From e7728d71bd647e08acff4cf19d2cc69b4d6f66bb Mon Sep 17 00:00:00 2001
From: kittapath <kittapath@frappet.com>
Date: Wed, 6 Nov 2024 10:20:17 +0700
Subject: [PATCH] no message

---
 .../Repositories/PermissionRepository.cs      |  21 +++
 .../PlacementAppointmentController.cs         |  25 ++-
 .../PlacementAppointmentEmployeeController.cs |  13 +-
 .../Controllers/PlacementOfficerController.cs | 123 ++++++--------
 .../Controllers/PlacementReceiveController.cs |  37 ++---
 .../PlacementRepatriationController.cs        | 153 +++++++-----------
 .../PlacementTransferController.cs            | 147 +++++++----------
 .../Requests/OrgPermissionRequest.cs          |  21 +++
 8 files changed, 242 insertions(+), 298 deletions(-)
 create mode 100644 BMA.EHR.Placement.Service/Requests/OrgPermissionRequest.cs

diff --git a/BMA.EHR.Application/Repositories/PermissionRepository.cs b/BMA.EHR.Application/Repositories/PermissionRepository.cs
index 6e8aced5..27ee8696 100644
--- a/BMA.EHR.Application/Repositories/PermissionRepository.cs
+++ b/BMA.EHR.Application/Repositories/PermissionRepository.cs
@@ -71,6 +71,27 @@ namespace BMA.EHR.Application.Repositories
             }
         }
 
+        public async Task<dynamic> GetPermissionOrgAPIAsync(string action, string system, string profileId)
+        {
+            try
+            {
+                var apiPath = $"{_configuration["API"]}/org/permission/dotnet-org/{action}/{system}/{profileId}";
+
+                using (var client = new HttpClient())
+                {
+                    client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", AccessToken.Replace("Bearer ", ""));
+                    client.DefaultRequestHeaders.Add("api_key", _configuration["API_KEY"]);
+                    var req = await client.GetAsync(apiPath);
+                    var res = await req.Content.ReadAsStringAsync();
+                    return res;
+                }
+            }
+            catch
+            {
+                throw;
+            }
+        }
+
         public async Task<dynamic> GetPermissionAPIWorkflowAsync(string refId, string sysName)
         {
             try
diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentController.cs
index b174c096..3bf93eea 100644
--- a/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentController.cs
+++ b/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentController.cs
@@ -68,17 +68,26 @@ namespace BMA.EHR.Placement.Service.Controllers
         /// <response code="401">ไม่ได้ Login เข้าระบบ</response>
         /// <response code="500">เมื่อเกิดข้อผิดพลาดในการทำงาน</response>
         [HttpGet()]
-        // public async Task<ActionResult<ResponseObject>> GetListByAdmin(int page = 1, int pageSize = 10, string keyword = "")
         public async Task<ActionResult<ResponseObject>> GetListByAdmin()
         {
-            var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_PROMOTION_OFFICER");
+            var getPermission = await _permission.GetPermissionOrgAPIAsync("LIST", "SYS_PROMOTION_OFFICER", UserId);
             var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
             if (jsonData["status"]?.ToString() != "200")
             {
                 return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
             }
+            // string?[] rootId = jsonData?.result?.rootId ?? null;
+            // string?[] child1Id = jsonData?.result?.child1Id ?? null;
+            // string?[] child2Id = jsonData?.result?.child2Id ?? null;
+            // string?[] child3Id = jsonData?.result?.child3Id ?? null;
+            // string?[] child4Id = jsonData?.result?.child4Id ?? null;
             var placementAppointments = await _context.PlacementAppointments.AsQueryable()
                         .Where(x => x.type == "OFFICER")
+                        // .Where(x => rootId == null ? true : rootId.Contains(x.rootOldId))
+                        // .Where(x => child1Id == null ? true : child1Id.Contains(x.child1OldId))
+                        // .Where(x => child2Id == null ? true : child2Id.Contains(x.child2OldId))
+                        // .Where(x => child3Id == null ? true : child3Id.Contains(x.child3OldId))
+                        // .Where(x => child4Id == null ? true : child4Id.Contains(x.child4OldId))
                         .OrderByDescending(x => x.CreatedAt)
                         .Select(p => new
                         {
@@ -141,7 +150,6 @@ namespace BMA.EHR.Placement.Service.Controllers
 
                             p.Status,
                             p.Amount,
-                            // p.RecruitDate,
                             p.ReportingDate,
 
                             p.IsActive,
@@ -259,7 +267,6 @@ namespace BMA.EHR.Placement.Service.Controllers
                             p.AmountOld,
                             p.OrganizationOld,
                             p.positionOld,
-                            // PlacementAppointmentDocs = p.PlacementAppointmentDocs.Where(d => d.Document != null).Select(d => new { d.Document.Id, d.Document.FileName }),
                             p.typeCommand,
                             p.posmasterId,
                         })
@@ -267,16 +274,6 @@ namespace BMA.EHR.Placement.Service.Controllers
             if (data == null)
                 return Error(GlobalMessages.DataNotFound, 404);
 
-            // var placementAppointmentDocs = new List<dynamic>();
-            // foreach (var doc in data.PlacementAppointmentDocs)
-            // {
-            //     var _doc = new
-            //     {
-            //         doc.FileName,
-            //         PathName = await _documentService.ImagesPath(doc.Id)
-            //     };
-            //     placementAppointmentDocs.Add(_doc);
-            // }
             var _data = new
             {
                 data.Id,
diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentEmployeeController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentEmployeeController.cs
index ecb38b58..6bc16c73 100644
--- a/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentEmployeeController.cs
+++ b/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentEmployeeController.cs
@@ -68,16 +68,25 @@ namespace BMA.EHR.Placement.Service.Controllers
         /// <response code="500">เมื่อเกิดข้อผิดพลาดในการทำงาน</response>
         [HttpGet()]
         public async Task<ActionResult<ResponseObject>> GetListByAdmin()
-        // public async Task<ActionResult<ResponseObject>> GetListByAdmin(int page = 1, int pageSize = 10, string keyword = "")
         {
-            var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_PROMOTION_EMP");
+            var getPermission = await _permission.GetPermissionOrgAPIAsync("LIST", "SYS_PROMOTION_EMP", UserId);
             var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
             if (jsonData["status"]?.ToString() != "200")
             {
                 return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
             }
+            // string?[] rootId = jsonData?.result?.rootId ?? null;
+            // string?[] child1Id = jsonData?.result?.child1Id ?? null;
+            // string?[] child2Id = jsonData?.result?.child2Id ?? null;
+            // string?[] child3Id = jsonData?.result?.child3Id ?? null;
+            // string?[] child4Id = jsonData?.result?.child4Id ?? null;
             var placementAppointments = await _context.PlacementAppointments.AsQueryable()
                         .Where(x => x.type == "EMPLOYEE")
+                        // .Where(x => rootId == null ? true : rootId.Contains(x.rootOldId))
+                        // .Where(x => child1Id == null ? true : child1Id.Contains(x.child1OldId))
+                        // .Where(x => child2Id == null ? true : child2Id.Contains(x.child2OldId))
+                        // .Where(x => child3Id == null ? true : child3Id.Contains(x.child3OldId))
+                        // .Where(x => child4Id == null ? true : child4Id.Contains(x.child4OldId))
                         .OrderByDescending(x => x.CreatedAt)
                         .Select(p => new
                         {
diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs
index 020e0e5e..08037276 100644
--- a/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs
+++ b/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs
@@ -69,83 +69,66 @@ namespace BMA.EHR.Placement.Service.Controllers
         /// <response code="500">เมื่อเกิดข้อผิดพลาดในการทำงาน</response>
         [HttpGet()]
         public async Task<ActionResult<ResponseObject>> GetListByAdmin()
-        // public async Task<ActionResult<ResponseObject>> GetListByAdmin(int page = 1, int pageSize = 10, string keyword = "")
         {
-            var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_TEMPDUTY");
+            var getPermission = await _permission.GetPermissionOrgAPIAsync("LIST", "SYS_TEMPDUTY", UserId);
             var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
             if (jsonData["status"]?.ToString() != "200")
             {
                 return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
             }
-            var rootId = "";
-            var child1Id = "";
-            var child2Id = "";
-            var child3Id = "";
-            var child4Id = "";
-            var apiUrl = $"{_configuration["API"]}/org/profile/keycloak/position";
-            using (var client = new HttpClient())
-            {
-                client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token.Replace("Bearer ", ""));
-                client.DefaultRequestHeaders.Add("api_key", _configuration["API_KEY"]);
-                var _req = new HttpRequestMessage(HttpMethod.Get, apiUrl);
-                var _res = await client.SendAsync(_req);
-                var _result = await _res.Content.ReadAsStringAsync();
+            // string?[] rootId = jsonData?.result?.rootId ?? null;
+            // string?[] child1Id = jsonData?.result?.child1Id ?? null;
+            // string?[] child2Id = jsonData?.result?.child2Id ?? null;
+            // string?[] child3Id = jsonData?.result?.child3Id ?? null;
+            // string?[] child4Id = jsonData?.result?.child4Id ?? null;
+            var placementOfficers = await _context.PlacementOfficers.AsQueryable()
+                        // .Where(x => rootId == null ? true : rootId.Contains(x.rootOldId))
+                        // .Where(x => child1Id == null ? true : child1Id.Contains(x.child1OldId))
+                        // .Where(x => child2Id == null ? true : child2Id.Contains(x.child2OldId))
+                        // .Where(x => child3Id == null ? true : child3Id.Contains(x.child3OldId))
+                        // .Where(x => child4Id == null ? true : child4Id.Contains(x.child4OldId))
+                        .OrderByDescending(x => x.CreatedAt)
+                        .Select(p => new
+                        {
+                            p.Id,
+                            p.citizenId,
+                            p.profileId,
+                            p.prefix,
+                            p.firstName,
+                            p.lastName,
+                            p.rootOld,
+                            p.rootOldId,
+                            p.rootShortNameOld,
+                            p.child1Old,
+                            p.child1OldId,
+                            p.child1ShortNameOld,
+                            p.child2Old,
+                            p.child2OldId,
+                            p.child2ShortNameOld,
+                            p.child3Old,
+                            p.child3OldId,
+                            p.child3ShortNameOld,
+                            p.child4Old,
+                            p.child4OldId,
+                            p.child4ShortNameOld,
+                            p.PositionOld,
+                            p.posMasterNoOld,
+                            p.posTypeOldId,
+                            p.posTypeNameOld,
+                            p.posLevelOldId,
+                            p.posLevelNameOld,
+                            p.CreatedAt,
+                            p.Reason,
+                            p.Status,
+                            p.DateStart,
+                            p.DateEnd,
+                            p.Organization,
+                            p.OrganizationPositionOld,
+                            p.IsActive,
+                        })
+                        .ToListAsync();
 
-                var org = JsonConvert.DeserializeObject<OrgRequest>(_result);
-
-                if (org == null || org.result == null)
-                    return Error("ไม่พบหน่วยงานของผู้ใช้งานคนนี้", 404);
-                rootId = org.result.rootId == null ? "" : org.result.rootId;
-                child1Id = org.result.child1Id == null ? "" : org.result.child1Id;
-                child2Id = org.result.child2Id == null ? "" : org.result.child2Id;
-                child3Id = org.result.child3Id == null ? "" : org.result.child3Id;
-                child4Id = org.result.child4Id == null ? "" : org.result.child4Id;
-
-                var placementOfficers = await _context.PlacementOfficers.AsQueryable()
-                            .OrderByDescending(x => x.CreatedAt)
-                            .Where(x => rootId == "" ? true : (child1Id == "" ? x.rootOldId == rootId : (child2Id == "" ? x.child1OldId == child1Id : (child3Id == "" ? x.child2OldId == child2Id : (child4Id == "" ? x.child3OldId == child3Id : x.child4OldId == child4Id)))))
-                            .Select(p => new
-                            {
-                                p.Id,
-                                p.citizenId,
-                                p.profileId,
-                                p.prefix,
-                                p.firstName,
-                                p.lastName,
-                                p.rootOld,
-                                p.rootOldId,
-                                p.rootShortNameOld,
-                                p.child1Old,
-                                p.child1OldId,
-                                p.child1ShortNameOld,
-                                p.child2Old,
-                                p.child2OldId,
-                                p.child2ShortNameOld,
-                                p.child3Old,
-                                p.child3OldId,
-                                p.child3ShortNameOld,
-                                p.child4Old,
-                                p.child4OldId,
-                                p.child4ShortNameOld,
-                                p.PositionOld,
-                                p.posMasterNoOld,
-                                p.posTypeOldId,
-                                p.posTypeNameOld,
-                                p.posLevelOldId,
-                                p.posLevelNameOld,
-                                p.CreatedAt,
-                                p.Reason,
-                                p.Status,
-                                p.DateStart,
-                                p.DateEnd,
-                                p.Organization,
-                                p.OrganizationPositionOld,
-                                p.IsActive,
-                            })
-                            .ToListAsync();
-
-                return Success(placementOfficers);
-            }
+            return Success(placementOfficers);
         }
 
         /// <summary>
diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementReceiveController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementReceiveController.cs
index 0a5202af..fa12576c 100644
--- a/BMA.EHR.Placement.Service/Controllers/PlacementReceiveController.cs
+++ b/BMA.EHR.Placement.Service/Controllers/PlacementReceiveController.cs
@@ -70,40 +70,25 @@ namespace BMA.EHR.Placement.Service.Controllers
         /// <response code="500">เมื่อเกิดข้อผิดพลาดในการทำงาน</response>
         [HttpGet()]
         public async Task<ActionResult<ResponseObject>> GetListByAdmin()
-        // public async Task<ActionResult<ResponseObject>> GetListByAdmin(int page = 1, int pageSize = 10, string keyword = "")
         {
-            var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_TRANSFER_RECEIVE");
+            var getPermission = await _permission.GetPermissionOrgAPIAsync("LIST", "SYS_TRANSFER_RECEIVE", UserId);
             var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
             if (jsonData["status"]?.ToString() != "200")
             {
                 return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
             }
-            // var rootId = "";
-            // var child1Id = "";
-            // var child2Id = "";
-            // var child3Id = "";
-            // var child4Id = "";
-            // var apiUrl = $"{_configuration["API"]}/org/profile/keycloak/position";
-            // using (var client = new HttpClient())
-            // {
-            //     client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token.Replace("Bearer ", ""));
-            //     var _req = new HttpRequestMessage(HttpMethod.Get, apiUrl);
-            //     var _res = await client.SendAsync(_req);
-            //     var _result = await _res.Content.ReadAsStringAsync();
-
-            //     var org = JsonConvert.DeserializeObject<OrgRequest>(_result);
-
-            //     if (org == null || org.result == null)
-            //         return Error("ไม่พบหน่วยงานของผู้ใช้งานคนนี้", 404);
-            //     rootId = org.result.rootId == null ? "" : org.result.rootId;
-            //     child1Id = org.result.child1Id == null ? "" : org.result.child1Id;
-            //     child2Id = org.result.child2Id == null ? "" : org.result.child2Id;
-            //     child3Id = org.result.child3Id == null ? "" : org.result.child3Id;
-            //     child4Id = org.result.child4Id == null ? "" : org.result.child4Id;
-
+            // string?[] rootId = jsonData?.result?.rootId ?? null;
+            // string?[] child1Id = jsonData?.result?.child1Id ?? null;
+            // string?[] child2Id = jsonData?.result?.child2Id ?? null;
+            // string?[] child3Id = jsonData?.result?.child3Id ?? null;
+            // string?[] child4Id = jsonData?.result?.child4Id ?? null;
             var placementReceives = await _context.PlacementReceives.AsQueryable()
+                            // .Where(x => rootId == null ? true : rootId.Contains(x.rootOldId))
+                            // .Where(x => child1Id == null ? true : child1Id.Contains(x.child1OldId))
+                            // .Where(x => child2Id == null ? true : child2Id.Contains(x.child2OldId))
+                            // .Where(x => child3Id == null ? true : child3Id.Contains(x.child3OldId))
+                            // .Where(x => child4Id == null ? true : child4Id.Contains(x.child4OldId))
                             .OrderByDescending(x => x.CreatedAt)
-                            // .Where(x => PlacementAdmin == true ? true : (rootId == "" ? true : (child1Id == "" ? x.rootId == rootId : (child2Id == "" ? x.child1Id == child1Id : (child3Id == "" ? x.child2Id == child2Id : (child4Id == "" ? x.child3Id == child3Id : x.child4Id == child4Id))))))
                             .Select(p => new
                             {
                                 p.Id,
diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementRepatriationController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementRepatriationController.cs
index d77aceff..386cf4e1 100644
--- a/BMA.EHR.Placement.Service/Controllers/PlacementRepatriationController.cs
+++ b/BMA.EHR.Placement.Service/Controllers/PlacementRepatriationController.cs
@@ -70,108 +70,69 @@ namespace BMA.EHR.Placement.Service.Controllers
         /// <response code="500">เมื่อเกิดข้อผิดพลาดในการทำงาน</response>
         [HttpGet()]
         public async Task<ActionResult<ResponseObject>> GetListByAdmin()
-        // public async Task<ActionResult<ResponseObject>> GetListByAdmin(int page = 1, int pageSize = 10, string keyword = "")
         {
-            var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_TEMPDUTY2");
+            var getPermission = await _permission.GetPermissionOrgAPIAsync("LIST", "SYS_TEMPDUTY2", UserId);
             var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
             if (jsonData["status"]?.ToString() != "200")
             {
                 return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
             }
-            var rootId = "";
-            var child1Id = "";
-            var child2Id = "";
-            var child3Id = "";
-            var child4Id = "";
-            var apiUrl = $"{_configuration["API"]}/org/profile/keycloak/position";
-            using (var client = new HttpClient())
-            {
-                client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token.Replace("Bearer ", ""));
-                client.DefaultRequestHeaders.Add("api_key", _configuration["API_KEY"]);
-                var _req = new HttpRequestMessage(HttpMethod.Get, apiUrl);
-                var _res = await client.SendAsync(_req);
-                var _result = await _res.Content.ReadAsStringAsync();
-
-                var org = JsonConvert.DeserializeObject<OrgRequest>(_result);
-
-                if (org == null || org.result == null)
-                    return Error("ไม่พบหน่วยงานของผู้ใช้งานคนนี้", 404);
-                rootId = org.result.rootId == null ? "" : org.result.rootId;
-                child1Id = org.result.child1Id == null ? "" : org.result.child1Id;
-                child2Id = org.result.child2Id == null ? "" : org.result.child2Id;
-                child3Id = org.result.child3Id == null ? "" : org.result.child3Id;
-                child4Id = org.result.child4Id == null ? "" : org.result.child4Id;
-
-                var placementRepatriations = await _context.PlacementRepatriations.AsQueryable()
-                            .OrderByDescending(x => x.CreatedAt)
-                            .Where(x => rootId == "" ? true : (child1Id == "" ? x.rootOldId == rootId : (child2Id == "" ? x.child1OldId == child1Id : (child3Id == "" ? x.child2OldId == child2Id : (child4Id == "" ? x.child3OldId == child3Id : x.child4OldId == child4Id)))))
-                            .Select(p => new
-                            {
-                                p.Id,
-                                p.citizenId,
-                                p.profileId,
-                                p.prefix,
-                                p.firstName,
-                                p.lastName,
-                                p.rootOld,
-                                p.rootOldId,
-                                p.rootShortNameOld,
-                                p.child1Old,
-                                p.child1OldId,
-                                p.child1ShortNameOld,
-                                p.child2Old,
-                                p.child2OldId,
-                                p.child2ShortNameOld,
-                                p.child3Old,
-                                p.child3OldId,
-                                p.child3ShortNameOld,
-                                p.child4Old,
-                                p.child4OldId,
-                                p.child4ShortNameOld,
-                                p.PositionOld,
-                                p.posMasterNoOld,
-                                p.posTypeOldId,
-                                p.posTypeNameOld,
-                                p.posLevelOldId,
-                                p.posLevelNameOld,
-                                p.CreatedAt,
-                                p.Organization,
-                                p.Reason,
-                                p.Status,
-                                p.Date,
-                                salary = p.AmountOld,
-                                p.PositionTypeOld,
-                                p.PositionLevelOld,
-                                p.PositionNumberOld,
-                                p.OrganizationPositionOld,
-                                p.IsActive,
-                                p.DateRepatriation,
-                            })
-                            .ToListAsync();
-
-                // if (keyword != "")
-                // {
-                //     var data = placementRepatriations.Where(x =>
-                //             (x.prefix != null && x.prefix.Contains(keyword)) ||
-                //             (x.firstName != null && x.firstName.Contains(keyword)) ||
-                //             (x.lastName != null && x.lastName.Contains(keyword)) ||
-                //             (x.rootShortNameOld != null && x.rootShortNameOld.Contains(keyword)) ||
-                //             (x.posMasterNoOld != null && x.posMasterNoOld.ToString().Contains(keyword)) ||
-                //             (x.PositionOld != null && x.PositionOld.Contains(keyword)) ||
-                //             (x.posTypeNameOld != null && x.posTypeNameOld.Contains(keyword)) ||
-                //             (x.posLevelNameOld != null && x.posLevelNameOld.Contains(keyword)) ||
-                //             (x.OrganizationPositionOld != null && x.OrganizationPositionOld.Contains(keyword)) ||
-                //             (x.Organization != null && x.Organization.Contains(keyword)))
-                //         .OrderByDescending(x => x.CreatedAt)
-                //         .Skip((page - 1) * pageSize)
-                //         .Take(pageSize)
-                //         .ToList();
-
-                //     placementRepatriations = data;
-                // }
-
-                return Success(placementRepatriations);
-            }
+            // string?[] rootId = jsonData?.result?.rootId ?? null;
+            // string?[] child1Id = jsonData?.result?.child1Id ?? null;
+            // string?[] child2Id = jsonData?.result?.child2Id ?? null;
+            // string?[] child3Id = jsonData?.result?.child3Id ?? null;
+            // string?[] child4Id = jsonData?.result?.child4Id ?? null;
+            var placementRepatriations = await _context.PlacementRepatriations.AsQueryable()
+                        // .Where(x => rootId == null ? true : rootId.Contains(x.rootOldId))
+                        // .Where(x => child1Id == null ? true : child1Id.Contains(x.child1OldId))
+                        // .Where(x => child2Id == null ? true : child2Id.Contains(x.child2OldId))
+                        // .Where(x => child3Id == null ? true : child3Id.Contains(x.child3OldId))
+                        // .Where(x => child4Id == null ? true : child4Id.Contains(x.child4OldId))
+                        .OrderByDescending(x => x.CreatedAt)
+                        .Select(p => new
+                        {
+                            p.Id,
+                            p.citizenId,
+                            p.profileId,
+                            p.prefix,
+                            p.firstName,
+                            p.lastName,
+                            p.rootOld,
+                            p.rootOldId,
+                            p.rootShortNameOld,
+                            p.child1Old,
+                            p.child1OldId,
+                            p.child1ShortNameOld,
+                            p.child2Old,
+                            p.child2OldId,
+                            p.child2ShortNameOld,
+                            p.child3Old,
+                            p.child3OldId,
+                            p.child3ShortNameOld,
+                            p.child4Old,
+                            p.child4OldId,
+                            p.child4ShortNameOld,
+                            p.PositionOld,
+                            p.posMasterNoOld,
+                            p.posTypeOldId,
+                            p.posTypeNameOld,
+                            p.posLevelOldId,
+                            p.posLevelNameOld,
+                            p.CreatedAt,
+                            p.Organization,
+                            p.Reason,
+                            p.Status,
+                            p.Date,
+                            salary = p.AmountOld,
+                            p.PositionTypeOld,
+                            p.PositionLevelOld,
+                            p.PositionNumberOld,
+                            p.OrganizationPositionOld,
+                            p.IsActive,
+                            p.DateRepatriation,
+                        })
+                        .ToListAsync();
+            return Success(placementRepatriations);
         }
 
         /// <summary>
diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementTransferController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementTransferController.cs
index 23e2c41f..827c9a4e 100644
--- a/BMA.EHR.Placement.Service/Controllers/PlacementTransferController.cs
+++ b/BMA.EHR.Placement.Service/Controllers/PlacementTransferController.cs
@@ -158,102 +158,69 @@ namespace BMA.EHR.Placement.Service.Controllers
         /// <response code="500">เมื่อเกิดข้อผิดพลาดในการทำงาน</response>
         [HttpGet()]
         public async Task<ActionResult<ResponseObject>> GetListByAdmin()
-        // public async Task<ActionResult<ResponseObject>> GetListByAdmin(int page = 1, int pageSize = 10, string keyword = "")
         {
-            var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_TRANSFER_REQ");
+            var getPermission = await _permission.GetPermissionOrgAPIAsync("LIST", "SYS_TRANSFER_REQ", UserId);
             var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
             if (jsonData["status"]?.ToString() != "200")
             {
                 return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
             }
-            var rootId = "";
-            var child1Id = "";
-            var child2Id = "";
-            var child3Id = "";
-            var child4Id = "";
-            var apiUrl = $"{_configuration["API"]}/org/profile/keycloak/position";
-            using (var client = new HttpClient())
-            {
-                client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token.Replace("Bearer ", ""));
-                client.DefaultRequestHeaders.Add("api_key", _configuration["API_KEY"]);
-                var _req = new HttpRequestMessage(HttpMethod.Get, apiUrl);
-                var _res = await client.SendAsync(_req);
-                var _result = await _res.Content.ReadAsStringAsync();
-
-                var org = JsonConvert.DeserializeObject<OrgRequest>(_result);
-
-                if (org == null || org.result == null)
-                    return Error("ไม่พบหน่วยงานของผู้ใช้งานคนนี้", 404);
-                rootId = org.result.rootId == null ? "" : org.result.rootId;
-                child1Id = org.result.child1Id == null ? "" : org.result.child1Id;
-                child2Id = org.result.child2Id == null ? "" : org.result.child2Id;
-                child3Id = org.result.child3Id == null ? "" : org.result.child3Id;
-                child4Id = org.result.child4Id == null ? "" : org.result.child4Id;
-
-                var placementTransfers = await _context.PlacementTransfers.AsQueryable()
-                            .OrderByDescending(x => x.CreatedAt)
-                            .Where(x => rootId == "" ? true : (child1Id == "" ? x.rootOldId == rootId : (child2Id == "" ? x.child1OldId == child1Id : (child3Id == "" ? x.child2OldId == child2Id : (child4Id == "" ? x.child3OldId == child3Id : x.child4OldId == child4Id)))))
-                            .Select(p => new
-                            {
-                                p.Id,
-                                p.citizenId,
-                                p.profileId,
-                                p.prefix,
-                                p.firstName,
-                                p.lastName,
-                                p.rootOld,
-                                p.rootOldId,
-                                p.rootShortNameOld,
-                                p.child1Old,
-                                p.child1OldId,
-                                p.child1ShortNameOld,
-                                p.child2Old,
-                                p.child2OldId,
-                                p.child2ShortNameOld,
-                                p.child3Old,
-                                p.child3OldId,
-                                p.child3ShortNameOld,
-                                p.child4Old,
-                                p.child4OldId,
-                                p.child4ShortNameOld,
-                                p.PositionOld,
-                                p.posMasterNoOld,
-                                p.posTypeOldId,
-                                p.posTypeNameOld,
-                                p.posLevelOldId,
-                                p.posLevelNameOld,
-                                p.CreatedAt,
-                                p.Organization,
-                                p.Reason,
-                                p.Status,
-                                p.Date,
-                                salary = p.AmountOld,
-                                p.PositionTypeOld,
-                                p.PositionLevelOld,
-                                p.PositionNumberOld,
-                                p.OrganizationPositionOld,
-                                p.IsActive,
-                            })
-                            .ToListAsync();
-
-                // if (keyword != "")
-                // {
-                //     var data = placementTransfers.Where(x =>
-                //             (x.prefix != null && x.prefix.Contains(keyword)) ||
-                //             (x.firstName != null && x.firstName.Contains(keyword)) ||
-                //             (x.lastName != null && x.lastName.Contains(keyword)) ||
-                //             (x.posTypeNameOld != null && x.posTypeNameOld.Contains(keyword)) ||
-                //             (x.posLevelNameOld != null && x.posLevelNameOld.Contains(keyword)))
-                //         .OrderByDescending(x => x.CreatedAt)
-                //         .Skip((page - 1) * pageSize)
-                //         .Take(pageSize)
-                //         .ToList();
-
-                //     placementTransfers = data;
-                // }
-
-                return Success(placementTransfers);
-            }
+            // var data = JsonConvert.DeserializeObject<OrgPermissionRequest>(getPermission);
+            // string?[]? root = data?.Result?.Root ?? null;
+            // string?[]? child1 = data?.Result?.Child1 ?? null;
+            // string?[]? child2 = data?.Result?.Child2 ?? null;
+            // string?[]? child3 = data?.Result?.Child3 ?? null;
+            // string?[]? child4 = data?.Result?.Child4 ?? null;
+            var placementTransfers = await _context.PlacementTransfers.AsQueryable()
+                        // .Where(x => root == null ? true : root.Contains(x.rootOldId))
+                        // .Where(x => child1 == null ? true : child1.Contains(x.child1OldId))
+                        // .Where(x => child2 == null ? true : child2.Contains(x.child2OldId))
+                        // .Where(x => child3 == null ? true : child3.Contains(x.child3OldId))
+                        // .Where(x => child4 == null ? true : child4.Contains(x.child4OldId))
+                        .OrderByDescending(x => x.CreatedAt)
+                        .Select(p => new
+                        {
+                            p.Id,
+                            p.citizenId,
+                            p.profileId,
+                            p.prefix,
+                            p.firstName,
+                            p.lastName,
+                            p.rootOld,
+                            p.rootOldId,
+                            p.rootShortNameOld,
+                            p.child1Old,
+                            p.child1OldId,
+                            p.child1ShortNameOld,
+                            p.child2Old,
+                            p.child2OldId,
+                            p.child2ShortNameOld,
+                            p.child3Old,
+                            p.child3OldId,
+                            p.child3ShortNameOld,
+                            p.child4Old,
+                            p.child4OldId,
+                            p.child4ShortNameOld,
+                            p.PositionOld,
+                            p.posMasterNoOld,
+                            p.posTypeOldId,
+                            p.posTypeNameOld,
+                            p.posLevelOldId,
+                            p.posLevelNameOld,
+                            p.CreatedAt,
+                            p.Organization,
+                            p.Reason,
+                            p.Status,
+                            p.Date,
+                            salary = p.AmountOld,
+                            p.PositionTypeOld,
+                            p.PositionLevelOld,
+                            p.PositionNumberOld,
+                            p.OrganizationPositionOld,
+                            p.IsActive,
+                        })
+                        .ToListAsync();
+            return Success(placementTransfers);
         }
 
         /// <summary>
diff --git a/BMA.EHR.Placement.Service/Requests/OrgPermissionRequest.cs b/BMA.EHR.Placement.Service/Requests/OrgPermissionRequest.cs
new file mode 100644
index 00000000..4c8a8892
--- /dev/null
+++ b/BMA.EHR.Placement.Service/Requests/OrgPermissionRequest.cs
@@ -0,0 +1,21 @@
+using BMA.EHR.Domain.Models.MetaData;
+using Microsoft.EntityFrameworkCore;
+
+namespace BMA.EHR.Placement.Service.Requests
+{
+    public class OrgPermissionRequest
+    {
+        public int Status { get; set; }
+        public string Message { get; set; }
+        public OrgPermissionRequestData? Result { get; set; }
+    }
+    public class OrgPermissionRequestData
+    {
+        public string?[]? Root { get; set; }
+        public string?[]? Child1 { get; set; }
+        public string?[]? Child2 { get; set; }
+        public string?[]? Child3 { get; set; }
+        public string?[]? Child4 { get; set; }
+        public string? Privilege { get; set; }
+    }
+}
\ No newline at end of file