#2523 STAFF + isDirector ให้ล้อสิทธิ์เหมือน CHILD

src/controllers/CommandController.ts

@@ -206,7 +206,13 @@ export class CommandController extends Controller {
       child4: null,
     };
     if (request.user.role.includes("STAFF")) {
+      // #2523 STAFF + isDirector ให้ล้อสิทธิ์เหมือน CHILD
+      if (!isDirector) {
         _data = await new permission().PermissionOrgList(request, "COMMAND");
+        
+      } else {
+        _data = await new permission().PermissionIsDirectorOrgList(request, "COMMAND", isDirector);
+      }
     }
     if (isDirector || _data.privilege == "OWNER") {
       const profiles = await this.profileRepository

src/interfaces/permission.ts

@@ -39,7 +39,7 @@ class CheckAuth {
         }
       });
   }
-  public async PermissionOrg(req: RequestWithUser, system: string, action: string) {
+  public async PermissionOrg(req: RequestWithUser, system: string, action: string, isDirector?: boolean) {
     if (
       req.headers.hasOwnProperty("api_key") &&
       req.headers["api_key"] &&
@@ -56,7 +56,7 @@ class CheckAuth {
     return await new CallAPI()
       .GetData(req, `/org/permission/org/${system}/${action}`)
       .then(async (x) => {
-        let privilege = x.privilege;
+        let privilege = isDirector && isDirector === true ? "CHILD" : x.privilege;
 
         let data: any = {
           root: [null],
@@ -288,6 +288,9 @@ class CheckAuth {
   public async PermissionOrgList(req: RequestWithUser, system: string) {
     return await this.PermissionOrg(req, system, "LIST");
   }
+  public async PermissionIsDirectorOrgList(req: RequestWithUser, system: string, isDirector: boolean) {
+    return await this.PermissionOrg(req, system, "LIST", isDirector);
+  }
   public async PermissionOrgUpdate(req: RequestWithUser, system: string) {
     return await this.PermissionOrg(req, system, "UPDATE");
   }