chamomind/jws-backend
chamomind/jws-backend
7
0
Fork 0
Code Issues Projects 1 Releases Packages 1 Wiki Activity Actions

fix(employee): missing permission check

Browse source
This commit is contained in:
Methapon Metanipat 2024-10-22 09:35:38 +07:00
parent d09ff6cff1
commit d2d9181493
1 changed files with 6 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/controllers/03-employee-controller.ts
View file

@ -739,7 +739,12 @@ export class EmployeeFileController extends Controller {
@Get("file-in-country-notice/{noticeId}") @Get("file-in-country-notice/{noticeId}")
@Security("keycloak") @Security("keycloak")
@Tags("Employee In Country Notice") @Tags("Employee In Country Notice")
async getNotice(@Path() employeeId: string, @Path() noticeId: string) { async getNotice(
@Request() req: RequestWithUser,
@Path() employeeId: string,
@Path() noticeId: string,
) {
await this.checkPermission(req.user, employeeId);
return await getFile(fileLocation.employee.inCountryNotice(employeeId, noticeId)); return await getFile(fileLocation.employee.inCountryNotice(employeeId, noticeId));
} }