diff --git a/src/controllers/PermissionController.ts b/src/controllers/PermissionController.ts index ed8fc343..026a3ecf 100644 --- a/src/controllers/PermissionController.ts +++ b/src/controllers/PermissionController.ts @@ -15,6 +15,7 @@ import permission from "../interfaces/permission"; import { ProfileEmployee } from "../entities/ProfileEmployee"; import { EmployeePosMaster } from "../entities/EmployeePosMaster"; import { OrgRevision } from "../entities/OrgRevision"; +import { PosMasterAct } from "../entities/PosMasterAct"; import { actingPositionService } from "../services/ActingPositionService"; const REDIS_HOST = process.env.REDIS_HOST; const REDIS_PORT = process.env.REDIS_PORT; @@ -31,6 +32,7 @@ export class PermissionController extends Controller { private authRoleAttrRepo = AppDataSource.getRepository(AuthRoleAttr); private authSysRepo = AppDataSource.getRepository(AuthSys); private orgRevisionRepository = AppDataSource.getRepository(OrgRevision); + private posMasterActRepo = AppDataSource.getRepository(PosMasterAct); private redis = require("redis"); @Get("") @@ -235,6 +237,107 @@ export class PermissionController extends Controller { return new HttpSuccess(reply); } + /** + * API ดึงข้อมูลระบบจากตำแหน่งรักษาการ + * @summary ดึงข้อมูลระบบจากตำแหน่งรักษาการ + * @param {string} system authSysId ของระบบที่ต้องการตรวจสอบ + */ + @Get("acting/{system}") + public async getSystemsActing(@Request() request: RequestWithUser, @Path() system: string) { + let profile: any = await this.profileRepo.findOne({ + select: ["id"], + where: { keycloak: request.user.sub }, + }); + if (!profile) { + profile = await this.profileEmployeeRepo.findOne({ + select: ["id"], + where: { keycloak: request.user.sub }, + }); + if (!profile) { + throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลบุคคลนี้ในระบบ"); + } + } + + const orgRevision = await this.orgRevisionRepository.findOne({ + select: ["id"], + where: { + orgRevisionIsDraft: false, + orgRevisionIsCurrent: true, + }, + }); + + const posMasterActs = await this.posMasterActRepo + .createQueryBuilder("posMasterAct") + .leftJoinAndSelect("posMasterAct.posMaster", "posMaster") + .addSelect(["posMaster.authRoleId", "posMaster.posMasterNo"]) + .leftJoinAndSelect("posMaster.orgRoot", "orgRoot") + .leftJoinAndSelect("posMaster.orgChild1", "orgChild1") + .leftJoinAndSelect("posMaster.orgChild2", "orgChild2") + .leftJoinAndSelect("posMaster.orgChild3", "orgChild3") + .leftJoinAndSelect("posMaster.orgChild4", "orgChild4") + .leftJoinAndSelect("posMasterAct.posMasterChild", "posMasterChild") + .leftJoinAndSelect("posMasterChild.current_holder", "profileChild") + .where("profileChild.id = :profileId", { profileId: profile.id }) + .andWhere("posMaster.orgRevisionId = :orgRevisionId", { orgRevisionId: orgRevision?.id }) + .getMany(); + + if (posMasterActs.length === 0) { + return new HttpSuccess([]); + } + + const results = await Promise.all( + posMasterActs.map(async (act) => { + if (!act.posMaster?.authRoleId) { + return null; + } + + const roleAttrData = await this.authRoleAttrRepo.findOne({ + select: [ + "authSysId", + "parentNode", + "attrOwnership", + "attrIsCreate", + "attrIsList", + "attrIsGet", + "attrIsUpdate", + "attrIsDelete", + "attrPrivilege", + ], + where: { authRoleId: act.posMaster.authRoleId, authSysId: system }, + }); + + if (!roleAttrData) { + return null; + } + + // const holder = act.posMaster; + // const posNo = !holder + // ? null + // : holder.orgChild4 != null + // ? `${holder.orgChild4.orgChild4ShortName} ${holder.posMasterNo}` + // : holder.orgChild3 != null + // ? `${holder.orgChild3.orgChild3ShortName} ${holder.posMasterNo}` + // : holder.orgChild2 != null + // ? `${holder.orgChild2.orgChild2ShortName} ${holder.posMasterNo}` + // : holder.orgChild1 != null + // ? `${holder.orgChild1.orgChild1ShortName} ${holder.posMasterNo}` + // : holder.orgRoot != null + // ? `${holder.orgRoot.orgRootShortName} ${holder.posMasterNo}` + // : null; + + return { + ...roleAttrData, + actingProfileId: act.posMaster.current_holderId, + // posNo: posNo, + }; + }) + ); + + const filteredResults = results.filter((r) => r !== null); + + return new HttpSuccess(filteredResults); + } + /** * API permission (dotnet api) * @summary permission (dotnet api)