From aa5e69776e8929b1afa86130da1ade5e9f040351 Mon Sep 17 00:00:00 2001 From: kittapath Date: Tue, 22 Oct 2024 08:21:07 +0700 Subject: [PATCH] check workflow --- src/controllers/DevelopmentController.ts | 28 ++++---- .../DevelopmentEmployeeHistoryController.ts | 3 +- .../DevelopmentHistoryController.ts | 4 +- .../DevelopmentScholarshipController.ts | 5 +- src/controllers/StrategyController.ts | 14 +++- src/interfaces/permission.ts | 64 ++++++++++--------- 6 files changed, 69 insertions(+), 49 deletions(-) diff --git a/src/controllers/DevelopmentController.ts b/src/controllers/DevelopmentController.ts index 154e511..68fa72f 100644 --- a/src/controllers/DevelopmentController.ts +++ b/src/controllers/DevelopmentController.ts @@ -1530,8 +1530,8 @@ export class DevelopmentController extends Controller { */ @Get("tab7/{id}") async GetDevelopemtTab7ById(@Request() request: RequestWithUser, @Path() id: string) { - // await new permission().PermissionGet(request, "SYS_DEV_SCHOLARSHIP"); - await new permission().PermissionGet(request, "SYS_DEV_PROJECT"); + let _workflow = await new permission().Workflow(request, id, "SYS_DEV_PROJECT"); + if (_workflow == false) await new permission().PermissionGet(request, "SYS_DEV_PROJECT"); const getDevelopment = await this.developmentRepository.findOne({ where: { id }, }); @@ -1556,8 +1556,8 @@ export class DevelopmentController extends Controller { */ @Get("tab8/{id}") async GetDevelopemtTab8ById(@Request() request: RequestWithUser, @Path() id: string) { - // await new permission().PermissionGet(request, "SYS_DEV_SCHOLARSHIP"); - await new permission().PermissionGet(request, "SYS_DEV_PROJECT"); + let _workflow = await new permission().Workflow(request, id, "SYS_DEV_PROJECT"); + if (_workflow == false) await new permission().PermissionGet(request, "SYS_DEV_PROJECT"); const getDevelopment = await this.developmentRepository.findOne({ relations: ["developmentRisks"], where: { id: id }, @@ -2005,8 +2005,8 @@ export class DevelopmentController extends Controller { */ @Get("tab1/{id}") async GetDevelopemtTab1ById(@Request() request: RequestWithUser, @Path() id: string) { - // await new permission().PermissionGet(request, "SYS_DEV_SCHOLARSHIP"); - await new permission().PermissionGet(request, "SYS_DEV_PROJECT"); + let _workflow = await new permission().Workflow(request, id, "SYS_DEV_PROJECT"); + if (_workflow == false) await new permission().PermissionGet(request, "SYS_DEV_PROJECT"); const getDevelopment = await this.developmentRepository.findOne({ where: { id: id }, }); @@ -2059,8 +2059,8 @@ export class DevelopmentController extends Controller { */ @Get("tab2/{id}") async GetDevelopemtTab2ById(@Request() request: RequestWithUser, @Path() id: string) { - // await new permission().PermissionGet(request, "SYS_DEV_SCHOLARSHIP"); - await new permission().PermissionGet(request, "SYS_DEV_PROJECT"); + let _workflow = await new permission().Workflow(request, id, "SYS_DEV_PROJECT"); + if (_workflow == false) await new permission().PermissionGet(request, "SYS_DEV_PROJECT"); const getDevelopment = await this.developmentRepository.findOne({ where: { id: id }, relations: [ @@ -2155,8 +2155,8 @@ export class DevelopmentController extends Controller { */ @Get("tab3/{id}") async GetDevelopemtTab3ById(@Request() request: RequestWithUser, @Path() id: string) { - // await new permission().PermissionGet(request, "SYS_DEV_SCHOLARSHIP"); - await new permission().PermissionGet(request, "SYS_DEV_PROJECT"); + let _workflow = await new permission().Workflow(request, id, "SYS_DEV_PROJECT"); + if (_workflow == false) await new permission().PermissionGet(request, "SYS_DEV_PROJECT"); const getDevelopment = await this.developmentRepository.findOne({ where: { id: id }, relations: [ @@ -2274,8 +2274,8 @@ export class DevelopmentController extends Controller { */ @Get("tab4/{id}") async GetDevelopemtTab4ById(@Request() request: RequestWithUser, @Path() id: string) { - // await new permission().PermissionGet(request, "SYS_DEV_SCHOLARSHIP"); - await new permission().PermissionGet(request, "SYS_DEV_PROJECT"); + let _workflow = await new permission().Workflow(request, id, "SYS_DEV_PROJECT"); + if (_workflow == false) await new permission().PermissionGet(request, "SYS_DEV_PROJECT"); const getDevelopment = await this.developmentRepository.findOne({ where: { id: id }, relations: ["developmentEvaluations"], @@ -2308,8 +2308,8 @@ export class DevelopmentController extends Controller { */ @Get("tab5/{id}") async GetDevelopemtTab5ById(@Request() request: RequestWithUser, @Path() id: string) { - // await new permission().PermissionGet(request, "SYS_DEV_SCHOLARSHIP"); - await new permission().PermissionGet(request, "SYS_DEV_PROJECT"); + let _workflow = await new permission().Workflow(request, id, "SYS_DEV_PROJECT"); + if (_workflow == false) await new permission().PermissionGet(request, "SYS_DEV_PROJECT"); const getDevelopment = await this.developmentRepository.findOne({ relations: ["developmentOthers"], where: { id: id }, diff --git a/src/controllers/DevelopmentEmployeeHistoryController.ts b/src/controllers/DevelopmentEmployeeHistoryController.ts index 794a7d7..42e34a1 100644 --- a/src/controllers/DevelopmentEmployeeHistoryController.ts +++ b/src/controllers/DevelopmentEmployeeHistoryController.ts @@ -370,7 +370,8 @@ export class DevelopmentEmployeeHistoryController extends Controller { */ @Get("{id}") async GetDevelopemtHistoryById(@Request() request: RequestWithUser, @Path() id: string) { - await new permission().PermissionGet(request, "SYS_DEV_HISTORY_EMP"); + let _workflow = await new permission().Workflow(request, id, "SYS_DEV_HISTORY_EMP"); + if (_workflow == false) await new permission().PermissionGet(request, "SYS_DEV_HISTORY_EMP"); const type = "EMPLOYEE"; const getDevelopment = await this.developmentHistoryRepository.findOne({ relations: ["development", "employeePosLevel", "employeePosType"], diff --git a/src/controllers/DevelopmentHistoryController.ts b/src/controllers/DevelopmentHistoryController.ts index 8387de4..8f436a5 100644 --- a/src/controllers/DevelopmentHistoryController.ts +++ b/src/controllers/DevelopmentHistoryController.ts @@ -366,7 +366,9 @@ export class DevelopmentOfficerHistoryController extends Controller { */ @Get("{id}") async GetDevelopemtHistoryById(@Request() request: RequestWithUser, @Path() id: string) { - await new permission().PermissionGet(request, "SYS_DEV_HISTORY_OFFICER"); + let _workflow = await new permission().Workflow(request, id, "SYS_DEV_HISTORY_OFFICER"); + if (_workflow == false) + await new permission().PermissionGet(request, "SYS_DEV_HISTORY_OFFICER"); const type = "OFFICER"; const getDevelopment = await this.developmentHistoryRepository.findOne({ relations: ["development", "posLevel", "posType"], diff --git a/src/controllers/DevelopmentScholarshipController.ts b/src/controllers/DevelopmentScholarshipController.ts index e12a503..e92d2ef 100644 --- a/src/controllers/DevelopmentScholarshipController.ts +++ b/src/controllers/DevelopmentScholarshipController.ts @@ -253,7 +253,7 @@ export class DevelopmentScholarshipController extends Controller { */ @Get("{id}") async GetDevelopemtScholarshipById(@Request() request: RequestWithUser, @Path() id: string) { - // await new permission().PermissionGet(request, "SYS_DEV_SCHOLARSHIP");//USER + //await new permission().PermissionGet(request, "SYS_DEV_SCHOLARSHIP"); //USER const getDevelopment = await this.developmentScholarshipRepository.findOne({ relations: ["posLevel", "posType", "posLevelguarantor", "posTypeguarantor"], where: { id: id }, @@ -414,7 +414,8 @@ export class DevelopmentScholarshipController extends Controller { */ @Get("admin/{id}") async GetDevelopemtScholarshipAdminById(@Request() request: RequestWithUser, @Path() id: string) { - await new permission().PermissionGet(request, "SYS_DEV_SCHOLARSHIP"); + let _workflow = await new permission().Workflow(request, id, "SYS_DEV_SCHOLARSHIP"); + if (_workflow == false) await new permission().PermissionGet(request, "SYS_DEV_SCHOLARSHIP"); const getDevelopment = await this.developmentScholarshipRepository.findOne({ relations: ["posLevel", "posType", "posLevelguarantor", "posTypeguarantor"], where: { id: id }, diff --git a/src/controllers/StrategyController.ts b/src/controllers/StrategyController.ts index 066b942..ce1cbd2 100644 --- a/src/controllers/StrategyController.ts +++ b/src/controllers/StrategyController.ts @@ -1,4 +1,16 @@ -import { Body, Controller, Delete, Get, Patch, Path, Post, Request, Route, Security, Tags } from "tsoa"; +import { + Body, + Controller, + Delete, + Get, + Patch, + Path, + Post, + Request, + Route, + Security, + Tags, +} from "tsoa"; import { AppDataSource } from "../database/data-source"; import { StrategyChild1 } from "../entities/StrategyChild1"; import { StrategyChild2 } from "../entities/StrategyChild2"; diff --git a/src/interfaces/permission.ts b/src/interfaces/permission.ts index fb2d669..870d2fe 100644 --- a/src/interfaces/permission.ts +++ b/src/interfaces/permission.ts @@ -53,18 +53,7 @@ class CheckAuth { return await new CallAPI() .GetData(req, `/org/permission/org/${system}/${action}`) .then(async (x) => { - console.log(x); let privilege = x.privilege; - // if (action.trim().toLocaleUpperCase() == "CREATE") - // privilege = await this.PermissionCreate(req, system); - // if (action.trim().toLocaleUpperCase() == "DELETE") - // privilege = await this.PermissionDelete(req, system); - // if (action.trim().toLocaleUpperCase() == "GET") - // privilege = await this.PermissionGet(req, system); - // if (action.trim().toLocaleUpperCase() == "LIST") - // privilege = await this.PermissionList(req, system); - // if (action.trim().toLocaleUpperCase() == "UPDATE") - // privilege = await this.PermissionUpdate(req, system); let data: any = { root: [null], @@ -72,6 +61,7 @@ class CheckAuth { child2: [null], child3: [null], child4: [null], + privilege: [null], }; let node = 4; if (x.orgChild1Id == null) { @@ -83,13 +73,23 @@ class CheckAuth { } else if (x.orgChild4Id == null) { node = 3; } - if (privilege == "ROOT") { + if (privilege == "OWNER") { + data = { + root: null, + child1: null, + child2: null, + child3: null, + child4: null, + privilege: "OWNER", + }; + } else if (privilege == "ROOT") { data = { root: [x.orgRootId], child1: null, child2: null, child3: null, child4: null, + privilege: "ROOT", }; } else if (privilege == "CHILD") { data = { @@ -98,6 +98,7 @@ class CheckAuth { child2: node >= 2 ? [x.orgChild2Id] : null, child3: node >= 3 ? [x.orgChild3Id] : null, child4: node >= 4 ? [x.orgChild4Id] : null, + privilege: "CHILD", }; } else if (privilege == "NORMAL") { data = { @@ -106,16 +107,9 @@ class CheckAuth { child2: [x.orgChild2Id], child3: [x.orgChild3Id], child4: [x.orgChild4Id], + privilege: "NORMAL", }; } else if (privilege == "SPECIFIC") { - } else if (privilege == "OWNER") { - data = { - root: null, - child1: null, - child2: null, - child3: null, - child4: null, - }; } return data; @@ -145,16 +139,6 @@ class CheckAuth { .GetData(req, `/org/permission/user/${system}/${action}/${profileId}`) .then(async (x) => { let org = x.org; - // if (action.trim().toLocaleUpperCase() == "CREATE") - // org = await this.PermissionOrgCreate(req, system); - // if (action.trim().toLocaleUpperCase() == "DELETE") - // org = await this.PermissionOrgDelete(req, system); - // if (action.trim().toLocaleUpperCase() == "GET") - // org = await this.PermissionOrgGet(req, system); - // if (action.trim().toLocaleUpperCase() == "LIST") - // org = await this.PermissionOrgList(req, system); - // if (action.trim().toLocaleUpperCase() == "UPDATE") - // org = await this.PermissionOrgUpdate(req, system); if (org.root != null) if (x.orgRootId != org.root[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล"; if (org.child1 != null) @@ -176,6 +160,26 @@ class CheckAuth { } }); } + public async Workflow(req: RequestWithUser, id: string, sysName: string) { + if ( + req.headers.hasOwnProperty("api_key") && + req.headers["api_key"] && + req.headers["api_key"] == process.env.API_KEY + ) { + return null; + } + return await new CallAPI() + .PostData(req, "/org/workflow/keycloak/isofficer", { + refId: id, + sysName: sysName, + }) + .then((x) => { + return true; + }) + .catch((x) => { + return false; + }); + } public async PermissionCreate(req: RequestWithUser, system: string) { return await this.Permission(req, system, "CREATE"); }