Skip to content

Commit

Permalink
Merge pull request #7449 from jmcameron/prevent-budget-import-locked-…
Browse files Browse the repository at this point in the history
…accounts

Prevent importing budget data for locked accounts
  • Loading branch information
jmcameron authored Jan 31, 2024
2 parents bbf62c6 + 3b45f28 commit 8e534a6
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 2 deletions.
1 change: 1 addition & 0 deletions client/src/i18n/en/budget.json
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
"IMPORT_BUDGET_ERROR_ACCT_TYPE": "ERROR: Budget import failed! Check for incorrect Type values (should be 'title', 'income', or 'expense').",
"IMPORT_BUDGET_ERROR_ACCT_TYPE_INCORRECT": "ERROR: Budget import failed! Account type does not match account in the database.",
"IMPORT_BUDGET_ERROR_BAD_BUDGET_VALUE": "ERROR: Budget import failed! Budget value is not a number.",
"IMPORT_BUDGET_ERROR_LOCKED_ACCOUNT": "ERROR: Budget import failed! The budget import data includes a locked account. Please remove it and try again : ",
"IMPORT_BUDGET_ERROR_NEGATIVE_BUDGET_VALUE": "ERROR: Budget import failed! Budget value is negative.",
"IMPORT_BUDGET_WARN_TITLE_BUDGET_IGNORED": "WARNING: Budget values for title accounts are ignored",
"INCOME_TOTAL": "Income Total",
Expand Down
1 change: 1 addition & 0 deletions client/src/i18n/fr/budget.json
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
"IMPORT_BUDGET_ERROR_ACCT_TYPE": "ERREUR : L'importation du budget a échoué ! Vérifier si les valeurs de type sont incorrectes (elles devraient être 'title', 'income', ou 'expense').",
"IMPORT_BUDGET_ERROR_ACCT_TYPE_INCORRECT": "ERREUR : L'importation du budget a échoué ! Le type de compte ne correspond pas au compte dans la base de données.",
"IMPORT_BUDGET_ERROR_BAD_BUDGET_VALUE": "ERREUR : L'importation du budget a échoué ! La valeur du budget n'est pas un nombre.",
"IMPORT_BUDGET_ERROR_LOCKED_ACCOUNT": "ERREUR : L'importation du budget a échoué ! Les données d'importation du budget comprennent un compte bloqué. Veuillez le supprimer et réessayer :",
"IMPORT_BUDGET_ERROR_NEGATIVE_BUDGET_VALUE": "ERREUR : L'importation du budget a échoué ! La valeur du budget est négative.",
"IMPORT_BUDGET_WARN_TITLE_BUDGET_IGNORED": "ATTENTION : Les valeurs budgétaires des comptes titres sont ignorées.",
"INCOME_TOTAL": "Revenu totales",
Expand Down
18 changes: 16 additions & 2 deletions server/controllers/finance/budget/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@ const util = require('../../../lib/util');
const constants = require('../../../config/constants');
const BadRequest = require('../../../lib/errors/BadRequest');

const i18n = require('../../../lib/helpers/translate');

const Fiscal = require('../fiscal');
const budgetReport = require('../reports/budget');

Expand Down Expand Up @@ -39,7 +41,7 @@ const periodsSql = 'SELECT * FROM period p WHERE fiscal_year_id = ?';
const budgetSql = `
SELECT
b.id AS budgetId, b.period_id, b.budget, b.locked,
a.id, a.number AS acctNum, a.label AS acctLabel,
a.id, a.number AS acctNum, a.label AS acctLabel, a.locked AS acctLocked,
a.type_id AS acctTypeId, at.type AS acctType, p.number AS periodNum
FROM budget AS b
JOIN period AS p ON p.id = b.period_id
Expand Down Expand Up @@ -93,7 +95,7 @@ function buildBudgetData(fiscalYearId) {
const sql = `
SELECT
a.id, a.number, a.type_id, at.type AS acctType,
a.label, a.parent, a.locked, a.hidden,
a.label, a.parent, a.locked, a.hidden, a.locked AS acctLocked,
bdata.budget
FROM account AS a
JOIN account_type AS at ON at.id = a.type_id
Expand Down Expand Up @@ -777,6 +779,7 @@ async function importBudget(req, res, next) {
throw new BadRequest(`ERROR: Missing 'fiscal_year' ID parameter in POST /budget/import`);
}
const fiscalYearId = Number(req.params.fiscal_year);
const { lang } = req.query;

if (!req.files || req.files.length === 0) {
throw new BadRequest('Expected at least one file upload but did not receive any files.',
Expand All @@ -799,6 +802,17 @@ async function importBudget(req, res, next) {
errCode);
}

// Get the basic account data to check imports
const accountsSql = 'SELECT a.locked, a.number, a.label FROM account AS a;';
const accounts = await db.exec(accountsSql);
data.forEach(importAccount => {
const acct = accounts.find(item => item.number === Number(importAccount.AcctNum));
if (acct && acct.locked) {
const errMsg = `${i18n(lang)('BUDGET.IMPORT_BUDGET_ERROR_LOCKED_ACCOUNT')} ${acct.number} - ${acct.label}`;
throw new BadRequest('The given budget file includes the locked account.', errMsg);
}
});

// Clear any previously uploaded budget data
db.exec('CALL DeleteBudget(?)', [fiscalYearId])
.then(() => {
Expand Down

0 comments on commit 8e534a6

Please sign in to comment.