hrms-bangkok/hrms-api-exam
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

permission สรรหา

Browse source
This commit is contained in:
Bright 2024-08-20 11:04:07 +07:00
parent 0b753795b8
commit dd5466de21
6 changed files with 220 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

61
Controllers/CMSCandidateController.cs
View file

@ -3,9 +3,12 @@ using BMA.EHR.Recurit.Exam.Service.Models;
using BMA.EHR.Recurit.Exam.Service.Request; using BMA.EHR.Recurit.Exam.Service.Request;
using BMA.EHR.Recurit.Exam.Service.Response; using BMA.EHR.Recurit.Exam.Service.Response;
using BMA.EHR.Recurit.Exam.Service.Services; using BMA.EHR.Recurit.Exam.Service.Services;
using BMA.EHR.Recurit.Exam.Service.Request;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Swashbuckle.AspNetCore.Annotations; using Swashbuckle.AspNetCore.Annotations;
using Newtonsoft.Json.Linq;
using Newtonsoft.Json;
namespace BMA.EHR.Recurit.Exam.Service.Controllers namespace BMA.EHR.Recurit.Exam.Service.Controllers
{ {
@ -20,14 +23,16 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
#region " Fields " #region " Fields "
private readonly CMSCandidateService _cmsCandidateService; private readonly CMSCandidateService _cmsCandidateService;
private readonly PermissionRepository _permission;
#endregion #endregion
#region " Constructor and Destructor " #region " Constructor and Destructor "
public CMSCandidateController(CMSCandidateService cmsCandidateService) public CMSCandidateController(CMSCandidateService cmsCandidateService, PermissionRepository permission)
{ {
_cmsCandidateService = cmsCandidateService; _cmsCandidateService = cmsCandidateService;
_permission = permission;
} }
#endregion #endregion
@ -75,6 +80,15 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
{ {
try try
{ {
var action = "CREATE";
var system = "SYS_EXAM_WEBSITE";
var getPermission = await _permission.GetPermissionAPIAsync(action, system);
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
var attrPrivilege = jsonData["result"]?.ToString();
await _cmsCandidateService.UpdateDetailAsync(detail); await _cmsCandidateService.UpdateDetailAsync(detail);
return Success(); return Success();
@ -101,6 +115,15 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
{ {
try try
{ {
var action = "CREATE";
var system = "SYS_EXAM_WEBSITE";
var getPermission = await _permission.GetPermissionAPIAsync(action, system);
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
var attrPrivilege = jsonData["result"]?.ToString();
await _cmsCandidateService.UpdateAboutAsync(about); await _cmsCandidateService.UpdateAboutAsync(about);
return Success(); return Success();
@ -127,6 +150,15 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
{ {
try try
{ {
var action = "CREATE";
var system = "SYS_EXAM_WEBSITE";
var getPermission = await _permission.GetPermissionAPIAsync(action, system);
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
var attrPrivilege = jsonData["result"]?.ToString();
if (Request.Form.Files == null || Request.Form.Files.Count == 0) if (Request.Form.Files == null || Request.Form.Files.Count == 0)
{ {
return Error(GlobalMessages.NoFileToUpload); return Error(GlobalMessages.NoFileToUpload);
@ -159,6 +191,15 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
{ {
try try
{ {
var action = "CREATE";
var system = "SYS_EXAM_WEBSITE";
var getPermission = await _permission.GetPermissionAPIAsync(action, system);
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
var attrPrivilege = jsonData["result"]?.ToString();
if (Request.Form.Files == null || Request.Form.Files.Count == 0) if (Request.Form.Files == null || Request.Form.Files.Count == 0)
{ {
return Error(GlobalMessages.NoFileToUpload); return Error(GlobalMessages.NoFileToUpload);
@ -191,6 +232,15 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
{ {
try try
{ {
var action = "CREATE";
var system = "SYS_EXAM_WEBSITE";
var getPermission = await _permission.GetPermissionAPIAsync(action, system);
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
var attrPrivilege = jsonData["result"]?.ToString();
await _cmsCandidateService.UpdateAgencyAsync(agency); await _cmsCandidateService.UpdateAgencyAsync(agency);
return Success(); return Success();
@ -217,6 +267,15 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
{ {
try try
{ {
var action = "CREATE";
var system = "SYS_EXAM_WEBSITE";
var getPermission = await _permission.GetPermissionAPIAsync(action, system);
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
var attrPrivilege = jsonData["result"]?.ToString();
await _cmsCandidateService.UpdateGovernmentAsync(government); await _cmsCandidateService.UpdateGovernmentAsync(government);
return Success(); return Success();

17
Controllers/CandidateController.cs
View file

@ -5,6 +5,8 @@ using BMA.EHR.Recurit.Exam.Service.Response;
using BMA.EHR.Recurit.Exam.Service.Services; using BMA.EHR.Recurit.Exam.Service.Services;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Newtonsoft.Json.Linq;
using Newtonsoft.Json;
using Swashbuckle.AspNetCore.Annotations; using Swashbuckle.AspNetCore.Annotations;
namespace BMA.EHR.Recurit.Exam.Service.Controllers namespace BMA.EHR.Recurit.Exam.Service.Controllers
@ -21,15 +23,19 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
private readonly CandidateService _candidateService; private readonly CandidateService _candidateService;
private readonly MinIOService _minioService; private readonly MinIOService _minioService;
private readonly PermissionRepository _permission;
#endregion #endregion
#region " Constructor and Destructor " #region " Constructor and Destructor "
public CandidateController(CandidateService candidateService, public CandidateController(CandidateService candidateService,
MinIOService minioService) MinIOService minioService,
PermissionRepository permission)
{ {
_candidateService = candidateService; _candidateService = candidateService;
_minioService = minioService; _minioService = minioService;
_permission = permission;
} }
#endregion #endregion
@ -788,6 +794,15 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
{ {
try try
{ {
var action = "CREATE";
var system = "SYS_EXAM_SELECT";
var getPermission = await _permission.GetPermissionAPIAsync(action, system);
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
var attrPrivilege = jsonData["result"]?.ToString();
var _item = new RequestApprove(); var _item = new RequestApprove();
if (item.CandidateId != null) if (item.CandidateId != null)

44
Controllers/DisableController.cs
View file

@ -24,6 +24,8 @@ using System.Net;
using System.Net.WebSockets; using System.Net.WebSockets;
using System.Security.Claims; using System.Security.Claims;
using System.Text; using System.Text;
using Newtonsoft.Json.Linq;
using Newtonsoft.Json;
namespace BMA.EHR.Recurit.Exam.Service.Controllers namespace BMA.EHR.Recurit.Exam.Service.Controllers
{ {
@ -43,7 +45,7 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
private readonly IWebHostEnvironment _webHostEnvironment; private readonly IWebHostEnvironment _webHostEnvironment;
private readonly DisableService _disableService; private readonly DisableService _disableService;
private readonly PeriodExamService _periodExamService; private readonly PeriodExamService _periodExamService;
private readonly PermissionRepository _permission;
private readonly IHttpContextAccessor _httpContextAccessor; private readonly IHttpContextAccessor _httpContextAccessor;
private readonly ILogger<DisableController> _logger; private readonly ILogger<DisableController> _logger;
@ -58,7 +60,8 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
DisableService disableService, DisableService disableService,
PeriodExamService periodExamService, PeriodExamService periodExamService,
IHttpContextAccessor httpContextAccessor, IHttpContextAccessor httpContextAccessor,
ILogger<DisableController> logger) ILogger<DisableController> logger,
PermissionRepository permission)
{ {
_context = context; _context = context;
_contextMetadata = contextMetadata; _contextMetadata = contextMetadata;
@ -68,6 +71,7 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
_periodExamService = periodExamService; _periodExamService = periodExamService;
_httpContextAccessor = httpContextAccessor; _httpContextAccessor = httpContextAccessor;
_logger = logger; _logger = logger;
_permission = permission;
} }
#endregion #endregion
@ -556,6 +560,15 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
{ {
try try
{ {
var action = "UPDATE";
var system = "SYS_EXAM_SELECT";
var getPermission = await _permission.GetPermissionAPIAsync(action, system);
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
var attrPrivilege = jsonData["result"]?.ToString();
var data = await _context.PeriodExams.AsQueryable() var data = await _context.PeriodExams.AsQueryable()
.Where(x => x.CheckDisability == true) .Where(x => x.CheckDisability == true)
.FirstOrDefaultAsync(x => x.Id == id); .FirstOrDefaultAsync(x => x.Id == id);
@ -611,6 +624,15 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
{ {
try try
{ {
var action = "DELETE";
var system = "SYS_EXAM_SELECT";
var getPermission = await _permission.GetPermissionAPIAsync(action, system);
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
var attrPrivilege = jsonData["result"]?.ToString();
var data = await _context.PeriodExams.AsQueryable() var data = await _context.PeriodExams.AsQueryable()
.Where(x => x.CheckDisability == true) .Where(x => x.CheckDisability == true)
.Include(x => x.ImportFile) .Include(x => x.ImportFile)
@ -1097,6 +1119,15 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
[ProducesResponseType(StatusCodes.Status500InternalServerError)] [ProducesResponseType(StatusCodes.Status500InternalServerError)]
public async Task<ActionResult<ResponseObject>> ImportCandidateFileByIdAsync(Guid id) public async Task<ActionResult<ResponseObject>> ImportCandidateFileByIdAsync(Guid id)
{ {
var action = "CREATE";
var system = "SYS_EXAM_SELECT";
var getPermission = await _permission.GetPermissionAPIAsync(action, system);
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
var attrPrivilege = jsonData["result"]?.ToString();
var tmpDir = Path.Combine(_webHostEnvironment.ContentRootPath, "tmp"); var tmpDir = Path.Combine(_webHostEnvironment.ContentRootPath, "tmp");
if (!Directory.Exists(tmpDir)) if (!Directory.Exists(tmpDir))
Directory.CreateDirectory(tmpDir); Directory.CreateDirectory(tmpDir);
@ -1341,6 +1372,15 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
[HttpPost("score/{id:length(36)}"), DisableRequestSizeLimit] [HttpPost("score/{id:length(36)}"), DisableRequestSizeLimit]
public async Task<ActionResult<ResponseObject>> ImportScoreFileAsync(Guid id) public async Task<ActionResult<ResponseObject>> ImportScoreFileAsync(Guid id)
{ {
var action = "CREATE";
var system = "SYS_EXAM_SELECT";
var getPermission = await _permission.GetPermissionAPIAsync(action, system);
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
var attrPrivilege = jsonData["result"]?.ToString();
var tmpDir = Path.Combine(_webHostEnvironment.ContentRootPath, "tmp"); var tmpDir = Path.Combine(_webHostEnvironment.ContentRootPath, "tmp");
if (!Directory.Exists(tmpDir)) if (!Directory.Exists(tmpDir))
Directory.CreateDirectory(tmpDir); Directory.CreateDirectory(tmpDir);

33
Controllers/PeriodExamController.cs
View file

@ -5,6 +5,8 @@ using BMA.EHR.Recurit.Exam.Service.Response;
using BMA.EHR.Recurit.Exam.Service.Services; using BMA.EHR.Recurit.Exam.Service.Services;
using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Newtonsoft.Json.Linq;
using Newtonsoft.Json;
using Swashbuckle.AspNetCore.Annotations; using Swashbuckle.AspNetCore.Annotations;
namespace BMA.EHR.Recurit.Exam.Service.Controllers namespace BMA.EHR.Recurit.Exam.Service.Controllers
@ -22,15 +24,17 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
private readonly PeriodExamService _periodExamService; private readonly PeriodExamService _periodExamService;
private readonly MinIOService _minioService; private readonly MinIOService _minioService;
private readonly PermissionRepository _permission;
#endregion #endregion
#region " Constructor and Destructor " #region " Constructor and Destructor "
public PeriodExamController(PeriodExamService periodExamService, MinIOService minioService) public PeriodExamController(PeriodExamService periodExamService, MinIOService minioService, PermissionRepository permission)
{ {
_periodExamService = periodExamService; _periodExamService = periodExamService;
_minioService = minioService; _minioService = minioService;
_permission = permission;
} }
#endregion #endregion
@ -156,6 +160,15 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
{ {
try try
{ {
var action = "CREATE";
var system = "SYS_EXAM_SELECT";
var getPermission = await _permission.GetPermissionAPIAsync(action, system);
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
var attrPrivilege = jsonData["result"]?.ToString();
var items = await _periodExamService.CreateAsync(item); var items = await _periodExamService.CreateAsync(item);
return Success(items); return Success(items);
@ -183,6 +196,15 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
{ {
try try
{ {
var action = "UPDATE";
var system = "SYS_EXAM_SELECT";
var getPermission = await _permission.GetPermissionAPIAsync(action, system);
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
var attrPrivilege = jsonData["result"]?.ToString();
await _periodExamService.UpdateAsync(examId, item); await _periodExamService.UpdateAsync(examId, item);
return Success(); return Success();
@ -249,6 +271,15 @@ namespace BMA.EHR.Recurit.Exam.Service.Controllers
{ {
try try
{ {
var action = "DELETE";
var system = "SYS_EXAM_SELECT";
var getPermission = await _permission.GetPermissionAPIAsync(action, system);
var jsonData = JsonConvert.DeserializeObject<JObject>(getPermission);
if (jsonData["status"]?.ToString() != "200")
{
return Error(jsonData["message"]?.ToString(), StatusCodes.Status403Forbidden);
}
var attrPrivilege = jsonData["result"]?.ToString();
await _periodExamService.DeleteAsync(examId); await _periodExamService.DeleteAsync(examId);
return Success(); return Success();

1
Program.cs
View file

@ -87,6 +87,7 @@ builder.Services.AddTransient<PeriodExamService>();
builder.Services.AddTransient<MinIOService>(); builder.Services.AddTransient<MinIOService>();
builder.Services.AddTransient<MailService>(); builder.Services.AddTransient<MailService>();
builder.Services.AddTransient<CMSCandidateService>(); builder.Services.AddTransient<CMSCandidateService>();
builder.Services.AddTransient<PermissionRepository>();
// Add services to the container. // Add services to the container.
builder.Services.AddControllers(options => builder.Services.AddControllers(options =>

69
Repositories/PermissionRepository.cs Normal file
View file

@ -0,0 +1,69 @@
using System.Security.Claims;
using BMA.EHR.Domain.Models.Placement;
using BMA.EHR.Recurit.Exam.Service.Extensions;
using BMA.EHR.Recurit.Exam.Service.Core;
using BMA.EHR.Recurit.Exam.Service.Data;
using BMA.EHR.Recurit.Exam.Service.Models;
using BMA.EHR.Recurit.Exam.Service.Request;
using BMA.EHR.Recurit.Exam.Service.Response;
using BMA.EHR.Recurit.Exam.Service.Responses.Document;
using Microsoft.AspNetCore.Mvc;
using Microsoft.EntityFrameworkCore;
using System.Configuration;
using System.Net.Http.Headers;
namespace BMA.EHR.Recurit.Exam.Service.Services
{
public class PermissionRepository
{
#region " Fields "
private readonly IHttpContextAccessor _httpContextAccessor;
private readonly IConfiguration _configuration;
#endregion
#region " Constructor and Destructor "
public PermissionRepository(IHttpContextAccessor httpContextAccessor,
IConfiguration configuration)
{
_httpContextAccessor = httpContextAccessor;
_configuration = configuration;
}
#endregion
#region " Properties "
protected string? AccessToken => _httpContextAccessor?.HttpContext?.Request.Headers["Authorization"];
#endregion
#region " Methods "
public async Task<dynamic> GetPermissionAPIAsync(string action, string system)
{
try
{
var apiPath = $"{_configuration["API"]}/org/permission/dotnet/{action}/{system}";
using (var client = new HttpClient())
{
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", AccessToken.Replace("Bearer ", ""));
client.DefaultRequestHeaders.Add("api_key", _configuration["API_KEY"]);
var req = await client.GetAsync(apiPath);
var res = await req.Content.ReadAsStringAsync();
return res;
}
}
catch
{
throw;
}
}
#endregion
}
}