add action GET, LIST

2024-08-22 17:39:23 +07:00 · 2024-08-22 17:39:23 +07:00 · da20508104
commit da20508104
parent dd5466de21
3 changed files with 61 additions and 52 deletions
--- a/Controllers/DisableController.cs
+++ b/Controllers/DisableController.cs
@ -560,15 +560,12 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
        {
            try
            {
-                var action = "UPDATE";
-                var system = "SYS_EXAM_SELECT";
-                var getPermission = await _permission.GetPermissionAPIAsync(action, system);
+                var getPermission = await _permission.GetPermissionAPIAsync("UPDATE", "SYS_EXAM_SELECT");
                var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
                if (jsonData["status"]?.ToString() != "200")
                {
                    return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
                }
-                var attrPrivilege = jsonData["result"]?.ToString();
                var data = await _context.PeriodExams.AsQueryable()
                                    .Where(x => x.CheckDisability == true)
                                    .FirstOrDefaultAsync(x => x.Id == id);
@ -624,15 +621,12 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
        {
            try
            {
-                var action = "DELETE";
-                var system = "SYS_EXAM_SELECT";
-                var getPermission = await _permission.GetPermissionAPIAsync(action, system);
+                var getPermission = await _permission.GetPermissionAPIAsync("DELETE", "SYS_EXAM_SELECT");
                var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
                if (jsonData["status"]?.ToString() != "200")
                {
                    return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
                }
-                var attrPrivilege = jsonData["result"]?.ToString();
                var data = await _context.PeriodExams.AsQueryable()
                                .Where(x => x.CheckDisability == true)
                                .Include(x => x.ImportFile)
@ -687,6 +681,12 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
        {
            try
            {
+                var getPermission = await _permission.GetPermissionAPIAsync("LIST", "SYS_EXAM_SELECT");
+                var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
+                if (jsonData["status"]?.ToString() != "200")
+                {
+                    return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
+                }
                var data = await _context.PeriodExams.AsQueryable()
                                .Where(x => x.CheckDisability == true)
                                .Include(x => x.ImportFile)
@ -1087,6 +1087,12 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
        {
            try
            {
+                var getPermission = await _permission.GetPermissionAPIAsync("GET", "SYS_EXAM_SELECT");
+                var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
+                if (jsonData["status"]?.ToString() != "200")
+                {
+                    return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
+                }
                var data = await _context.DisableImportHistories.AsQueryable()
                                    .Include(x => x.PeriodExam)
                                    .Where(x => x.PeriodExam.Id == id)
@ -1119,15 +1125,12 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
        [ProducesResponseType(StatusCodes.Status500InternalServerError)]
        public async Task<ActionResult<ResponseObject>> ImportCandidateFileByIdAsync(Guid id)
        {
-            var action = "CREATE";
-            var system = "SYS_EXAM_SELECT";
-            var getPermission = await _permission.GetPermissionAPIAsync(action, system);
+            var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_EXAM_SELECT");
            var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
            if (jsonData["status"]?.ToString() != "200")
            {
                return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
            }
-            var attrPrivilege = jsonData["result"]?.ToString();
            var tmpDir = Path.Combine(_webHostEnvironment.ContentRootPath, "tmp");
            if (!Directory.Exists(tmpDir))
                Directory.CreateDirectory(tmpDir);
@ -1372,15 +1375,12 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
        [HttpPost("score/{id:length(36)}"), DisableRequestSizeLimit]
        public async Task<ActionResult<ResponseObject>> ImportScoreFileAsync(Guid id)
        {
-            var action = "CREATE";
-            var system = "SYS_EXAM_SELECT";
-            var getPermission = await _permission.GetPermissionAPIAsync(action, system);
+            var getPermission = await _permission.GetPermissionAPIAsync("CREATE", "SYS_EXAM_SELECT");
            var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
            if (jsonData["status"]?.ToString() != "200")
            {
                return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
            }
-            var attrPrivilege = jsonData["result"]?.ToString();
            var tmpDir = Path.Combine(_webHostEnvironment.ContentRootPath, "tmp");
            if (!Directory.Exists(tmpDir))
                Directory.CreateDirectory(tmpDir);