hrms-bangkok/hrms-api-kpi
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

permission ข้อมูลการประเมิน

Browse source
This commit is contained in:
Bright 2024-08-08 14:17:10 +07:00
parent 26492de4b8
commit 75ed79f722
9 changed files with 123 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

12
src/controllers/KpiCapacityController.ts
View file

@ -23,7 +23,8 @@ import { KpiCapacity } from "../entities/kpiCapacity";
import { Position } from "../entities/position";
import { KpiCapacityDetail } from "../entities/kpiCapacityDetail";
import { Like, In } from "typeorm";
import permission from "../interfaces/permission";
import { RequestWithUser } from "../middlewares/user";
@Route("api/v1/kpi/capacity")
@Tags("kpiCapacity")
@Security("bearerAuth")
@ -66,8 +67,9 @@ export class kpiCapacityController extends Controller {
description: string;
}[];
},
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
) {
await new permission().PermissionCreate(request,"SYS_EVA_COMPETENCY");
const kpiCapacity = Object.assign(new KpiCapacity(), {
type: requestBody.type,
name: requestBody.name,
@ -130,8 +132,9 @@ export class kpiCapacityController extends Controller {
description: string;
}[];
},
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
) {
await new permission().PermissionUpdate(request,"SYS_EVA_COMPETENCY");
const kpiCapacity = await this.kpiCapacityRepository.findOne({
where: { id: id },
});
@ -356,7 +359,8 @@ export class kpiCapacityController extends Controller {
* @param {string} id Guid, *Id
*/
@Delete("{id}")
async deleteKpiCapacity(@Path() id: string) {
async deleteKpiCapacity(@Path() id: string, @Request() request: RequestWithUser) {
await new permission().PermissionDelete(request,"SYS_EVA_COMPETENCY");
const kpiCapacity = await this.kpiCapacityRepository.findOne({
where: { id: id },
});

5
src/controllers/KpiEvaluationController.ts
View file

@ -21,6 +21,8 @@ import HttpError from "../interfaces/http-error";
import { Like, Not } from "typeorm";
import HttpStatusCode from "../interfaces/http-status";
import { KpiEvaluation, updateKpiEvaluation } from "../entities/kpiEvaluation";
import permission from "../interfaces/permission";
import { RequestWithUser } from "../middlewares/user";
@Route("api/v1/kpi/evaluation")
@Tags("kpiEvaluation")
@Security("bearerAuth")
@ -39,8 +41,9 @@ export class kpiEvaluationController extends Controller {
@Put()
async updateKpiEvaluations(
@Body() requestBody: updateKpiEvaluation[],
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
) {
await new permission().PermissionUpdate(request,"SYS_EVA_COMPETENCY");
const updatedIds: string[] = [];
for (const item of requestBody) {

11
src/controllers/KpiGroupController.ts
View file

@ -21,6 +21,8 @@ import HttpError from "../interfaces/http-error";
import { Like, Not } from "typeorm";
import HttpStatusCode from "../interfaces/http-status";
import { KpiGroup, createKpiGroup, updateKpiGroup } from "../entities/kpiGroup";
import permission from "../interfaces/permission";
import { RequestWithUser } from "../middlewares/user";
@Route("api/v1/kpi/group")
@Tags("kpiGroup")
@Security("bearerAuth")
@ -43,8 +45,9 @@ export class kpiGroupController extends Controller {
})
async createKpiGroup(
@Body() requestBody: createKpiGroup,
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
) {
await new permission().PermissionCreate(request,"SYS_EVA_COMPETENCY");
const kpiGroup = Object.assign(new KpiGroup(), requestBody);
const chkkpinameGroup = await this.kpiGroupRepository.findOne({
where: {
@ -70,8 +73,9 @@ export class kpiGroupController extends Controller {
async updateKpiGroup(
@Path() id: string,
@Body() requestBody: updateKpiGroup,
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
) {
await new permission().PermissionUpdate(request,"SYS_EVA_COMPETENCY");
const kpiGroup = await this.kpiGroupRepository.findOne({
where: { id: id },
});
@ -119,7 +123,8 @@ export class kpiGroupController extends Controller {
* @param id
*/
@Delete("{id}")
async deleteKpiGroup(@Path() id: string) {
async deleteKpiGroup(@Path() id: string, @Request() request: RequestWithUser) {
await new permission().PermissionDelete(request,"SYS_EVA_COMPETENCY");
const kpiGroup = await this.kpiGroupRepository.findOne({
where: { id: id },
});

11
src/controllers/KpiLinkController.ts
View file

@ -24,6 +24,8 @@ import { KpiLink, createKpiLink, updateKpiLink } from "../entities/kpiLink";
import { KpiGroup } from "../entities/kpiGroup";
import { KpiCapacity } from "../entities/kpiCapacity";
import { Position } from "../entities/position";
import permission from "../interfaces/permission";
import { RequestWithUser } from "../middlewares/user";
@Route("api/v1/kpi/link")
@Tags("kpiLink")
@Security("bearerAuth")
@ -46,8 +48,9 @@ export class kpiLinkController extends Controller {
@Post()
async createKpiLink(
@Body() requestBody: createKpiLink,
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
) {
await new permission().PermissionCreate(request,"SYS_EVA_COMPETENCY");
const chkkpiGroup = await this.kpiGroupRepository.findOne({
where: {
id: requestBody.kpiGroupId,
@ -105,8 +108,9 @@ export class kpiLinkController extends Controller {
async updateKpiLink(
@Path() id: string,
@Body() requestBody: createKpiLink,
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
) {
await new permission().PermissionUpdate(request,"SYS_EVA_COMPETENCY");
const chkKpiLink = await this.kpiLinkRepository.findOne({
where: {
id: id,
@ -198,7 +202,8 @@ export class kpiLinkController extends Controller {
* @param id
*/
@Delete("{id}")
async deleteKpiLink(@Path() id: string) {
async deleteKpiLink(@Path() id: string, @Request() request: RequestWithUser) {
await new permission().PermissionDelete(request,"SYS_EVA_COMPETENCY");
const kpiLink = await this.kpiLinkRepository.findOne({
where: { id: id },
relations: ["kpiCapacitys"],

12
src/controllers/KpiPlanController.ts
View file

@ -26,7 +26,8 @@ import { Brackets, IsNull, Not } from "typeorm";
import { KpiPlanHistory } from "../entities/kpiPlanHistory";
import { KpiSpecial } from "../entities/kpiSpecial";
import { KpiRole } from "../entities/kpiRole";
import permission from "../interfaces/permission";
import { RequestWithUser } from "../middlewares/user";
@Route("api/v1/kpi/plan")
@Tags("kpiPlan")
@Security("bearerAuth")
@ -49,8 +50,9 @@ export class kpiPlanController extends Controller {
@Post()
async createKpiPlan(
@Body() requestBody: createKpiPlan,
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
) {
await new permission().PermissionCreate(request,"SYS_EVA_INDICATOR");
const kpiPlan = Object.assign(new KpiPlan(), requestBody);
if (requestBody.year != null && requestBody.period != null) {
const kpiPeriod = await this.kpiPeriodRepository
@ -208,8 +210,9 @@ export class kpiPlanController extends Controller {
async updateKpiPlan(
@Path() id: string,
@Body() requestBody: updateKpiPlan,
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
) {
await new permission().PermissionUpdate(request,"SYS_EVA_INDICATOR");
const kpiPlan = await this.kpiPlanRepository.findOne({
where: { id: id },
});
@ -502,7 +505,8 @@ export class kpiPlanController extends Controller {
* @param id
*/
@Delete("{id}")
async deleteKpiPlan(@Path() id: string) {
async deleteKpiPlan(@Path() id: string, @Request() request: RequestWithUser) {
await new permission().PermissionDelete(request,"SYS_EVA_INDICATOR");
const kpiPlan = await this.kpiPlanRepository.findOne({
where: { id: id },
});

12
src/controllers/KpiRoleController.ts
View file

@ -24,7 +24,8 @@ import CallAPI from "../interfaces/call-api";
import { KpiPeriod } from "../entities/kpiPeriod";
import { Brackets, IsNull, Like } from "typeorm";
import { KpiRoleHistory } from "../entities/kpiRoleHistory";
import permission from "../interfaces/permission";
import { RequestWithUser } from "../middlewares/user";
@Route("api/v1/kpi/role")
@Tags("kpiRole")
@Security("bearerAuth")
@ -45,8 +46,9 @@ export class kpiRoleController extends Controller {
@Post()
async createKpiRole(
@Body() requestBody: createKpiRole,
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
) {
await new permission().PermissionCreate(request,"SYS_EVA_INDICATOR");
const kpiRole = Object.assign(new KpiRole(), requestBody);
if (requestBody.year != null && requestBody.period != null) {
const kpiPeriod = await this.kpiPeriodRepository
@ -201,8 +203,9 @@ export class kpiRoleController extends Controller {
async updateKpiRole(
@Path() id: string,
@Body() requestBody: updateKpiRole,
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
) {
await new permission().PermissionUpdate(request,"SYS_EVA_INDICATOR");
const kpiRole = await this.kpiRoleRepository.findOne({
where: { id: id },
});
@ -465,7 +468,8 @@ export class kpiRoleController extends Controller {
* @param id
*/
@Delete("{id}")
async deleteKpiRole(@Path() id: string) {
async deleteKpiRole(@Path() id: string,@Request() request: RequestWithUser) {
await new permission().PermissionDelete(request,"SYS_EVA_INDICATOR");
const kpiRole = await this.kpiRoleRepository.findOne({
where: { id: id },
});

12
src/controllers/KpiSpecialController.ts
View file

@ -22,7 +22,8 @@ import HttpStatusCode from "../interfaces/http-status";
import { KpiSpecial, CreateKpiSpecial, UpdateKpiSpecial } from "../entities/kpiSpecial";
import CallAPI from "../interfaces/call-api";
import { Brackets, IsNull, Like, Not } from "typeorm";
import permission from "../interfaces/permission";
import { RequestWithUser } from "../middlewares/user";
@Route("api/v1/kpi/special")
@Tags("kpiSpecial")
@Security("bearerAuth")
@ -42,8 +43,9 @@ export class kpiSpecialController extends Controller {
@Post()
async createKpiSpecial(
@Body() requestBody: CreateKpiSpecial,
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
) {
await new permission().PermissionCreate(request,"SYS_EVA_INDICATOR");
const chk_kpiSpecial = await this.kpiSpecialRepository.findOne({
where: {
including: String(requestBody.including),
@ -78,8 +80,9 @@ export class kpiSpecialController extends Controller {
async updateKpiSpecial(
@Path() id: string,
@Body() requestBody: UpdateKpiSpecial,
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
) {
await new permission().PermissionUpdate(request,"SYS_EVA_INDICATOR");
const kpiSpecial = await this.kpiSpecialRepository.findOne({
where: { id: id },
});
@ -213,7 +216,8 @@ export class kpiSpecialController extends Controller {
* @param id
*/
@Delete("{id}")
async deleteKpiSpecial(@Path() id: string) {
async deleteKpiSpecial(@Path() id: string, @Request() request: RequestWithUser,) {
await new permission().PermissionDelete(request,"SYS_EVA_INDICATOR");
const kpiSpecial = await this.kpiSpecialRepository.findOne({
where: { id: id },
});

58
src/interfaces/permission.ts Normal file
View file

@ -0,0 +1,58 @@
import {
Controller,
Request,
Get,
Post,
Put,
Delete,
Patch,
Route,
Security,
Tags,
Path,
} from "tsoa";
import axios from "axios";
import { RequestWithUser } from "../middlewares/user";
import CallAPI from "./call-api";
import HttpError from "./http-error";
import HttpStatus from "./http-status";
class CheckAuth {
public async Permission(req: RequestWithUser, system: string, action: string) {
await new CallAPI()
.GetData(req, "/org/permission")
.then((x) => {
let permission = false;
let role = x.roles.find((x: any) => x.authSysId == system);
if (!role) throw "ไม่มีสิทธิ์เข้าระบบ";
if (action.trim().toLocaleUpperCase() == "CREATE") permission = role.attrIsCreate;
if (action.trim().toLocaleUpperCase() == "DELETE") permission = role.attrIsDelete;
if (action.trim().toLocaleUpperCase() == "GET") permission = role.attrIsGet;
if (action.trim().toLocaleUpperCase() == "LIST") permission = role.attrIsList;
if (action.trim().toLocaleUpperCase() == "UPDATE") permission = role.attrIsUpdate;
if (role.attrOwnership == "OWNER") permission = true;
if (permission == false) throw "ไม่มีสิทธิ์ใช้งานระบบนี้";
return role.attrPrivilege;
})
.catch((x) => {
throw new HttpError(HttpStatus.FORBIDDEN, x);
});
}
public async PermissionCreate(req: RequestWithUser, system: string) {
this.Permission(req, system, "CREATE");
}
public async PermissionDelete(req: RequestWithUser, system: string) {
this.Permission(req, system, "DELETE");
}
public async PermissionGet(req: RequestWithUser, system: string) {
this.Permission(req, system, "GET");
}
public async PermissionList(req: RequestWithUser, system: string) {
this.Permission(req, system, "LIST");
}
public async PermissionUpdate(req: RequestWithUser, system: string) {
this.Permission(req, system, "UPDATE");
}
}
export default CheckAuth;

13
src/middlewares/user.ts Normal file
View file

@ -0,0 +1,13 @@
import type { Request } from "express";
export type RequestWithUser = Request & {
user: {
sub: string;
name: string;
given_name: string;
familiy_name: string;
preferred_username: string;
email: string;
role: string[];
};
};