diff --git a/BMA.EHR.Retirement.Service/Controllers/RetirementOutController.cs b/BMA.EHR.Retirement.Service/Controllers/RetirementOutController.cs index e996abab..be31a5c9 100644 --- a/BMA.EHR.Retirement.Service/Controllers/RetirementOutController.cs +++ b/BMA.EHR.Retirement.Service/Controllers/RetirementOutController.cs @@ -239,16 +239,6 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailAdmin(Guid id) { - var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_DISMISS"); - if (getWorkflow == false) - { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISMISS"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") - { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); - } - } var data = await _context.RetirementOuts.AsQueryable() .Where(x => x.Id == id) .Select(p => new @@ -294,6 +284,20 @@ namespace BMA.EHR.Retirement.Service.Controllers p.OrganizationOld, }) .FirstOrDefaultAsync(); + + string _system = data != null && data.profileType?.Trim().ToUpper() == "OFFICER" ? "SYS_DISMISS" : "SYS_DISMISS_EMP"; + + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), _system); + if (getWorkflow == false) + { + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISMISS"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + } + if (data == null) return Error(GlobalMessages.DataNotFound, 404); @@ -462,14 +466,18 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPut("{id:length(36)}")] public async Task> Put([FromBody] RetirementOutEditRequest req, Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_DISMISS"); + var uppdated = await _context.RetirementOuts + .FirstOrDefaultAsync(x => x.Id == id); + + string _system = uppdated != null && uppdated.profileType?.Trim().ToUpper() == "OFFICER" ? "SYS_DISMISS" : "SYS_DISMISS_EMP"; + + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", _system); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var uppdated = await _context.RetirementOuts - .FirstOrDefaultAsync(x => x.Id == id); + if (uppdated == null) return Error(GlobalMessages.RetirementOutNotFound, 404); @@ -527,14 +535,18 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpDelete("{id:length(36)}")] public async Task> Delete(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "SYS_DISMISS"); + var deleted = await _context.RetirementOuts.AsQueryable() + .FirstOrDefaultAsync(x => x.Id == id); + + string _system = deleted != null && deleted.profileType?.Trim().ToUpper() == "OFFICER" ? "SYS_DISMISS" : "SYS_DISMISS_EMP"; + + var getPermission = await _permission.GetPermissionAPIAsync("DELETE", _system); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var deleted = await _context.RetirementOuts.AsQueryable() - .FirstOrDefaultAsync(x => x.Id == id); + if (deleted == null) return NotFound(); _context.RetirementOuts.Remove(deleted);