From f827ed558c8e0ba3c55f541c283e80b7a6a1f119 Mon Sep 17 00:00:00 2001 From: Bright Date: Mon, 19 Aug 2024 12:05:09 +0700 Subject: [PATCH] =?UTF-8?q?permission=20=E0=B8=9A=E0=B8=A3=E0=B8=A3?= =?UTF-8?q?=E0=B8=88=E0=B8=B8=20=E0=B9=81=E0=B8=95=E0=B9=88=E0=B8=87?= =?UTF-8?q?=E0=B8=95=E0=B8=B1=E0=B9=89=E0=B8=87=20=E0=B8=A2=E0=B9=89?= =?UTF-8?q?=E0=B8=B2=E0=B8=A2=20=E0=B9=82=E0=B8=AD=E0=B8=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../PlacementAppointmentController.cs | 42 ++++++++++++++- .../PlacementAppointmentEmployeeController.cs | 42 ++++++++++++++- .../Controllers/PlacementController.cs | 42 ++++++++++++++- .../Controllers/PlacementOfficerController.cs | 42 ++++++++++++++- .../Controllers/PlacementReceiveController.cs | 51 ++++++++++++++++++- .../PlacementRepatriationController.cs | 43 +++++++++++++++- .../PlacementTransferController.cs | 25 ++++++++- .../Controllers/RetirementOtherController.cs | 33 +++++++++++- 8 files changed, 312 insertions(+), 8 deletions(-) diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentController.cs index ff7a61ba..92ceacc1 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentController.cs @@ -9,6 +9,7 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Newtonsoft.Json; +using Newtonsoft.Json.Linq; using Swashbuckle.AspNetCore.Annotations; using System.Net.Http.Headers; using System.Security.Claims; @@ -29,13 +30,15 @@ namespace BMA.EHR.Placement.Service.Controllers private readonly MinIOService _documentService; private readonly IHttpContextAccessor _httpContextAccessor; private readonly IConfiguration _configuration; + private readonly PermissionRepository _permission; public PlacementAppointmentController(PlacementRepository repository, NotificationRepository repositoryNoti, ApplicationDBContext context, MinIOService documentService, IHttpContextAccessor httpContextAccessor, - IConfiguration configuration) + IConfiguration configuration, + PermissionRepository permiss) { _repository = repository; _repositoryNoti = repositoryNoti; @@ -43,6 +46,7 @@ namespace BMA.EHR.Placement.Service.Controllers _documentService = documentService; _httpContextAccessor = httpContextAccessor; _configuration = configuration; + _permission = permiss; } #region " Properties " @@ -356,6 +360,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost()] public async Task> Post([FromForm] PlacementAddProfileRequest req) { + //var action = "CREATE"; + //var system = "SYS_PROMOTION_OFFICER"; + //var getPermission = await _permission.GetPermissionAPIAsync(action, system); + //var jsonData = JsonConvert.DeserializeObject(getPermission); + //if (jsonData["status"]?.ToString() != "200") + //{ + // return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + //} + //var attrPrivilege = jsonData["result"]?.ToString(); var placementAppointment = new PlacementAppointment { // Profile = profile, @@ -563,6 +576,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("{id:length(36)}")] public async Task> Put([FromBody] PlacementAppointmentEditRequest req, Guid id) { + var action = "UPDATE"; + var system = "SYS_PROMOTION_OFFICER"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.PlacementAppointments .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -608,6 +630,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpDelete("{id:length(36)}")] public async Task> Delete(Guid id) { + var action = "DELETE"; + var system = "SYS_PROMOTION_OFFICER"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var deleted = await _context.PlacementAppointments.AsQueryable() .Include(x => x.PlacementAppointmentDocs) .ThenInclude(x => x.Document) @@ -644,6 +675,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("report")] public async Task> PostToReport([FromBody] PlacementProfileRequest req) { + var action = "CREATE"; + var system = "SYS_PROMOTION_OFFICER"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); foreach (var item in req.Id) { var uppdated = await _context.PlacementAppointments diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentEmployeeController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentEmployeeController.cs index c034240b..a8d102a6 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentEmployeeController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementAppointmentEmployeeController.cs @@ -9,6 +9,7 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Newtonsoft.Json; +using Newtonsoft.Json.Linq; using Swashbuckle.AspNetCore.Annotations; using System.Net.Http.Headers; using System.Security.Claims; @@ -29,13 +30,15 @@ namespace BMA.EHR.Placement.Service.Controllers private readonly MinIOService _documentService; private readonly IHttpContextAccessor _httpContextAccessor; private readonly IConfiguration _configuration; + private readonly PermissionRepository _permission; public PlacementAppointmentEmployeeController(PlacementRepository repository, NotificationRepository repositoryNoti, ApplicationDBContext context, MinIOService documentService, IHttpContextAccessor httpContextAccessor, - IConfiguration configuration) + IConfiguration configuration, + PermissionRepository permission) { _repository = repository; _repositoryNoti = repositoryNoti; @@ -43,6 +46,7 @@ namespace BMA.EHR.Placement.Service.Controllers _documentService = documentService; _httpContextAccessor = httpContextAccessor; _configuration = configuration; + _permission = permission; } #region " Properties " @@ -352,6 +356,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost()] public async Task> Post([FromForm] PlacementAddProfileRequest req) { + //var action = "CREATE"; + //var system = "SYS_PROMOTION_EMP"; + //var getPermission = await _permission.GetPermissionAPIAsync(action, system); + //var jsonData = JsonConvert.DeserializeObject(getPermission); + //if (jsonData["status"]?.ToString() != "200") + //{ + // return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + //} + //var attrPrivilege = jsonData["result"]?.ToString(); var placementAppointment = new PlacementAppointment { // Profile = profile, @@ -560,6 +573,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("{id:length(36)}")] public async Task> Put([FromBody] PlacementAppointmentEditRequest req, Guid id) { + var action = "UPDATE"; + var system = "SYS_PROMOTION_EMP"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.PlacementAppointments .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -594,6 +616,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpDelete("{id:length(36)}")] public async Task> Delete(Guid id) { + var action = "DELETE"; + var system = "SYS_PROMOTION_EMP"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var deleted = await _context.PlacementAppointments.AsQueryable() .Include(x => x.PlacementAppointmentDocs) .ThenInclude(x => x.Document) @@ -630,6 +661,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost("report")] public async Task> PostToReport([FromBody] PlacementProfileRequest req) { + var action = "CREATE"; + var system = "SYS_PROMOTION_EMP"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); foreach (var item in req.Id) { var uppdated = await _context.PlacementAppointments diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementController.cs index 9491fbda..70b9b741 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementController.cs @@ -16,6 +16,7 @@ using System.Security.Cryptography; using Microsoft.Extensions.Configuration; using System.Net.Http.Headers; using Newtonsoft.Json; +using Newtonsoft.Json.Linq; namespace BMA.EHR.Placement.Service.Controllers { @@ -33,13 +34,15 @@ namespace BMA.EHR.Placement.Service.Controllers private readonly MinIOService _documentService; private readonly IHttpContextAccessor _httpContextAccessor; private readonly IConfiguration _configuration; + private readonly PermissionRepository _permission; public PlacementController(PlacementRepository repository, NotificationRepository repositoryNoti, ApplicationDBContext context, MinIOService documentService, IHttpContextAccessor httpContextAccessor, - IConfiguration configuration) + IConfiguration configuration, + PermissionRepository permission) { _repository = repository; _repositoryNoti = repositoryNoti; @@ -47,6 +50,7 @@ namespace BMA.EHR.Placement.Service.Controllers _documentService = documentService; _httpContextAccessor = httpContextAccessor; _configuration = configuration; + _permission = permission; } #region " Properties " @@ -625,6 +629,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost("pass/deferment"), DisableRequestSizeLimit] public async Task> UpdatePersonDeferment([FromForm] PersonDefermentRequest req) { + var action = "CREATE"; + var system = "SYS_PLACEMENT_PASS"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var person = await _context.PlacementProfiles.FindAsync(Request.Form.ContainsKey("personalId") ? Guid.Parse(Request.Form["personalId"]) : Guid.Parse("00000000-0000-0000-0000-000000000000")); if (person == null) return Error(GlobalMessages.DataNotFound, 404); @@ -651,6 +664,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost("pass/disclaim")] public async Task> UpdatePersonDisclaim([FromBody] PersonDisclaimRequest req) { + var action = "CREATE"; + var system = "SYS_PLACEMENT_PASS"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var person = await _context.PlacementProfiles .Include(x => x.OrganizationPosition) .Include(x => x.PositionNumber) @@ -1132,6 +1154,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("position/{personalId:length(36)}")] public async Task> UpdatePositionDraft([FromBody] List items, Guid personalId) { + var action = "UPDATE"; + var system = "SYS_PLACEMENT_PASS"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var placement = await _context.Placements .FirstOrDefaultAsync(x => x.Id == personalId); if (placement == null) @@ -1217,6 +1248,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("date/update/{personalId:length(36)}")] public async Task> UpdateDateDraft([FromBody] PersonDateRequest req, Guid personalId) { + var action = "UPDATE"; + var system = "SYS_PLACEMENT_PASS"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var profile = await _context.PlacementProfiles .FirstOrDefaultAsync(x => x.Id == personalId); if (profile == null) diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs index 864a821a..def6a528 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs @@ -9,6 +9,7 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Newtonsoft.Json; +using Newtonsoft.Json.Linq; using Swashbuckle.AspNetCore.Annotations; using System.Net.Http.Headers; using System.Security.Claims; @@ -29,13 +30,15 @@ namespace BMA.EHR.Placement.Service.Controllers private readonly MinIOService _documentService; private readonly IHttpContextAccessor _httpContextAccessor; private readonly IConfiguration _configuration; + private readonly PermissionRepository _permission; public PlacementOfficerController(PlacementRepository repository, NotificationRepository repositoryNoti, ApplicationDBContext context, MinIOService documentService, IHttpContextAccessor httpContextAccessor, - IConfiguration configuration) + IConfiguration configuration, + PermissionRepository permission) { _repository = repository; _repositoryNoti = repositoryNoti; @@ -43,6 +46,7 @@ namespace BMA.EHR.Placement.Service.Controllers _documentService = documentService; _httpContextAccessor = httpContextAccessor; _configuration = configuration; + _permission = permission; } #region " Properties " @@ -333,6 +337,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost()] public async Task> Post([FromForm] PlacementAddProfileRequest req) { + //var action = "CREATE"; + //var system = "SYS_TEMPDUTY"; + //var getPermission = await _permission.GetPermissionAPIAsync(action, system); + //var jsonData = JsonConvert.DeserializeObject(getPermission); + //if (jsonData["status"]?.ToString() != "200") + //{ + // return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + //} + //var attrPrivilege = jsonData["result"]?.ToString(); var placementOfficer = new PlacementOfficer { Organization = Request.Form.ContainsKey("Organization") ? Request.Form["Organization"] : "", @@ -413,6 +426,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("{id:length(36)}")] public async Task> Put([FromBody] PlacementOfficerEditRequest req, Guid id) { + var action = "UPDATE"; + var system = "SYS_TEMPDUTY"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.PlacementOfficers .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -474,6 +496,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpDelete("{id:length(36)}")] public async Task> Delete(Guid id) { + var action = "DELETE"; + var system = "SYS_TEMPDUTY"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var deleted = await _context.PlacementOfficers.AsQueryable() .FirstOrDefaultAsync(x => x.Id == id); if (deleted == null) @@ -495,6 +526,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost("report")] public async Task> PostToReport([FromBody] PlacementProfileRequest req) { + var action = "CREATE"; + var system = "SYS_TEMPDUTY"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); foreach (var item in req.Id) { var uppdated = await _context.PlacementOfficers diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementReceiveController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementReceiveController.cs index 09c2c84d..bc51b4a9 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementReceiveController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementReceiveController.cs @@ -9,6 +9,7 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Newtonsoft.Json; +using Newtonsoft.Json.Linq; using Swashbuckle.AspNetCore.Annotations; using System.Net.Http.Headers; using System.Security.Claims; @@ -29,13 +30,15 @@ namespace BMA.EHR.Placement.Service.Controllers private readonly MinIOService _documentService; private readonly IHttpContextAccessor _httpContextAccessor; private readonly IConfiguration _configuration; + private readonly PermissionRepository _permission; public PlacementReceiveController(PlacementRepository repository, NotificationRepository repositoryNoti, ApplicationDBContext context, MinIOService documentService, IHttpContextAccessor httpContextAccessor, - IConfiguration configuration) + IConfiguration configuration, + PermissionRepository permiss) { _repository = repository; _repositoryNoti = repositoryNoti; @@ -43,6 +46,7 @@ namespace BMA.EHR.Placement.Service.Controllers _documentService = documentService; _httpContextAccessor = httpContextAccessor; _configuration = configuration; + _permission = permiss; } #region " Properties " @@ -397,6 +401,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost()] public async Task> Post([FromForm] PlacementReceiveRequest req) { + var action = "CREATE"; + var system = "SYS_TRANSFER_RECEIVE"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var placementReceive = new PlacementReceive { // Profile = profile, @@ -541,6 +554,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("upload/{id:length(36)}")] public async Task> PostFile([FromForm] PlacementFileRequest req, Guid id) { + var action = "UPDATE"; + var system = "SYS_TRANSFER_RECEIVE"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.PlacementReceives .Include(x => x.PlacementReceiveDocs) .ThenInclude(x => x.Document) @@ -678,6 +700,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("{id:length(36)}")] public async Task> Put([FromBody] PlacementReceiveEditRequest req, Guid id) { + var action = "UPDATE"; + var system = "SYS_TRANSFER_RECEIVE"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.PlacementReceives .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -758,6 +789,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpDelete("{id:length(36)}")] public async Task> Delete(Guid id) { + var action = "DELETE"; + var system = "SYS_TRANSFER_RECEIVE"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var deleted = await _context.PlacementReceives.AsQueryable() .Include(x => x.PlacementReceiveDocs) .ThenInclude(x => x.Document) @@ -794,6 +834,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost("report")] public async Task> PostToReport([FromBody] PlacementProfileRequest req) { + var action = "CREATE"; + var system = "SYS_TRANSFER_RECEIVE"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); foreach (var item in req.Id) { var uppdated = await _context.PlacementReceives diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementRepatriationController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementRepatriationController.cs index 9012d1f2..df6d55bb 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementRepatriationController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementRepatriationController.cs @@ -9,7 +9,9 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Newtonsoft.Json; +using Newtonsoft.Json.Linq; using Swashbuckle.AspNetCore.Annotations; +using System; using System.Net.Http.Headers; using System.Security.Claims; @@ -29,13 +31,15 @@ namespace BMA.EHR.Placement.Service.Controllers private readonly MinIOService _documentService; private readonly IHttpContextAccessor _httpContextAccessor; private readonly IConfiguration _configuration; + private readonly PermissionRepository _permission; public PlacementRepatriationController(PlacementRepository repository, NotificationRepository repositoryNoti, ApplicationDBContext context, MinIOService documentService, IHttpContextAccessor httpContextAccessor, - IConfiguration configuration) + IConfiguration configuration, + PermissionRepository permiss) { _repository = repository; _repositoryNoti = repositoryNoti; @@ -43,6 +47,7 @@ namespace BMA.EHR.Placement.Service.Controllers _documentService = documentService; _httpContextAccessor = httpContextAccessor; _configuration = configuration; + _permission = permiss; } #region " Properties " @@ -213,6 +218,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost()] public async Task> Post([FromForm] PlacementAddProfileRequest req) { + //var action = "CREATE"; + //var system = "SYS_TEMPDUTY2"; + //var getPermission = await _permission.GetPermissionAPIAsync(action, system); + //var jsonData = JsonConvert.DeserializeObject(getPermission); + //if (jsonData["status"]?.ToString() != "200") + //{ + // return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + //} + //var attrPrivilege = jsonData["result"]?.ToString(); var placementRepatriation = new PlacementRepatriation { Organization = Request.Form.ContainsKey("Organization") ? Request.Form["Organization"] : "", @@ -293,6 +307,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("{id:length(36)}")] public async Task> Put([FromBody] PlacementRepatriationEditRequest req, Guid id) { + var action = "UPDATE"; + var system = "SYS_TEMPDUTY2"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.PlacementRepatriations .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -353,6 +376,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpDelete("{id:length(36)}")] public async Task> Delete(Guid id) { + var action = "DELETE"; + var system = "SYS_TEMPDUTY2"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var deleted = await _context.PlacementRepatriations.AsQueryable() .FirstOrDefaultAsync(x => x.Id == id); if (deleted == null) @@ -374,6 +406,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost("report")] public async Task> PostToReport([FromBody] PlacementProfileRequest req) { + var action = "CREATE"; + var system = "SYS_TEMPDUTY2"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); foreach (var item in req.Id) { var uppdated = await _context.PlacementRepatriations diff --git a/BMA.EHR.Placement.Service/Controllers/PlacementTransferController.cs b/BMA.EHR.Placement.Service/Controllers/PlacementTransferController.cs index 173a760f..1a1a7fdc 100644 --- a/BMA.EHR.Placement.Service/Controllers/PlacementTransferController.cs +++ b/BMA.EHR.Placement.Service/Controllers/PlacementTransferController.cs @@ -12,6 +12,8 @@ using Newtonsoft.Json; using Swashbuckle.AspNetCore.Annotations; using System.Net.Http.Headers; using System.Security.Claims; +using Newtonsoft.Json; +using Newtonsoft.Json.Linq; namespace BMA.EHR.Placement.Service.Controllers { @@ -29,13 +31,15 @@ namespace BMA.EHR.Placement.Service.Controllers private readonly MinIOService _documentService; private readonly IHttpContextAccessor _httpContextAccessor; private readonly IConfiguration _configuration; + private readonly PermissionRepository _permission; public PlacementTransferController(PlacementRepository repository, NotificationRepository repositoryNoti, ApplicationDBContext context, MinIOService documentService, IHttpContextAccessor httpContextAccessor, - IConfiguration configuration) + IConfiguration configuration, + PermissionRepository permission) { _repository = repository; _repositoryNoti = repositoryNoti; @@ -43,6 +47,7 @@ namespace BMA.EHR.Placement.Service.Controllers _documentService = documentService; _httpContextAccessor = httpContextAccessor; _configuration = configuration; + _permission = permission; } #region " Properties " @@ -562,6 +567,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPut("{id:length(36)}")] public async Task> Put([FromBody] PlacementTransferEditRequest req, Guid id) { + var action = "UPDATE"; + var system = "SYS_TRANSFER_REQ"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.PlacementTransfers .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -671,6 +685,15 @@ namespace BMA.EHR.Placement.Service.Controllers [HttpPost("report")] public async Task> PostToReport([FromBody] PlacementProfileRequest req) { + var action = "CREATE"; + var system = "SYS_TRANSFER_REQ"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); foreach (var item in req.Id) { var uppdated = await _context.PlacementTransfers diff --git a/BMA.EHR.Retirement.Service/Controllers/RetirementOtherController.cs b/BMA.EHR.Retirement.Service/Controllers/RetirementOtherController.cs index 75ea7007..8314994e 100644 --- a/BMA.EHR.Retirement.Service/Controllers/RetirementOtherController.cs +++ b/BMA.EHR.Retirement.Service/Controllers/RetirementOtherController.cs @@ -9,6 +9,7 @@ using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Newtonsoft.Json; +using Newtonsoft.Json.Linq; using Swashbuckle.AspNetCore.Annotations; using System.Net.Http.Headers; using System.Security.Claims; @@ -29,13 +30,15 @@ namespace BMA.EHR.Retirement.Service.Controllers private readonly MinIOService _documentService; private readonly IHttpContextAccessor _httpContextAccessor; private readonly IConfiguration _configuration; + private readonly PermissionRepository _permission; public RetirementOtherController(RetirementRepository repository, NotificationRepository repositoryNoti, ApplicationDBContext context, MinIOService documentService, IHttpContextAccessor httpContextAccessor, - IConfiguration configuration) + IConfiguration configuration, + PermissionRepository permission) { _repository = repository; _repositoryNoti = repositoryNoti; @@ -43,6 +46,7 @@ namespace BMA.EHR.Retirement.Service.Controllers _documentService = documentService; _httpContextAccessor = httpContextAccessor; _configuration = configuration; + _permission = permission; } #region " Properties " @@ -269,6 +273,15 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPost()] public async Task> Post([FromForm] RetirementAddProfileRequest req) { + var action = "CREATE"; + var system = "SYS_PLACEMENT_OTHER"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var retirementOther = new RetirementOther { // Profile = profile, @@ -481,6 +494,15 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpPut("{id:length(36)}")] public async Task> Put([FromBody] RetirementOtherEditRequest req, Guid id) { + var action = "UPDATE"; + var system = "SYS_PLACEMENT_OTHER"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var uppdated = await _context.RetirementOthers .FirstOrDefaultAsync(x => x.Id == id); if (uppdated == null) @@ -515,6 +537,15 @@ namespace BMA.EHR.Retirement.Service.Controllers [HttpDelete("{id:length(36)}")] public async Task> Delete(Guid id) { + var action = "DELETE"; + var system = "SYS_PLACEMENT_OTHER"; + var getPermission = await _permission.GetPermissionAPIAsync(action, system); + var jsonData = JsonConvert.DeserializeObject(getPermission); + if (jsonData["status"]?.ToString() != "200") + { + return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden); + } + var attrPrivilege = jsonData["result"]?.ToString(); var deleted = await _context.RetirementOthers.AsQueryable() .Include(x => x.RetirementOtherDocs) .ThenInclude(x => x.Document)