permission วินัย
This commit is contained in:
parent
aea156e22f
commit
a0008b6254
8 changed files with 335 additions and 8 deletions
|
|
@ -11,6 +11,7 @@ using Microsoft.AspNetCore.Authorization;
|
|||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using Newtonsoft.Json;
|
||||
using Newtonsoft.Json.Linq;
|
||||
using Swashbuckle.AspNetCore.Annotations;
|
||||
using System.Net.Http.Headers;
|
||||
using System.Security.Claims;
|
||||
|
|
@ -31,13 +32,15 @@ namespace BMA.EHR.DisciplineComplaint_Appeal.Service.Controllers
|
|||
private readonly IHttpContextAccessor _httpContextAccessor;
|
||||
private readonly NotificationRepository _repositoryNoti;
|
||||
private readonly IConfiguration _configuration;
|
||||
private readonly PermissionRepository _permission;
|
||||
|
||||
public DisciplineComplaint_AppealController(DisciplineDbContext context,
|
||||
NotificationRepository repositoryNoti,
|
||||
ApplicationDBContext contextMain,
|
||||
MinIODisciplineService documentService,
|
||||
IHttpContextAccessor httpContextAccessor,
|
||||
IConfiguration configuration)
|
||||
IConfiguration configuration,
|
||||
PermissionRepository permission)
|
||||
{
|
||||
// _repository = repository;
|
||||
_context = context;
|
||||
|
|
@ -46,6 +49,7 @@ namespace BMA.EHR.DisciplineComplaint_Appeal.Service.Controllers
|
|||
_documentService = documentService;
|
||||
_httpContextAccessor = httpContextAccessor;
|
||||
_configuration = configuration;
|
||||
_permission = permission;
|
||||
}
|
||||
|
||||
#region " Properties "
|
||||
|
|
@ -150,6 +154,12 @@ namespace BMA.EHR.DisciplineComplaint_Appeal.Service.Controllers
|
|||
[HttpGet("{id:guid}")]
|
||||
public async Task<ActionResult<ResponseObject>> GetByDiscipline(Guid id)
|
||||
{
|
||||
var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_DISCIPLINE_APPEAL");
|
||||
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
|
||||
if (jsonData["status"]?.ToString() != "200")
|
||||
{
|
||||
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
|
||||
}
|
||||
var _data = await _context.DisciplineComplaint_Appeals
|
||||
.Include(x => x.DisciplineComplaint_Appeal_Docs)
|
||||
.Include(x => x.DisciplineComplaint_Appeal_Historys)
|
||||
|
|
@ -459,6 +469,12 @@ namespace BMA.EHR.DisciplineComplaint_Appeal.Service.Controllers
|
|||
[HttpDelete("file/{id:guid}/{docId:guid}")]
|
||||
public async Task<ActionResult<ResponseObject>> DeleteFileComplaintAppeals(Guid id, Guid docId)
|
||||
{
|
||||
var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "SYS_DISCIPLINE_APPEAL");
|
||||
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
|
||||
if (jsonData["status"]?.ToString() != "200")
|
||||
{
|
||||
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
|
||||
}
|
||||
var data = await _context.DisciplineComplaint_Appeals
|
||||
.Include(x => x.DisciplineComplaint_Appeal_Docs)
|
||||
.ThenInclude(x => x.Document)
|
||||
|
|
@ -499,6 +515,12 @@ namespace BMA.EHR.DisciplineComplaint_Appeal.Service.Controllers
|
|||
[HttpGet("admin")]
|
||||
public async Task<ActionResult<ResponseObject>> GetDisciplineAdmin(string status = "ALL", string type = "ALL", int year = 0, int page = 1, int pageSize = 25, string keyword = "")
|
||||
{
|
||||
var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_DISCIPLINE_APPEAL");
|
||||
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
|
||||
if (jsonData["status"]?.ToString() != "200")
|
||||
{
|
||||
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
|
||||
}
|
||||
var data_search = (from x in _context.DisciplineComplaint_Appeals
|
||||
where (x.Title == null ? false : x.Title.Contains(keyword)) ||
|
||||
(x.Description == null ? false : x.Description.Contains(keyword)) ||
|
||||
|
|
@ -547,6 +569,12 @@ namespace BMA.EHR.DisciplineComplaint_Appeal.Service.Controllers
|
|||
[HttpPut("{id:guid}")]
|
||||
public async Task<ActionResult<ResponseObject>> UpdateDiscipline(Guid id, [FromBody] DisciplineComplaint_AppealUpdateRequest req)
|
||||
{
|
||||
var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_DISCIPLINE_APPEAL");
|
||||
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
|
||||
if (jsonData["status"]?.ToString() != "200")
|
||||
{
|
||||
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
|
||||
}
|
||||
var data = await _context.DisciplineComplaint_Appeals
|
||||
.Where(x => x.Id == id)
|
||||
.FirstOrDefaultAsync();
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue