From 6c37bc5e72e969ac1ee1b75dcc03cd1bd2c39192 Mon Sep 17 00:00:00 2001 From: Bright Date: Wed, 21 Aug 2024 17:59:08 +0700 Subject: [PATCH] add action GET, LIST --- .../Controllers/OrderController.cs | 445 ++++-------------- .../PlacementAppointmentController.cs | 36 +- .../PlacementAppointmentEmployeeController.cs | 36 +- .../Controllers/PlacementController.cs | 32 +- .../Controllers/PlacementOfficerController.cs | 36 +- .../Controllers/PlacementReceiveController.cs | 37 +- .../PlacementRepatriationController.cs | 36 +- .../PlacementTransferController.cs | 22 +- .../Controllers/RetirementController.cs | 25 +- .../RetirementDeceasedController.cs | 16 +- .../Controllers/RetirementOtherController.cs | 27 +- .../Controllers/RetirementOutController.cs | 27 +- .../Controllers/RetirementResignController.cs | 26 +- 13 files changed, 249 insertions(+), 552 deletions(-) diff --git a/BMA.EHR.Command.Service/Controllers/OrderController.cs b/BMA.EHR.Command.Service/Controllers/OrderController.cs index 5dfedcf8..841c5e5e 100644 --- a/BMA.EHR.Command.Service/Controllers/OrderController.cs +++ b/BMA.EHR.Command.Service/Controllers/OrderController.cs @@ -552,15 +552,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); await _repository.GotoNextStateAsync(orderId); return Success(); } @@ -796,15 +793,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -857,15 +851,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -924,15 +915,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -985,15 +973,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1052,15 +1037,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1113,15 +1095,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1180,15 +1159,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1241,15 +1217,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1308,15 +1281,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var ync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1369,15 +1339,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1436,15 +1403,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1492,15 +1456,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1552,15 +1513,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1608,15 +1566,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1668,15 +1623,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1720,15 +1672,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1777,15 +1726,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1832,15 +1778,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -1893,15 +1836,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -1951,15 +1891,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2015,15 +1952,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2078,15 +2012,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2146,15 +2077,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2203,15 +2131,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2264,15 +2189,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2321,15 +2243,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2382,15 +2301,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2437,15 +2353,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2496,15 +2409,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2553,15 +2463,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2614,15 +2521,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2666,15 +2570,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2723,15 +2624,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2778,15 +2676,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2838,15 +2733,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND";); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -2890,15 +2782,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -2947,15 +2836,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3005,15 +2891,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3068,15 +2951,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3132,15 +3012,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3200,15 +3077,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3264,15 +3138,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3333,15 +3204,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3390,15 +3258,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3451,15 +3316,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3503,15 +3365,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3560,15 +3419,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3612,15 +3468,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3669,15 +3522,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3724,15 +3574,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3783,15 +3630,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3840,15 +3684,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -3902,15 +3743,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -3960,15 +3798,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4022,15 +3857,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -4080,15 +3912,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4142,15 +3971,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -4199,15 +4025,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4261,15 +4084,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -4318,15 +4138,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4380,15 +4197,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -4437,15 +4251,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4499,15 +4310,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -4556,15 +4364,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4618,15 +4423,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -4675,15 +4477,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4737,15 +4536,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -4796,15 +4592,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4860,15 +4653,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -4919,15 +4709,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var ync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -4983,15 +4770,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -5042,15 +4826,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var ync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -5106,15 +4887,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -5165,15 +4943,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -5229,15 +5004,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -5288,15 +5060,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -5352,15 +5121,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -5411,15 +5177,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -5475,15 +5238,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -5536,15 +5296,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -5603,15 +5360,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var commandType = await _commandTypeRepository.GetByIdAsync(req.orderTypeValue); var inserted = new Domain.Models.Commands.Core.Command @@ -5655,15 +5409,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var order = await _repository.GetByIdAsync(orderId); if (order == null) throw new Exception(GlobalMessages.CommandNotFound); @@ -5936,15 +5687,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var token = string.Empty; if (AuthenticationHeaderValue.TryParse(authorization, out var headerValue)) { @@ -5986,15 +5734,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "DELETE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var receiver = await _repository.DeleteCommandReceiverAsync(personalId); return Success(receiver); } @@ -6097,15 +5842,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "CREATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); // transform req var deploys = new List(); foreach (var p in req) @@ -6147,15 +5889,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); // transform var deploys = new List(); foreach (var p in req) @@ -6192,15 +5931,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "DELETE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); await _repository.DeleteCommandDeploymentAsync(personalId); return Success(); } @@ -6558,15 +6294,12 @@ namespace BMA.EHR.Command.Service.Controllers { try { - var action = "UPDATE"; - var system = "COMMAND"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "COMMAND"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var receiver = await _repository.GetCommandReceiverAsync(personalId); if (receiver == null) diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentController.cs index 92ceacc1..08022767 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentController.cs @@ -71,6 +71,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet()] public async Task> GetListByAdmin() { + var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_PROMOTION_OFFICER"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var placementAppointments = await _context.PlacementAppointments.AsQueryable() .Where(x => x.type == "OFFICER") .OrderByDescending(x => x.CreatedAt) @@ -173,6 +179,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailByUser(Guid id) { + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PROMOTION_OFFICER"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var data = await _context.PlacementAppointments.AsQueryable() .Where(x => x.type == "OFFICER") .Where(x => x.Id == id) @@ -360,15 +372,6 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost()] public async Task> Post([FromForm] PlacementAddProfileRequest req) { - //var action = "CREATE"; - //var system = "SYS_PROMOTION_OFFICER"; - //var getPermission = await _permission.GetPermissionAPIAsync(action, system); - //var jsonData = JsonConvert.DeserializeObject(getPermission); - //if (jsonData["status"]?.ToString() != "200") - //{ - // return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); - //} - //var attrPrivilege = jsonData["result"]?.ToString(); var placementAppointment = new PlacementAppointment { // Profile = profile, @@ -576,15 +579,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("{id:length(36)}")] public async Task> Put([FromBody] PlacementAppointmentEditRequest req, Guid id) { - var action = "UPDATE"; - var system = "SYS_PROMOTION_OFFICER"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_PROMOTION_OFFICER"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.PlacementAppointments .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -630,15 +630,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpDelete("{id:length(36)}")] public async Task> Delete(Guid id) { - var action = "DELETE"; - var system = "SYS_PROMOTION_OFFICER"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "SYS_PROMOTION_OFFICER"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var deleted = await _context.PlacementAppointments.AsQueryable() .Include(x => x.PlacementAppointmentDocs) .ThenInclude(x => x.Document) @@ -675,15 +672,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("report")] public async Task> PostToReport([FromBody] PlacementProfileRequest req) { - var action = "CREATE"; - var system = "SYS_PROMOTION_OFFICER"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_PROMOTION_OFFICER"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); foreach (var item in req.Id) { var uppdated = await _context.PlacementAppointments diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentEmployeeController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentEmployeeController.cs index a8d102a6..351a5995 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentEmployeeController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentEmployeeController.cs @@ -71,6 +71,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet()] public async Task> GetListByAdmin() { + var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_PROMOTION_EMP"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var placementAppointments = await _context.PlacementAppointments.AsQueryable() .Where(x => x.type == "EMPLOYEE") .OrderByDescending(x => x.CreatedAt) @@ -171,6 +177,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailByUser(Guid id) { + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PROMOTION_EMP"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var data = await _context.PlacementAppointments.AsQueryable() .Where(x => x.type == "EMPLOYEE") .Where(x => x.Id == id) @@ -356,15 +368,6 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost()] public async Task> Post([FromForm] PlacementAddProfileRequest req) { - //var action = "CREATE"; - //var system = "SYS_PROMOTION_EMP"; - //var getPermission = await _permission.GetPermissionAPIAsync(action, system); - //var jsonData = JsonConvert.DeserializeObject(getPermission); - //if (jsonData["status"]?.ToString() != "200") - //{ - // return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); - //} - //var attrPrivilege = jsonData["result"]?.ToString(); var placementAppointment = new PlacementAppointment { // Profile = profile, @@ -573,15 +576,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("{id:length(36)}")] public async Task> Put([FromBody] PlacementAppointmentEditRequest req, Guid id) { - var action = "UPDATE"; - var system = "SYS_PROMOTION_EMP"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_PROMOTION_EMP"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.PlacementAppointments .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -616,15 +616,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpDelete("{id:length(36)}")] public async Task> Delete(Guid id) { - var action = "DELETE"; - var system = "SYS_PROMOTION_EMP"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "SYS_PROMOTION_EMP"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var deleted = await _context.PlacementAppointments.AsQueryable() .Include(x => x.PlacementAppointmentDocs) .ThenInclude(x => x.Document) @@ -661,15 +658,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost("report")] public async Task> PostToReport([FromBody] PlacementProfileRequest req) { - var action = "CREATE"; - var system = "SYS_PROMOTION_EMP"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_PROMOTION_EMP"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); foreach (var item in req.Id) { var uppdated = await _context.PlacementAppointments diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementController.cs index 70b9b741..c70632b5 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementController.cs @@ -629,15 +629,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost("pass/deferment"), DisableRequestSizeLimit] public async Task> UpdatePersonDeferment([FromForm] PersonDefermentRequest req) { - var action = "CREATE"; - var system = "SYS_PLACEMENT_PASS"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_PLACEMENT_PASS"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var person = await _context.PlacementProfiles.FindAsync(Request.Form.ContainsKey("personalId") ? Guid.Parse(Request.Form["personalId"]) : Guid.Parse("00000000-0000-0000-0000-000000000000")); if (person == null) return Error(GlobalMessages.DataNotFound, 404); @@ -664,15 +661,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost("pass/disclaim")] public async Task> UpdatePersonDisclaim([FromBody] PersonDisclaimRequest req) { - var action = "CREATE"; - var system = "SYS_PLACEMENT_PASS"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_PLACEMENT_PASS"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var person = await _context.PlacementProfiles .Include(x => x.OrganizationPosition) .Include(x => x.PositionNumber) @@ -739,6 +733,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet("pass/deferment/{personalId:length(36)}")] public async Task> GetPersonDeferment(Guid personalId) { + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PLACEMENT_PASS"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var person = await _context.PlacementProfiles.Include(x => x.ReliefDoc).FirstOrDefaultAsync(x => x.Id == personalId); if (person == null) return Error(GlobalMessages.DataNotFound, 404); @@ -754,6 +754,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet("pass/disclaim/{personalId:length(36)}")] public async Task> GetPersonDisclaim(Guid personalId) { + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PLACEMENT_PASS"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var person = await _context.PlacementProfiles.FindAsync(personalId); if (person == null) return Error(GlobalMessages.DataNotFound, 404); @@ -1154,15 +1160,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("position/{personalId:length(36)}")] public async Task> UpdatePositionDraft([FromBody] List items, Guid personalId) { - var action = "UPDATE"; - var system = "SYS_PLACEMENT_PASS"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_PLACEMENT_PASS"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var placement = await _context.Placements .FirstOrDefaultAsync(x => x.Id == personalId); if (placement == null) @@ -1248,15 +1251,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("date/update/{personalId:length(36)}")] public async Task> UpdateDateDraft([FromBody] PersonDateRequest req, Guid personalId) { - var action = "UPDATE"; - var system = "SYS_PLACEMENT_PASS"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_PLACEMENT_PASS"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var profile = await _context.PlacementProfiles .FirstOrDefaultAsync(x => x.Id == personalId); if (profile == null) diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs index def6a528..24f0b17e 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs @@ -71,6 +71,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet()] public async Task> GetListByAdmin() { + var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_TEMPDUTY"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var rootId = ""; var child1Id = ""; var child2Id = ""; @@ -279,6 +285,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailAdmin(Guid id) { + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_TEMPDUTY"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var data = await _context.PlacementOfficers.AsQueryable() .Where(x => x.Id == id) .Select(p => new @@ -337,15 +349,6 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost()] public async Task> Post([FromForm] PlacementAddProfileRequest req) { - //var action = "CREATE"; - //var system = "SYS_TEMPDUTY"; - //var getPermission = await _permission.GetPermissionAPIAsync(action, system); - //var jsonData = JsonConvert.DeserializeObject(getPermission); - //if (jsonData["status"]?.ToString() != "200") - //{ - // return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); - //} - //var attrPrivilege = jsonData["result"]?.ToString(); var placementOfficer = new PlacementOfficer { Organization = Request.Form.ContainsKey("Organization") ? Request.Form["Organization"] : "", @@ -426,15 +429,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("{id:length(36)}")] public async Task> Put([FromBody] PlacementOfficerEditRequest req, Guid id) { - var action = "UPDATE"; - var system = "SYS_TEMPDUTY"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_TEMPDUTY"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.PlacementOfficers .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -496,15 +496,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpDelete("{id:length(36)}")] public async Task> Delete(Guid id) { - var action = "DELETE"; - var system = "SYS_TEMPDUTY"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "SYS_TEMPDUTY"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var deleted = await _context.PlacementOfficers.AsQueryable() .FirstOrDefaultAsync(x => x.Id == id); if (deleted == null) @@ -526,15 +523,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost("report")] public async Task> PostToReport([FromBody] PlacementProfileRequest req) { - var action = "CREATE"; - var system = "SYS_TEMPDUTY"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_TEMPDUTY"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); foreach (var item in req.Id) { var uppdated = await _context.PlacementOfficers diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementReceiveController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementReceiveController.cs index bc51b4a9..6473f827 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementReceiveController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementReceiveController.cs @@ -71,6 +71,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet()] public async Task> GetListByAdmin(int page = 1, int pageSize = 10, string keyword = "") { + var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_TRANSFER_RECEIVE"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } // var rootId = ""; // var child1Id = ""; // var child2Id = ""; @@ -206,6 +212,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailByUser(Guid id) { + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_TRANSFER_RECEIVE"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var data = await _context.PlacementReceives.AsQueryable() .Where(x => x.Id == id) .Select(p => new @@ -401,15 +413,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost()] public async Task> Post([FromForm] PlacementReceiveRequest req) { - var action = "CREATE"; - var system = "SYS_TRANSFER_RECEIVE"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_TRANSFER_RECEIVE"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var placementReceive = new PlacementReceive { // Profile = profile, @@ -554,15 +563,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("upload/{id:length(36)}")] public async Task> PostFile([FromForm] PlacementFileRequest req, Guid id) { - var action = "UPDATE"; - var system = "SYS_TRANSFER_RECEIVE"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_TRANSFER_RECEIVE"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.PlacementReceives .Include(x => x.PlacementReceiveDocs) .ThenInclude(x => x.Document) @@ -700,15 +706,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("{id:length(36)}")] public async Task> Put([FromBody] PlacementReceiveEditRequest req, Guid id) { - var action = "UPDATE"; - var system = "SYS_TRANSFER_RECEIVE"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_TRANSFER_RECEIVE"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.PlacementReceives .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -789,15 +792,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpDelete("{id:length(36)}")] public async Task> Delete(Guid id) { - var action = "DELETE"; - var system = "SYS_TRANSFER_RECEIVE"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "SYS_TRANSFER_RECEIVE"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var deleted = await _context.PlacementReceives.AsQueryable() .Include(x => x.PlacementReceiveDocs) .ThenInclude(x => x.Document) @@ -834,15 +834,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost("report")] public async Task> PostToReport([FromBody] PlacementProfileRequest req) { - var action = "CREATE"; - var system = "SYS_TRANSFER_RECEIVE"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_TRANSFER_RECEIVE"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); foreach (var item in req.Id) { var uppdated = await _context.PlacementReceives diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementRepatriationController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementRepatriationController.cs index df6d55bb..c8ae57ee 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementRepatriationController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementRepatriationController.cs @@ -72,6 +72,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet()] public async Task> GetListByAdmin() { + var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_TEMPDUTY2"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var rootId = ""; var child1Id = ""; var child2Id = ""; @@ -158,6 +164,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailAdmin(Guid id) { + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_TEMPDUTY2"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var data = await _context.PlacementRepatriations.AsQueryable() .Where(x => x.Id == id) .Select(p => new @@ -218,15 +230,6 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost()] public async Task> Post([FromForm] PlacementAddProfileRequest req) { - //var action = "CREATE"; - //var system = "SYS_TEMPDUTY2"; - //var getPermission = await _permission.GetPermissionAPIAsync(action, system); - //var jsonData = JsonConvert.DeserializeObject(getPermission); - //if (jsonData["status"]?.ToString() != "200") - //{ - // return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); - //} - //var attrPrivilege = jsonData["result"]?.ToString(); var placementRepatriation = new PlacementRepatriation { Organization = Request.Form.ContainsKey("Organization") ? Request.Form["Organization"] : "", @@ -307,15 +310,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("{id:length(36)}")] public async Task> Put([FromBody] PlacementRepatriationEditRequest req, Guid id) { - var action = "UPDATE"; - var system = "SYS_TEMPDUTY2"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_TEMPDUTY2"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.PlacementRepatriations .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -376,15 +376,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpDelete("{id:length(36)}")] public async Task> Delete(Guid id) { - var action = "DELETE"; - var system = "SYS_TEMPDUTY2"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "SYS_TEMPDUTY2"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var deleted = await _context.PlacementRepatriations.AsQueryable() .FirstOrDefaultAsync(x => x.Id == id); if (deleted == null) @@ -406,15 +403,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost("report")] public async Task> PostToReport([FromBody] PlacementProfileRequest req) { - var action = "CREATE"; - var system = "SYS_TEMPDUTY2"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_TEMPDUTY2"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); foreach (var item in req.Id) { var uppdated = await _context.PlacementRepatriations diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementTransferController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementTransferController.cs index 1a1a7fdc..3a148b74 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementTransferController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementTransferController.cs @@ -144,6 +144,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet()] public async Task> GetListByAdmin() { + var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_TRANSFER_REQ"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var rootId = ""; var child1Id = ""; var child2Id = ""; @@ -341,6 +347,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailAdmin(Guid id) { + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_TRANSFER_REQ"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var data = await _context.PlacementTransfers.AsQueryable() .Where(x => x.Id == id) .Select(p => new @@ -567,15 +579,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("{id:length(36)}")] public async Task> Put([FromBody] PlacementTransferEditRequest req, Guid id) { - var action = "UPDATE"; - var system = "SYS_TRANSFER_REQ"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_TRANSFER_REQ"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.PlacementTransfers .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -685,15 +694,12 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost("report")] public async Task> PostToReport([FromBody] PlacementProfileRequest req) { - var action = "CREATE"; - var system = "SYS_TRANSFER_REQ"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_TRANSFER_REQ"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); foreach (var item in req.Id) { var uppdated = await _context.PlacementTransfers diff --git a/BMA.EHR.Retirement.Service/Controllers/RetirementController.cs b/BMA.EHR.Retirement.Service/Controllers/RetirementController.cs index 41122c5f..610c2078 100644 --- a/BMA.EHR.Retirement.Service/Controllers/RetirementController.cs +++ b/BMA.EHR.Retirement.Service/Controllers/RetirementController.cs @@ -319,15 +319,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPost("profile")] public async Task> CreateProfileRetirement([FromBody] PeriodRequest req) { - var action = "CREATE"; - var system = "SYS_RETIREMENT"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_RETIREMENT"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); if (!req.Type.Trim().ToUpper().Contains("EMPLOYEE") && !req.Type.Trim().ToUpper().Contains("OFFICER")) return Error("ประเภทพ้นราชการไม่ถูกต้อง"); if (req.Year == 0) @@ -875,15 +872,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPut("profile/{retireId:length(36)}")] public async Task> AddProfileRetirement([FromBody] ProfileRequest req, Guid retireId) { - var action = "UPDATE"; - var system = "SYS_RETIREMENT"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_RETIREMENT"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); // var profile = await _context.Profiles // .FirstOrDefaultAsync(x => x.Id == req.ProfileId); @@ -1065,15 +1059,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPost("edit")] public async Task> EditReasonProfileRetirement([FromBody] ProfileRetireRequest req) { - var action = "CREATE"; - var system = "SYS_RETIREMENT"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_RETIREMENT"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var profile = await _context.RetirementProfiles .FirstOrDefaultAsync(x => x.Id == req.RetireProfileId); if (profile == null) @@ -1187,15 +1178,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPut("upload/{retireId:length(36)}")] public async Task> UploadRetirement([FromForm] RetirementFileRequest req, Guid retireId) { - var action = "UPDATE"; - var system = "SYS_RETIREMENT"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_RETIREMENT"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var retire = await _context.RetirementPeriods .FirstOrDefaultAsync(x => x.Id == retireId); if (retire == null) @@ -1253,15 +1241,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPut("detail/{retireId:length(36)}")] public async Task> UpdateDetailRetirement([FromForm] RetirementDetailRequest req, Guid retireId) { - var action = "UPDATE"; - var system = "SYS_RETIREMENT"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_RETIREMENT"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var retire = await _context.RetirementPeriods .FirstOrDefaultAsync(x => x.Id == retireId); if (retire == null) diff --git a/BMA.EHR.Retirement.Service/Controllers/RetirementDeceasedController.cs b/BMA.EHR.Retirement.Service/Controllers/RetirementDeceasedController.cs index 177e3355..b8828a06 100644 --- a/BMA.EHR.Retirement.Service/Controllers/RetirementDeceasedController.cs +++ b/BMA.EHR.Retirement.Service/Controllers/RetirementDeceasedController.cs @@ -513,6 +513,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpGet("detail/{id:length(36)}")] public async Task> GetDetail(Guid id) { + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PASSAWAY"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var data = await _context.RetirementDeceasedNotis.AsQueryable() .Where(x => x.RetirementDeceased.Id == id) .Select(p => new @@ -546,15 +552,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPut("detail/{id:length(36)}")] public async Task> UpdateDetail([FromBody] RetirementDeceasedAddNotiPersonRequest req, Guid id) { - var action = "UPDATE"; - var system = "SYS_PASSAWAY"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_PASSAWAY"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var retirementDeceased = await _context.RetirementDeceaseds.AsQueryable() .Include(x => x.RetirementDeceasedNotis) .FirstOrDefaultAsync(x => x.Id == id); @@ -628,15 +631,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpDelete("detail/{id:length(36)}")] public async Task> DeleteDetail(Guid id) { - var action = "DELETE"; - var system = "SYS_PASSAWAY"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "SYS_PASSAWAY"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var retirementDeceasedNoti = await _context.RetirementDeceasedNotis.AsQueryable() .FirstOrDefaultAsync(x => x.Id == id); if (retirementDeceasedNoti == null) diff --git a/BMA.EHR.Retirement.Service/Controllers/RetirementOtherController.cs b/BMA.EHR.Retirement.Service/Controllers/RetirementOtherController.cs index 8314994e..3138d35e 100644 --- a/BMA.EHR.Retirement.Service/Controllers/RetirementOtherController.cs +++ b/BMA.EHR.Retirement.Service/Controllers/RetirementOtherController.cs @@ -71,6 +71,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpGet()] public async Task> GetListByAdmin() { + var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_PLACEMENT_OTHER"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var rootId = ""; var child1Id = ""; var child2Id = ""; @@ -157,6 +163,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailByUser(Guid id) { + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_PLACEMENT_OTHER"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var data = await _context.RetirementOthers.AsQueryable() .Where(x => x.Id == id) .Select(p => new @@ -273,15 +285,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPost()] public async Task> Post([FromForm] RetirementAddProfileRequest req) { - var action = "CREATE"; - var system = "SYS_PLACEMENT_OTHER"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_PLACEMENT_OTHER"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var retirementOther = new RetirementOther { // Profile = profile, @@ -494,15 +503,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPut("{id:length(36)}")] public async Task> Put([FromBody] RetirementOtherEditRequest req, Guid id) { - var action = "UPDATE"; - var system = "SYS_PLACEMENT_OTHER"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_PLACEMENT_OTHER"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.RetirementOthers .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -537,15 +543,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpDelete("{id:length(36)}")] public async Task> Delete(Guid id) { - var action = "DELETE"; - var system = "SYS_PLACEMENT_OTHER"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "SYS_PLACEMENT_OTHER"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var deleted = await _context.RetirementOthers.AsQueryable() .Include(x => x.RetirementOtherDocs) .ThenInclude(x => x.Document) diff --git a/BMA.EHR.Retirement.Service/Controllers/RetirementOutController.cs b/BMA.EHR.Retirement.Service/Controllers/RetirementOutController.cs index 46f63f93..51c253c8 100644 --- a/BMA.EHR.Retirement.Service/Controllers/RetirementOutController.cs +++ b/BMA.EHR.Retirement.Service/Controllers/RetirementOutController.cs @@ -71,6 +71,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpGet()] public async Task> GetListByAdmin() { + var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_DISMISS"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var rootId = ""; var child1Id = ""; var child2Id = ""; @@ -156,6 +162,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpGet("{id:length(36)}")] public async Task> GetDetailAdmin(Guid id) { + var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISMISS"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var data = await _context.RetirementOuts.AsQueryable() .Where(x => x.Id == id) .Select(p => new @@ -338,15 +350,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPut("{id:length(36)}")] public async Task> Put([FromBody] RetirementOutEditRequest req, Guid id) { - var action = "UPDATE"; - var system = "SYS_DISMISS"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_DISMISS"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.RetirementOuts .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -406,15 +415,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpDelete("{id:length(36)}")] public async Task> Delete(Guid id) { - var action = "DELETE"; - var system = "SYS_DISMISS"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "SYS_DISMISS"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var deleted = await _context.RetirementOuts.AsQueryable() .FirstOrDefaultAsync(x => x.Id == id); if (deleted == null) @@ -436,15 +442,12 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPost("report")] public async Task> PostToReport([FromBody] RetirementProfileRequest req) { - var action = "CREATE"; - var system = "SYS_DISMISS"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_DISMISS"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); foreach (var item in req.Id) { var uppdated = await _context.RetirementOuts diff --git a/BMA.EHR.Retirement.Service/Controllers/RetirementResignController.cs b/BMA.EHR.Retirement.Service/Controllers/RetirementResignController.cs index 8fb92625..7d4196cd 100644 --- a/BMA.EHR.Retirement.Service/Controllers/RetirementResignController.cs +++ b/BMA.EHR.Retirement.Service/Controllers/RetirementResignController.cs @@ -1049,15 +1049,12 @@ $"คำขอลาออกของ {updated.prefix}{updated.firstName} {upda [HttpPost("report")] public async Task> PostToReport([FromBody] RetirementProfileRequest req) { - var action = "CREATE"; - var system = "SYS_RESIGN"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_RESIGN"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); foreach (var item in req.Id) { var uppdated = await _context.RetirementResigns @@ -1369,15 +1366,12 @@ $"คำขอลาออกของ {updated.prefix}{updated.firstName} {upda [HttpPut("questionnaire/comment/{id:length(36)}")] public async Task> PutQuestionComment([FromBody] RetirementQuestionCommentRequest req, Guid id) { - var action = "UPDATE"; - var system = "SYS_RESIGN_INTERVIEW"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_RESIGN_INTERVIEW"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.RetirementQuestions.AsQueryable() .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -1416,15 +1410,12 @@ $"คำขอลาออกของ {updated.prefix}{updated.firstName} {upda [HttpPut("questionnaire/appoint/{id:length(36)}")] public async Task> UpdateAppointQuestion([FromBody] RetirementQuestionAppointRequest req, Guid id) { - var action = "UPDATE"; - var system = "SYS_RESIGN_INTERVIEW"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_RESIGN_INTERVIEW"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.RetirementQuestions.AsQueryable() .Include(x => x.RetirementResign) .FirstOrDefaultAsync(x => x.Id == id); @@ -1461,6 +1452,12 @@ $"คำขอลาออกของ {updated.prefix}{updated.firstName} {upda [HttpGet("questionnaire/question")] public async Task> GetQuestionnaireQuestion() { + var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_RESIGN_INTERVIEW"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var retirementQuestionnaireQuestion = await _context.RetirementQuestionnaireQuestions.AsQueryable() .Select(x => new { @@ -1513,15 +1510,12 @@ $"คำขอลาออกของ {updated.prefix}{updated.firstName} {upda [HttpPut("questionnaire/question")] public async Task> UpdateQuestionnaireQuestion([FromBody] RetirementQuestionnaireQuestionRequest req) { - var action = "UPDATE"; - var system = "SYS_RESIGN_INTERVIEW"; - var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_RESIGN_INTERVIEW"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } - var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.RetirementQuestionnaireQuestions.AsQueryable() .FirstOrDefaultAsync(); if (uppdated == null)