diff --git a/BMA.EHR.Command.Service/Controllers/OrderController.cs b/BMA.EHR.Command.Service/Controllers/OrderController.cs index 5e6485e9..5dfedcf8 100644 --- a/BMA.EHR.Command.Service/Controllers/OrderController.cs +++ b/BMA.EHR.Command.Service/Controllers/OrderController.cs @@ -19,6 +19,8 @@ using Swashbuckle.AspNetCore.Annotations; using System.Net; using System.Net.Http.Headers; using System.Security.Claims; +using Newtonsoft.Json; +using Newtonsoft.Json.Linq; namespace BMA.EHR.Command.Service.Controllers { @@ -45,6 +47,7 @@ namespace BMA.EHR.Command.Service.Controllers private readonly IWebHostEnvironment _hostingEnvironment; private readonly MinIOService _minIOService; private readonly IConfiguration _configuration; + private readonly PermissionRepository _permission; // for add watermark private BaseFont baseFont = BaseFont.CreateFont(BaseFont.TIMES_ROMAN, BaseFont.CP1252, false); @@ -65,7 +68,8 @@ namespace BMA.EHR.Command.Service.Controllers EmailSenderService emailSenderService, IWebHostEnvironment hostingEnvironment, MinIOService minIOService, - IConfiguration configuration) + IConfiguration configuration, + PermissionRepository permission) { _repository = repository; _context = context; @@ -80,6 +84,7 @@ namespace BMA.EHR.Command.Service.Controllers _hostingEnvironment = hostingEnvironment; _minIOService = minIOService; _configuration = configuration; + _permission = permission; } #endregion @@ -547,6 +552,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); await _repository.GotoNextStateAsync(orderId); return Success(); } @@ -782,6 +796,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -834,6 +857,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -892,6 +924,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -944,6 +985,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1002,6 +1052,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1054,6 +1113,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1112,6 +1180,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1164,6 +1241,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1222,6 +1308,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1274,6 +1369,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1332,6 +1436,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1379,6 +1492,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1430,6 +1552,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1477,6 +1608,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1528,6 +1668,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1571,6 +1720,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1619,6 +1777,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1665,6 +1832,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1717,6 +1893,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1766,6 +1951,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1821,6 +2015,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1875,6 +2078,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1934,6 +2146,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1982,6 +2203,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2034,6 +2264,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2082,6 +2321,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2134,6 +2382,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2180,6 +2437,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2230,6 +2496,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2278,6 +2553,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2330,6 +2614,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2373,6 +2666,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2421,6 +2723,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2467,6 +2778,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2518,6 +2838,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2561,6 +2890,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2609,6 +2947,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2658,6 +3005,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2712,6 +3068,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2767,6 +3132,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2826,6 +3200,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2881,6 +3264,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2941,6 +3333,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2989,6 +3390,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3041,6 +3451,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3084,6 +3503,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3132,6 +3560,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3175,6 +3612,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3223,6 +3669,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3269,6 +3724,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3319,6 +3783,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3367,6 +3840,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3420,6 +3902,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3469,6 +3960,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3522,6 +4022,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3571,6 +4080,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3624,6 +4142,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3672,6 +4199,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3725,6 +4261,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3773,6 +4318,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3826,6 +4380,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3874,6 +4437,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3927,6 +4499,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3975,6 +4556,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4028,6 +4618,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -4076,6 +4675,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4129,6 +4737,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -4179,6 +4796,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4234,6 +4860,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -4284,6 +4919,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4339,6 +4983,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -4389,6 +5042,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4444,6 +5106,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -4494,6 +5165,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4549,6 +5229,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -4599,6 +5288,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4654,6 +5352,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -4704,6 +5411,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4759,6 +5475,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -4811,6 +5536,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4869,6 +5603,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -4912,6 +5655,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -5184,6 +5936,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var token = string.Empty; if (AuthenticationHeaderValue.TryParse(authorization, out var headerValue)) { @@ -5225,6 +5986,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "DELETE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var receiver = await _repository.DeleteCommandReceiverAsync(personalId); return Success(receiver); } @@ -5327,6 +6097,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "CREATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); // transform req var deploys = new List(); foreach (var p in req) @@ -5368,6 +6147,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); // transform var deploys = new List(); foreach (var p in req) @@ -5404,6 +6192,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "DELETE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); await _repository.DeleteCommandDeploymentAsync(personalId); return Success(); } @@ -5761,6 +6558,15 @@ namespace BMA.EHR.Command.Service.Controllers { try { + var action = "UPDATE"; + var system = "COMMAND"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var receiver = await _repository.GetCommandReceiverAsync(personalId); if (receiver == null)