_code) +values ( 9, 2, 'Customer 1', 'XX555', '', '777-777-777', 'c1@e', '', '', '', '', '', 'ES') + , (10, 4, 'Customer 2', 'XX666', '', '888-888-888', 'c2@e', '', '', '', '', '', 'ES') +; + +insert into invoice (invoice_id, company_id, invoice_number, contact_id, currency_code) +values (11, 2, 'INV001', 9, 'EUR') + , (12, 4, 'INV002', 10, 'EUR') +; + +insert into invoice_product (invoice_product_id, invoice_id, product_id, name, description, price, quantity) +values (13, 11, 7, 'Product 1', '', 1200, 1) + , (14, 12, 8, 'Product 2', '', 2400, 2) +; + +insert into invoice_product_tax (invoice_product_id, tax_id, tax_rate) +values (13, 3, 0.10) + , (14, 6, -0.15) +; + +prepare product_tax_data as +select invoice_product_id, tax_id +from invoice_product_tax +order by invoice_product_id, tax_id; + +set role invoicer; +select is_empty('product_tax_data', 'Should show no data when cookie is not set yet'); +reset role; + +select set_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog'); +select bag_eq( + 'product_tax_data', + $$ values (13, 3) + $$, + 'Should only list tax of products of the companies where demo@tandem.blog is user of' +); +reset role; + +select set_cookie('12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524/admin@tandem.blog'); +select bag_eq( + 'product_tax_data', + $$ values (14, 6) + $$, + 'Should only list tax of products of the companies where admin@tandem.blog is user of' +); +reset role; + +select set_cookie('not-a-cookie'); +select throws_ok( + 'product_tax_data', + '42501', 'permission denied for table invoice_product_tax', + 'Should not allow select to guest users' +); +reset role; + + +select * +from finish(); + +rollback; + diff --git a/verify/invoice_product_tax.sql b/verify/invoice_product_tax.sql new file mode 100644 index 0000000..22df432 --- /dev/null +++ b/verify/invoice_product_tax.sql @@ -0,0 +1,14 @@ +-- Verify numerus:invoice_product_tax on pg + +begin; + +select invoice_product_id + , tax_id + , tax_rate +from numerus.invoice_product_tax +where false; + +select 1 / count(*) from pg_class where oid = 'numerus.invoice_product_tax'::regclass and relrowsecurity; +select 1 / count(*) from pg_policy where polname = 'company_policy' and polrelid = 'numerus.invoice_product_tax'::regclass; + +rollback;