hrms-bangkok/hrms-api-backend
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages 7 Wiki Activity Actions

api อัพเดทสถานะเป็นบรรจุ เปลี่ยนสิทธิ์จาก super_admin เป็น owner
All checks were successful
Build & Deploy Placement Service / build (push) Successful in 1m26s
Details

Browse source
This commit is contained in:
harid 2026-02-06 10:18:47 +07:00
parent c693364fe1
commit 1d8ef79373
1 changed files with 12 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

15
BMA.EHR.Placement.Service/Controllers/PlacementController.cs
View file

@ -64,7 +64,7 @@ namespace BMA.EHR.Placement.Service.Controllers
private string? UserId => _httpContextAccessor?.HttpContext?.User?.FindFirst(ClaimTypes.NameIdentifier)?.Value;
private string? FullName => _httpContextAccessor?.HttpContext?.User?.FindFirst("name")?.Value;
private string? token => _httpContextAccessor.HttpContext.Request.Headers["Authorization"];
private bool isSuperAdmin => _httpContextAccessor?.HttpContext?.User?.IsInRole("SUPER_ADMIN") ?? false;
//private bool isSuperAdmin => _httpContextAccessor?.HttpContext?.User?.IsInRole("SUPER_ADMIN") ?? false;
#endregion
@ -867,8 +867,17 @@ namespace BMA.EHR.Placement.Service.Controllers
[ProducesResponseType(StatusCodes.Status500InternalServerError)]
public async Task<ActionResult<ResponseObject>> PersonUpdateStatus([FromBody] PersonUpdateStatusRequest req)
{
if (isSuperAdmin == false)
return Success();
var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_PLACEMENT_PASS");
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
string role = jsonData["result"]?.ToString();
if (role != "OWNER")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
var person = await _context.PlacementProfiles
.FirstOrDefaultAsync(x => x.Id == req.PersonalId);