From 009de80c3f9da274dc5c4d0223af356b82aa7cfd Mon Sep 17 00:00:00 2001 From: Bright Date: Fri, 1 Aug 2025 11:40:01 +0700 Subject: [PATCH] =?UTF-8?q?FIX=20=E0=B8=A3=E0=B8=B0=E0=B8=9A=E0=B8=9A?= =?UTF-8?q?=E0=B8=A7=E0=B8=B4=E0=B8=99=E0=B8=B1=E0=B8=A2=20>>=20=E0=B8=82?= =?UTF-8?q?=E0=B9=89=E0=B8=AD=E0=B8=A1=E0=B8=B9=E0=B8=A5=E0=B8=9E=E0=B8=B7?= =?UTF-8?q?=E0=B9=89=E0=B8=99=E0=B8=90=E0=B8=B2=E0=B8=99=20(=E0=B8=81?= =?UTF-8?q?=E0=B8=A3=E0=B8=A3=E0=B8=A1=E0=B8=81=E0=B8=B2=E0=B8=A3)=20?= =?UTF-8?q?=E0=B8=82=E0=B9=89=E0=B8=AD=E0=B8=A1=E0=B8=B9=E0=B8=A5=E0=B8=A3?= =?UTF-8?q?=E0=B8=B2=E0=B8=A2=E0=B8=81=E0=B8=B2=E0=B8=A3=E0=B9=80=E0=B8=A3?= =?UTF-8?q?=E0=B8=B7=E0=B9=88=E0=B8=AD=E0=B8=87=E0=B9=80=E0=B8=A3=E0=B8=B5?= =?UTF-8?q?=E0=B8=A2=E0=B8=99=E0=B9=84=E0=B8=A1=E0=B9=88=E0=B9=81=E0=B8=AA?= =?UTF-8?q?=E0=B8=94=E0=B8=87=20#1707?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Controllers/DisciplineDirectorController.cs | 17 +++++++++++------ .../Requests/DisciplineDirectorRequest.cs | 1 + 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/BMA.EHR.Discipline.Service/Controllers/DisciplineDirectorController.cs b/BMA.EHR.Discipline.Service/Controllers/DisciplineDirectorController.cs index 895e7f9c..4ed6e0ce 100644 --- a/BMA.EHR.Discipline.Service/Controllers/DisciplineDirectorController.cs +++ b/BMA.EHR.Discipline.Service/Controllers/DisciplineDirectorController.cs @@ -65,6 +65,7 @@ namespace BMA.EHR.DisciplineDirector.Service.Controllers [HttpGet("{path}")] public async Task> GetDiscipline(string path, int page = 1, int pageSize = 25, string keyword = "") { + // สิทธิ์การเข้าถึง path = path.Trim().ToUpper(); string getPermission; if (path == "MAIN") @@ -84,21 +85,24 @@ namespace BMA.EHR.DisciplineDirector.Service.Controllers getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_DISCIPLINE_INFO"); } - var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } + // สิทธิ์มองเห็นรายชื่อ + var userId = UserId == null ? Guid.Empty : Guid.Parse(UserId); + var profile = await _userProfileRepository.GetUserOC(userId, token.Replace("Bearer ", "")); + if (profile == null) + return Error(GlobalMessages.DataNotFound); + var data_search = (from x in _context.DisciplineDirectors.Include(x => x.DisciplineInvestigate_Directors).Include(x => x.DisciplineDisciplinary_DirectorInvestigates) - where /*x.Prefix.Contains(keyword) || - x.FirstName.Contains(keyword) || - x.LastName.Contains(keyword) ||*/ - ((x.Prefix ?? "") + (x.FirstName ?? "") + " " + (x.LastName ?? "")).Contains(keyword) || + where (((x.Prefix ?? "") + (x.FirstName ?? "") + " " + (x.LastName ?? "")).Contains(keyword) || x.Position.Contains(keyword) || x.Email.Contains(keyword) || x.Phone.Contains(keyword) || - x.Qualification.Contains(keyword) + x.Qualification.Contains(keyword)) && + x.RootDnaId == profile.RootDnaId select x).ToList(); var data = data_search .Select(x => new @@ -192,6 +196,7 @@ namespace BMA.EHR.DisciplineDirector.Service.Controllers Email = req.email, Phone = req.phone, Qualification = req.qualification, + RootDnaId = req.rootDnaId, CreatedFullName = FullName ?? "System Administrator", CreatedUserId = UserId ?? "", CreatedAt = DateTime.Now, diff --git a/BMA.EHR.Discipline.Service/Requests/DisciplineDirectorRequest.cs b/BMA.EHR.Discipline.Service/Requests/DisciplineDirectorRequest.cs index 35f830c3..9ca16f9f 100644 --- a/BMA.EHR.Discipline.Service/Requests/DisciplineDirectorRequest.cs +++ b/BMA.EHR.Discipline.Service/Requests/DisciplineDirectorRequest.cs @@ -12,5 +12,6 @@ namespace BMA.EHR.Discipline.Service.Requests public string? email { get; set; } public string? phone { get; set; } public string? qualification { get; set; } + public Guid? rootDnaId { get; set; } } }