From 114ef1c01ebd2b5c35ffe6992a95f7284381cdfb Mon Sep 17 00:00:00 2001 From: Bright Date: Tue, 20 Aug 2024 17:27:27 +0700 Subject: [PATCH] =?UTF-8?q?permission=20=E0=B8=9E=E0=B9=89=E0=B8=99?= =?UTF-8?q?=E0=B8=88=E0=B8=B2=E0=B8=81=E0=B8=A3=E0=B8=B2=E0=B8=8A=E0=B8=81?= =?UTF-8?q?=E0=B8=B2=E0=B8=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Controllers/RetirementController.cs | 52 ++++++++++++++++++- .../RetirementDeceasedController.cs | 24 ++++++++- .../Controllers/RetirementOutController.cs | 33 +++++++++++- .../Controllers/RetirementResignController.cs | 42 ++++++++++++++- 4 files changed, 147 insertions(+), 4 deletions(-) diff --git a/BMA.EHR.Retirement.Service/Controllers/RetirementController.cs b/BMA.EHR.Retirement.Service/Controllers/RetirementController.cs index c813db46..41122c5f 100644 --- a/BMA.EHR.Retirement.Service/Controllers/RetirementController.cs +++ b/BMA.EHR.Retirement.Service/Controllers/RetirementController.cs @@ -10,6 +10,7 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Newtonsoft.Json; +using Newtonsoft.Json.Linq; using Swashbuckle.AspNetCore.Annotations; using System.Net.Http.Headers; using System.Security.Claims; @@ -31,6 +32,7 @@ namespace BMA.EHR.Retirement.Service.Controllers private readonly OrganizationCommonRepository _organizationCommonRepository; private readonly IHttpContextAccessor _httpContextAccessor; private readonly IConfiguration _configuration; + private readonly PermissionRepository _permission; public RetirementController(RetirementRepository repository, NotificationRepository repositoryNoti, @@ -38,7 +40,8 @@ namespace BMA.EHR.Retirement.Service.Controllers MinIOService documentService, IConfiguration configuration, OrganizationCommonRepository organizationCommonRepository, - IHttpContextAccessor httpContextAccessor) + IHttpContextAccessor httpContextAccessor, + PermissionRepository permission) { _repository = repository; _repositoryNoti = repositoryNoti; @@ -47,6 +50,7 @@ namespace BMA.EHR.Retirement.Service.Controllers _organizationCommonRepository = organizationCommonRepository; _httpContextAccessor = httpContextAccessor; _configuration = configuration; + _permission = permission; } #region " Properties " @@ -315,6 +319,15 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPost("profile")] public async Task> CreateProfileRetirement([FromBody] PeriodRequest req) { + var action = "CREATE"; + var system = "SYS_RETIREMENT"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); if (!req.Type.Trim().ToUpper().Contains("EMPLOYEE") && !req.Type.Trim().ToUpper().Contains("OFFICER")) return Error("ประเภทพ้นราชการไม่ถูกต้อง"); if (req.Year == 0) @@ -862,6 +875,16 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPut("profile/{retireId:length(36)}")] public async Task> AddProfileRetirement([FromBody] ProfileRequest req, Guid retireId) { + var action = "UPDATE"; + var system = "SYS_RETIREMENT"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); + // var profile = await _context.Profiles // .FirstOrDefaultAsync(x => x.Id == req.ProfileId); // if (profile == null) @@ -1042,6 +1065,15 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPost("edit")] public async Task> EditReasonProfileRetirement([FromBody] ProfileRetireRequest req) { + var action = "CREATE"; + var system = "SYS_RETIREMENT"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var profile = await _context.RetirementProfiles .FirstOrDefaultAsync(x => x.Id == req.RetireProfileId); if (profile == null) @@ -1155,6 +1187,15 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPut("upload/{retireId:length(36)}")] public async Task> UploadRetirement([FromForm] RetirementFileRequest req, Guid retireId) { + var action = "UPDATE"; + var system = "SYS_RETIREMENT"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var retire = await _context.RetirementPeriods .FirstOrDefaultAsync(x => x.Id == retireId); if (retire == null) @@ -1212,6 +1253,15 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPut("detail/{retireId:length(36)}")] public async Task> UpdateDetailRetirement([FromForm] RetirementDetailRequest req, Guid retireId) { + var action = "UPDATE"; + var system = "SYS_RETIREMENT"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var retire = await _context.RetirementPeriods .FirstOrDefaultAsync(x => x.Id == retireId); if (retire == null) diff --git a/BMA.EHR.Retirement.Service/Controllers/RetirementDeceasedController.cs b/BMA.EHR.Retirement.Service/Controllers/RetirementDeceasedController.cs index 64d45fb6..177e3355 100644 --- a/BMA.EHR.Retirement.Service/Controllers/RetirementDeceasedController.cs +++ b/BMA.EHR.Retirement.Service/Controllers/RetirementDeceasedController.cs @@ -15,6 +15,7 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Newtonsoft.Json; +using Newtonsoft.Json.Linq; using Swashbuckle.AspNetCore.Annotations; using System.Net.Http.Headers; using System.Reflection.Metadata; @@ -39,6 +40,7 @@ namespace BMA.EHR.Retirement.Service.Controllers private readonly MinIOService _documentService; private readonly IConfiguration _configuration; private readonly IHttpContextAccessor _httpContextAccessor; + private readonly PermissionRepository _permission; public RetirementDeceasedController(RetirementRepository repository, NotificationRepository repositoryNoti, @@ -46,7 +48,8 @@ namespace BMA.EHR.Retirement.Service.Controllers ApplicationDBContext context, MinIOService documentService, IConfiguration configuration, - IHttpContextAccessor httpContextAccessor) + IHttpContextAccessor httpContextAccessor, + PermissionRepository permission) { _repository = repository; _repositoryNoti = repositoryNoti; @@ -55,6 +58,7 @@ namespace BMA.EHR.Retirement.Service.Controllers _documentService = documentService; _httpContextAccessor = httpContextAccessor; _configuration = configuration; + _permission = permission; } #region " Properties " @@ -542,6 +546,15 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPut("detail/{id:length(36)}")] public async Task> UpdateDetail([FromBody] RetirementDeceasedAddNotiPersonRequest req, Guid id) { + var action = "UPDATE"; + var system = "SYS_PASSAWAY"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var retirementDeceased = await _context.RetirementDeceaseds.AsQueryable() .Include(x => x.RetirementDeceasedNotis) .FirstOrDefaultAsync(x => x.Id == id); @@ -615,6 +628,15 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpDelete("detail/{id:length(36)}")] public async Task> DeleteDetail(Guid id) { + var action = "DELETE"; + var system = "SYS_PASSAWAY"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var retirementDeceasedNoti = await _context.RetirementDeceasedNotis.AsQueryable() .FirstOrDefaultAsync(x => x.Id == id); if (retirementDeceasedNoti == null) diff --git a/BMA.EHR.Retirement.Service/Controllers/RetirementOutController.cs b/BMA.EHR.Retirement.Service/Controllers/RetirementOutController.cs index 11d0bef8..46f63f93 100644 --- a/BMA.EHR.Retirement.Service/Controllers/RetirementOutController.cs +++ b/BMA.EHR.Retirement.Service/Controllers/RetirementOutController.cs @@ -9,6 +9,7 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Newtonsoft.Json; +using Newtonsoft.Json.Linq; using Swashbuckle.AspNetCore.Annotations; using System.Net.Http.Headers; using System.Security.Claims; @@ -29,13 +30,15 @@ namespace BMA.EHR.Retirement.Service.Controllers private readonly MinIOService _documentService; private readonly IHttpContextAccessor _httpContextAccessor; private readonly IConfiguration _configuration; + private readonly PermissionRepository _permission; public RetirementOutController(RetirementRepository repository, NotificationRepository repositoryNoti, ApplicationDBContext context, MinIOService documentService, IHttpContextAccessor httpContextAccessor, - IConfiguration configuration) + IConfiguration configuration, + PermissionRepository permission) { _repository = repository; _repositoryNoti = repositoryNoti; @@ -43,6 +46,7 @@ namespace BMA.EHR.Retirement.Service.Controllers _documentService = documentService; _httpContextAccessor = httpContextAccessor; _configuration = configuration; + _permission = permission; } #region " Properties " @@ -334,6 +338,15 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPut("{id:length(36)}")] public async Task> Put([FromBody] RetirementOutEditRequest req, Guid id) { + var action = "UPDATE"; + var system = "SYS_DISMISS"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.RetirementOuts .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -393,6 +406,15 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpDelete("{id:length(36)}")] public async Task> Delete(Guid id) { + var action = "DELETE"; + var system = "SYS_DISMISS"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var deleted = await _context.RetirementOuts.AsQueryable() .FirstOrDefaultAsync(x => x.Id == id); if (deleted == null) @@ -414,6 +436,15 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPost("report")] public async Task> PostToReport([FromBody] RetirementProfileRequest req) { + var action = "CREATE"; + var system = "SYS_DISMISS"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); foreach (var item in req.Id) { var uppdated = await _context.RetirementOuts diff --git a/BMA.EHR.Retirement.Service/Controllers/RetirementResignController.cs b/BMA.EHR.Retirement.Service/Controllers/RetirementResignController.cs index 75a00725..8fb92625 100644 --- a/BMA.EHR.Retirement.Service/Controllers/RetirementResignController.cs +++ b/BMA.EHR.Retirement.Service/Controllers/RetirementResignController.cs @@ -11,6 +11,7 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Newtonsoft.Json; +using Newtonsoft.Json.Linq; using Swashbuckle.AspNetCore.Annotations; using System.Net.Http.Headers; using System.Security.Claims; @@ -33,13 +34,15 @@ namespace BMA.EHR.Retirement.Service.Controllers private readonly MinIOService _documentService; private readonly IHttpContextAccessor _httpContextAccessor; private readonly IConfiguration _configuration; + private readonly PermissionRepository _permission; public RetirementResignController(RetirementRepository repository, NotificationRepository repositoryNoti, ApplicationDBContext context, MinIOService documentService, IHttpContextAccessor httpContextAccessor, - IConfiguration configuration) + IConfiguration configuration, + PermissionRepository permission) { _repository = repository; _repositoryNoti = repositoryNoti; @@ -47,6 +50,7 @@ namespace BMA.EHR.Retirement.Service.Controllers _documentService = documentService; _httpContextAccessor = httpContextAccessor; _configuration = configuration; + _permission = permission; } #region " Properties " @@ -1045,6 +1049,15 @@ $"คำขอลาออกของ {updated.prefix}{updated.firstName} {upda [HttpPost("report")] public async Task> PostToReport([FromBody] RetirementProfileRequest req) { + var action = "CREATE"; + var system = "SYS_RESIGN"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); foreach (var item in req.Id) { var uppdated = await _context.RetirementResigns @@ -1356,6 +1369,15 @@ $"คำขอลาออกของ {updated.prefix}{updated.firstName} {upda [HttpPut("questionnaire/comment/{id:length(36)}")] public async Task> PutQuestionComment([FromBody] RetirementQuestionCommentRequest req, Guid id) { + var action = "UPDATE"; + var system = "SYS_RESIGN_INTERVIEW"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.RetirementQuestions.AsQueryable() .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -1394,6 +1416,15 @@ $"คำขอลาออกของ {updated.prefix}{updated.firstName} {upda [HttpPut("questionnaire/appoint/{id:length(36)}")] public async Task> UpdateAppointQuestion([FromBody] RetirementQuestionAppointRequest req, Guid id) { + var action = "UPDATE"; + var system = "SYS_RESIGN_INTERVIEW"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.RetirementQuestions.AsQueryable() .Include(x => x.RetirementResign) .FirstOrDefaultAsync(x => x.Id == id); @@ -1482,6 +1513,15 @@ $"คำขอลาออกของ {updated.prefix}{updated.firstName} {upda [HttpPut("questionnaire/question")] public async Task> UpdateQuestionnaireQuestion([FromBody] RetirementQuestionnaireQuestionRequest req) { + var action = "UPDATE"; + var system = "SYS_RESIGN_INTERVIEW"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.RetirementQuestionnaireQuestions.AsQueryable() .FirstOrDefaultAsync(); if (uppdated == null)