From ecca345407bb2b54e7520ceebf594a34a0eb047a Mon Sep 17 00:00:00 2001
From: harid <harid_pr61@live.rmutl.com>
Date: Fri, 20 Feb 2026 10:46:15 +0700
Subject: [PATCH 1/2] =?UTF-8?q?=E0=B8=A3=E0=B8=B2=E0=B8=A2=E0=B8=8A?=
 =?UTF-8?q?=E0=B8=B7=E0=B9=88=E0=B8=AD=E0=B8=9C=E0=B8=B9=E0=B9=89=E0=B8=AA?=
 =?UTF-8?q?=E0=B8=AD=E0=B8=9A=E0=B8=9C=E0=B9=88=E0=B8=B2=E0=B8=99=20?=
 =?UTF-8?q?=E0=B8=81=E0=B8=A3=E0=B8=93=E0=B8=B5=20OWNER=20=E0=B9=83?=
 =?UTF-8?q?=E0=B8=AB=E0=B9=89=E0=B9=80=E0=B8=AB=E0=B9=87=E0=B8=99=E0=B8=A3?=
 =?UTF-8?q?=E0=B8=B2=E0=B8=A2=E0=B8=8A=E0=B8=B7=E0=B9=88=E0=B8=AD=E0=B9=80?=
 =?UTF-8?q?=E0=B8=AB=E0=B8=A1=E0=B8=B7=E0=B8=AD=E0=B8=99=20=E0=B8=AA?=
 =?UTF-8?q?=E0=B8=81=E0=B8=88.=20#2319?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Controllers/PlacementController.cs                      | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementController.cs
index d3c28712..d55ae979 100644
--- a/BMA.EHR.Placement.Service/Controllers/PlacementController.cs
+++ b/BMA.EHR.Placement.Service/Controllers/PlacementController.cs
@@ -140,6 +140,7 @@ namespace BMA.EHR.Placement.Service.Controllers
         public async Task<ActionResult<ResponseObject>> GetExamByPlacement(Guid examId)
         {
             var getWorkflow = await _permission.GetPermissionAPIWorkflowAsync(examId.ToString(), "SYS_PLACEMENT_PASS");
+            var role = string.Empty;
             if (getWorkflow == false)
             {
                 var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PLACEMENT_PASS");
@@ -148,6 +149,7 @@ namespace BMA.EHR.Placement.Service.Controllers
                 {
                     return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
                 }
+                role = jsonData["result"]?.ToString();
             }
 
             var rootId = "";
@@ -167,7 +169,7 @@ namespace BMA.EHR.Placement.Service.Controllers
                 if (_res.IsSuccessStatusCode)
                 {
                     var org = JsonConvert.DeserializeObject<OrgRequestAct>(_result);
-                    if (org.result.isOfficer == false)
+                    if (org.result.isOfficer == false && role?.Trim().ToUpper() != "OWNER")
                     {
                         rootId = org.result.rootId == null ? "" : org.result.rootId;
                         // child1Id = org.result.child1Id == null ? "" : org.result.child1Id;
@@ -302,7 +304,7 @@ namespace BMA.EHR.Placement.Service.Controllers
                         }
                         return Success(result1);
                     }
-                    if (org.result.isOfficer == true)
+                    if (org.result.isOfficer == true || role?.Trim().ToUpper() == "OWNER")
                     {
                         var data = await _context.PlacementProfiles.Where(x => x.Placement.Id == examId).Select(x => new
                         {

From ddb35f525aecfaaa861a1e01f890438dbfc80852 Mon Sep 17 00:00:00 2001
From: harid <harid_pr61@live.rmutl.com>
Date: Fri, 20 Feb 2026 13:36:50 +0700
Subject: [PATCH 2/2] Fix  #2319

---
 .../Controllers/PlacementController.cs                | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementController.cs
index d55ae979..2a1e5399 100644
--- a/BMA.EHR.Placement.Service/Controllers/PlacementController.cs
+++ b/BMA.EHR.Placement.Service/Controllers/PlacementController.cs
@@ -692,6 +692,13 @@ namespace BMA.EHR.Placement.Service.Controllers
         public async Task<ActionResult<ResponseObject>> GetDashboardByPlacement(Guid examId)
         {
 
+            var role = string.Empty;
+            var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PLACEMENT_PASS");
+            var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
+            if (jsonData["status"]?.ToString() == "200")
+            {
+                role = jsonData["result"]?.ToString();
+            }
 
             var rootId = "";
             var child1Id = "";
@@ -711,7 +718,7 @@ namespace BMA.EHR.Placement.Service.Controllers
                 if (_res.IsSuccessStatusCode)
                 {
                     var org = JsonConvert.DeserializeObject<OrgRequestAct>(_result);
-                    if (org.result.isOfficer == false)
+                    if (org.result.isOfficer == false && role?.Trim().ToUpper() != "OWNER")
                     {
                         rootId = org.result.rootId == null ? "" : org.result.rootId;
                         // child1Id = org.result.child1Id == null ? "" : org.result.child1Id;
@@ -735,7 +742,7 @@ namespace BMA.EHR.Placement.Service.Controllers
 
                         return Success(placement);
                     }
-                    if (org.result.isOfficer == true)
+                    if (org.result.isOfficer == true || role?.Trim().ToUpper() == "OWNER")
                     {
                         var placement = await _context.Placements
                             .Where(x => x.Id == examId)