From ae15f71a899581a116a720396e77a628303455e3 Mon Sep 17 00:00:00 2001 From: Bright Date: Thu, 8 Aug 2024 14:16:14 +0700 Subject: [PATCH] permission --- src/controllers/StrategyController.ts | 5 ++- src/interfaces/permission.ts | 58 +++++++++++++++++++++++++++ 2 files changed, 62 insertions(+), 1 deletion(-) create mode 100644 src/interfaces/permission.ts diff --git a/src/controllers/StrategyController.ts b/src/controllers/StrategyController.ts index bcaf7ae..c091073 100644 --- a/src/controllers/StrategyController.ts +++ b/src/controllers/StrategyController.ts @@ -44,7 +44,7 @@ import HttpSuccess from "../interfaces/http-success"; import { Check } from "typeorm"; import { addLogSequence, setLogDataDiff } from "../interfaces/utils"; import { RequestWithUser } from "../middlewares/user"; - +import permission from "../interfaces/permission"; @Route("api/v1/development/strategy") @Tags("Strategy") @Security("bearerAuth") @@ -115,6 +115,7 @@ export class StrategyController extends Controller { idnode?: string | null; }, ) { + await new permission().PermissionCreate(request,"SYS_EVA_STRATIGIC"); let strategyRepo: any; let strategyChild: any; let repoSave: any; @@ -225,6 +226,7 @@ export class StrategyController extends Controller { idnode: string; }, ) { + await new permission().PermissionUpdate(request,"SYS_EVA_STRATIGIC"); let strategyRepo: any; let strategyChild: any; @@ -304,6 +306,7 @@ export class StrategyController extends Controller { idnode: string; }, ) { + await new permission().PermissionDelete(request,"SYS_EVA_STRATIGIC"); let strategyRepo: any; let data: any; diff --git a/src/interfaces/permission.ts b/src/interfaces/permission.ts new file mode 100644 index 0000000..74bb1de --- /dev/null +++ b/src/interfaces/permission.ts @@ -0,0 +1,58 @@ +import { + Controller, + Request, + Get, + Post, + Put, + Delete, + Patch, + Route, + Security, + Tags, + Path, +} from "tsoa"; +import axios from "axios"; +import { RequestWithUser } from "../middlewares/user"; +import CallAPI from "./call-api"; +import HttpError from "./http-error"; +import HttpStatus from "./http-status"; + +class CheckAuth { + public async Permission(req: RequestWithUser, system: string, action: string) { + await new CallAPI() + .GetData(req, "/org/permission") + .then((x) => { + let permission = false; + let role = x.roles.find((x: any) => x.authSysId == system); + if (!role) throw "ไม่มีสิทธิ์เข้าระบบ"; + if (action.trim().toLocaleUpperCase() == "CREATE") permission = role.attrIsCreate; + if (action.trim().toLocaleUpperCase() == "DELETE") permission = role.attrIsDelete; + if (action.trim().toLocaleUpperCase() == "GET") permission = role.attrIsGet; + if (action.trim().toLocaleUpperCase() == "LIST") permission = role.attrIsList; + if (action.trim().toLocaleUpperCase() == "UPDATE") permission = role.attrIsUpdate; + if (role.attrOwnership == "OWNER") permission = true; + if (permission == false) throw "ไม่มีสิทธิ์ใช้งานระบบนี้"; + return role.attrPrivilege; + }) + .catch((x) => { + throw new HttpError(HttpStatus.FORBIDDEN, x); + }); + } + public async PermissionCreate(req: RequestWithUser, system: string) { + this.Permission(req, system, "CREATE"); + } + public async PermissionDelete(req: RequestWithUser, system: string) { + this.Permission(req, system, "DELETE"); + } + public async PermissionGet(req: RequestWithUser, system: string) { + this.Permission(req, system, "GET"); + } + public async PermissionList(req: RequestWithUser, system: string) { + this.Permission(req, system, "LIST"); + } + public async PermissionUpdate(req: RequestWithUser, system: string) { + this.Permission(req, system, "UPDATE"); + } +} + +export default CheckAuth;