From 05a5897dc75bcb3e68b38ed6ad1c2e2aafb5ddd0 Mon Sep 17 00:00:00 2001 From: AdisakKanthawilang Date: Wed, 25 Sep 2024 14:48:46 +0700 Subject: [PATCH] =?UTF-8?q?=E0=B9=81=E0=B8=81=E0=B9=89=E0=B9=84=E0=B8=82?= =?UTF-8?q?=20#632=20=E0=B9=81=E0=B8=A5=E0=B8=B0=20#633?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Controllers/LeaveRequestController.cs | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/BMA.EHR.Leave/Controllers/LeaveRequestController.cs b/BMA.EHR.Leave/Controllers/LeaveRequestController.cs index 9dd6664f..4e38fcae 100644 --- a/BMA.EHR.Leave/Controllers/LeaveRequestController.cs +++ b/BMA.EHR.Leave/Controllers/LeaveRequestController.cs @@ -1314,6 +1314,12 @@ namespace BMA.EHR.Leave.Service.Controllers public async Task> ApproveCancelLeaveRequestAsync(Guid id, [FromBody] CancelLeaveRequestApproveDto req) { + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_LEAVE_LIST"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } await _leaveRequestRepository.ApproveCancelLeaveRequestAsync(id, req.Reason ?? ""); return Success(); @@ -1335,6 +1341,12 @@ namespace BMA.EHR.Leave.Service.Controllers public async Task> RejectCancelLeaveRequestAsync(Guid id, [FromBody] CancelLeaveRequestApproveDto req) { + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_LEAVE_LIST"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } await _leaveRequestRepository.RejectCancelLeaveRequestAsync(id, req.Reason ?? ""); return Success(); @@ -1380,6 +1392,12 @@ namespace BMA.EHR.Leave.Service.Controllers public async Task> CommanderApproveLeaveRequestAsync(Guid id, [FromBody] LeaveRequestApproveDto req) { + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_LEAVE_LIST"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } await _leaveRequestRepository.CommanderApproveLeaveRequest(id, req.Reason ?? ""); return Success(); @@ -1400,6 +1418,12 @@ namespace BMA.EHR.Leave.Service.Controllers public async Task> ApproveLeaveRequestAsync(Guid id, [FromBody] LeaveRequestApproveDto req) { + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_LEAVE_LIST"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } await _leaveRequestRepository.ApproveLeaveRequest(id, req.Reason ?? ""); return Success(); @@ -1440,6 +1464,12 @@ namespace BMA.EHR.Leave.Service.Controllers public async Task> RejectLeaveRequestAsync(Guid id, [FromBody] LeaveRequestApproveDto req) { + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_LEAVE_LIST"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } await _leaveRequestRepository.RejectLeaveRequest(id, req.Reason ?? ""); return Success();