87 lines
1.8 KiB
Go
87 lines
1.8 KiB
Go
package queries
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"log"
|
|
"strings"
|
|
|
|
"bssapp-backend/db"
|
|
"bssapp-backend/internal/authz"
|
|
"bssapp-backend/models"
|
|
)
|
|
|
|
func GetAccounts(ctx context.Context) ([]models.Account, error) {
|
|
|
|
piyasaCodes := authz.GetPiyasaCodesFromCtx(ctx)
|
|
|
|
// 🔴 HİÇ YETKİ YOKSA → HİÇ DATA VERME
|
|
if len(piyasaCodes) == 0 {
|
|
log.Println("⚠️ No piyasa permission → empty account list")
|
|
return []models.Account{}, nil
|
|
}
|
|
|
|
// ✅ Güvenli filter üret
|
|
quoted := make([]string, 0, len(piyasaCodes))
|
|
for _, p := range piyasaCodes {
|
|
quoted = append(quoted, "'"+p+"'")
|
|
}
|
|
|
|
piyasaFilter := fmt.Sprintf(
|
|
"f2.CustomerAtt01 IN (%s)",
|
|
strings.Join(quoted, ","),
|
|
)
|
|
|
|
query := fmt.Sprintf(`
|
|
SELECT
|
|
x.AccountCode,
|
|
MAX(x.AccountName) AS AccountName
|
|
FROM (
|
|
SELECT
|
|
LEFT(b.CurrAccCode, 8) AS AccountCode,
|
|
COALESCE(d.CurrAccDescription, '') AS AccountName
|
|
FROM trCurrAccBook b
|
|
LEFT JOIN cdCurrAccDesc d
|
|
ON d.CurrAccCode = b.CurrAccCode
|
|
JOIN CustomerAttributesFilter f2
|
|
ON f2.CurrAccCode = b.CurrAccCode
|
|
WHERE %s
|
|
) x
|
|
GROUP BY x.AccountCode
|
|
ORDER BY x.AccountCode
|
|
`, piyasaFilter)
|
|
|
|
log.Println("🔎 ACCOUNT FILTER =", piyasaFilter)
|
|
|
|
rows, err := db.MssqlDB.Query(query)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("MSSQL query error: %w", err)
|
|
}
|
|
defer rows.Close()
|
|
|
|
var accounts []models.Account
|
|
|
|
for rows.Next() {
|
|
|
|
var acc models.Account
|
|
|
|
if err := rows.Scan(
|
|
&acc.AccountCode,
|
|
&acc.AccountName,
|
|
); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if len(acc.AccountCode) >= 4 {
|
|
acc.DisplayCode =
|
|
strings.TrimSpace(acc.AccountCode[:3] + " " + acc.AccountCode[3:])
|
|
} else {
|
|
acc.DisplayCode = acc.AccountCode
|
|
}
|
|
|
|
accounts = append(accounts, acc)
|
|
}
|
|
|
|
return accounts, rows.Err()
|
|
}
|