From 4bec812d258d3a8763def344668a06e021806a9e Mon Sep 17 00:00:00 2001 From: kittapath Date: Tue, 22 Oct 2024 08:20:33 +0700 Subject: [PATCH] check workflow --- .github/workflows/release_Retirement.yaml | 38 +++++++-------- .github/workflows/release_command.yaml | 38 +++++++-------- .github/workflows/release_discipline.yaml | 38 +++++++-------- .github/workflows/release_leave.yaml | 38 +++++++-------- .github/workflows/release_placement.yaml | 38 +++++++-------- .github/workflows/release_report.yaml | 38 +++++++-------- .../Repositories/PermissionRepository.cs | 34 +++++++++++++ .../DisciplineComplaintController.cs | 38 +++++++++------ .../DisciplineComplaint_AppealController.cs | 12 +++-- .../DisciplineComplaint_ChannelController.cs | 12 +++-- .../DisciplineDirectorController.cs | 14 ++++-- .../DisciplineDisciplinaryController.cs | 38 ++++++++++----- .../DisciplineInvestigateController.cs | 8 ++++ .../Controllers/DisciplineResultController.cs | 12 +++-- .../DisciplineSuspendController.cs | 12 +++-- .../Controllers/InsigniaManageController.cs | 12 +++-- .../Controllers/InsigniaPeriodController.cs | 12 +++-- .../Controllers/InsigniaRequestController.cs | 14 ++++-- BMA.EHR.Leave/Controllers/LeaveController.cs | 48 ++++++++++++------- .../Controllers/LeaveRequestController.cs | 14 ++++-- .../PlacementAppointmentController.cs | 12 +++-- .../PlacementAppointmentEmployeeController.cs | 12 +++-- .../Controllers/PlacementController.cs | 38 ++++++++++----- .../Controllers/PlacementOfficerController.cs | 12 +++-- .../Controllers/PlacementReceiveController.cs | 12 +++-- .../PlacementRepatriationController.cs | 12 +++-- .../PlacementTransferController.cs | 14 ++++-- .../Controllers/InsigniaReportController.cs | 42 ++++++++++------ .../Controllers/RetirementController.cs | 12 +++-- .../RetirementDeceasedController.cs | 12 +++-- .../Controllers/RetirementOtherController.cs | 12 +++-- .../Controllers/RetirementOutController.cs | 12 +++-- .../Controllers/RetirementResignController.cs | 12 ++++- 33 files changed, 455 insertions(+), 267 deletions(-) diff --git a/.github/workflows/release_Retirement.yaml b/.github/workflows/release_Retirement.yaml index 02bfe31e..24d501ab 100644 --- a/.github/workflows/release_Retirement.yaml +++ b/.github/workflows/release_Retirement.yaml @@ -15,7 +15,7 @@ env: DEPLOY_PORT: 10102 # COMPOSE_PATH: /home/frappet/docker/bma-ehr COMPOSE_PATH: /home/frappet/docker/bma/bma-ehr-retirement - TOKEN_LINE: uxuK5hDzS2DsoC5piJBrWRLiz8GgY7iMZZldOWsDDF0 + TOKEN_LINE: 2Y0kIem9pgiTcWpp4DSOZn4SHu4tpueWFLN22LsAsp0 jobs: # act workflow_dispatch -W .github/workflows/release_retirement.yaml --input IMAGE_VER=latest -s DOCKER_USER=admin -s DOCKER_PASS=FPTadmin2357 -s SSH_PASSWORD=FPTadmin2357 @@ -69,21 +69,21 @@ jobs: docker compose pull docker compose up -d echo "${{ steps.gen_ver.outputs.image_ver }}"> success - # - uses: snow-actions/line-notify@v1.1.0 - # if: success() - # with: - # access_token: ${{ env.TOKEN_LINE }} - # message: | - # -Success✅✅✅ - # Image: ${{env.IMAGE_NAME}} - # Version: ${{ github.event.inputs.IMAGE_VER }} - # By: ${{secrets.DOCKER_USER}} - # - uses: snow-actions/line-notify@v1.1.0 - # if: failure() - # with: - # access_token: ${{ env.TOKEN_LINE }} - # message: | - # -Failure❌❌❌ - # Image: ${{env.IMAGE_NAME}} - # Version: ${{ github.event.inputs.IMAGE_VER }} - # By: ${{secrets.DOCKER_USER}} + - uses: snow-actions/line-notify@v1.1.0 + if: success() + with: + access_token: ${{ env.TOKEN_LINE }} + message: | + -Success✅✅✅ + Image: ${{env.IMAGE_NAME}} + Version: ${{ github.event.inputs.IMAGE_VER }} + By: ${{secrets.DOCKER_USER}} + - uses: snow-actions/line-notify@v1.1.0 + if: failure() + with: + access_token: ${{ env.TOKEN_LINE }} + message: | + -Failure❌❌❌ + Image: ${{env.IMAGE_NAME}} + Version: ${{ github.event.inputs.IMAGE_VER }} + By: ${{secrets.DOCKER_USER}} diff --git a/.github/workflows/release_command.yaml b/.github/workflows/release_command.yaml index 82287b09..5f8df8d7 100644 --- a/.github/workflows/release_command.yaml +++ b/.github/workflows/release_command.yaml @@ -15,7 +15,7 @@ env: DEPLOY_PORT: 10102 # COMPOSE_PATH: /home/frappet/docker/bma-ehr COMPOSE_PATH: /home/frappet/docker/bma/bma-ehr-command - TOKEN_LINE: uxuK5hDzS2DsoC5piJBrWRLiz8GgY7iMZZldOWsDDF0 + TOKEN_LINE: 2Y0kIem9pgiTcWpp4DSOZn4SHu4tpueWFLN22LsAsp0 jobs: # act workflow_dispatch -W .github/workflows/release_command.yaml --input IMAGE_VER=latest -s DOCKER_USER=admin -s DOCKER_PASS=FPTadmin2357 -s SSH_PASSWORD=FPTadmin2357 @@ -69,21 +69,21 @@ jobs: docker compose pull docker compose up -d echo "${{ steps.gen_ver.outputs.image_ver }}"> success - # - uses: snow-actions/line-notify@v1.1.0 - # if: success() - # with: - # access_token: ${{ env.TOKEN_LINE }} - # message: | - # -Success✅✅✅ - # Image: ${{env.IMAGE_NAME}} - # Version: ${{ github.event.inputs.IMAGE_VER }} - # By: ${{secrets.DOCKER_USER}} - # - uses: snow-actions/line-notify@v1.1.0 - # if: failure() - # with: - # access_token: ${{ env.TOKEN_LINE }} - # message: | - # -Failure❌❌❌ - # Image: ${{env.IMAGE_NAME}} - # Version: ${{ github.event.inputs.IMAGE_VER }} - # By: ${{secrets.DOCKER_USER}} + - uses: snow-actions/line-notify@v1.1.0 + if: success() + with: + access_token: ${{ env.TOKEN_LINE }} + message: | + -Success✅✅✅ + Image: ${{env.IMAGE_NAME}} + Version: ${{ github.event.inputs.IMAGE_VER }} + By: ${{secrets.DOCKER_USER}} + - uses: snow-actions/line-notify@v1.1.0 + if: failure() + with: + access_token: ${{ env.TOKEN_LINE }} + message: | + -Failure❌❌❌ + Image: ${{env.IMAGE_NAME}} + Version: ${{ github.event.inputs.IMAGE_VER }} + By: ${{secrets.DOCKER_USER}} diff --git a/.github/workflows/release_discipline.yaml b/.github/workflows/release_discipline.yaml index 59f6f5e9..8ed4b2ce 100644 --- a/.github/workflows/release_discipline.yaml +++ b/.github/workflows/release_discipline.yaml @@ -15,7 +15,7 @@ env: DEPLOY_PORT: 10102 # COMPOSE_PATH: /home/frappet/docker/bma-ehr COMPOSE_PATH: /home/frappet/docker/bma/bma-ehr-discipline - TOKEN_LINE: uxuK5hDzS2DsoC5piJBrWRLiz8GgY7iMZZldOWsDDF0 + TOKEN_LINE: 2Y0kIem9pgiTcWpp4DSOZn4SHu4tpueWFLN22LsAsp0 jobs: # act workflow_dispatch -W .github/workflows/release_discipline.yaml --input IMAGE_VER=latest -s DOCKER_USER=admin -s DOCKER_PASS=FPTadmin2357 -s SSH_PASSWORD=FPTadmin2357 @@ -69,21 +69,21 @@ jobs: docker compose pull docker compose up -d echo "${{ steps.gen_ver.outputs.image_ver }}"> success - # - uses: snow-actions/line-notify@v1.1.0 - # if: success() - # with: - # access_token: ${{ env.TOKEN_LINE }} - # message: | - # -Success✅✅✅ - # Image: ${{env.IMAGE_NAME}} - # Version: ${{ github.event.inputs.IMAGE_VER }} - # By: ${{secrets.DOCKER_USER}} - # - uses: snow-actions/line-notify@v1.1.0 - # if: failure() - # with: - # access_token: ${{ env.TOKEN_LINE }} - # message: | - # -Failure❌❌❌ - # Image: ${{env.IMAGE_NAME}} - # Version: ${{ github.event.inputs.IMAGE_VER }} - # By: ${{secrets.DOCKER_USER}} + - uses: snow-actions/line-notify@v1.1.0 + if: success() + with: + access_token: ${{ env.TOKEN_LINE }} + message: | + -Success✅✅✅ + Image: ${{env.IMAGE_NAME}} + Version: ${{ github.event.inputs.IMAGE_VER }} + By: ${{secrets.DOCKER_USER}} + - uses: snow-actions/line-notify@v1.1.0 + if: failure() + with: + access_token: ${{ env.TOKEN_LINE }} + message: | + -Failure❌❌❌ + Image: ${{env.IMAGE_NAME}} + Version: ${{ github.event.inputs.IMAGE_VER }} + By: ${{secrets.DOCKER_USER}} diff --git a/.github/workflows/release_leave.yaml b/.github/workflows/release_leave.yaml index 1f2177f8..cceb4315 100644 --- a/.github/workflows/release_leave.yaml +++ b/.github/workflows/release_leave.yaml @@ -12,7 +12,7 @@ env: DEPLOY_PORT: 10102 # COMPOSE_PATH: /home/frappet/docker/bma-ehr COMPOSE_PATH: /home/frappet/docker/bma/bma-ehr-leave - TOKEN_LINE: uxuK5hDzS2DsoC5piJBrWRLiz8GgY7iMZZldOWsDDF0 + TOKEN_LINE: 2Y0kIem9pgiTcWpp4DSOZn4SHu4tpueWFLN22LsAsp0 jobs: # act workflow_dispatch -W .github/workflows/release_leave.yaml --input IMAGE_VER=leave-1.0.0 -s DOCKER_USER=sorawit -s DOCKER_PASS=P@ssword -s SSH_PASSWORD=P@ssw0rd @@ -70,21 +70,21 @@ jobs: docker compose pull docker compose up -d echo "${{ steps.gen_ver.outputs.image_ver }}"> success - # - uses: snow-actions/line-notify@v1.1.0 - # if: success() - # with: - # access_token: ${{ secrets.TOKEN_LINE }} - # message: | - # -Success✅✅✅ - # Image: ${{env.IMAGE_NAME}} - # Version: ${{ steps.gen_ver.outputs.IMAGE_VER }} - # By: ${{secrets.DOCKER_USER}} - # - uses: snow-actions/line-notify@v1.1.0 - # if: failure() - # with: - # access_token: ${{ secrets.TOKEN_LINE }} - # message: | - # -Failure❌❌❌ - # Image: ${{env.IMAGE_NAME}} - # Version: ${{ steps.gen_ver.outputs.IMAGE_VER }} - # By: ${{secrets.DOCKER_USER}} \ No newline at end of file + - uses: snow-actions/line-notify@v1.1.0 + if: success() + with: + access_token: ${{ secrets.TOKEN_LINE }} + message: | + -Success✅✅✅ + Image: ${{env.IMAGE_NAME}} + Version: ${{ steps.gen_ver.outputs.IMAGE_VER }} + By: ${{secrets.DOCKER_USER}} + - uses: snow-actions/line-notify@v1.1.0 + if: failure() + with: + access_token: ${{ secrets.TOKEN_LINE }} + message: | + -Failure❌❌❌ + Image: ${{env.IMAGE_NAME}} + Version: ${{ steps.gen_ver.outputs.IMAGE_VER }} + By: ${{secrets.DOCKER_USER}} \ No newline at end of file diff --git a/.github/workflows/release_placement.yaml b/.github/workflows/release_placement.yaml index 53c65a53..3f221d5e 100644 --- a/.github/workflows/release_placement.yaml +++ b/.github/workflows/release_placement.yaml @@ -15,7 +15,7 @@ env: DEPLOY_PORT: 10102 # COMPOSE_PATH: /home/frappet/docker/bma-ehr COMPOSE_PATH: /home/frappet/docker/bma/bma-ehr-placement - TOKEN_LINE: uxuK5hDzS2DsoC5piJBrWRLiz8GgY7iMZZldOWsDDF0 + TOKEN_LINE: 2Y0kIem9pgiTcWpp4DSOZn4SHu4tpueWFLN22LsAsp0 jobs: # act workflow_dispatch -W .github/workflows/release_placement.yaml --input IMAGE_VER=latest -s DOCKER_USER=admin -s DOCKER_PASS=FPTadmin2357 -s SSH_PASSWORD=FPTadmin2357 @@ -69,21 +69,21 @@ jobs: docker compose pull docker compose up -d echo "${{ steps.gen_ver.outputs.image_ver }}"> success - # - uses: snow-actions/line-notify@v1.1.0 - # if: success() - # with: - # access_token: ${{ env.TOKEN_LINE }} - # message: | - # -Success✅✅✅ - # Image: ${{env.IMAGE_NAME}} - # Version: ${{ github.event.inputs.IMAGE_VER }} - # By: ${{secrets.DOCKER_USER}} - # - uses: snow-actions/line-notify@v1.1.0 - # if: failure() - # with: - # access_token: ${{ env.TOKEN_LINE }} - # message: | - # -Failure❌❌❌ - # Image: ${{env.IMAGE_NAME}} - # Version: ${{ github.event.inputs.IMAGE_VER }} - # By: ${{secrets.DOCKER_USER}} + - uses: snow-actions/line-notify@v1.1.0 + if: success() + with: + access_token: ${{ env.TOKEN_LINE }} + message: | + -Success✅✅✅ + Image: ${{env.IMAGE_NAME}} + Version: ${{ github.event.inputs.IMAGE_VER }} + By: ${{secrets.DOCKER_USER}} + - uses: snow-actions/line-notify@v1.1.0 + if: failure() + with: + access_token: ${{ env.TOKEN_LINE }} + message: | + -Failure❌❌❌ + Image: ${{env.IMAGE_NAME}} + Version: ${{ github.event.inputs.IMAGE_VER }} + By: ${{secrets.DOCKER_USER}} diff --git a/.github/workflows/release_report.yaml b/.github/workflows/release_report.yaml index adec1217..05b2d47d 100644 --- a/.github/workflows/release_report.yaml +++ b/.github/workflows/release_report.yaml @@ -15,7 +15,7 @@ env: DEPLOY_PORT: 10102 # COMPOSE_PATH: /home/frappet/docker/bma-ehr COMPOSE_PATH: /home/frappet/docker/bma/bma-ehr-report-v2 - TOKEN_LINE: uxuK5hDzS2DsoC5piJBrWRLiz8GgY7iMZZldOWsDDF0 + TOKEN_LINE: 2Y0kIem9pgiTcWpp4DSOZn4SHu4tpueWFLN22LsAsp0 jobs: # act workflow_dispatch -W .github/workflows/release_report.yaml --input IMAGE_VER=latest -s DOCKER_USER=admin -s DOCKER_PASS=FPTadmin2357 -s SSH_PASSWORD=FPTadmin2357 @@ -69,21 +69,21 @@ jobs: docker compose pull docker compose up -d echo "${{ steps.gen_ver.outputs.image_ver }}"> success - # - uses: snow-actions/line-notify@v1.1.0 - # if: success() - # with: - # access_token: ${{ env.TOKEN_LINE }} - # message: | - # -Success✅✅✅ - # Image: ${{env.IMAGE_NAME}} - # Version: ${{ github.event.inputs.IMAGE_VER }} - # By: ${{secrets.DOCKER_USER}} - # - uses: snow-actions/line-notify@v1.1.0 - # if: failure() - # with: - # access_token: ${{ env.TOKEN_LINE }} - # message: | - # -Failure❌❌❌ - # Image: ${{env.IMAGE_NAME}} - # Version: ${{ github.event.inputs.IMAGE_VER }} - # By: ${{secrets.DOCKER_USER}} + - uses: snow-actions/line-notify@v1.1.0 + if: success() + with: + access_token: ${{ env.TOKEN_LINE }} + message: | + -Success✅✅✅ + Image: ${{env.IMAGE_NAME}} + Version: ${{ github.event.inputs.IMAGE_VER }} + By: ${{secrets.DOCKER_USER}} + - uses: snow-actions/line-notify@v1.1.0 + if: failure() + with: + access_token: ${{ env.TOKEN_LINE }} + message: | + -Failure❌❌❌ + Image: ${{env.IMAGE_NAME}} + Version: ${{ github.event.inputs.IMAGE_VER }} + By: ${{secrets.DOCKER_USER}} diff --git a/BMA.EHR.Application/Repositories/PermissionRepository.cs b/BMA.EHR.Application/Repositories/PermissionRepository.cs index dc32d338..6e8aced5 100644 --- a/BMA.EHR.Application/Repositories/PermissionRepository.cs +++ b/BMA.EHR.Application/Repositories/PermissionRepository.cs @@ -9,6 +9,7 @@ using Newtonsoft.Json; using System.Net.Http.Headers; using Microsoft.Extensions.Configuration; using System.Security.Claims; +using System.Net.Http.Json; namespace BMA.EHR.Application.Repositories { @@ -70,6 +71,39 @@ namespace BMA.EHR.Application.Repositories } } + public async Task GetPermissionAPIWorkflowAsync(string refId, string sysName) + { + try + { + var apiPath = $"{_configuration["API"]}/org/workflow/keycloak/isofficer"; + + using (var client = new HttpClient()) + { + var res = await client.PostAsJsonAsync(apiPath, new + { + data = new + { + refId = refId, + sysName = sysName, + }, + }); + var result = await res.Content.ReadAsStringAsync(); + if (res.IsSuccessStatusCode) + { + return true; + } + else + { + return false; + } + } + } + catch + { + throw; + } + } + #endregion } } diff --git a/BMA.EHR.Discipline.Service/Controllers/DisciplineComplaintController.cs b/BMA.EHR.Discipline.Service/Controllers/DisciplineComplaintController.cs index eb7accea..517b5158 100644 --- a/BMA.EHR.Discipline.Service/Controllers/DisciplineComplaintController.cs +++ b/BMA.EHR.Discipline.Service/Controllers/DisciplineComplaintController.cs @@ -136,31 +136,31 @@ namespace BMA.EHR.DisciplineComplaint.Service.Controllers /// ไม่ได้ Login เข้าระบบ /// เมื่อเกิดข้อผิดพลาดในการทำงาน [HttpGet("{page}/{id:guid}")] - public async Task> GetByDisciplineComplaint(string page,Guid id) + public async Task> GetByDisciplineComplaint(string page, Guid id) { page = page.Trim().ToUpper(); string getPermission; if (page == "MAIN") { - getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_COMPLAIN"); + getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_COMPLAIN"); } else if (page == "INVES") { - getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_INVESTIGATE"); + getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_INVESTIGATE"); } else if (page == "DISCIP") { - getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_INTERROGATE"); + getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_INTERROGATE"); } else if (page == "RESULT") { - getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_RESULT"); + getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_RESULT"); } else { - getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_COMPLAIN"); + getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_COMPLAIN"); } - + var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { @@ -510,11 +510,15 @@ namespace BMA.EHR.DisciplineComplaint.Service.Controllers [HttpGet("reject/{id:guid}")] public async Task> RejectDisciplineComplaint(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_COMPLAIN"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_DISCIPLINE_COMPLAIN"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_COMPLAIN"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _context.DisciplineComplaints .Where(x => x.Id == id) @@ -667,11 +671,15 @@ namespace BMA.EHR.DisciplineComplaint.Service.Controllers [HttpGet("resume/{id:guid}")] public async Task> ResumeDisciplineComplaint(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_COMPLAIN"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_DISCIPLINE_COMPLAIN"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_COMPLAIN"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _context.DisciplineComplaints .Where(x => x.Id == id) diff --git a/BMA.EHR.Discipline.Service/Controllers/DisciplineComplaint_AppealController.cs b/BMA.EHR.Discipline.Service/Controllers/DisciplineComplaint_AppealController.cs index c3a9bb7d..0d37d932 100644 --- a/BMA.EHR.Discipline.Service/Controllers/DisciplineComplaint_AppealController.cs +++ b/BMA.EHR.Discipline.Service/Controllers/DisciplineComplaint_AppealController.cs @@ -229,11 +229,15 @@ namespace BMA.EHR.DisciplineComplaint_Appeal.Service.Controllers [HttpGet("admin/{id:guid}")] public async Task> GetByDisciplineByAdmin(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_APPEAL"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_DISCIPLINE_APPEAL"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_APPEAL"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var _data = await _context.DisciplineComplaint_Appeals .Include(x => x.DisciplineComplaint_Appeal_Docs) diff --git a/BMA.EHR.Discipline.Service/Controllers/DisciplineComplaint_ChannelController.cs b/BMA.EHR.Discipline.Service/Controllers/DisciplineComplaint_ChannelController.cs index 572ca4c8..d24c2bba 100644 --- a/BMA.EHR.Discipline.Service/Controllers/DisciplineComplaint_ChannelController.cs +++ b/BMA.EHR.Discipline.Service/Controllers/DisciplineComplaint_ChannelController.cs @@ -122,11 +122,15 @@ namespace BMA.EHR.DisciplineComplaint_Channel.Service.Controllers [HttpGet("{id:guid}")] public async Task> GetByDiscipline(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_COMPLAIN"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_DISCIPLINE_COMPLAIN"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_COMPLAIN"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _context.DisciplineComplaint_Channels .Select(x => new diff --git a/BMA.EHR.Discipline.Service/Controllers/DisciplineDirectorController.cs b/BMA.EHR.Discipline.Service/Controllers/DisciplineDirectorController.cs index 7c081ced..49e426b9 100644 --- a/BMA.EHR.Discipline.Service/Controllers/DisciplineDirectorController.cs +++ b/BMA.EHR.Discipline.Service/Controllers/DisciplineDirectorController.cs @@ -80,7 +80,7 @@ namespace BMA.EHR.DisciplineDirector.Service.Controllers getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_DISCIPLINE_INFO"); } - + var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { @@ -126,11 +126,15 @@ namespace BMA.EHR.DisciplineDirector.Service.Controllers [HttpGet("{id:guid}")] public async Task> GetByDiscipline(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_INFO"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_DISCIPLINE_INFO"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_INFO"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _context.DisciplineDirectors .Select(x => new diff --git a/BMA.EHR.Discipline.Service/Controllers/DisciplineDisciplinaryController.cs b/BMA.EHR.Discipline.Service/Controllers/DisciplineDisciplinaryController.cs index e748b392..1636c784 100644 --- a/BMA.EHR.Discipline.Service/Controllers/DisciplineDisciplinaryController.cs +++ b/BMA.EHR.Discipline.Service/Controllers/DisciplineDisciplinaryController.cs @@ -409,7 +409,7 @@ namespace BMA.EHR.DisciplineDisciplinary.Service.Controllers /// ไม่ได้ Login เข้าระบบ /// เมื่อเกิดข้อผิดพลาดในการทำงาน [HttpGet("{page}/{id:guid}")] - public async Task> GetByDisciplineDisciplinary(string page,Guid id) + public async Task> GetByDisciplineDisciplinary(string page, Guid id) { page = page.Trim().ToUpper(); string getPermission; @@ -806,11 +806,15 @@ namespace BMA.EHR.DisciplineDisciplinary.Service.Controllers [HttpGet("reject/{id:guid}")] public async Task> RejectDisciplineDisciplinary(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_INTERROGATE"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_DISCIPLINE_INTERROGATE"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_INTERROGATE"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _context.DisciplineDisciplinarys .Where(x => x.Id == id) @@ -838,11 +842,15 @@ namespace BMA.EHR.DisciplineDisciplinary.Service.Controllers [HttpGet("approve/{id:guid}")] public async Task> ApproveDisciplineDisciplinary(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_INTERROGATE"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_DISCIPLINE_INTERROGATE"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_INTERROGATE"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _context.DisciplineDisciplinarys .Where(x => x.Id == id) @@ -868,11 +876,15 @@ namespace BMA.EHR.DisciplineDisciplinary.Service.Controllers [HttpGet("resume/{id:guid}")] public async Task> ResumeDisciplineDisciplinary(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_INTERROGATE"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_DISCIPLINE_INTERROGATE"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_INTERROGATE"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _context.DisciplineDisciplinarys .Where(x => x.Id == id) diff --git a/BMA.EHR.Discipline.Service/Controllers/DisciplineInvestigateController.cs b/BMA.EHR.Discipline.Service/Controllers/DisciplineInvestigateController.cs index a6f338f0..cfc3d856 100644 --- a/BMA.EHR.Discipline.Service/Controllers/DisciplineInvestigateController.cs +++ b/BMA.EHR.Discipline.Service/Controllers/DisciplineInvestigateController.cs @@ -574,12 +574,16 @@ namespace BMA.EHR.DisciplineInvestigate.Service.Controllers [HttpGet("reject/{id:guid}")] public async Task> RejectDisciplineInvestigate(Guid id) { + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_DISCIPLINE_INVESTIGATE"); + if (getWorkflow == false) + { var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_INVESTIGATE"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } + } var data = await _context.DisciplineInvestigates .Where(x => x.Id == id) .FirstOrDefaultAsync(); @@ -793,12 +797,16 @@ namespace BMA.EHR.DisciplineInvestigate.Service.Controllers [HttpGet("resume/{id:guid}")] public async Task> ResumeDisciplineInvestigate(Guid id) { + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_DISCIPLINE_INVESTIGATE"); + if (getWorkflow == false) + { var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_INVESTIGATE"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } + } var data = await _context.DisciplineInvestigates .Where(x => x.Id == id) .FirstOrDefaultAsync(); diff --git a/BMA.EHR.Discipline.Service/Controllers/DisciplineResultController.cs b/BMA.EHR.Discipline.Service/Controllers/DisciplineResultController.cs index 4bb790bb..2ca5556b 100644 --- a/BMA.EHR.Discipline.Service/Controllers/DisciplineResultController.cs +++ b/BMA.EHR.Discipline.Service/Controllers/DisciplineResultController.cs @@ -130,11 +130,15 @@ namespace BMA.EHR.DisciplineResult.Service.Controllers [HttpGet("{id:guid}")] public async Task> GetByDisciplineResult(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_RESULT"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_DISCIPLINE_RESULT"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_RESULT"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var _data = await _context.DisciplineDisciplinarys .Select(x => new diff --git a/BMA.EHR.Discipline.Service/Controllers/DisciplineSuspendController.cs b/BMA.EHR.Discipline.Service/Controllers/DisciplineSuspendController.cs index ca57e9cd..0f95ba29 100644 --- a/BMA.EHR.Discipline.Service/Controllers/DisciplineSuspendController.cs +++ b/BMA.EHR.Discipline.Service/Controllers/DisciplineSuspendController.cs @@ -141,11 +141,15 @@ namespace BMA.EHR.DisciplineSuspend.Service.Controllers [HttpGet("{id:guid}")] public async Task> GetByDisciplineSuspend(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_SUSPENDED"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_DISCIPLINE_SUSPENDED"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_SUSPENDED"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var _data = await _context.DisciplineReport_Profiles .Select(x => new diff --git a/BMA.EHR.Insignia/Controllers/InsigniaManageController.cs b/BMA.EHR.Insignia/Controllers/InsigniaManageController.cs index 0ba106a5..8ea1013b 100644 --- a/BMA.EHR.Insignia/Controllers/InsigniaManageController.cs +++ b/BMA.EHR.Insignia/Controllers/InsigniaManageController.cs @@ -444,11 +444,15 @@ namespace BMA.EHR.Insignia.Service.Controllers [HttpGet("org/dashboard/{insigniaManageId:length(36)}")] public async Task> GetListDashboardOrganization(Guid insigniaManageId) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_INSIGNIA_ALLOCATE"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(insigniaManageId.ToString(), "SYS_INSIGNIA_ALLOCATE"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_INSIGNIA_ALLOCATE"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var insigniaManage = await _context.InsigniaManages.AsQueryable() .Include(x => x.InsigniaManageOrganiations) diff --git a/BMA.EHR.Insignia/Controllers/InsigniaPeriodController.cs b/BMA.EHR.Insignia/Controllers/InsigniaPeriodController.cs index 3a9f3c6d..5ade3a5d 100644 --- a/BMA.EHR.Insignia/Controllers/InsigniaPeriodController.cs +++ b/BMA.EHR.Insignia/Controllers/InsigniaPeriodController.cs @@ -145,11 +145,15 @@ namespace BMA.EHR.Insignia.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetById(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_INSIGNIA_ROUND"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_INSIGNIA_ROUND"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_INSIGNIA_ROUND"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _context.InsigniaPeriods.AsQueryable() .Where(x => x.Id == id) diff --git a/BMA.EHR.Insignia/Controllers/InsigniaRequestController.cs b/BMA.EHR.Insignia/Controllers/InsigniaRequestController.cs index 255fbbd4..39e770d1 100644 --- a/BMA.EHR.Insignia/Controllers/InsigniaRequestController.cs +++ b/BMA.EHR.Insignia/Controllers/InsigniaRequestController.cs @@ -962,11 +962,15 @@ namespace BMA.EHR.Insignia.Service.Controllers [HttpGet("dashboard/{insigniaPeriodId:length(36)}")] public async Task> DashboardInsigniaPeriod(Guid insigniaPeriodId) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_INSIGNIA_MANAGE"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(insigniaPeriodId.ToString(), "SYS_INSIGNIA_MANAGE"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_INSIGNIA_MANAGE"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var insigniaPeriod = await _context.InsigniaPeriods.FirstOrDefaultAsync(x => x.Id == insigniaPeriodId); if (insigniaPeriod == null) @@ -2407,7 +2411,7 @@ namespace BMA.EHR.Insignia.Service.Controllers LastName = _profile.LastName, - }; + }; } else { diff --git a/BMA.EHR.Leave/Controllers/LeaveController.cs b/BMA.EHR.Leave/Controllers/LeaveController.cs index 6cbc93e6..91f18698 100644 --- a/BMA.EHR.Leave/Controllers/LeaveController.cs +++ b/BMA.EHR.Leave/Controllers/LeaveController.cs @@ -1090,11 +1090,15 @@ namespace BMA.EHR.Leave.Service.Controllers [ProducesResponseType(StatusCodes.Status500InternalServerError)] public async Task> GetTimeRecordAsync([Required] Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_CHECKIN"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_CHECKIN"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_CHECKIN"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var imgUrl = $"{_configuration["MinIO:Endpoint"]}{_configuration["MinIO:BucketName"]}"; @@ -1476,11 +1480,15 @@ namespace BMA.EHR.Leave.Service.Controllers [ProducesResponseType(StatusCodes.Status500InternalServerError)] public async Task> GetChangeRoundHistoryByProfileIdAsync(Guid id, int page = 1, int pageSize = 10, string keyword = "") { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_WORK_ROUND_EDIT"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_WORK_ROUND_EDIT"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_WORK_ROUND_EDIT"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _userDutyTimeRepository.GetListByProfileIdAsync(id); @@ -1836,11 +1844,15 @@ namespace BMA.EHR.Leave.Service.Controllers [ProducesResponseType(StatusCodes.Status500InternalServerError)] public async Task> GetLogRecordAsync([Required] Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_CHECKIN"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_CHECKIN"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_CHECKIN"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var imgUrl = $"{_configuration["MinIO:Endpoint"]}{_configuration["MinIO:BucketName"]}"; @@ -2061,11 +2073,15 @@ namespace BMA.EHR.Leave.Service.Controllers [ProducesResponseType(StatusCodes.Status500InternalServerError)] public async Task> GetCalendarByProfileAsync(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_WORK_ROUND_EDIT"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_WORK_ROUND_EDIT"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_WORK_ROUND_EDIT"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _userCalendarRepository.GetExist(id); if (data == null) diff --git a/BMA.EHR.Leave/Controllers/LeaveRequestController.cs b/BMA.EHR.Leave/Controllers/LeaveRequestController.cs index 8af7c35c..1920fe7a 100644 --- a/BMA.EHR.Leave/Controllers/LeaveRequestController.cs +++ b/BMA.EHR.Leave/Controllers/LeaveRequestController.cs @@ -1462,7 +1462,7 @@ namespace BMA.EHR.Leave.Service.Controllers var _res = await client.PostAsJsonAsync(apiUrlOrg, new { refId = id, - sysName = "LEAVE_LIST", + sysName = "SYS_LEAVE_LIST", posLevelName = profile.PosLevel?.PosLevelName ?? "", posTypeName = profile.PosType?.PosTypeName ?? "", }); @@ -1512,11 +1512,15 @@ namespace BMA.EHR.Leave.Service.Controllers [ProducesResponseType(StatusCodes.Status500InternalServerError)] public async Task> GetLeaveRequestForAdminByIdAsync(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_LEAVE_LIST"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_LEAVE_LIST"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_LEAVE_LIST"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var userId = UserId == null ? Guid.Empty : Guid.Parse(UserId); diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentController.cs index 050451c6..d9ef13b0 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentController.cs @@ -205,11 +205,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailByUser(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PROMOTION_OFFICER"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_PROMOTION_OFFICER"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PROMOTION_OFFICER"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _context.PlacementAppointments.AsQueryable() .Where(x => x.type == "OFFICER") diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentEmployeeController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentEmployeeController.cs index 28502e11..4a2bd2cb 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentEmployeeController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentEmployeeController.cs @@ -201,11 +201,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailByUser(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PROMOTION_EMP"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_PROMOTION_EMP"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PROMOTION_EMP"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _context.PlacementAppointments.AsQueryable() .Where(x => x.type == "EMPLOYEE") diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementController.cs index f7f13b48..770934ec 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementController.cs @@ -133,11 +133,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet("pass/{examId:length(36)}")] public async Task> GetExamByPlacement(Guid examId) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PLACEMENT_PASS"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(examId.ToString(), "SYS_PLACEMENT_PASS"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PLACEMENT_PASS"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } if (PlacementAdmin == true) { @@ -783,11 +787,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet("pass/deferment/{personalId:length(36)}")] public async Task> GetPersonDeferment(Guid personalId) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PLACEMENT_PASS"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(personalId.ToString(), "SYS_PLACEMENT_PASS"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PLACEMENT_PASS"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var person = await _context.PlacementProfiles.Include(x => x.ReliefDoc).FirstOrDefaultAsync(x => x.Id == personalId); if (person == null) @@ -804,11 +812,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet("pass/disclaim/{personalId:length(36)}")] public async Task> GetPersonDisclaim(Guid personalId) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PLACEMENT_PASS"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(personalId.ToString(), "SYS_PLACEMENT_PASS"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PLACEMENT_PASS"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var person = await _context.PlacementProfiles.FindAsync(personalId); if (person == null) @@ -1943,7 +1955,7 @@ namespace BMA.EHR.Placement.Service.Controllers profileId = string.Empty, date = r.commandAffectDate, amount = r.amount, - commandId = r.commandId, + commandId = r.commandId, positionSalaryAmount = r.positionSalaryAmount, mouthSalaryAmount = r.mouthSalaryAmount, posNo = p.posMasterNo == null ? "" : diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs index eeadf79b..9bb194ac 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs @@ -310,11 +310,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailAdmin(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_TEMPDUTY"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_TEMPDUTY"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_TEMPDUTY"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _context.PlacementOfficers.AsQueryable() .Where(x => x.Id == id) diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementReceiveController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementReceiveController.cs index fed60e5a..5b9085e7 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementReceiveController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementReceiveController.cs @@ -217,11 +217,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailByUser(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_TRANSFER_RECEIVE"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_TRANSFER_RECEIVE"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_TRANSFER_RECEIVE"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _context.PlacementReceives.AsQueryable() .Where(x => x.Id == id) diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementRepatriationController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementRepatriationController.cs index ee93b63d..c3621a21 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementRepatriationController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementRepatriationController.cs @@ -189,11 +189,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailAdmin(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_TEMPDUTY2"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_TEMPDUTY2"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_TEMPDUTY2"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _context.PlacementRepatriations.AsQueryable() .Where(x => x.Id == id) diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementTransferController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementTransferController.cs index 02ad4396..c27da4b6 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementTransferController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementTransferController.cs @@ -383,11 +383,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailAdmin(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_TRANSFER_REQ"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_TRANSFER_REQ"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_TRANSFER_REQ"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _context.PlacementTransfers.AsQueryable() .Where(x => x.Id == id) @@ -601,7 +605,7 @@ namespace BMA.EHR.Placement.Service.Controllers var _res = await client.PostAsJsonAsync(apiUrlOrg, new { refId = placementTransfer.Id, - sysName = "PLACEMENT_TRANSFER", + sysName = "SYS_TRANSFER_REQ", posLevelName = placementTransfer.posLevelNameOld, posTypeName = placementTransfer.posTypeNameOld, }); diff --git a/BMA.EHR.Report.Service/Controllers/InsigniaReportController.cs b/BMA.EHR.Report.Service/Controllers/InsigniaReportController.cs index 54526364..479f1440 100644 --- a/BMA.EHR.Report.Service/Controllers/InsigniaReportController.cs +++ b/BMA.EHR.Report.Service/Controllers/InsigniaReportController.cs @@ -388,11 +388,15 @@ namespace BMA.EHR.Report.Service.Controllers { try { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_INSIGNIA_REPORT"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_INSIGNIA_REPORT"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_INSIGNIA_REPORT"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var mimeType = ""; switch (exportType.Trim().ToLower()) @@ -430,11 +434,15 @@ namespace BMA.EHR.Report.Service.Controllers { try { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_INSIGNIA_REPORT"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_INSIGNIA_REPORT"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_INSIGNIA_REPORT"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _repository.GetSummaryCoinReport(id); var SummaryTotal = await _repository.GetSummaryTotalCoinReport(id); @@ -455,7 +463,7 @@ namespace BMA.EHR.Report.Service.Controllers report = (Telerik.Reporting.Report)reportPacker.UnpackageDocument(sourceStream); } report.ReportParameters["YearInsigniaPeriod"].Value = YearInsignalPeriod; - + var tbl1 = (Telerik.Reporting.Table)report.Items["detailSection1"].Items["table1"]; var _Khr6List = new List(); foreach (var _data in data) @@ -508,11 +516,15 @@ namespace BMA.EHR.Report.Service.Controllers { try { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_INSIGNIA_REPORT"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_INSIGNIA_REPORT"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_INSIGNIA_REPORT"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } //Guid ids = Guid.Parse(id); @@ -562,12 +574,12 @@ namespace BMA.EHR.Report.Service.Controllers Male = gender == "ชาย" ? 1 : 0, Female = gender == "หญิง" ? 1 : 0, }); - + if (check == 25) { status = true; } - else if(check == 50) + else if (check == 50) { status = false; check = 0; diff --git a/BMA.EHR.Retirement.Service/Controllers/RetirementController.cs b/BMA.EHR.Retirement.Service/Controllers/RetirementController.cs index 225a22b1..c368fb79 100644 --- a/BMA.EHR.Retirement.Service/Controllers/RetirementController.cs +++ b/BMA.EHR.Retirement.Service/Controllers/RetirementController.cs @@ -748,11 +748,15 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpGet("{retireId:length(36)}")] public async Task> GetProfileRetirement(Guid retireId) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_RETIREMENT"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(retireId.ToString(), "SYS_RETIREMENT"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_RETIREMENT"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var retire = await _context.RetirementPeriods .Include(x => x.RetirementProfiles) diff --git a/BMA.EHR.Retirement.Service/Controllers/RetirementDeceasedController.cs b/BMA.EHR.Retirement.Service/Controllers/RetirementDeceasedController.cs index 849082d3..d34ebe94 100644 --- a/BMA.EHR.Retirement.Service/Controllers/RetirementDeceasedController.cs +++ b/BMA.EHR.Retirement.Service/Controllers/RetirementDeceasedController.cs @@ -520,11 +520,15 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpGet("detail/{id:length(36)}")] public async Task> GetDetail(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PASSAWAY"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_PASSAWAY"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PASSAWAY"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _context.RetirementDeceasedNotis.AsQueryable() .Where(x => x.RetirementDeceased.Id == id) diff --git a/BMA.EHR.Retirement.Service/Controllers/RetirementOtherController.cs b/BMA.EHR.Retirement.Service/Controllers/RetirementOtherController.cs index 3f06697a..53900634 100644 --- a/BMA.EHR.Retirement.Service/Controllers/RetirementOtherController.cs +++ b/BMA.EHR.Retirement.Service/Controllers/RetirementOtherController.cs @@ -185,11 +185,15 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailByUser(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PLACEMENT_OTHER"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_PLACEMENT_OTHER"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PLACEMENT_OTHER"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _context.RetirementOthers.AsQueryable() .Where(x => x.Id == id) diff --git a/BMA.EHR.Retirement.Service/Controllers/RetirementOutController.cs b/BMA.EHR.Retirement.Service/Controllers/RetirementOutController.cs index bf508074..eea78c11 100644 --- a/BMA.EHR.Retirement.Service/Controllers/RetirementOutController.cs +++ b/BMA.EHR.Retirement.Service/Controllers/RetirementOutController.cs @@ -164,11 +164,15 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailAdmin(Guid id) { - var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISMISS"); - var jsonData = JsonConvert.DeserializeObject(getPermission); - if (jsonData["status"]?.ToString() != "200") + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_DISMISS"); + if (getWorkflow == false) { - return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISMISS"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } } var data = await _context.RetirementOuts.AsQueryable() .Where(x => x.Id == id) diff --git a/BMA.EHR.Retirement.Service/Controllers/RetirementResignController.cs b/BMA.EHR.Retirement.Service/Controllers/RetirementResignController.cs index 5683c521..aa3f5b2d 100644 --- a/BMA.EHR.Retirement.Service/Controllers/RetirementResignController.cs +++ b/BMA.EHR.Retirement.Service/Controllers/RetirementResignController.cs @@ -220,6 +220,16 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailByUser(Guid id) { + var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_RESIGN"); + if (getWorkflow == false) + { + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_RESIGN"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + } var data = await _context.RetirementResigns.AsQueryable() .Where(x => x.Id == id) .Select(p => new @@ -516,7 +526,7 @@ namespace BMA.EHR.Retirement.Service.Controllers var _res = await client.PostAsJsonAsync($"{_configuration["API"]}/org/workflow/add-workflow", new { refId = retirementResign.Id, - sysName = "RETIREMENT_RESIFNATION", + sysName = "SYS_RESIGN", posLevelName = retirementResign.PositionLevelOld, posTypeName = retirementResign.PositionTypeOld, });