role โครงสร้างอัตรากำลัง

2024-08-16 17:36:08 +07:00 · 2024-08-16 17:36:08 +07:00 · 2ce5138a4f
commit 2ce5138a4f
parent deb8194b7f
9 changed files with 109 additions and 48 deletions
--- a/src/controllers/EmployeePositionController.ts
+++ b/src/controllers/EmployeePositionController.ts
@ -36,6 +36,9 @@ import { OrgChild3 } from "../entities/OrgChild3";
 import { OrgChild4 } from "../entities/OrgChild4";
 import { ProfileEmployee } from "../entities/ProfileEmployee";
 import { AuthRole } from "../entities/AuthRole";
+import { RequestWithUser } from "../middlewares/user";
+import permission from "../interfaces/permission";
+import { request } from "axios";
@Route("api/v1/org/employee/pos")
@Tags("Employee")
@Security("bearerAuth")
@ -69,8 +72,9 @@ export class EmployeePositionController extends Controller {
  async CreateEmployeePosition(
    @Body()
    requestBody: CreateEmployeePosDict,
-    @Request() request: { user: Record<string, any> },
+    @Request() request: RequestWithUser,
  ) {
+    await new permission().PermissionCreate(request, "SYS_ORG_EMP");
    const empPosDict = Object.assign(new EmployeePosDict(), requestBody);
    if (!empPosDict) {
      throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่พบข้อมูล");
@ -120,8 +124,9 @@ export class EmployeePositionController extends Controller {
    @Path() id: string,
    @Body()
    requestBody: UpdateEmployeePosDict,
-    @Request() request: { user: Record<string, any> },
+    @Request() request: RequestWithUser,
  ) {
+    await new permission().PermissionUpdate(request, "SYS_ORG_EMP");
    const empPosDict = await this.employeePosDictRepository.findOne({
      where: { id: id },
    });
@ -170,7 +175,8 @@ export class EmployeePositionController extends Controller {
   * @param {string} id  Id ตำแหน่งลูกจ้างประจำ
   */
  @Delete("position/{id}")
-  async delete(@Path() id: string) {
+  async delete(@Path() id: string, @Request() request: RequestWithUser) {
+    await new permission().PermissionDelete(request, "SYS_ORG_EMP");
    const delEmpPosDict = await this.employeePosDictRepository.findOne({ where: { id } });
    if (!delEmpPosDict) {
      throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่พบข้อมูลตำแหน่งลูกจ้างประจำนี้");
@ -359,8 +365,9 @@ export class EmployeePositionController extends Controller {
  async createEmpMaster(
    @Body()
    requestBody: CreateEmployeePosMaster,
-    @Request() request: { user: Record<string, any> },
+    @Request() request: RequestWithUser,
  ) {
+    await new permission().PermissionCreate(request, "SYS_ORG_EMP");
    const posMaster = Object.assign(new EmployeePosMaster(), requestBody);
    if (!posMaster) {
      throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่พบข้อมูล");
@ -607,8 +614,9 @@ export class EmployeePositionController extends Controller {
    @Path() id: string,
    @Body()
    requestBody: CreateEmployeePosMaster,
-    @Request() request: { user: Record<string, any> },
+    @Request() request: RequestWithUser,
  ) {
+    await new permission().PermissionUpdate(request, "SYS_ORG_EMP");
    const posMaster = await this.employeePosMasterRepository.findOne({ where: { id: id } });
    if (!posMaster) {
      throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่พบข้อมูลอัตรากำลัง");
@ -847,7 +855,8 @@ export class EmployeePositionController extends Controller {
   * @param {string} id  Id ตำแหน่ง
   */
  @Delete("master/{id}")
-  async deleteEmpPosMaster(@Path() id: string) {
+  async deleteEmpPosMaster(@Path() id: string, @Request() request: RequestWithUser) {
+    await new permission().PermissionCreate(request, "SYS_ORG_EMP");
    const delPosMaster = await this.employeePosMasterRepository.findOne({
      where: { id },
    });
@ -1177,7 +1186,8 @@ export class EmployeePositionController extends Controller {
   *
   */
  @Post("sort")
-  async SortEmp(@Body() requestBody: { id: string; type: number; sortId: string[] }) {
+  async SortEmp(@Body() requestBody: { id: string; type: number; sortId: string[] }, @Request() request: RequestWithUser) {
+    await new permission().PermissionUpdate(request, "SYS_ORG_EMP");
    switch (requestBody.type) {
      case 0: {
        const rootId = await this.employeePosMasterRepository.findOne({
@ -1401,8 +1411,9 @@ export class EmployeePositionController extends Controller {
  @Post("move")
  async moveEmpPosMaster(
    @Body() requestBody: { id: string; type: number; positionMaster: string[] },
-    @Request() request: { user: Record<string, any> },
+    @Request() request: RequestWithUser,
  ) {
+    await new permission().PermissionUpdate(request, "SYS_ORG_EMP");
    const posMasters = await this.employeePosMasterRepository.find({
      where: { id: In(requestBody.positionMaster) },
    });
@ -2067,7 +2078,9 @@ export class EmployeePositionController extends Controller {
  @Post("profile")
  async createEmpHolder(
    @Body() requestBody: { posMaster: string; position: string; profileId: string; isSit: boolean },
+    @Request() request: RequestWithUser
  ) {
+    await new permission().PermissionCreate(request, "SYS_ORG_EMP");
    const dataMaster = await this.employeePosMasterRepository.findOne({
      where: { id: requestBody.posMaster },
      relations: ["positions"],
@ -2100,7 +2113,8 @@ export class EmployeePositionController extends Controller {
   * @param  {string} id  *Id posMaster
   */
  @Post("profile/delete/{id}")
-  async deleteEmpHolder(@Path() id: string) {
+  async deleteEmpHolder(@Path() id: string, @Request() request: RequestWithUser) {
+    await new permission().PermissionDelete(request, "SYS_ORG_EMP");
    const dataMaster = await this.employeePosMasterRepository.findOne({
      where: { id: id },
      relations: ["positions"],
@ -2130,7 +2144,8 @@ export class EmployeePositionController extends Controller {
   *
   */
  @Post("dna")
-  async dnaEmp(@Body() requestBody: { draftPositionId: string; publishPositionId: string }) {
+  async dnaEmp(@Body() requestBody: { draftPositionId: string; publishPositionId: string }, @Request() request: RequestWithUser) {
+    await new permission().PermissionDelete(request, "SYS_ORG_EMP");
    const findDraft = await this.orgRevisionRepository.findOne({
      where: {
        orgRevisionIsDraft: true,
@ -2185,7 +2200,9 @@ export class EmployeePositionController extends Controller {
      positionId: string;
      profileId: string;
    },
+    @Request() request: RequestWithUser,
  ) {
+    await new permission().PermissionCreate(request, "SYS_ORG_EMP");
    const posMaster = await this.employeePosMasterRepository.findOne({
      where: { id: body.posmasterId },
      relations: ["orgRoot"],