hrms-bangkok/hrms-api-eva
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions
hrms-api-eva/src/interfaces/permission.ts
DESKTOP-2S5P7D1\Windows 10 925c5d1ab2 first
2024-12-04 17:25:34 +07:00

269 lines
9.1 KiB
TypeScript
Raw Blame History

import axios from "axios";
import { RequestWithUser } from "../middlewares/user";
import CallAPI from "./call-api";
import HttpError from "./http-error";
import HttpStatus from "./http-status";
import { promisify } from "util";
class CheckAuth {
private redis = require("redis");
public async Permission(req: RequestWithUser, system: string, action: string) {
if (
req.headers.hasOwnProperty("api_key") &&
req.headers["api_key"] &&
req.headers["api_key"] == process.env.API_KEY
) {
return null;
}
return await new CallAPI()
.GetData(req, "/org/permission")
.then((x) => {
let permission = false;
let role = x.roles.find((x: any) => x.authSysId == system);
if (!role) throw "ไม่มีสิทธิ์เข้าระบบ";
if (role.attrOwnership == "OWNER") return "OWNER";
if (action.trim().toLocaleUpperCase() == "CREATE") permission = role.attrIsCreate;
if (action.trim().toLocaleUpperCase() == "DELETE") permission = role.attrIsDelete;
if (action.trim().toLocaleUpperCase() == "GET") permission = role.attrIsGet;
if (action.trim().toLocaleUpperCase() == "LIST") permission = role.attrIsList;
if (action.trim().toLocaleUpperCase() == "UPDATE") permission = role.attrIsUpdate;
if (permission == false) throw "ไม่มีสิทธิ์ใช้งานระบบนี้";
return role.attrPrivilege;
})
.catch((x) => {
if (x.status != undefined) {
throw new HttpError(x.status, x.message);
} else {
throw new HttpError(HttpStatus.FORBIDDEN, x);
}
});
}
public async PermissionOrg(req: RequestWithUser, system: string, action: string) {
if (
req.headers.hasOwnProperty("api_key") &&
req.headers["api_key"] &&
req.headers["api_key"] == process.env.API_KEY
) {
return {
root: null,
child1: null,
child2: null,
child3: null,
child4: null,
};
}
return await new CallAPI()
.GetData(req, `/org/permission/org/${system}/${action}`)
.then(async (x) => {
let privilege = x.privilege;
let data: any = {
root: [null],
child1: [null],
child2: [null],
child3: [null],
child4: [null],
privilege: [null],
};
let node = 4;
if (x.orgChild1Id == null) {
node = 0;
} else if (x.orgChild2Id == null) {
node = 1;
} else if (x.orgChild3Id == null) {
node = 2;
} else if (x.orgChild4Id == null) {
node = 3;
}
if (privilege == "OWNER") {
data = {
root: null,
child1: null,
child2: null,
child3: null,
child4: null,
privilege: "OWNER",
};
} else if (privilege == "ROOT") {
data = {
root: [x.orgRootId],
child1: null,
child2: null,
child3: null,
child4: null,
privilege: "ROOT",
};
} else if (privilege == "CHILD") {
data = {
root: node >= 0 ? [x.orgRootId] : null,
child1: node >= 1 ? [x.orgChild1Id] : null,
child2: node >= 2 ? [x.orgChild2Id] : null,
child3: node >= 3 ? [x.orgChild3Id] : null,
child4: node >= 4 ? [x.orgChild4Id] : null,
privilege: "CHILD",
};
} else if (privilege == "NORMAL") {
data = {
root: [x.orgRootId],
child1: [x.orgChild1Id],
child2: [x.orgChild2Id],
child3: [x.orgChild3Id],
child4: [x.orgChild4Id],
privilege: "NORMAL",
};
} else if (privilege == "SPECIFIC") {
}
return data;
})
.catch((x) => {
if (x.status != undefined) {
throw new HttpError(x.status, x.message);
} else {
throw new HttpError(HttpStatus.FORBIDDEN, x);
}
});
}
public async PermissionOrgByUser(
req: RequestWithUser,
system: string,
action: string,
profileId: string,
) {
if (
req.headers.hasOwnProperty("api_key") &&
req.headers["api_key"] &&
req.headers["api_key"] == process.env.API_KEY
) {
return true;
}
return await new CallAPI()
.GetData(req, `/org/permission/user/${system}/${action}/${profileId}`)
.then(async (x) => {
let org = x.org;
if (org.root != null) if (x.orgRootId != org.root[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล";
if (org.child1 != null)
if (x.orgChild1Id != org.child1[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล";
if (org.child2 != null)
if (x.orgChild2Id != org.child2[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล";
if (org.child3 != null)
if (x.orgChild3Id != org.child3[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล";
if (org.child4 != null)
if (x.orgChild4Id != org.child4[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล";
return true;
})
.catch((x) => {
if (x.status != undefined) {
throw new HttpError(x.status, x.message);
} else {
throw new HttpError(HttpStatus.FORBIDDEN, x);
}
});
}
public async Workflow(req: RequestWithUser, id: string, sysName: string) {
if (
req.headers.hasOwnProperty("api_key") &&
req.headers["api_key"] &&
req.headers["api_key"] == process.env.API_KEY
) {
return null;
}
return await new CallAPI()
.PostData(req, "/org/workflow/keycloak/isofficer", {
refId: id,
sysName: sysName,
})
.then((x) => {
return true;
})
.catch((x) => {
return false;
});
}
public async checkOrg(token: any,keycloakId: string) {
const redisClient = await this.redis.createClient({
host: process.env.REDIS_HOST,
port: process.env.REDIS_PORT,
});
const getAsync = promisify(redisClient.get).bind(redisClient);
let reply = await getAsync("org_" + keycloakId);
if (reply != null) {
reply = JSON.parse(reply);
} else {
try {
const x = await new CallAPI().GetData(
{
headers: { authorization: token },
},
`/org/permission/checkOrg/${keycloakId}`,
false
);
const data = {
orgRootId: x.orgRootId,
orgChild1Id: x.orgChild1Id,
orgChild2Id: x.orgChild2Id,
orgChild3Id: x.orgChild3Id,
orgChild4Id: x.orgChild4Id,
};
return data;
} catch (error) {
console.error("Error calling API:", error);
throw error;
}
}
}
public async PermissionCreate(req: RequestWithUser, system: string) {
return await this.Permission(req, system, "CREATE");
}
public async PermissionDelete(req: RequestWithUser, system: string) {
return await this.Permission(req, system, "DELETE");
}
public async PermissionGet(req: RequestWithUser, system: string) {
return await this.Permission(req, system, "GET");
}
public async PermissionList(req: RequestWithUser, system: string) {
return await this.Permission(req, system, "LIST");
}
public async PermissionUpdate(req: RequestWithUser, system: string) {
return await this.Permission(req, system, "UPDATE");
}
public async PermissionOrgCreate(req: RequestWithUser, system: string) {
return await this.PermissionOrg(req, system, "CREATE");
}
public async PermissionOrgDelete(req: RequestWithUser, system: string) {
return await this.PermissionOrg(req, system, "DELETE");
}
public async PermissionOrgGet(req: RequestWithUser, system: string) {
return await this.PermissionOrg(req, system, "GET");
}
public async PermissionOrgList(req: RequestWithUser, system: string) {
return await this.PermissionOrg(req, system, "LIST");
}
public async PermissionOrgUpdate(req: RequestWithUser, system: string) {
return await this.PermissionOrg(req, system, "UPDATE");
}
public async PermissionOrgUserCreate(req: RequestWithUser, system: string, profileId: string) {
return await this.PermissionOrgByUser(req, system, "CREATE", profileId);
}
public async PermissionOrgUserDelete(req: RequestWithUser, system: string, profileId: string) {
return await this.PermissionOrgByUser(req, system, "DELETE", profileId);
}
public async PermissionOrgUserGet(req: RequestWithUser, system: string, profileId: string) {
return await this.PermissionOrgByUser(req, system, "GET", profileId);
}
public async PermissionOrgUserList(req: RequestWithUser, system: string, profileId: string) {
return await this.PermissionOrgByUser(req, system, "LIST", profileId);
}
public async PermissionOrgUserUpdate(req: RequestWithUser, system: string, profileId: string) {
return await this.PermissionOrgByUser(req, system, "UPDATE", profileId);
}
}
export default CheckAuth;
Reference in a new issue View git blame Copy permalink