hrms-bangkok/hrms-api-backend
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages 7 Wiki Activity Actions

fix รายการให้ออกลูกจ้าง ระบบใช้สิทธิ์ API เส้นเดียวกับของขรก. #2173
All checks were successful
Build & Deploy Retirement Service / build (push) Successful in 1m21s
Details

Browse source
This commit is contained in:
harid 2026-01-19 18:17:11 +07:00
parent 93a83b34e6
commit 1aab307f6a
1 changed files with 28 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

44
BMA.EHR.Retirement.Service/Controllers/RetirementOutController.cs
View file

@ -239,16 +239,6 @@ namespace BMA.EHR.Retirement.Service.Controllers
[HttpGet("{id:length(36)}")] [HttpGet("{id:length(36)}")]
public async Task<ActionResult<ResponseObject>> GetDetailAdmin(Guid id) public async Task<ActionResult<ResponseObject>> GetDetailAdmin(Guid id)
{ {
var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_DISMISS");
if (getWorkflow == false)
{
var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISMISS");
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
}
var data = await _context.RetirementOuts.AsQueryable() var data = await _context.RetirementOuts.AsQueryable()
.Where(x => x.Id == id) .Where(x => x.Id == id)
.Select(p => new .Select(p => new
@ -294,6 +284,20 @@ namespace BMA.EHR.Retirement.Service.Controllers
p.OrganizationOld, p.OrganizationOld,
}) })
.FirstOrDefaultAsync(); .FirstOrDefaultAsync();
string _system = data != null && data.profileType?.Trim().ToUpper() == "OFFICER" ? "SYS_DISMISS" : "SYS_DISMISS_EMP";
var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), _system);
if (getWorkflow == false)
{
var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISMISS");
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
}
if (data == null) if (data == null)
return Error(GlobalMessages.DataNotFound, 404); return Error(GlobalMessages.DataNotFound, 404);
@ -462,14 +466,18 @@ namespace BMA.EHR.Retirement.Service.Controllers
[HttpPut("{id:length(36)}")] [HttpPut("{id:length(36)}")]
public async Task<ActionResult<ResponseObject>> Put([FromBody] RetirementOutEditRequest req, Guid id) public async Task<ActionResult<ResponseObject>> Put([FromBody] RetirementOutEditRequest req, Guid id)
{ {
var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_DISMISS"); var uppdated = await _context.RetirementOuts
.FirstOrDefaultAsync(x => x.Id == id);
string _system = uppdated != null && uppdated.profileType?.Trim().ToUpper() == "OFFICER" ? "SYS_DISMISS" : "SYS_DISMISS_EMP";
var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", _system);
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission); var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200") if (jsonData["status"]?.ToString() != "200")
{ {
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
} }
var uppdated = await _context.RetirementOuts
.FirstOrDefaultAsync(x => x.Id == id);
if (uppdated == null) if (uppdated == null)
return Error(GlobalMessages.RetirementOutNotFound, 404); return Error(GlobalMessages.RetirementOutNotFound, 404);
@ -527,14 +535,18 @@ namespace BMA.EHR.Retirement.Service.Controllers
[HttpDelete("{id:length(36)}")] [HttpDelete("{id:length(36)}")]
public async Task<ActionResult<ResponseObject>> Delete(Guid id) public async Task<ActionResult<ResponseObject>> Delete(Guid id)
{ {
var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "SYS_DISMISS"); var deleted = await _context.RetirementOuts.AsQueryable()
.FirstOrDefaultAsync(x => x.Id == id);
string _system = deleted != null && deleted.profileType?.Trim().ToUpper() == "OFFICER" ? "SYS_DISMISS" : "SYS_DISMISS_EMP";
var getPermission = await _permission.GetPermissionAPIAsync("DELETE", _system);
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission); var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200") if (jsonData["status"]?.ToString() != "200")
{ {
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
} }
var deleted = await _context.RetirementOuts.AsQueryable()
.FirstOrDefaultAsync(x => x.Id == id);
if (deleted == null) if (deleted == null)
return NotFound(); return NotFound();
_context.RetirementOuts.Remove(deleted); _context.RetirementOuts.Remove(deleted);