check workflow

BMA.EHR.Leave/Controllers/LeaveRequestController.cs

@@ -1462,7 +1462,7 @@ namespace BMA.EHR.Leave.Service.Controllers
                 var _res = await client.PostAsJsonAsync(apiUrlOrg, new
                 {
                     refId = id,
-                    sysName = "LEAVE_LIST",
+                    sysName = "SYS_LEAVE_LIST",
                     posLevelName = profile.PosLevel?.PosLevelName ?? "",
                     posTypeName = profile.PosType?.PosTypeName ?? "",
                 });
@@ -1512,11 +1512,15 @@ namespace BMA.EHR.Leave.Service.Controllers
         [ProducesResponseType(StatusCodes.Status500InternalServerError)]
         public async Task<ActionResult<ResponseObject>> GetLeaveRequestForAdminByIdAsync(Guid id)
         {
-            var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_LEAVE_LIST");
-            var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
-            if (jsonData["status"]?.ToString() != "200")
+            var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(id.ToString(), "SYS_LEAVE_LIST");
+            if (getWorkflow == false)
             {
-                return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
+                var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_LEAVE_LIST");
+                var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
+                if (jsonData["status"]?.ToString() != "200")
+                {
+                    return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
+                }
             }
 
             var userId = UserId == null ? Guid.Empty : Guid.Parse(UserId);