diff --git a/BMA.EHR.Discipline.Service/Controllers/DisciplineSuspendController.cs b/BMA.EHR.Discipline.Service/Controllers/DisciplineSuspendController.cs index 9b32b1eb..e5348ce0 100644 --- a/BMA.EHR.Discipline.Service/Controllers/DisciplineSuspendController.cs +++ b/BMA.EHR.Discipline.Service/Controllers/DisciplineSuspendController.cs @@ -1,10 +1,13 @@ using BMA.EHR.Application.Repositories; using BMA.EHR.Application.Repositories.MessageQueue; +using BMA.EHR.Application.Responses.Profiles; using BMA.EHR.Discipline.Service.Requests; using BMA.EHR.Domain.Common; using BMA.EHR.Domain.Models.Discipline; using BMA.EHR.Domain.Shared; using BMA.EHR.Infrastructure.Persistence; +using Elasticsearch.Net; + // using BMA.EHR.Placement.Service.Requests; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; @@ -29,24 +32,25 @@ namespace BMA.EHR.DisciplineSuspend.Service.Controllers private readonly MinIODisciplineService _documentService; private readonly IHttpContextAccessor _httpContextAccessor; private readonly PermissionRepository _permission; - + private readonly UserProfileRepository _userProfileRepository; public DisciplineSuspendController(DisciplineDbContext context, MinIODisciplineService documentService, IHttpContextAccessor httpContextAccessor, - PermissionRepository permission) + PermissionRepository permission, + UserProfileRepository userProfileRepository) { // _repository = repository; _context = context; _documentService = documentService; _httpContextAccessor = httpContextAccessor; _permission = permission; + _userProfileRepository = userProfileRepository; } #region " Properties " - private string? UserId => _httpContextAccessor?.HttpContext?.User?.FindFirst(ClaimTypes.NameIdentifier)?.Value; - private string? FullName => _httpContextAccessor?.HttpContext?.User?.FindFirst("name")?.Value; + private string? AccessToken => _httpContextAccessor?.HttpContext?.Request.Headers["Authorization"]; #endregion @@ -67,6 +71,41 @@ namespace BMA.EHR.DisciplineSuspend.Service.Controllers { return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); } + // กรองสิทธิ์ + string role = jsonData["result"]?.ToString() ?? ""; + var nodeId = string.Empty; + var profileAdmin = new GetUserOCAllDto(); + profileAdmin = await _userProfileRepository.GetUserOCAll(Guid.Parse(UserId!), AccessToken); + if (role == "NORMAL" || role == "CHILD") + { + nodeId = profileAdmin?.Node == 4 + ? profileAdmin?.Child4DnaId + : profileAdmin?.Node == 3 + ? profileAdmin?.Child3DnaId + : profileAdmin?.Node == 2 + ? profileAdmin?.Child2DnaId + : profileAdmin?.Node == 1 + ? profileAdmin?.Child1DnaId + : profileAdmin?.Node == 0 + ? profileAdmin?.RootDnaId + : ""; + } + else if (role == "BROTHER") + { + nodeId = profileAdmin?.Node == 4 + ? profileAdmin?.Child3DnaId + : profileAdmin?.Node == 3 + ? profileAdmin?.Child2DnaId + : profileAdmin?.Node == 2 + ? profileAdmin?.Child1DnaId + : profileAdmin?.Node == 1 || profileAdmin?.Node == 0 + ? profileAdmin?.RootDnaId + : ""; + } + else if (role == "ROOT" || role == "PARENT") + { + nodeId = profileAdmin?.RootDnaId; + } var data_search = (from x in _context.DisciplineReport_Profiles.Include(x => x.DisciplineDisciplinary) where ( @@ -98,6 +137,44 @@ namespace BMA.EHR.DisciplineSuspend.Service.Controllers ( !string.IsNullOrEmpty(status) ? x.Status!.Trim().ToUpper() == status : true ) + && + ( + role == "OWNER" + ? true + : role == "ROOT" + ? x.rootDnaId == nodeId + : role == "PARENT" + ? x.rootDnaId == nodeId && x.child1DnaId != null + : role == "CHILD" + ? ( + profileAdmin.Node == 4 ? x.child4DnaId == nodeId : + profileAdmin.Node == 3 ? x.child3DnaId == nodeId : + profileAdmin.Node == 2 ? x.child2DnaId == nodeId : + profileAdmin.Node == 1 ? x.child1DnaId == nodeId : + profileAdmin.Node == 0 ? x.rootDnaId == nodeId : + true + ) + : role == "BROTHER" + ? ( + profileAdmin.Node == 4 ? x.child3DnaId == nodeId : + profileAdmin.Node == 3 ? x.child2DnaId == nodeId : + profileAdmin.Node == 2 ? x.child1DnaId == nodeId : + ( + profileAdmin.Node == 1 || profileAdmin.Node == 0 + ) + ? x.rootDnaId == nodeId : true + ) + : role == "NORMAL" + ? ( + profileAdmin.Node == 0 ? x.rootDnaId == nodeId && x.child1DnaId == null : + profileAdmin.Node == 1 ? x.child1DnaId == nodeId && x.child2DnaId == null : + profileAdmin.Node == 2 ? x.child2DnaId == nodeId && x.child3DnaId == null : + profileAdmin.Node == 3 ? x.child3DnaId == nodeId && x.child4DnaId == null : + profileAdmin.Node == 4 ? x.child4DnaId == nodeId : + true + ) + : true + ) select x).ToList(); var query = data_search .Select(x => new