permission
This commit is contained in:
parent
04344cd4c5
commit
ae15f71a89
2 changed files with 62 additions and 1 deletions
|
|
@ -44,7 +44,7 @@ import HttpSuccess from "../interfaces/http-success";
|
||||||
import { Check } from "typeorm";
|
import { Check } from "typeorm";
|
||||||
import { addLogSequence, setLogDataDiff } from "../interfaces/utils";
|
import { addLogSequence, setLogDataDiff } from "../interfaces/utils";
|
||||||
import { RequestWithUser } from "../middlewares/user";
|
import { RequestWithUser } from "../middlewares/user";
|
||||||
|
import permission from "../interfaces/permission";
|
||||||
@Route("api/v1/development/strategy")
|
@Route("api/v1/development/strategy")
|
||||||
@Tags("Strategy")
|
@Tags("Strategy")
|
||||||
@Security("bearerAuth")
|
@Security("bearerAuth")
|
||||||
|
|
@ -115,6 +115,7 @@ export class StrategyController extends Controller {
|
||||||
idnode?: string | null;
|
idnode?: string | null;
|
||||||
},
|
},
|
||||||
) {
|
) {
|
||||||
|
await new permission().PermissionCreate(request,"SYS_EVA_STRATIGIC");
|
||||||
let strategyRepo: any;
|
let strategyRepo: any;
|
||||||
let strategyChild: any;
|
let strategyChild: any;
|
||||||
let repoSave: any;
|
let repoSave: any;
|
||||||
|
|
@ -225,6 +226,7 @@ export class StrategyController extends Controller {
|
||||||
idnode: string;
|
idnode: string;
|
||||||
},
|
},
|
||||||
) {
|
) {
|
||||||
|
await new permission().PermissionUpdate(request,"SYS_EVA_STRATIGIC");
|
||||||
let strategyRepo: any;
|
let strategyRepo: any;
|
||||||
let strategyChild: any;
|
let strategyChild: any;
|
||||||
|
|
||||||
|
|
@ -304,6 +306,7 @@ export class StrategyController extends Controller {
|
||||||
idnode: string;
|
idnode: string;
|
||||||
},
|
},
|
||||||
) {
|
) {
|
||||||
|
await new permission().PermissionDelete(request,"SYS_EVA_STRATIGIC");
|
||||||
let strategyRepo: any;
|
let strategyRepo: any;
|
||||||
let data: any;
|
let data: any;
|
||||||
|
|
||||||
|
|
|
||||||
58
src/interfaces/permission.ts
Normal file
58
src/interfaces/permission.ts
Normal file
|
|
@ -0,0 +1,58 @@
|
||||||
|
import {
|
||||||
|
Controller,
|
||||||
|
Request,
|
||||||
|
Get,
|
||||||
|
Post,
|
||||||
|
Put,
|
||||||
|
Delete,
|
||||||
|
Patch,
|
||||||
|
Route,
|
||||||
|
Security,
|
||||||
|
Tags,
|
||||||
|
Path,
|
||||||
|
} from "tsoa";
|
||||||
|
import axios from "axios";
|
||||||
|
import { RequestWithUser } from "../middlewares/user";
|
||||||
|
import CallAPI from "./call-api";
|
||||||
|
import HttpError from "./http-error";
|
||||||
|
import HttpStatus from "./http-status";
|
||||||
|
|
||||||
|
class CheckAuth {
|
||||||
|
public async Permission(req: RequestWithUser, system: string, action: string) {
|
||||||
|
await new CallAPI()
|
||||||
|
.GetData(req, "/org/permission")
|
||||||
|
.then((x) => {
|
||||||
|
let permission = false;
|
||||||
|
let role = x.roles.find((x: any) => x.authSysId == system);
|
||||||
|
if (!role) throw "ไม่มีสิทธิ์เข้าระบบ";
|
||||||
|
if (action.trim().toLocaleUpperCase() == "CREATE") permission = role.attrIsCreate;
|
||||||
|
if (action.trim().toLocaleUpperCase() == "DELETE") permission = role.attrIsDelete;
|
||||||
|
if (action.trim().toLocaleUpperCase() == "GET") permission = role.attrIsGet;
|
||||||
|
if (action.trim().toLocaleUpperCase() == "LIST") permission = role.attrIsList;
|
||||||
|
if (action.trim().toLocaleUpperCase() == "UPDATE") permission = role.attrIsUpdate;
|
||||||
|
if (role.attrOwnership == "OWNER") permission = true;
|
||||||
|
if (permission == false) throw "ไม่มีสิทธิ์ใช้งานระบบนี้";
|
||||||
|
return role.attrPrivilege;
|
||||||
|
})
|
||||||
|
.catch((x) => {
|
||||||
|
throw new HttpError(HttpStatus.FORBIDDEN, x);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
public async PermissionCreate(req: RequestWithUser, system: string) {
|
||||||
|
this.Permission(req, system, "CREATE");
|
||||||
|
}
|
||||||
|
public async PermissionDelete(req: RequestWithUser, system: string) {
|
||||||
|
this.Permission(req, system, "DELETE");
|
||||||
|
}
|
||||||
|
public async PermissionGet(req: RequestWithUser, system: string) {
|
||||||
|
this.Permission(req, system, "GET");
|
||||||
|
}
|
||||||
|
public async PermissionList(req: RequestWithUser, system: string) {
|
||||||
|
this.Permission(req, system, "LIST");
|
||||||
|
}
|
||||||
|
public async PermissionUpdate(req: RequestWithUser, system: string) {
|
||||||
|
this.Permission(req, system, "UPDATE");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
export default CheckAuth;
|
||||||
Loading…
Add table
Add a link
Reference in a new issue