From 2ff993b8408d96bc5ec793ececd9a25bfc155e68 Mon Sep 17 00:00:00 2001
From: AdisakKanthawilang <adisak@frappet.com>
Date: Fri, 9 Aug 2024 17:08:28 +0700
Subject: [PATCH] role

---
 src/controllers/DevelopmentController.ts      | 37 ++++++++++++++++---
 .../DevelopmentScholarshipController.ts       |  5 +++
 2 files changed, 37 insertions(+), 5 deletions(-)

diff --git a/src/controllers/DevelopmentController.ts b/src/controllers/DevelopmentController.ts
index 843b5a2..bdea190 100644
--- a/src/controllers/DevelopmentController.ts
+++ b/src/controllers/DevelopmentController.ts
@@ -63,6 +63,7 @@ import { addLogSequence, setLogDataDiff } from "../interfaces/utils";
 import { RequestWithUser } from "../middlewares/user";
 import { DevelopmentRisk, UpdateDevelopmentRisk } from "../entities/DevelopmentRisk";
 import { DevelopmentOther, UpdateDevelopmentOther } from "../entities/DevelopmentOther";
+import permission from "../interfaces/permission";
 
 @Route("api/v1/development/main")
 @Tags("Development")
@@ -106,6 +107,7 @@ export class DevelopmentController extends Controller {
     @Body() requestBody: CreateDevelopment,
     @Request() request: RequestWithUser,
   ) {
+    await new permission().PermissionCreate(request, "SYS_DEV_PROJECT");
     const chk_name = await this.developmentRepository.find({
       where: {
         projectName: requestBody.projectName,
@@ -184,6 +186,7 @@ export class DevelopmentController extends Controller {
     //   status: "success",
     //   description: "Get Development.",
     // });
+    await new permission().PermissionUpdate(request, "SYS_DEV_PROJECT");
     const development = await this.developmentRepository.findOne({
       where: { id },
     });
@@ -309,6 +312,7 @@ export class DevelopmentController extends Controller {
     //   status: "success",
     //   description: "Get Development.",
     // });
+    await new permission().PermissionCreate(request, "SYS_DEV_PROJECT");
     const development = await this.developmentRepository.findOne({
       where: { id },
     });
@@ -383,6 +387,7 @@ export class DevelopmentController extends Controller {
     //   status: "success",
     //   description: "Get Development.",
     // });
+    await new permission().PermissionCreate(request, "SYS_DEV_PROJECT");
     const development = await this.developmentRepository.findOne({
       where: { id },
     });
@@ -419,11 +424,7 @@ export class DevelopmentController extends Controller {
     @Body() requestBody: CreateActualGoal,
     @Request() request: RequestWithUser,
   ) {
-    // addLogSequence(request, {
-    //   action: "database",
-    //   status: "success",
-    //   description: "Get Development.",
-    // });
+    await new permission().PermissionCreate(request, "SYS_DEV_PROJECT");
     const development = await this.developmentRepository.findOne({
       where: { id },
     });
@@ -491,6 +492,7 @@ export class DevelopmentController extends Controller {
     //   status: "success",
     //   description: "Get Development.",
     // });
+    await new permission().PermissionUpdate(request, "SYS_DEV_PROJECT");
     const development = await this.developmentRepository.findOne({
       where: { id },
     });
@@ -532,6 +534,7 @@ export class DevelopmentController extends Controller {
     //   status: "success",
     //   description: "Get Development.",
     // });
+    await new permission().PermissionUpdate(request, "SYS_DEV_PROJECT");
     const development = await this.plannedGoalRepository.findOne({
       where: { id },
       relations: {
@@ -619,6 +622,7 @@ export class DevelopmentController extends Controller {
     //   status: "success",
     //   description: "Get Development.",
     // });
+    await new permission().PermissionUpdate(request, "SYS_DEV_PROJECT");
     const development = await this.plannedPeopleRepository.findOne({
       where: { id },
     });
@@ -657,6 +661,7 @@ export class DevelopmentController extends Controller {
     //   status: "success",
     //   description: "Get Development.",
     // });
+    await new permission().PermissionUpdate(request, "SYS_DEV_PROJECT");
     const development = await this.actualGoalRepository.findOne({
       where: { id },
     });
@@ -721,6 +726,7 @@ export class DevelopmentController extends Controller {
     //   status: "success",
     //   description: "Get Development.",
     // });
+    await new permission().PermissionUpdate(request, "SYS_DEV_PROJECT");
     const development = await this.actualPeopleRepository.findOne({
       where: { id },
     });
@@ -755,6 +761,7 @@ export class DevelopmentController extends Controller {
     //   status: "success",
     //   description: "Get Development.",
     // });
+    await new permission().PermissionDelete(request, "SYS_DEV_PROJECT");
     const development = await this.plannedGoalRepository.findOne({
       where: { id },
     });
@@ -793,6 +800,7 @@ export class DevelopmentController extends Controller {
     //   status: "success",
     //   description: "Get Development.",
     // });
+    await new permission().PermissionDelete(request, "SYS_DEV_PROJECT");
     const development = await this.plannedPeopleRepository.findOne({
       where: { id },
     });
@@ -822,6 +830,7 @@ export class DevelopmentController extends Controller {
     //   status: "success",
     //   description: "Get Development.",
     // });
+    await new permission().PermissionDelete(request, "SYS_DEV_PROJECT");
     const development = await this.actualGoalRepository.findOne({
       where: { id },
     });
@@ -851,6 +860,7 @@ export class DevelopmentController extends Controller {
     //   status: "success",
     //   description: "Get Development.",
     // });
+    await new permission().PermissionDelete(request, "SYS_DEV_PROJECT");
     const development = await this.actualPeopleRepository.findOne({
       where: { id },
     });
@@ -879,6 +889,7 @@ export class DevelopmentController extends Controller {
     @Body() requestBody: UpdateDevelopment3,
     @Request() request: RequestWithUser,
   ) {
+    await new permission().PermissionUpdate(request, "SYS_DEV_PROJECT");
     const development = await this.developmentRepository.findOne({
       where: { id },
       relations: {
@@ -1218,6 +1229,7 @@ export class DevelopmentController extends Controller {
     @Body() requestBody: UpdateDevelopment4,
     @Request() request: RequestWithUser,
   ) {
+    await new permission().PermissionUpdate(request, "SYS_DEV_PROJECT");
     const development = await this.developmentRepository.findOne({
       where: { id },
     });
@@ -1246,6 +1258,7 @@ export class DevelopmentController extends Controller {
     @Body() requestBody: CreateDevelopmentEvaluation,
     @Request() request: RequestWithUser,
   ) {
+    await new permission().PermissionCreate(request, "SYS_DEV_PROJECT");
     const development = await this.developmentRepository.findOne({
       where: { id },
     });
@@ -1282,6 +1295,7 @@ export class DevelopmentController extends Controller {
     //   status: "success",
     //   description: "Get Development Evaluation By ID.",
     // });
+    await new permission().PermissionDelete(request, "SYS_DEV_PROJECT");
     const development = await this.developmentEvaluationRepository.findOne({
       where: { id },
     });
@@ -1310,6 +1324,7 @@ export class DevelopmentController extends Controller {
     @Body() requestBody: CreateDevelopmentEvaluation,
     @Request() request: RequestWithUser,
   ) {
+    await new permission().PermissionUpdate(request, "SYS_DEV_PROJECT");
     const development = await this.developmentEvaluationRepository.findOne({
       where: { id },
     });
@@ -1341,6 +1356,7 @@ export class DevelopmentController extends Controller {
     @Body() requestBody: UpdateDevelopment5,
     @Request() request: RequestWithUser,
   ) {
+    await new permission().PermissionUpdate(request, "SYS_DEV_PROJECT");
     const development = await this.developmentRepository.findOne({
       where: { id },
       relations: { developmentAddresss: true },
@@ -1367,6 +1383,7 @@ export class DevelopmentController extends Controller {
     @Body() requestBody: UpdateDevelopmentOther,
     @Request() request: RequestWithUser,
   ) {
+    await new permission().PermissionCreate(request, "SYS_DEV_PROJECT");
     const development = await this.developmentRepository.findOne({
       where: { id },
     });
@@ -1402,6 +1419,7 @@ export class DevelopmentController extends Controller {
    */
   @Delete("tab5_1/{id}")
   async DeleteDevelopmenttab5_1(@Path() id: string, @Request() request: RequestWithUser) {
+    await new permission().PermissionDelete(request, "SYS_DEV_PROJECT");
     const development = await this.developmentOtherRepository.findOne({
       where: { id },
     });
@@ -1425,6 +1443,7 @@ export class DevelopmentController extends Controller {
     @Body() requestBody: UpdateDevelopmentOther,
     @Request() request: RequestWithUser,
   ) {
+    await new permission().PermissionUpdate(request, "SYS_DEV_PROJECT");
     const development = await this.developmentOtherRepository.findOne({
       where: { id },
     });
@@ -1452,6 +1471,7 @@ export class DevelopmentController extends Controller {
     @Body() requestBody: UpdateDevelopment7,
     @Request() request: RequestWithUser,
   ) {
+    await new permission().PermissionUpdate(request, "SYS_DEV_PROJECT");
     const development = await this.developmentRepository.findOne({
       where: { id },
       relations: { developmentAddresss: true },
@@ -1532,6 +1552,7 @@ export class DevelopmentController extends Controller {
     @Body() requestBody: UpdateDevelopment8,
     @Request() request: RequestWithUser,
   ) {
+    await new permission().PermissionUpdate(request, "SYS_DEV_PROJECT");
     const development = await this.developmentRepository.findOne({
       where: { id },
       relations: { developmentAddresss: true },
@@ -1558,6 +1579,7 @@ export class DevelopmentController extends Controller {
     @Body() requestBody: UpdateDevelopmentRisk,
     @Request() request: RequestWithUser,
   ) {
+    await new permission().PermissionCreate(request, "SYS_DEV_PROJECT");
     const development = await this.developmentRepository.findOne({
       where: { id },
     });
@@ -1585,6 +1607,7 @@ export class DevelopmentController extends Controller {
    */
   @Delete("tab8_1/{id}")
   async DeleteDevelopmenttab8_1(@Path() id: string, @Request() request: RequestWithUser) {
+    await new permission().PermissionDelete(request, "SYS_DEV_PROJECT");
     const development = await this.developmentRiskRepository.findOne({
       where: { id },
     });
@@ -1608,6 +1631,7 @@ export class DevelopmentController extends Controller {
     @Body() requestBody: UpdateDevelopmentRisk,
     @Request() request: RequestWithUser,
   ) {
+    await new permission().PermissionUpdate(request, "SYS_DEV_PROJECT");
     const development = await this.developmentRiskRepository.findOne({
       where: { id },
     });
@@ -1703,6 +1727,7 @@ export class DevelopmentController extends Controller {
    */
   @Delete("{id}")
   async DeleteDevelopment(@Path() id: string, @Request() request: RequestWithUser) {
+    await new permission().PermissionDelete(request, "SYS_DEV_PROJECT");
     const development = await this.developmentRepository.findOne({
       where: { id },
       relations: {
@@ -2411,6 +2436,7 @@ export class DevelopmentController extends Controller {
     @UploadedFile() file: Express.Multer.File,
     @Request() request: RequestWithUser,
   ) {
+    await new permission().PermissionCreate(request, "SYS_DEV_PROJECT");
     const getDevelopment = await this.developmentRepository.findOne({
       where: { id: id },
       relations: {
@@ -2639,6 +2665,7 @@ export class DevelopmentController extends Controller {
     @Body() requestBody: CreateDevelopmentHistoryOBO,
     @Request() request: RequestWithUser,
   ) {
+    await new permission().PermissionCreate(request, "SYS_DEV_PROJECT");
     const getDevelopment = await this.developmentRepository.findOne({
       where: { id: id },
       relations: {
diff --git a/src/controllers/DevelopmentScholarshipController.ts b/src/controllers/DevelopmentScholarshipController.ts
index 16fd798..8659f75 100644
--- a/src/controllers/DevelopmentScholarshipController.ts
+++ b/src/controllers/DevelopmentScholarshipController.ts
@@ -29,6 +29,7 @@ import CallAPI from "../interfaces/call-api";
 import { RequestWithUser } from "../middlewares/user";
 import { addLogSequence, setLogDataDiff } from "../interfaces/utils";
 import { request } from "axios";
+import permission from "../interfaces/permission";
 
 @Route("api/v1/development/scholarship")
 @Tags("DevelopmentScholarship")
@@ -49,6 +50,7 @@ export class DevelopmentScholarshipController extends Controller {
     @Body() requestBody: CreateDevelopmentScholarship,
     @Request() request: RequestWithUser,
   ) {
+    await new permission().PermissionCreate(request, "SYS_DEV_SCHOLARSHIP");
     if (requestBody.posTypeId != null) {
       // addLogSequence(request, {
       //   action: "database",
@@ -109,6 +111,7 @@ export class DevelopmentScholarshipController extends Controller {
     //   status: "success",
     //   description: "Get Development Scholarship.",
     // });
+    await new permission().PermissionUpdate(request, "SYS_DEV_SCHOLARSHIP");
     const development = await this.developmentScholarshipRepository.findOne({
       where: { id: id },
     });
@@ -169,6 +172,7 @@ export class DevelopmentScholarshipController extends Controller {
     //   status: "success",
     //   description: "Get Development Scholarship",
     // });
+    await new permission().PermissionDelete(request, "SYS_DEV_SCHOLARSHIP");
     const development = await this.developmentScholarshipRepository.findOne({
       where: { id: id },
     });
@@ -479,6 +483,7 @@ export class DevelopmentScholarshipController extends Controller {
     //   status: "success",
     //   description: "Get Development Scholarship.",
     // });
+    await new permission().PermissionUpdate(request, "SYS_DEV_SCHOLARSHIP");
     const getDevelopment = await this.developmentScholarshipRepository.findOne({
       where: { id: id },
     });