ปิด validate สิทธิ์ user controller
This commit is contained in:
parent
3a033ddc9b
commit
c2f652732f
4 changed files with 44 additions and 29 deletions
|
|
@ -56,7 +56,7 @@ export class KpiUserDevelopmentController extends Controller {
|
|||
requestBody: CreateKpiUserDevelopment,
|
||||
@Request() request: RequestWithUser,
|
||||
) {
|
||||
await new permission().PermissionCreate(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionCreate(request, "SYS_KPI_LIST");//USER
|
||||
const chkUserEvaluation = await this.kpiUserEvaluationRepository.findOne({
|
||||
where: { id: requestBody.kpiUserEvaluationId },
|
||||
});
|
||||
|
|
@ -90,7 +90,7 @@ export class KpiUserDevelopmentController extends Controller {
|
|||
// "ไม่สามารถเพิ่มข้อมูลได้เนื่องจากข้อมูลตัวชี้วัดซ้ำ",
|
||||
// );
|
||||
// }
|
||||
let before:any = null;
|
||||
let before: any = null;
|
||||
kpiUserDevelopment.createdUserId = request.user.sub;
|
||||
kpiUserDevelopment.createdFullName = request.user.name;
|
||||
kpiUserDevelopment.lastUpdateUserId = request.user.sub;
|
||||
|
|
@ -130,7 +130,7 @@ export class KpiUserDevelopmentController extends Controller {
|
|||
@Body() requestBody: UpdateKpiUserDevelopment,
|
||||
@Request() request: RequestWithUser,
|
||||
) {
|
||||
await new permission().PermissionUpdate(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionUpdate(request, "SYS_KPI_LIST");//USER
|
||||
const kpiUserDevelopment = await this.kpiUserDevelopmentRepository.findOne({
|
||||
where: { id },
|
||||
relations: {
|
||||
|
|
@ -209,7 +209,7 @@ export class KpiUserDevelopmentController extends Controller {
|
|||
*/
|
||||
@Delete("{id}")
|
||||
async deleteKpiUserDevelopment(@Path() id: string, @Request() request: RequestWithUser) {
|
||||
await new permission().PermissionDelete(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionDelete(request, "SYS_KPI_LIST");//USER
|
||||
const delKpiUserDevelopment = await this.kpiUserDevelopmentRepository.findOne({
|
||||
where: { id },
|
||||
relations: ["developmentProjects"],
|
||||
|
|
@ -275,7 +275,7 @@ export class KpiUserDevelopmentController extends Controller {
|
|||
*/
|
||||
@Get()
|
||||
async GetKpiUserDevelopment(@Request() request: RequestWithUser, @Query("id") id: string) {
|
||||
await new permission().PermissionGet(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionGet(request, "SYS_KPI_LIST");//USER
|
||||
const kpiUserDevelopment = await this.kpiUserDevelopmentRepository.find({
|
||||
where: {
|
||||
kpiUserEvaluationId: id,
|
||||
|
|
@ -313,7 +313,7 @@ export class KpiUserDevelopmentController extends Controller {
|
|||
@Body() requestBody: KpiUserDevelopmentDataPoint[],
|
||||
@Request() request: RequestWithUser,
|
||||
) {
|
||||
await new permission().PermissionCreate(request, "SYS_KPI_LIST");
|
||||
// await new permission().PermissionCreate(request, "SYS_KPI_LIST");//USER
|
||||
for (const item of requestBody) {
|
||||
const kpiUserDevelopment = await this.kpiUserDevelopmentRepository.findOne({
|
||||
where: { id: item.id },
|
||||
|
|
@ -493,7 +493,11 @@ export class KpiUserDevelopmentController extends Controller {
|
|||
* @param {string} id Id พัฒนาตนเอง
|
||||
*/
|
||||
@Get("registry/{type}/{id}")
|
||||
async GetKpiUserDevelopmentDetailRegistryOfficer(@Request() request: RequestWithUser, @Path() id: string, @Path() type: string) {
|
||||
async GetKpiUserDevelopmentDetailRegistryOfficer(
|
||||
@Request() request: RequestWithUser,
|
||||
@Path() id: string,
|
||||
@Path() type: string,
|
||||
) {
|
||||
const getKpiUserDevelopment = await this.kpiUserDevelopmentRepository.findOne({
|
||||
relations: ["kpiUserEvaluation", "developmentProjects"],
|
||||
where: { id: id },
|
||||
|
|
@ -501,15 +505,27 @@ export class KpiUserDevelopmentController extends Controller {
|
|||
if (!getKpiUserDevelopment) {
|
||||
throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่พบข้อมูลพัฒนาตนเองนี้");
|
||||
}
|
||||
if(type.trim().toLocaleUpperCase() == "OFFICER"){
|
||||
await new permission().PermissionOrgUserGet(request, "SYS_REGISTRY_OFFICER", getKpiUserDevelopment.kpiUserEvaluation.profileId);
|
||||
}else if(type.trim().toLocaleUpperCase() == "EMPLOYEE"){
|
||||
await new permission().PermissionOrgUserGet(request, "SYS_REGISTRY_EMP", getKpiUserDevelopment.kpiUserEvaluation.profileId);
|
||||
}else if(type.trim().toLocaleUpperCase() == "TEMP"){
|
||||
await new permission().PermissionOrgUserGet(request, "SYS_REGISTRY_TEMP", getKpiUserDevelopment.kpiUserEvaluation.profileId);
|
||||
}else if(type.trim().toLocaleUpperCase() == "USER"){
|
||||
}else{
|
||||
throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่สามารถเข้าถึงข้อมูลนี้ได้");
|
||||
if (type.trim().toLocaleUpperCase() == "OFFICER") {
|
||||
await new permission().PermissionOrgUserGet(
|
||||
request,
|
||||
"SYS_REGISTRY_OFFICER",
|
||||
getKpiUserDevelopment.kpiUserEvaluation.profileId,
|
||||
);
|
||||
} else if (type.trim().toLocaleUpperCase() == "EMPLOYEE") {
|
||||
await new permission().PermissionOrgUserGet(
|
||||
request,
|
||||
"SYS_REGISTRY_EMP",
|
||||
getKpiUserDevelopment.kpiUserEvaluation.profileId,
|
||||
);
|
||||
} else if (type.trim().toLocaleUpperCase() == "TEMP") {
|
||||
await new permission().PermissionOrgUserGet(
|
||||
request,
|
||||
"SYS_REGISTRY_TEMP",
|
||||
getKpiUserDevelopment.kpiUserEvaluation.profileId,
|
||||
);
|
||||
} else if (type.trim().toLocaleUpperCase() == "USER") {
|
||||
} else {
|
||||
throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่สามารถเข้าถึงข้อมูลนี้ได้");
|
||||
}
|
||||
|
||||
const mapKpiUserDevelopment = {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue