api อัพเดทสถานะเป็นบรรจุ เปลี่ยนสิทธิ์จาก super_admin เป็น owner
All checks were successful
Build & Deploy Placement Service / build (push) Successful in 1m26s
All checks were successful
Build & Deploy Placement Service / build (push) Successful in 1m26s
This commit is contained in:
parent
c693364fe1
commit
1d8ef79373
1 changed files with 12 additions and 3 deletions
|
|
@ -64,7 +64,7 @@ namespace BMA.EHR.Placement.Service.Controllers
|
||||||
private string? UserId => _httpContextAccessor?.HttpContext?.User?.FindFirst(ClaimTypes.NameIdentifier)?.Value;
|
private string? UserId => _httpContextAccessor?.HttpContext?.User?.FindFirst(ClaimTypes.NameIdentifier)?.Value;
|
||||||
private string? FullName => _httpContextAccessor?.HttpContext?.User?.FindFirst("name")?.Value;
|
private string? FullName => _httpContextAccessor?.HttpContext?.User?.FindFirst("name")?.Value;
|
||||||
private string? token => _httpContextAccessor.HttpContext.Request.Headers["Authorization"];
|
private string? token => _httpContextAccessor.HttpContext.Request.Headers["Authorization"];
|
||||||
private bool isSuperAdmin => _httpContextAccessor?.HttpContext?.User?.IsInRole("SUPER_ADMIN") ?? false;
|
//private bool isSuperAdmin => _httpContextAccessor?.HttpContext?.User?.IsInRole("SUPER_ADMIN") ?? false;
|
||||||
|
|
||||||
#endregion
|
#endregion
|
||||||
|
|
||||||
|
|
@ -867,8 +867,17 @@ namespace BMA.EHR.Placement.Service.Controllers
|
||||||
[ProducesResponseType(StatusCodes.Status500InternalServerError)]
|
[ProducesResponseType(StatusCodes.Status500InternalServerError)]
|
||||||
public async Task<ActionResult<ResponseObject>> PersonUpdateStatus([FromBody] PersonUpdateStatusRequest req)
|
public async Task<ActionResult<ResponseObject>> PersonUpdateStatus([FromBody] PersonUpdateStatusRequest req)
|
||||||
{
|
{
|
||||||
if (isSuperAdmin == false)
|
var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_PLACEMENT_PASS");
|
||||||
return Success();
|
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
|
||||||
|
if (jsonData["status"]?.ToString() != "200")
|
||||||
|
{
|
||||||
|
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
|
||||||
|
}
|
||||||
|
string role = jsonData["result"]?.ToString();
|
||||||
|
if (role != "OWNER")
|
||||||
|
{
|
||||||
|
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
|
||||||
|
}
|
||||||
|
|
||||||
var person = await _context.PlacementProfiles
|
var person = await _context.PlacementProfiles
|
||||||
.FirstOrDefaultAsync(x => x.Id == req.PersonalId);
|
.FirstOrDefaultAsync(x => x.Id == req.PersonalId);
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue