hrms-bangkok/hrms-api-development
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

permission

Browse source
This commit is contained in:
Bright 2024-08-08 14:16:14 +07:00
parent 04344cd4c5
commit ae15f71a89
2 changed files with 62 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
src/controllers/StrategyController.ts
View file

@ -44,7 +44,7 @@ import HttpSuccess from "../interfaces/http-success";
import { Check } from "typeorm";
import { addLogSequence, setLogDataDiff } from "../interfaces/utils";
import { RequestWithUser } from "../middlewares/user";
import permission from "../interfaces/permission";
@Route("api/v1/development/strategy")
@Tags("Strategy")
@Security("bearerAuth")
@ -115,6 +115,7 @@ export class StrategyController extends Controller {
idnode?: string | null;
},
) {
await new permission().PermissionCreate(request,"SYS_EVA_STRATIGIC");
let strategyRepo: any;
let strategyChild: any;
let repoSave: any;
@ -225,6 +226,7 @@ export class StrategyController extends Controller {
idnode: string;
},
) {
await new permission().PermissionUpdate(request,"SYS_EVA_STRATIGIC");
let strategyRepo: any;
let strategyChild: any;
@ -304,6 +306,7 @@ export class StrategyController extends Controller {
idnode: string;
},
) {
await new permission().PermissionDelete(request,"SYS_EVA_STRATIGIC");
let strategyRepo: any;
let data: any;

58
src/interfaces/permission.ts Normal file
View file

@ -0,0 +1,58 @@
import {
Controller,
Request,
Get,
Post,
Put,
Delete,
Patch,
Route,
Security,
Tags,
Path,
} from "tsoa";
import axios from "axios";
import { RequestWithUser } from "../middlewares/user";
import CallAPI from "./call-api";
import HttpError from "./http-error";
import HttpStatus from "./http-status";
class CheckAuth {
public async Permission(req: RequestWithUser, system: string, action: string) {
await new CallAPI()
.GetData(req, "/org/permission")
.then((x) => {
let permission = false;
let role = x.roles.find((x: any) => x.authSysId == system);
if (!role) throw "ไม่มีสิทธิ์เข้าระบบ";
if (action.trim().toLocaleUpperCase() == "CREATE") permission = role.attrIsCreate;
if (action.trim().toLocaleUpperCase() == "DELETE") permission = role.attrIsDelete;
if (action.trim().toLocaleUpperCase() == "GET") permission = role.attrIsGet;
if (action.trim().toLocaleUpperCase() == "LIST") permission = role.attrIsList;
if (action.trim().toLocaleUpperCase() == "UPDATE") permission = role.attrIsUpdate;
if (role.attrOwnership == "OWNER") permission = true;
if (permission == false) throw "ไม่มีสิทธิ์ใช้งานระบบนี้";
return role.attrPrivilege;
})
.catch((x) => {
throw new HttpError(HttpStatus.FORBIDDEN, x);
});
}
public async PermissionCreate(req: RequestWithUser, system: string) {
this.Permission(req, system, "CREATE");
}
public async PermissionDelete(req: RequestWithUser, system: string) {
this.Permission(req, system, "DELETE");
}
public async PermissionGet(req: RequestWithUser, system: string) {
this.Permission(req, system, "GET");
}
public async PermissionList(req: RequestWithUser, system: string) {
this.Permission(req, system, "LIST");
}
public async PermissionUpdate(req: RequestWithUser, system: string) {
this.Permission(req, system, "UPDATE");
}
}
export default CheckAuth;