permission บรรจุ แต่งตั้ง ย้าย โอน

2024-08-19 12:05:09 +07:00 · 2024-08-19 12:05:09 +07:00 · f827ed558c
commit f827ed558c
parent 1095c0c81f
8 changed files with 312 additions and 8 deletions
--- a/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs
+++ b/BMA.EHR.Placement.Service/Controllers/PlacementOfficerController.cs
@ -9,6 +9,7 @@ using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;
 using Newtonsoft.Json;
+using Newtonsoft.Json.Linq;
 using Swashbuckle.AspNetCore.Annotations;
 using System.Net.Http.Headers;
 using System.Security.Claims;
@ -29,13 +30,15 @@ namespace BMA.EHR.Placement.Service.Controllers
        private readonly MinIOService _documentService;
        private readonly IHttpContextAccessor _httpContextAccessor;
        private readonly IConfiguration _configuration;
+        private readonly PermissionRepository _permission;

        public PlacementOfficerController(PlacementRepository repository,
                                   NotificationRepository repositoryNoti,
                                   ApplicationDBContext context,
                                   MinIOService documentService,
                                   IHttpContextAccessor httpContextAccessor,
-                                   IConfiguration configuration)
+                                   IConfiguration configuration,
+                                   PermissionRepository permission)
        {
            _repository = repository;
            _repositoryNoti = repositoryNoti;
@ -43,6 +46,7 @@ namespace BMA.EHR.Placement.Service.Controllers
            _documentService = documentService;
            _httpContextAccessor = httpContextAccessor;
            _configuration = configuration;
+            _permission = permission;
        }

        #region " Properties "
@ -333,6 +337,15 @@ namespace BMA.EHR.Placement.Service.Controllers
        [HttpPost()]
        public async Task<ActionResult<ResponseObject>> Post([FromForm] PlacementAddProfileRequest req)
        {
+            //var action = "CREATE";
+            //var system = "SYS_TEMPDUTY";
+            //var getPermission = await _permission.GetPermissionAPIAsync(action, system);
+            //var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
+            //if (jsonData["status"]?.ToString() != "200")
+            //{
+            //    return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
+            //}
+            //var attrPrivilege = jsonData["result"]?.ToString();
            var placementOfficer = new PlacementOfficer
            {
                Organization = Request.Form.ContainsKey("Organization") ? Request.Form["Organization"] : "",
@ -413,6 +426,15 @@ namespace BMA.EHR.Placement.Service.Controllers
        [HttpPut("{id:length(36)}")]
        public async Task<ActionResult<ResponseObject>> Put([FromBody] PlacementOfficerEditRequest req, Guid id)
        {
+            var action = "UPDATE";
+            var system = "SYS_TEMPDUTY";
+            var getPermission = await _permission.GetPermissionAPIAsync(action, system);
+            var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
+            if (jsonData["status"]?.ToString() != "200")
+            {
+                return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
+            }
+            var attrPrivilege = jsonData["result"]?.ToString();
            var uppdated = await _context.PlacementOfficers
                            .FirstOrDefaultAsync(x => x.Id == id);
            if (uppdated == null)
@ -474,6 +496,15 @@ namespace BMA.EHR.Placement.Service.Controllers
        [HttpDelete("{id:length(36)}")]
        public async Task<ActionResult<ResponseObject>> Delete(Guid id)
        {
+            var action = "DELETE";
+            var system = "SYS_TEMPDUTY";
+            var getPermission = await _permission.GetPermissionAPIAsync(action, system);
+            var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
+            if (jsonData["status"]?.ToString() != "200")
+            {
+                return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
+            }
+            var attrPrivilege = jsonData["result"]?.ToString();
            var deleted = await _context.PlacementOfficers.AsQueryable()
                            .FirstOrDefaultAsync(x => x.Id == id);
            if (deleted == null)
@ -495,6 +526,15 @@ namespace BMA.EHR.Placement.Service.Controllers
        [HttpPost("report")]
        public async Task<ActionResult<ResponseObject>> PostToReport([FromBody] PlacementProfileRequest req)
        {
+            var action = "CREATE";
+            var system = "SYS_TEMPDUTY";
+            var getPermission = await _permission.GetPermissionAPIAsync(action, system);
+            var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
+            if (jsonData["status"]?.ToString() != "200")
+            {
+                return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
+            }
+            var attrPrivilege = jsonData["result"]?.ToString();
            foreach (var item in req.Id)
            {
                var uppdated = await _context.PlacementOfficers