permission พ้นจากราชการ

2024-08-20 17:27:27 +07:00 · 2024-08-20 17:27:27 +07:00 · 114ef1c01e
commit 114ef1c01e
parent f8c62a1cde
4 changed files with 147 additions and 4 deletions
--- a/BMA.EHR.Retirement.Service/Controllers/RetirementResignController.cs
+++ b/BMA.EHR.Retirement.Service/Controllers/RetirementResignController.cs
@ -11,6 +11,7 @@ using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;
 using Newtonsoft.Json;
+using Newtonsoft.Json.Linq;
 using Swashbuckle.AspNetCore.Annotations;
 using System.Net.Http.Headers;
 using System.Security.Claims;
@ -33,13 +34,15 @@ namespace BMA.EHR.Retirement.Service.Controllers
        private readonly MinIOService _documentService;
        private readonly IHttpContextAccessor _httpContextAccessor;
        private readonly IConfiguration _configuration;
+        private readonly PermissionRepository _permission;

        public RetirementResignController(RetirementRepository repository,
                                   NotificationRepository repositoryNoti,
                                   ApplicationDBContext context,
                                   MinIOService documentService,
                                   IHttpContextAccessor httpContextAccessor,
-                                   IConfiguration configuration)
+                                   IConfiguration configuration,
+                                   PermissionRepository permission)
        {
            _repository = repository;
            _repositoryNoti = repositoryNoti;
@ -47,6 +50,7 @@ namespace BMA.EHR.Retirement.Service.Controllers
            _documentService = documentService;
            _httpContextAccessor = httpContextAccessor;
            _configuration = configuration;
+            _permission = permission;
        }

        #region " Properties "
@ -1045,6 +1049,15 @@ $"คำขอลาออกของ {updated.prefix}{updated.firstName} {upda
        [HttpPost("report")]
        public async Task<ActionResult<ResponseObject>> PostToReport([FromBody] RetirementProfileRequest req)
        {
+            var action = "CREATE";
+            var system = "SYS_RESIGN";
+            var getPermission = await _permission.GetPermissionAPIAsync(action, system);
+            var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
+            if (jsonData["status"]?.ToString() != "200")
+            {
+                return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
+            }
+            var attrPrivilege = jsonData["result"]?.ToString();
            foreach (var item in req.Id)
            {
                var uppdated = await _context.RetirementResigns
@ -1356,6 +1369,15 @@ $"คำขอลาออกของ {updated.prefix}{updated.firstName} {upda
        [HttpPut("questionnaire/comment/{id:length(36)}")]
        public async Task<ActionResult<ResponseObject>> PutQuestionComment([FromBody] RetirementQuestionCommentRequest req, Guid id)
        {
+            var action = "UPDATE";
+            var system = "SYS_RESIGN_INTERVIEW";
+            var getPermission = await _permission.GetPermissionAPIAsync(action, system);
+            var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
+            if (jsonData["status"]?.ToString() != "200")
+            {
+                return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
+            }
+            var attrPrivilege = jsonData["result"]?.ToString();
            var uppdated = await _context.RetirementQuestions.AsQueryable()
                            .FirstOrDefaultAsync(x => x.Id == id);
            if (uppdated == null)
@ -1394,6 +1416,15 @@ $"คำขอลาออกของ {updated.prefix}{updated.firstName} {upda
        [HttpPut("questionnaire/appoint/{id:length(36)}")]
        public async Task<ActionResult<ResponseObject>> UpdateAppointQuestion([FromBody] RetirementQuestionAppointRequest req, Guid id)
        {
+            var action = "UPDATE";
+            var system = "SYS_RESIGN_INTERVIEW";
+            var getPermission = await _permission.GetPermissionAPIAsync(action, system);
+            var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
+            if (jsonData["status"]?.ToString() != "200")
+            {
+                return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
+            }
+            var attrPrivilege = jsonData["result"]?.ToString();
            var uppdated = await _context.RetirementQuestions.AsQueryable()
                            .Include(x => x.RetirementResign)
                            .FirstOrDefaultAsync(x => x.Id == id);
@ -1482,6 +1513,15 @@ $"คำขอลาออกของ {updated.prefix}{updated.firstName} {upda
        [HttpPut("questionnaire/question")]
        public async Task<ActionResult<ResponseObject>> UpdateQuestionnaireQuestion([FromBody] RetirementQuestionnaireQuestionRequest req)
        {
+            var action = "UPDATE";
+            var system = "SYS_RESIGN_INTERVIEW";
+            var getPermission = await _permission.GetPermissionAPIAsync(action, system);
+            var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
+            if (jsonData["status"]?.ToString() != "200")
+            {
+                return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
+            }
+            var attrPrivilege = jsonData["result"]?.ToString();
            var uppdated = await _context.RetirementQuestionnaireQuestions.AsQueryable()
                            .FirstOrDefaultAsync();
            if (uppdated == null)