feat: Private Groups + Load-Templates

Private Groups enabled based on the following assumptions: * There is only one private group. * The companies added to the private group is able to find private loads in the directory. * The companies added to the private group is able to find private companies in the directory. * The driver requires a new endpoint to read load resources no matter the privacy rules (as long as they are added to the load as driver). * The private group can be updated by anyone within the company. * The privacy is enabled on the company information by enabling `privacy=true`. * The privacy is enabled on the loads information by enabling `privacy=true`. * When looking for loads/companies by default the search is with `privacy=false` which returns public elements. When `privacy=true`is given, the results are limited to private elements only (not including public elements). Load-Templates enabled based on the following assumptions: * Anyone can CRUD the templates, there is no find feature (for now). It is assumed that the number of templates is limited.
2026-03-31 02:02:30 +00:00
parent 57cd47558a
commit 82c2ea74e8
18 changed files with 672 additions and 55 deletions
--- a/v1/src/apps/private/companies/services.js
+++ b/v1/src/apps/private/companies/services.js
@@ -1,11 +1,12 @@
 "use strict";
 const { ROOT_PATH, MODELS_PATH, HANDLERS_PATH, LIB_PATH } = process.env;
-const { getModel } = require( `${ROOT_PATH}/${MODELS_PATH}` );
+const { getModel } = require( '../../../lib/Models' );
 const { GenericHandler } = require( '../../../lib/Handlers/Generic.handler.js' );
-const { getPagination } = require( `${ROOT_PATH}/${LIB_PATH}/Misc.js` );
+const { getPagination } = require( '../../../lib/Misc.js' );

 const usersModel = getModel('users');
 const companiesModel = getModel('companies');
+const companyGroupsModel = getModel('company_groups');
 const branchesModel = getModel('branches');
 const vehiclesModel = getModel('vehicles');
 const loadsModel = getModel('loads');
@@ -46,21 +47,60 @@ function getAndFilterList( query ){
    return filter_list;
 }

-async function getListByType( type , req ){
-    const filter = { "company_type" : type , "is_hidden" : false };
-    const select = [
-        "rfc",
-        "company_name",
-        "company_type",
-        "company_code",
-        "company_city",
-        "company_state",
-        "createdAt",
-        "membership",
-        "categories",
-        "truck_type",
-        "company_description"
-    ];
+const companySelectField = 
+[
+    "rfc",
+    "company_name",
+    "company_type",
+    "company_code",
+    "company_city",
+    "company_state",
+    "createdAt",
+    "membership",
+    "categories",
+    "truck_type",
+    "company_description",
+    "privacy"
+];
+async function getCompanyIdListFromGroups( companyId ){
+    const privateGroups = await companyGroupsModel.find({
+        allowedCompanies: { $in: [companyId] }
+    });
+
+    if( !privateGroups ){
+        return null;
+    }
+
+    const companiesIds = privateGroups.map((group) => group.owner);
+
+    return companiesIds;
+}
+
+async function getListByType( companyId, type , req ){
+    const { privacy } = req.query;
+    const privacyVal = ( privacy && ( privacy >= 1 || privacy.toLowerCase() === 'true' ))? true: false;
+
+    let filter;
+    if( privacyVal ){
+        const companiesIds = await getCompanyIdListFromGroups( companyId ) || [];
+        filter = {
+            _id : { $in : companiesIds },
+            company_type: type,
+            is_hidden: false,
+            privacy: true,
+        }
+    }else{
+        filter = {
+            company_type: type,
+            is_hidden: false,
+            $or : [
+                { privacy : false },
+                { privacy : { $exists : false } }
+            ]
+        };
+    }
+
+    const select = companySelectField;
    const { $sort } = req.query;
    const { elements , page } = getPagination( req.query );
    let query_elements;
@@ -143,7 +183,8 @@ async function getCompanyById( req , res ) {

 async function getListShippers( req , res ) {
    try{
-        const retVal = await getListByType( "Shipper" , req );
+        const companyId = req.context.companyId;
+        const retVal = await getListByType( companyId, "Shipper" , req );
        res.send( retVal );
    }catch( error ){
        console.error( error );
@@ -153,7 +194,8 @@ async function getListShippers( req , res ) {

 async function getListCarriers( req , res ) {
    try{
-        const retVal = await getListByType( "Carrier" , req );
+        const companyId = req.context.companyId;
+        const retVal = await getListByType( companyId, "Carrier" , req );
        res.send( retVal );
    }catch( error ){
        console.error( error );
--- a/v1/src/apps/private/groups/routes.js
+++ b/v1/src/apps/private/groups/routes.js
@@ -0,0 +1,9 @@
+'use strict';
+const router = require('express').Router();
+const services= require('./services.js');
+
+router.get('/private', services.getPrivateGroup);
+router.patch('/private/:id', services.addCompanyToGroup);
+router.delete('/private/:id', services.removeCompanyFromGroup);
+
+module.exports = router;
--- a/v1/src/apps/private/groups/services.js
+++ b/v1/src/apps/private/groups/services.js
@@ -0,0 +1,116 @@
+"use strict";
+const { getModel } = require( '../../../lib/Models' );
+const { getPagination } = require( '../../../lib/Misc.js' );
+
+const CompanyModel = getModel('companies');
+const CompanyGroupModel = getModel('company_groups');
+
+const company_projection = 'company_name rfc categories products truck_type company_city company_state';
+
+async function getOrCreatePrivateGroup( owner ) {
+    let result = await CompanyGroupModel
+        .findOne({ owner: owner })
+        .populate({
+            path: 'allowedCompanies',
+            select: company_projection,
+            populate: {
+                path: 'categories',
+                select: '-_id name'
+            }
+        });
+
+    if( result ){
+        return result;
+    }
+
+    result = new CompanyGroupModel({
+        owner: owner,
+        list_name: "private"
+    });
+    await result.save();
+
+    return await CompanyGroupModel
+        .findOne({ owner: owner })
+        .populate({
+            path: 'allowedCompanies',
+            select: company_projection,
+            populate: {
+                path: 'categories',
+                select: '-_id name'
+            }
+        });
+}
+
+async function getPrivateGroup( req , res ) {
+    try{
+        const companyId = req.context.companyId;
+        const result = await getOrCreatePrivateGroup( companyId );
+        return res.send( result );
+    }catch( error ){
+        console.error( error );
+        return res.status( 500 ).send({ error });
+    }
+}
+
+async function addCompanyToGroup(req, res){
+    try{
+        const companyId = req.context.companyId;
+        const newEntryId = req.params.id;
+
+        if( newEntryId === companyId ){
+            return res.status(400).send({ error: "can't add yourself" });
+        }
+
+        const company = await CompanyModel.findById( newEntryId );
+        if( !company ){
+            return res.status(400).send({ error: "invalid entry id" });            
+        }
+
+        let result = await getOrCreatePrivateGroup( companyId );
+
+        /// Add to the list only if it is not there already
+        if( ! result.allowedCompanies.some( entry => entry.id === newEntryId ) ){
+            await CompanyGroupModel.findByIdAndUpdate(result.id, {
+                $addToSet: { allowedCompanies: company.id }
+            });
+        }
+        
+        result = await getOrCreatePrivateGroup( companyId );
+        return res.status(200).send( result );
+    }catch(error){
+        console.error( error );
+        return res.status( 500 ).send({ error });
+    }
+}
+
+async function removeCompanyFromGroup(req, res){
+    try{
+        const companyId = req.context.companyId;
+        const newEntryId = req.params.id;
+
+        if( newEntryId === companyId ){
+            return res.status(400).send({ error: "you are not at the list" });
+        }
+
+        let result = await getOrCreatePrivateGroup( companyId );
+
+        /// If the item belongs to the list remove it
+        if( result.allowedCompanies.some( entry => entry.id === newEntryId ) ){
+            await CompanyGroupModel.findByIdAndUpdate(result.id, {
+                $pull: { allowedCompanies: newEntryId }
+            });
+        }
+        
+        result = await getOrCreatePrivateGroup( companyId );
+        return res.status(200).send( result );
+    }catch(error){
+        console.error( error );
+        return res.status( 500 ).send({ error });
+    }
+}
+
+module.exports = { 
+    getPrivateGroup,
+    addCompanyToGroup,
+    removeCompanyFromGroup
+};
--- a/v1/src/apps/private/index.js
+++ b/v1/src/apps/private/index.js
@@ -13,10 +13,12 @@ const companies = require('./companies/routes.js');
 const loadAttachments = require('./load-attachments/routes.js');
 const loads = require('./loads/routes.js');
 const loads_driver = require('./loads_driver/routes.js');
+const loadTemplates = require('./load-templates/routes.js');
 const proposals = require('./proposals/routes.js');
 const users = require('./users/routes.js');
 const vehicles = require('./vehicles/routes.js');
 const notifications = require('./notifications/routes.js');
+const company_groups = require('./groups/routes.js');

 router.use( jwtValidator.middleware );
 router.use( context.middleware );
@@ -25,25 +27,14 @@ router.use('/account', account);
 router.use('/budgets', budgets);
 router.use('/branches', branches);
 router.use('/companies', companies);
+router.use('/groups', company_groups);
 router.use('/load-attachments', loadAttachments );
 router.use('/loads', loads);
 router.use('/loads_driver', loads_driver);
+router.use('/load-templates', loadTemplates );
 router.use('/notifications', notifications);
 router.use('/proposals', proposals);
 router.use('/users', users);
 router.use('/vehicles', vehicles);

-/*
-router.use('/orders', test);
-router.use('/mailer', test);
-router.use('/memberships', test);
-router.use('/bootresolvers', test);
-router.use('/news', test);
-router.use('/branches', test);
-router.use('/trackings', test);
-router.use('/upload', test);
-router.use('/calendars', test);
-router.use('/dashboard', test);
-*/
-
 module.exports = router;
--- a/v1/src/apps/private/load-templates/routes.js
+++ b/v1/src/apps/private/load-templates/routes.js
@@ -0,0 +1,11 @@
+'use strict';
+const router = require('express').Router();
+const services= require('./services.js');
+
+router.post('/new', services.createTemplate);
+router.get('/all', services.getAllTemplates);
+router.get('/:id', services.getTemplate);
+router.patch('/:id', services.updateTemplate);
+router.delete('/:id', services.deleteTemplate);
+
+module.exports = router;
--- a/v1/src/apps/private/load-templates/services.js
+++ b/v1/src/apps/private/load-templates/services.js
@@ -0,0 +1,137 @@
+"use strict";
+const { getModel } = require( '../../../lib/Models' );
+const { getPagination } = require( '../../../lib/Misc.js' );
+
+const LoadTemplatesModel = getModel('load_templates');
+
+function cleanUpData( data ){
+    /**
+     * Take the only fields from model that
+     * should be modifiable by the client.
+     * The rest are populated on demand by the event handlers.
+     */
+    let data_fields = {
+        template_name: null,
+        alert_list: null,
+        origin_warehouse: null,
+        destination_warehouse: null,
+        origin: null,
+        origin_geo: null,
+        destination: null,
+        destination_geo: null,
+        categories: null,
+        product: null,
+        truck_type: null,
+        tyre_type: null,
+        weight: null,
+        estimated_cost: null,
+        distance: null,
+        actual_cost: null,
+        notes: null,
+    };
+
+    let filtered_data = {};
+
+    if( Object.keys( data_fields ).length === 0 ){
+        throw "no data to add";
+    }
+
+    for ( const [key, value] of Object.entries( data_fields ) ) {
+        if( Object.hasOwn( data, key ) ){
+            filtered_data[ key ] = data[ key ];
+        }
+    }
+
+    if( Object.keys( filtered_data ).length === 0 ){
+        throw "no data to add";
+    }
+
+    return filtered_data;
+}
+
+async function createTemplate( req , res ) {
+    try{
+        const companyId = req.context.companyId;
+
+        const data = cleanUpData( req.body );
+        data.company = companyId;
+        
+        const template = new LoadTemplatesModel( data );
+        await template.save();
+
+        res.send( template );
+    }catch(error){
+        console.error( error );
+        return res.status( 500 ).send({ error });
+    }
+}
+
+async function updateTemplate( req , res ) {
+    try{
+        const templateId = req.params.id;
+        const companyId = req.context.companyId;
+
+        const data = cleanUpData( req.body );
+        data.company = companyId;
+        
+        await LoadTemplatesModel.findByIdAndUpdate( templateId , data );
+
+        const template = await LoadTemplatesModel.findById( templateId );
+        res.send( template );
+    }catch(error){
+        console.error( error );
+        return res.status( 500 ).send({ error });
+    }
+}
+
+async function getTemplate( req, res ){
+    try{
+        const templateId = req.params.id;
+        const template = await LoadTemplatesModel.findById( templateId );
+
+        if( ! template ){
+            return res.status(400).send({ error : "invalid template id"});
+        }
+
+        res.send( template );
+    }catch(error){
+        console.error( error );
+        return res.status( 500 ).send({ error });
+    }
+}
+
+async function deleteTemplate( req, res ){
+    try{
+        const companyId = req.context.companyId;
+        const templateId = req.params.id;
+        await LoadTemplatesModel.findOneAndDelete({
+            _id: templateId,
+            company : companyId
+        });
+        res.send({ msg: "item removed successfully" });
+    }catch(error){
+        console.error( error );
+        return res.status( 500 ).send({ error });
+    }
+}
+
+async function getAllTemplates( req, res ){
+    try{
+        const companyId = req.context.companyId;
+        const templateList = await LoadTemplatesModel.find( {
+            company : companyId
+        } );
+        res.send( templateList );
+    }catch(error){
+        console.error( error );
+        return res.status( 500 ).send({ error });
+    }
+}
+
+module.exports = { 
+    createTemplate,
+    getTemplate,
+    getAllTemplates,
+    updateTemplate,
+    deleteTemplate,
+};
--- a/v1/src/apps/private/loads/routes.js
+++ b/v1/src/apps/private/loads/routes.js
@@ -3,6 +3,7 @@ const router = require('express').Router();
 const services= require('./services.js');

 router.get('/find', services.findList);
+router.get('/driver', services.findDriverList);
 router.get('/calendar', services.findCalendarList);
 router.post('/new', services.postLoad);

--- a/v1/src/apps/private/loads/services.js
+++ b/v1/src/apps/private/loads/services.js
@@ -7,6 +7,7 @@ const Model = getModel('loads');
 const CompanyModel = getModel('companies');
 const ProposalsModel = getModel('proposals');
 const branchesModel = getModel('branches');
+const companyGroupsModel = getModel('company_groups');

 const carrier_projection = [
    'company_name',
@@ -141,7 +142,21 @@ function getAndFilterList( query ){
    return filter_list;
 }

-async function findLoads( query ){
+async function getCompanyIdListFromGroups( companyId ){
+    const privateGroups = await companyGroupsModel.find({
+        allowedCompanies: { $in: [companyId] }
+    });
+
+    if( !privateGroups ){
+        return null;
+    }
+
+    const companiesIds = privateGroups.map((group) => group.owner);
+
+    return companiesIds;
+}
+
+async function findDriverLoads( query ){
    const { $sort, company_name } = query;
    const { page, elements } = getPagination( query );
    const andFilterList = getAndFilterList( query ) || [];
@@ -184,6 +199,65 @@ async function findLoads( query ){
    };
 }

+async function findLoads( companyId, query ){
+    const { $sort, company_name } = query;
+    const { page, elements } = getPagination( query );
+    const andFilterList = getAndFilterList( query ) || [];
+
+    const { privacy } = query;
+    const privacyVal = ( privacy && ( privacy >= 1 || privacy.toLowerCase() === 'true' ))? true: false;
+
+    let filter;
+
+    if( privacyVal ){
+        const companiesIds = await getCompanyIdListFromGroups( companyId ) || [];
+        filter = {
+            company : { $in : companiesIds },
+            privacy: true,
+        }
+    }else{
+        filter = {
+            $or : [
+                { privacy : false },
+                { privacy : { $exists : false } }
+            ]
+        }
+    }
+
+    if( company_name ){
+        /* Populate list of company ids with match on the company_name */
+        const company_list = await CompanyModel.find( { company_name }, [ "id" ] );
+        const or_company_list = []
+        company_list.forEach( (item) =>{
+            or_company_list.push({"company" : item.id});
+        })
+        andFilterList.push({
+            $or : or_company_list
+        });
+    }
+    
+    if( andFilterList.length > 0 ){
+        filter.$and = andFilterList;
+    }
+
+    const { total , limit, skip, data  } = await generic.getList( page , elements, filter, null, $sort );
+
+    const load_list = data;
+
+    for(let i=0; i<load_list.length; i++){
+        const load_id = load_list[ i ].id;
+        load_list[i] = load_list[i].toObject();
+        const no_of_proposals = await ProposalsModel.count({ load : load_id });
+        load_list[i].no_of_proposals = no_of_proposals;
+    }
+    return {
+        total,
+        limit,
+        skip,
+        data : load_list
+    };
+}
+
 /**
 * Busqueda de cargas por fecha, asumiendo que la companyId es
 * siempre la del usuario solicitando los datos.
@@ -281,8 +355,9 @@ const findCalendarList = async(req, res) => {

 const findList = async(req, res) => {
    try{
+        const companyId = req.context.companyId;
        const query  = req.query || {};
-        const retVal = await findLoads( query );
+        const retVal = await findLoads( companyId, query );
        res.send( retVal );
    }catch(error){
        console.error( error );
@@ -290,6 +365,17 @@ const findList = async(req, res) => {
    }
 };

+const findDriverList = async ( req, res ) => {
+    try{
+        const query  = req.query || {};
+        const retVal = await findDriverLoads( companyId, query );
+        res.send( retVal );
+    }catch(error){
+        console.error( error );
+        return res.status( 500 ).send({ error });
+    }
+}
+
 const getById = async(req, res) => {
    try{
        const elementId = req.params.id;
@@ -356,6 +442,7 @@ function getDataToModify( data ){
        notes : null,
        payment_term : null,
        terms_and_conditions : null,
+        privacy: null
    };

    let filtered_data = {};
@@ -523,4 +610,4 @@ const deleteLoad = async(req, res) => {
    }
 };

-module.exports = { findCalendarList, findList, getById, patchLoad, postLoad, deleteLoad };
+module.exports = { findCalendarList, findList, findDriverList, getById, patchLoad, postLoad, deleteLoad };
--- a/v1/src/apps/public/public-companies/services.js
+++ b/v1/src/apps/public/public-companies/services.js
@@ -46,7 +46,14 @@ function getAndFilterList( query ){
 }

 async function getListByType( type , req ){
-    const filter = { "company_type" : type , "is_hidden" : false };
+    const filter = {
+            company_type: type,
+            is_hidden: false,
+            $or : [
+                { privacy : false },
+                { privacy : { $exists : false } }
+            ]
+        };
    const select = [
        "rfc",
        "company_name",
@@ -58,7 +65,8 @@ async function getListByType( type , req ){
        "membership",
        "categories",
        "truck_type",
-        "company_description"
+        "company_description",
+        "privacy"
    ];
    const { elements } = getPagination( req.query );
    const page = 0;// No pagination allowed to this endpoint
--- a/v1/src/apps/public/public-loads/services.js
+++ b/v1/src/apps/public/public-loads/services.js
@@ -14,7 +14,13 @@ const generic = new GenericHandler( Model, null, populate_list );

 const getList = async(req, res) => {
    try{
-        const filter = { status : "Published" };
+        const filter = {
+                status: "Published",
+                $or : [
+                    { privacy : false },
+                    { privacy : { $exists : false } }
+                ]
+            };
        const select = [
            "shipment_code",
            "categories",
@@ -26,7 +32,8 @@ const getList = async(req, res) => {
            "est_loading_date",
            "est_unloading_date",
            "origin",
-            "destination"
+            "destination",
+            "privacy"
        ];
        const { page , elements } = getPagination( req.query );
        const retVal = await generic.getList(page , elements, filter, select );