ผูกสิท

2024-08-22 14:14:35 +07:00 · 2024-08-22 14:14:35 +07:00 · 204984f63e
commit 204984f63e
parent 2a536dcc32
4 changed files with 58 additions and 27 deletions
--- a/src/controllers/DevelopmentHistoryController.ts
+++ b/src/controllers/DevelopmentHistoryController.ts
@ -27,6 +27,7 @@ import { PosType } from "../entities/PosType";
 import { PosLevel } from "../entities/PosLevel";
 import { RequestWithUser } from "../middlewares/user";
 import { addLogSequence, setLogDataDiff } from "../interfaces/utils";
+import permission from "../interfaces/permission";

@Route("api/v1/development/history/officer")
@Tags("DevelopmentOfficerHistory")
@ -44,7 +45,8 @@ export class DevelopmentOfficerHistoryController extends Controller {
   *
   */
  @Get("org/{year}")
-  async GetOrgDevelopemt(@Path() year: number) {
+  async GetOrgDevelopemt(@Request() request: RequestWithUser, @Path() year: number) {
+    await new permission().PermissionList(request, "SYS_DEV_HISTORY_OFFICER");
    const type = "OFFICER";
    const getOrg = await this.developmentHistoryRepository
      .createQueryBuilder("developmentHistory")
@ -76,6 +78,7 @@ export class DevelopmentOfficerHistoryController extends Controller {
    @Body() requestBody: CreateDevelopmentHistory,
    @Request() request: RequestWithUser,
  ) {
+    await new permission().PermissionCreate(request, "SYS_DEV_HISTORY_OFFICER");
    const type = "OFFICER";
    const chk_name = await this.developmentHistoryRepository.find({
      where: {
@ -140,6 +143,7 @@ export class DevelopmentOfficerHistoryController extends Controller {
    @Body() requestBody: UpdateDevelopmentHistory,
    @Request() request: RequestWithUser,
  ) {
+    await new permission().PermissionUpdate(request, "SYS_DEV_HISTORY_OFFICER");
    const type = "OFFICER";
    const development = await this.developmentHistoryRepository.findOne({
      where: { id: id, type: type },
@ -202,6 +206,7 @@ export class DevelopmentOfficerHistoryController extends Controller {
   */
  @Delete("{id}")
  async DeleteDevelopmentHistory(@Path() id: string, @Request() request: RequestWithUser) {
+    await new permission().PermissionDelete(request, "SYS_DEV_HISTORY_OFFICER");
    const type = "OFFICER";
    const development = await this.developmentHistoryRepository.findOne({
      where: { id: id, type: type },
@ -226,6 +231,7 @@ export class DevelopmentOfficerHistoryController extends Controller {
   */
  @Post("filter")
  async GetDevelopmentHistoryLists(
+    @Request() request: RequestWithUser,
    @Body()
    body: {
      page: number;
@ -235,6 +241,7 @@ export class DevelopmentOfficerHistoryController extends Controller {
      root: string | null;
    },
  ) {
+    await new permission().PermissionList(request, "SYS_DEV_HISTORY_OFFICER");
    const type = "OFFICER";
    const [development, total] = await AppDataSource.getRepository(DevelopmentHistory)
      .createQueryBuilder("developmentHistory")
@ -330,7 +337,7 @@ export class DevelopmentOfficerHistoryController extends Controller {
      fullName: item.prefix + item.firstName + " " + item.lastName,
      position: item.position,
      year: item.development.year,
-      root: item.development.root,//test
+      root: item.development.root, //test
      posType: item.posType ? item.posType.posTypeName : null,
      posLevel: item.posLevel ? item.posLevel.posLevelName : null,
      posExecutive: item.posExecutive,
@ -348,7 +355,8 @@ export class DevelopmentOfficerHistoryController extends Controller {
   * @param {string} id  Id โครงการ
   */
  @Get("{id}")
-  async GetDevelopemtHistoryById(@Path() id: string) {
+  async GetDevelopemtHistoryById(@Request() request: RequestWithUser, @Path() id: string) {
+    await new permission().PermissionGet(request, "SYS_DEV_HISTORY_OFFICER");
    const type = "OFFICER";
    const getDevelopment = await this.developmentHistoryRepository.findOne({
      relations: ["development", "posLevel", "posType"],