From e5bb18692526a74297cb576704a7da29876277f7 Mon Sep 17 00:00:00 2001 From: AdisakKanthawilang Date: Wed, 25 Sep 2024 17:43:55 +0700 Subject: [PATCH] =?UTF-8?q?=E0=B9=81=E0=B8=81=E0=B9=89=E0=B8=AA=E0=B8=B4?= =?UTF-8?q?=E0=B8=97=E0=B8=98=E0=B8=B4=E0=B9=8C=20#642?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- BMA.EHR.Insignia/Controllers/InsigniaRequestController.cs | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/BMA.EHR.Insignia/Controllers/InsigniaRequestController.cs b/BMA.EHR.Insignia/Controllers/InsigniaRequestController.cs index 912e88d0..de5fe6b5 100644 --- a/BMA.EHR.Insignia/Controllers/InsigniaRequestController.cs +++ b/BMA.EHR.Insignia/Controllers/InsigniaRequestController.cs @@ -1854,7 +1854,7 @@ namespace BMA.EHR.Insignia.Service.Controllers [HttpPut("note/doc/{insigniaNoteId:length(36)}")] public async Task> AddDocumentProfile([FromForm] InsigniaNoteDocRequest req, Guid insigniaNoteId) { - var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_INSIGNIA_RECORD"); + var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_INSIGNIA_RECORD"); var jsonData = JsonConvert.DeserializeObject(getPermission); if (jsonData["status"]?.ToString() != "200") { @@ -1908,6 +1908,12 @@ namespace BMA.EHR.Insignia.Service.Controllers [HttpGet("note/doc/{insigniaNoteId:length(36)}")] public async Task> GetDocumentProfile(Guid insigniaNoteId) { + var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_INSIGNIA_RECORD"); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } var insigniaNote = await _context.InsigniaNotes .Include(x => x.InsigniaNoteDocs) .ThenInclude(x => x.Document)