hrms-api-backend/BMA.EHR.Leave/Controllers/LeaveBeginningController.cs

using BMA.EHR.Application.Repositories;
using BMA.EHR.Application.Repositories.Leaves.LeaveRequests;
using BMA.EHR.Domain.Common;
using BMA.EHR.Domain.Models.Leave.Requests;
using BMA.EHR.Infrastructure.Persistence;
using BMA.EHR.Leave.Service.DTOs.LeaveBeginnings;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Newtonsoft.Json;
using Newtonsoft.Json.Linq;
using Swashbuckle.AspNetCore.Annotations;
using System.Security.Claims;

namespace BMA.EHR.Leave.Service.Controllers
{
    [Route("api/v{version:apiVersion}/leave-beginning")]
    [ApiVersion("1.0")]
    [ApiController]
    [Produces("application/json")]
    [Authorize]
    [SwaggerTag("API ระบบลงเวลาและการลา (ข้อมูลวันลายกมาและใช้ไป)")]
    public class LeaveBeginningController : BaseController
    {
        #region " Fields "

        private readonly LeaveBeginningRepository _leaveBeginningRepository;
        private readonly LeaveDbContext _context;
        private readonly IHttpContextAccessor _httpContextAccessor;
        private readonly IWebHostEnvironment _hostingEnvironment;
        private readonly IConfiguration _configuration;
        private readonly UserProfileRepository _userProfileRepository;
        private readonly PermissionRepository _permission;

        #endregion

        #region " Constuctor and Destructor "

        public LeaveBeginningController(LeaveBeginningRepository leaveBeginningRepository,
                                LeaveDbContext context,
                                IHttpContextAccessor httpContextAccessor,
                                IWebHostEnvironment hostingEnvironment,
                                IConfiguration configuration,
                                UserProfileRepository userProfileRepository,
                                PermissionRepository permission)
        {
            _leaveBeginningRepository = leaveBeginningRepository;
            _context = context;
            _httpContextAccessor = httpContextAccessor;
            _hostingEnvironment = hostingEnvironment;
            _configuration = configuration;
            _userProfileRepository = userProfileRepository;
            _permission = permission;
        }

        #endregion

        #region " Properties "

        private string? UserId => _httpContextAccessor?.HttpContext?.User?.FindFirst(ClaimTypes.NameIdentifier)?.Value;

        private string? FullName => _httpContextAccessor?.HttpContext?.User?.FindFirst("name")?.Value;

        private bool? PlacementAdmin => _httpContextAccessor?.HttpContext?.User?.IsInRole("placement1");

        private string? AccessToken => _httpContextAccessor?.HttpContext?.Request.Headers["Authorization"];

        private Guid OcId
        {
            get
            {
                if (UserId != null || UserId != "")
                    return _userProfileRepository.GetUserOCId(Guid.Parse(UserId!), AccessToken);
                else
                    return Guid.Empty;
            }
        }

        #endregion

        #region " Methods "

        /// <summary>
        /// แสดงรายการ
        /// </summary>
        /// <returns>
        /// </returns>
        /// <response code="200">เมื่อทำรายการสำเร็จ</response>
        /// <response code="401">ไม่ได้ Login เข้าระบบ</response>
        /// <response code="500">เมื่อเกิดข้อผิดพลาดในการทำงาน</response>
        [HttpPost("list")]
        [ProducesResponseType(StatusCodes.Status200OK)]
        [ProducesResponseType(StatusCodes.Status401Unauthorized)]
        [ProducesResponseType(StatusCodes.Status500InternalServerError)]
        public async Task<ActionResult<ResponseObject>> GetListAsync([FromBody] GetLeaveBeginningDto req)
        {
            try
            {
                var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_LEAVE_LIST");
                var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
                if (jsonData["status"]?.ToString() != "200")
                {
                    return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
                }

                var result = await _leaveBeginningRepository.GetAllByYearAsync(req.Year);

                if (req.Type != Guid.Empty)
                    result = result.Where(x => x.LeaveTypeId == req.Type).ToList();

                if (req.Keyword != "")
                    result = result.Where(x => x.FirstName!.Contains(req.Keyword) || x.LastName!.Contains(req.Keyword)).ToList();

                var pageResult = result.Skip((req.Page - 1) * req.PageSize).Take(req.PageSize).ToList();
                return Success(new { data = pageResult, total = result.Count });
            }
            catch (Exception ex)
            {
                return Error(ex);
            }
        }

        /// <summary>
        /// ลบรายการ
        /// </summary>
        /// <returns>
        /// </returns>
        /// <response code="200">เมื่อทำรายการสำเร็จ</response>
        /// <response code="401">ไม่ได้ Login เข้าระบบ</response>
        /// <response code="500">เมื่อเกิดข้อผิดพลาดในการทำงาน</response>
        [HttpDelete("{id:guid}")]
        [ProducesResponseType(StatusCodes.Status200OK)]
        [ProducesResponseType(StatusCodes.Status401Unauthorized)]
        [ProducesResponseType(StatusCodes.Status500InternalServerError)]
        public async Task<ActionResult<ResponseObject>> DeleteAsync(Guid id)
        {
            try
            {
                var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "SYS_LEAVE_LIST");
                var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
                if (jsonData["status"]?.ToString() != "200")
                {
                    return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
                }
                var leaveBeginning = await _leaveBeginningRepository.GetByIdAsync(id);
                if (leaveBeginning == null)
                    return Error("ไม่พบข้อมูลที่ต้องการลบ", StatusCodes.Status404NotFound);
                await _leaveBeginningRepository.DeleteAsync(leaveBeginning);
                return Success("ลบข้อมูลสำเร็จ");
            }
            catch (Exception ex)
            {
                return Error(ex);
            }
        }


        /// <summary>
        /// แสดงรายการจาก Id
        /// </summary>
        /// <returns>
        /// </returns>
        /// <response code="200">เมื่อทำรายการสำเร็จ</response>
        /// <response code="401">ไม่ได้ Login เข้าระบบ</response>
        /// <response code="500">เมื่อเกิดข้อผิดพลาดในการทำงาน</response>
        [HttpGet("{id:guid}")]
        public async Task<ActionResult<ResponseObject>> GetByIdAsync(Guid id)
        {
            try
            {
                var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_LEAVE_LIST");
                var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
                if (jsonData["status"]?.ToString() != "200")
                {
                    return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
                }
                var leaveBeginning = _leaveBeginningRepository.GetByIdAsync(id);
                if (leaveBeginning == null)
                    return Error("ไม่พบข้อมูลที่ต้องการลบ", StatusCodes.Status404NotFound);
                return Success(leaveBeginning);
            }
            catch (Exception ex)
            {
                return Error(ex);
            }
        }


        // <summary>
        /// แก้ไขรายการ
        /// </summary>
        /// <returns>
        /// </returns>
        /// <response code="200">เมื่อทำรายการสำเร็จ</response>
        /// <response code="401">ไม่ได้ Login เข้าระบบ</response>
        /// <response code="500">เมื่อเกิดข้อผิดพลาดในการทำงาน</response>
        [HttpPut("{id:guid}")]
        public async Task<ActionResult<ResponseObject>> PutAsync(Guid id, [FromBody] EditLeaveBeginningDto req)
        {
            try
            {
                var userId = UserId == null ? Guid.Empty : Guid.Parse(UserId);

                var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_LEAVE_LIST");
                var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
                if (jsonData["status"]?.ToString() != "200")
                {
                    return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
                }
                var leaveBeginning = await _leaveBeginningRepository.GetByIdAsync(id);
                if (leaveBeginning == null)
                    return Error("ไม่พบข้อมูลที่ต้องการแก้ไข", StatusCodes.Status404NotFound);


                var profile = await _userProfileRepository.GetProfileByProfileIdAsync(req.ProfileId, AccessToken);
                if(profile == null)
                {
                    return Error("ไม่พบข้อมูลข้าราชการหรือลูกจ้าง", StatusCodes.Status404NotFound);    
                }

                leaveBeginning.LeaveTypeId = req.LeaveTypeId;
                leaveBeginning.LeaveYear = req.LeaveYear;
                leaveBeginning.LeaveDays = req.LeaveDays;
                leaveBeginning.LeaveDaysUsed = req.LeaveDaysUsed;

                leaveBeginning.ProfileId = req.ProfileId;
                leaveBeginning.Prefix = profile.Prefix;
                leaveBeginning.FirstName = profile.FirstName;
                leaveBeginning.LastName = profile.LastName;

                leaveBeginning.LastUpdateUserId = userId.ToString("D");
                leaveBeginning.LastUpdateFullName = FullName ?? "";
                leaveBeginning.LastUpdatedAt = DateTime.Now;

                await _leaveBeginningRepository.UpdateAsync(leaveBeginning);
                return Success("แก้ไขข้อมูลสำเร็จ");
            }
            catch (Exception ex)
            {
                return Error(ex);
            }
        }


        /// <summary>
        /// สร้างรายการ
        /// </summary>
        /// <returns>
        /// </returns>
        /// <response code="200">เมื่อทำรายการสำเร็จ</response>
        /// <response code="401">ไม่ได้ Login เข้าระบบ</response>
        /// <response code="500">เมื่อเกิดข้อผิดพลาดในการทำงาน</response>
        [HttpPost()]
        public async Task<ActionResult<ResponseObject>> PostAsync([FromBody] EditLeaveBeginningDto req)
        {
            try
            {
                var userId = UserId == null ? Guid.Empty : Guid.Parse(UserId);
                var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_LEAVE_LIST");
                var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
                if (jsonData["status"]?.ToString() != "200")
                {
                    return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
                }

                var profile = await _userProfileRepository.GetProfileByProfileIdAsync(req.ProfileId, AccessToken);
                if (profile == null)
                {
                    return Error("ไม่พบข้อมูลข้าราชการหรือลูกจ้าง", StatusCodes.Status404NotFound);
                }

                var leaveBeginning = new LeaveBeginning();
                leaveBeginning.LeaveTypeId = req.LeaveTypeId;
                leaveBeginning.LeaveYear = req.LeaveYear;
                leaveBeginning.LeaveDays = req.LeaveDays;
                leaveBeginning.LeaveDaysUsed = req.LeaveDaysUsed;

                leaveBeginning.ProfileId = req.ProfileId;
                leaveBeginning.Prefix = profile.Prefix;
                leaveBeginning.FirstName = profile.FirstName;
                leaveBeginning.LastName = profile.LastName;

                leaveBeginning.CreatedUserId = userId.ToString("D");
                leaveBeginning.CreatedFullName = FullName ?? "";
                leaveBeginning.CreatedAt = DateTime.Now;

                await _leaveBeginningRepository.AddAsync(leaveBeginning);

                return Success();

            }
            catch(Exception ex)
            {
                return Error(ex);
            }
        }


        #endregion
    }
}