แก้ สิทธิ์ให้ค้นไวขึ้น

2024-09-06 15:25:15 +07:00 · 2024-09-06 15:25:15 +07:00 · ea776021e3
commit ea776021e3
parent a6493dcb62
3 changed files with 35 additions and 23 deletions
--- a/src/entities/Development.ts
+++ b/src/entities/Development.ts
@ -1,4 +1,4 @@
-import { Entity, Column, ManyToOne, JoinColumn, OneToMany, Double, ManyToMany } from "typeorm";
+import { Entity, Column, ManyToOne, JoinColumn, OneToMany, Double } from "typeorm";
 import { EntityBase } from "./base/Base";
 import { Province } from "./Province";
 import { ActualPeople, CreateActualPeople } from "./ActualPeople";
@ -8,7 +8,7 @@ import { CreatePlannedGoal, PlannedGoal } from "./PlannedGoal";
 import { DevelopmentHistory } from "./DevelopmentHistory";
 import { DevelopmentProjectType } from "./DevelopmentProjectType";
 import { DevelopmentProjectTechniquePlanned } from "./DevelopmentProjectTechniquePlanned";
-import { CreateDevelopmentEvaluation, DevelopmentEvaluation } from "./DevelopmentEvaluation";
+import { DevelopmentEvaluation } from "./DevelopmentEvaluation";
 import { CreateDevelopmentAddress, DevelopmentAddress } from "./DevelopmentAddress";
 import { DevelopmentProjectTechniqueActual } from "./DevelopmentProjectTechniqueActual";
 import { StrategyChild5 } from "./StrategyChild5";
--- a/src/entities/Province.ts
+++ b/src/entities/Province.ts
@ -1,4 +1,4 @@
-import { Entity, Column, OneToMany, ManyToMany, JoinTable } from "typeorm";
+import { Entity, Column, OneToMany } from "typeorm";
 import { EntityBase } from "./base/Base";
 import { Development } from "./Development";
 import { DevelopmentAddress } from "./DevelopmentAddress";
--- a/src/interfaces/permission.ts
+++ b/src/interfaces/permission.ts
@ -42,12 +42,30 @@ class CheckAuth {
      req.headers["api_key"] &&
      req.headers["api_key"] == process.env.API_KEY
    ) {
-      return null;
+      return {
+        root: null,
+        child1: null,
+        child2: null,
+        child3: null,
+        child4: null,
+      };
    }
    return await new CallAPI()
-      .GetData(req, `/org/permission/org/${action}/${system}`)
+      .GetData(req, `/org/permission/org/${system}/${action}`)
      .then(async (x) => {
+        console.log(x);
        let privilege = x.privilege;
+        // if (action.trim().toLocaleUpperCase() == "CREATE")
+        //   privilege = await this.PermissionCreate(req, system);
+        // if (action.trim().toLocaleUpperCase() == "DELETE")
+        //   privilege = await this.PermissionDelete(req, system);
+        // if (action.trim().toLocaleUpperCase() == "GET")
+        //   privilege = await this.PermissionGet(req, system);
+        // if (action.trim().toLocaleUpperCase() == "LIST")
+        //   privilege = await this.PermissionList(req, system);
+        // if (action.trim().toLocaleUpperCase() == "UPDATE")
+        //   privilege = await this.PermissionUpdate(req, system);
+
        let data: any = {
          root: [null],
          child1: [null],
@ -124,25 +142,19 @@ class CheckAuth {
      return true;
    }
    return await new CallAPI()
-      .GetData(req, `/org/permission/user/${profileId}`)
+      .GetData(req, `/org/permission/user/${system}/${action}/${profileId}`)
      .then(async (x) => {
-        let org = {
-          root: [null],
-          child1: [null],
-          child2: [null],
-          child3: [null],
-          child4: [null],
-        };
-        if (action.trim().toLocaleUpperCase() == "CREATE")
-          org = await this.PermissionOrgCreate(req, system);
-        if (action.trim().toLocaleUpperCase() == "DELETE")
-          org = await this.PermissionOrgDelete(req, system);
-        if (action.trim().toLocaleUpperCase() == "GET")
-          org = await this.PermissionOrgGet(req, system);
-        if (action.trim().toLocaleUpperCase() == "LIST")
-          org = await this.PermissionOrgList(req, system);
-        if (action.trim().toLocaleUpperCase() == "UPDATE")
-          org = await this.PermissionOrgUpdate(req, system);
+        let org = x.org;
+        // if (action.trim().toLocaleUpperCase() == "CREATE")
+        //   org = await this.PermissionOrgCreate(req, system);
+        // if (action.trim().toLocaleUpperCase() == "DELETE")
+        //   org = await this.PermissionOrgDelete(req, system);
+        // if (action.trim().toLocaleUpperCase() == "GET")
+        //   org = await this.PermissionOrgGet(req, system);
+        // if (action.trim().toLocaleUpperCase() == "LIST")
+        //   org = await this.PermissionOrgList(req, system);
+        // if (action.trim().toLocaleUpperCase() == "UPDATE")
+        //   org = await this.PermissionOrgUpdate(req, system);

        if (org.root != null) if (x.orgRootId != org.root[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล";
        if (org.child1 != null)