ปิด validate สิทธิ์ user controller
This commit is contained in:
parent
3a033ddc9b
commit
c2f652732f
4 changed files with 44 additions and 29 deletions
|
|
@ -56,7 +56,7 @@ export class KpiUserDevelopmentController extends Controller {
|
|||
requestBody: CreateKpiUserDevelopment,
|
||||
@Request() request: RequestWithUser,
|
||||
) {
|
||||
await new permission().PermissionCreate(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionCreate(request, "SYS_KPI_LIST");//USER
|
||||
const chkUserEvaluation = await this.kpiUserEvaluationRepository.findOne({
|
||||
where: { id: requestBody.kpiUserEvaluationId },
|
||||
});
|
||||
|
|
@ -90,7 +90,7 @@ export class KpiUserDevelopmentController extends Controller {
|
|||
// "ไม่สามารถเพิ่มข้อมูลได้เนื่องจากข้อมูลตัวชี้วัดซ้ำ",
|
||||
// );
|
||||
// }
|
||||
let before:any = null;
|
||||
let before: any = null;
|
||||
kpiUserDevelopment.createdUserId = request.user.sub;
|
||||
kpiUserDevelopment.createdFullName = request.user.name;
|
||||
kpiUserDevelopment.lastUpdateUserId = request.user.sub;
|
||||
|
|
@ -130,7 +130,7 @@ export class KpiUserDevelopmentController extends Controller {
|
|||
@Body() requestBody: UpdateKpiUserDevelopment,
|
||||
@Request() request: RequestWithUser,
|
||||
) {
|
||||
await new permission().PermissionUpdate(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionUpdate(request, "SYS_KPI_LIST");//USER
|
||||
const kpiUserDevelopment = await this.kpiUserDevelopmentRepository.findOne({
|
||||
where: { id },
|
||||
relations: {
|
||||
|
|
@ -209,7 +209,7 @@ export class KpiUserDevelopmentController extends Controller {
|
|||
*/
|
||||
@Delete("{id}")
|
||||
async deleteKpiUserDevelopment(@Path() id: string, @Request() request: RequestWithUser) {
|
||||
await new permission().PermissionDelete(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionDelete(request, "SYS_KPI_LIST");//USER
|
||||
const delKpiUserDevelopment = await this.kpiUserDevelopmentRepository.findOne({
|
||||
where: { id },
|
||||
relations: ["developmentProjects"],
|
||||
|
|
@ -275,7 +275,7 @@ export class KpiUserDevelopmentController extends Controller {
|
|||
*/
|
||||
@Get()
|
||||
async GetKpiUserDevelopment(@Request() request: RequestWithUser, @Query("id") id: string) {
|
||||
await new permission().PermissionGet(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionGet(request, "SYS_KPI_LIST");//USER
|
||||
const kpiUserDevelopment = await this.kpiUserDevelopmentRepository.find({
|
||||
where: {
|
||||
kpiUserEvaluationId: id,
|
||||
|
|
@ -313,7 +313,7 @@ export class KpiUserDevelopmentController extends Controller {
|
|||
@Body() requestBody: KpiUserDevelopmentDataPoint[],
|
||||
@Request() request: RequestWithUser,
|
||||
) {
|
||||
await new permission().PermissionCreate(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionCreate(request, "SYS_KPI_LIST");//USER
|
||||
for (const item of requestBody) {
|
||||
const kpiUserDevelopment = await this.kpiUserDevelopmentRepository.findOne({
|
||||
where: { id: item.id },
|
||||
|
|
@ -493,7 +493,11 @@ export class KpiUserDevelopmentController extends Controller {
|
|||
* @param {string} id Id พัฒนาตนเอง
|
||||
*/
|
||||
@Get("registry/{type}/{id}")
|
||||
async GetKpiUserDevelopmentDetailRegistryOfficer(@Request() request: RequestWithUser, @Path() id: string, @Path() type: string) {
|
||||
async GetKpiUserDevelopmentDetailRegistryOfficer(
|
||||
@Request() request: RequestWithUser,
|
||||
@Path() id: string,
|
||||
@Path() type: string,
|
||||
) {
|
||||
const getKpiUserDevelopment = await this.kpiUserDevelopmentRepository.findOne({
|
||||
relations: ["kpiUserEvaluation", "developmentProjects"],
|
||||
where: { id: id },
|
||||
|
|
@ -501,15 +505,27 @@ export class KpiUserDevelopmentController extends Controller {
|
|||
if (!getKpiUserDevelopment) {
|
||||
throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่พบข้อมูลพัฒนาตนเองนี้");
|
||||
}
|
||||
if(type.trim().toLocaleUpperCase() == "OFFICER"){
|
||||
await new permission().PermissionOrgUserGet(request, "SYS_REGISTRY_OFFICER", getKpiUserDevelopment.kpiUserEvaluation.profileId);
|
||||
}else if(type.trim().toLocaleUpperCase() == "EMPLOYEE"){
|
||||
await new permission().PermissionOrgUserGet(request, "SYS_REGISTRY_EMP", getKpiUserDevelopment.kpiUserEvaluation.profileId);
|
||||
}else if(type.trim().toLocaleUpperCase() == "TEMP"){
|
||||
await new permission().PermissionOrgUserGet(request, "SYS_REGISTRY_TEMP", getKpiUserDevelopment.kpiUserEvaluation.profileId);
|
||||
}else if(type.trim().toLocaleUpperCase() == "USER"){
|
||||
}else{
|
||||
throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่สามารถเข้าถึงข้อมูลนี้ได้");
|
||||
if (type.trim().toLocaleUpperCase() == "OFFICER") {
|
||||
await new permission().PermissionOrgUserGet(
|
||||
request,
|
||||
"SYS_REGISTRY_OFFICER",
|
||||
getKpiUserDevelopment.kpiUserEvaluation.profileId,
|
||||
);
|
||||
} else if (type.trim().toLocaleUpperCase() == "EMPLOYEE") {
|
||||
await new permission().PermissionOrgUserGet(
|
||||
request,
|
||||
"SYS_REGISTRY_EMP",
|
||||
getKpiUserDevelopment.kpiUserEvaluation.profileId,
|
||||
);
|
||||
} else if (type.trim().toLocaleUpperCase() == "TEMP") {
|
||||
await new permission().PermissionOrgUserGet(
|
||||
request,
|
||||
"SYS_REGISTRY_TEMP",
|
||||
getKpiUserDevelopment.kpiUserEvaluation.profileId,
|
||||
);
|
||||
} else if (type.trim().toLocaleUpperCase() == "USER") {
|
||||
} else {
|
||||
throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่สามารถเข้าถึงข้อมูลนี้ได้");
|
||||
}
|
||||
|
||||
const mapKpiUserDevelopment = {
|
||||
|
|
|
|||
|
|
@ -215,7 +215,6 @@ export class KpiUserEvaluationController extends Controller {
|
|||
evaluating?: boolean | null;
|
||||
},
|
||||
) {
|
||||
// await new permission().PermissionDelete(request, "SYS_RESULT");
|
||||
await new permission().PermissionList(request, "SYS_KPI_ROUND");
|
||||
let conditionFullName =
|
||||
"CONCAT(kpiUserEvaluation.prefix, kpiUserEvaluation.firstName, ' ', kpiUserEvaluation.lastName) LIKE :keyword";
|
||||
|
|
@ -333,7 +332,7 @@ export class KpiUserEvaluationController extends Controller {
|
|||
evaluating?: boolean | null;
|
||||
},
|
||||
) {
|
||||
await new permission().PermissionList(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionList(request, "SYS_KPI_LIST");//USER
|
||||
let conditionFullName =
|
||||
"CONCAT(kpiUserEvaluation.prefix, kpiUserEvaluation.firstName, ' ', kpiUserEvaluation.lastName) LIKE :keyword";
|
||||
const [kpiUserEvaluation, total] = await AppDataSource.getRepository(KpiUserEvaluation)
|
||||
|
|
@ -1595,7 +1594,7 @@ export class KpiUserEvaluationController extends Controller {
|
|||
},
|
||||
@Request() request: RequestWithUser,
|
||||
) {
|
||||
await new permission().PermissionCreate(request, "SYS_RESULT");
|
||||
// await new permission().PermissionCreate(request, "SYS_RESULT");//USER
|
||||
const kpiUserEvaluations = await this.kpiUserEvalutionRepository.find({
|
||||
where: { id: In(requestBody.id) },
|
||||
relations: ["kpiUserDevelopments", "kpiUserDevelopments.developmentProjects"],
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ export class KpiUserPlannedController extends Controller {
|
|||
requestBody: CreateKpiUserPlanned,
|
||||
@Request() request: RequestWithUser,
|
||||
) {
|
||||
await new permission().PermissionCreate(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionCreate(request, "SYS_KPI_LIST");//USER
|
||||
const chkUserEvaluation = await this.kpiUserEvaluationRepository.findOne({
|
||||
where: { id: requestBody.kpiUserEvaluationId },
|
||||
});
|
||||
|
|
@ -122,7 +122,7 @@ export class KpiUserPlannedController extends Controller {
|
|||
@Body() requestBody: UpdateKpiUserPlanned,
|
||||
@Request() request: RequestWithUser,
|
||||
) {
|
||||
await new permission().PermissionUpdate(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionUpdate(request, "SYS_KPI_LIST");//USER
|
||||
const kpiUserPlanned = await this.kpiUserPlannedRepository.findOne({ where: { id } });
|
||||
if (!kpiUserPlanned) {
|
||||
throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่พบข้อมูลงานตามแผนปฏิบัติราชการประจำปีนี้");
|
||||
|
|
@ -170,7 +170,7 @@ export class KpiUserPlannedController extends Controller {
|
|||
*/
|
||||
@Delete("{id}")
|
||||
async deleteKpiUserPlanned(@Path() id: string, @Request() request: RequestWithUser) {
|
||||
await new permission().PermissionDelete(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionDelete(request, "SYS_KPI_LIST");//USER
|
||||
const delKpiUserPlanned = await this.kpiUserPlannedRepository.findOne({ where: { id } });
|
||||
if (!delKpiUserPlanned) {
|
||||
throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่พบข้อมูลงานตามแผนปฏิบัติราชการประจำปีนี้");
|
||||
|
|
@ -231,7 +231,7 @@ export class KpiUserPlannedController extends Controller {
|
|||
*/
|
||||
@Get()
|
||||
async GetKpiUserPlanned(@Request() request: RequestWithUser, @Query("id") id: string) {
|
||||
await new permission().PermissionGet(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionGet(request, "SYS_KPI_LIST");//USER
|
||||
const kpiUserPlanned = await this.kpiUserPlannedRepository.find({
|
||||
where: {
|
||||
kpiUserEvaluationId: id,
|
||||
|
|
@ -285,7 +285,7 @@ export class KpiUserPlannedController extends Controller {
|
|||
@Body() requestBody: KpiUserPlannedDataPoint[],
|
||||
@Request() request: RequestWithUser,
|
||||
) {
|
||||
await new permission().PermissionCreate(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionCreate(request, "SYS_KPI_LIST");//USER
|
||||
for (const item of requestBody) {
|
||||
const kpiUserPlanned = await this.kpiUserPlannedRepository.findOne({
|
||||
where: { id: item.id },
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ export class KpiUserRoleController extends Controller {
|
|||
requestBody: CreateKpiUserRole,
|
||||
@Request() request: RequestWithUser,
|
||||
) {
|
||||
await new permission().PermissionCreate(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionCreate(request, "SYS_KPI_LIST");//USER
|
||||
const chkUserEvaluation = await this.kpiUserEvaluationRepository.findOne({
|
||||
where: { id: requestBody.kpiUserEvaluationId },
|
||||
});
|
||||
|
|
@ -118,7 +118,7 @@ export class KpiUserRoleController extends Controller {
|
|||
@Body() requestBody: UpdateKpiUserRole,
|
||||
@Request() request: RequestWithUser,
|
||||
) {
|
||||
await new permission().PermissionUpdate(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionUpdate(request, "SYS_KPI_LIST");//USER
|
||||
const kpiUserRole = await this.kpiUserRoleRepository.findOne({ where: { id } });
|
||||
if (!kpiUserRole) {
|
||||
throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่พบข้อมูลงานตามหน้าที่ความรับผิดชอบหลักนี้");
|
||||
|
|
@ -174,7 +174,7 @@ export class KpiUserRoleController extends Controller {
|
|||
*/
|
||||
@Delete("{id}")
|
||||
async deleteKpiUserRole(@Path() id: string, @Request() request: RequestWithUser) {
|
||||
await new permission().PermissionDelete(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionDelete(request, "SYS_KPI_LIST");//USER
|
||||
const delKpiUserRole = await this.kpiUserRoleRepository.findOne({ where: { id } });
|
||||
if (!delKpiUserRole) {
|
||||
throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่พบข้อมูลงานตามหน้าที่ความรับผิดชอบหลักนี้");
|
||||
|
|
@ -235,7 +235,7 @@ export class KpiUserRoleController extends Controller {
|
|||
*/
|
||||
@Get()
|
||||
async GetKpiUserRole(@Request() request: RequestWithUser, @Query("id") id: string) {
|
||||
await new permission().PermissionGet(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionGet(request, "SYS_KPI_LIST");//USER
|
||||
const kpiUserRole = await this.kpiUserRoleRepository.find({
|
||||
where: {
|
||||
kpiUserEvaluationId: id,
|
||||
|
|
@ -290,7 +290,7 @@ export class KpiUserRoleController extends Controller {
|
|||
@Body() requestBody: KpiUserRoleDataPoint[],
|
||||
@Request() request: RequestWithUser,
|
||||
) {
|
||||
await new permission().PermissionCreate(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionCreate(request, "SYS_KPI_LIST");//USER
|
||||
for (const item of requestBody) {
|
||||
const kpiUserRole = await this.kpiUserRoleRepository.findOne({
|
||||
where: { id: item.id },
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue