From 35011ea959fd7dca8563efec099b17b110f9a9f0 Mon Sep 17 00:00:00 2001 From: Adisak Date: Wed, 22 Oct 2025 11:34:56 +0700 Subject: [PATCH] #1893 --- src/controllers/EmployeePositionController.ts | 87 ++++++++++++++++++- .../EmployeeTempPositionController.ts | 86 +++++++++++++++++- src/controllers/OrganizationController.ts | 54 +++++++++++- 3 files changed, 224 insertions(+), 3 deletions(-) diff --git a/src/controllers/EmployeePositionController.ts b/src/controllers/EmployeePositionController.ts index 86bf8bde..3b4d0f0c 100644 --- a/src/controllers/EmployeePositionController.ts +++ b/src/controllers/EmployeePositionController.ts @@ -1006,6 +1006,7 @@ export class EmployeePositionController extends Controller { */ @Post("master/list") async listEmp( + @Request() request: RequestWithUser, @Body() body: { id: string; @@ -1026,7 +1027,7 @@ export class EmployeePositionController extends Controller { let searchShortName2 = `CONCAT(orgChild2.orgChild2ShortName," ",posMaster.posMasterNoPrefix,posMaster.posMasterNo,posMaster.posMasterNoSuffix)`; let searchShortName3 = `CONCAT(orgChild3.orgChild3ShortName," ",posMaster.posMasterNoPrefix,posMaster.posMasterNo,posMaster.posMasterNoSuffix)`; let searchShortName4 = `CONCAT(orgChild4.orgChild4ShortName," ",posMaster.posMasterNoPrefix,posMaster.posMasterNo,posMaster.posMasterNoSuffix)`; - + let _data = await new permission().PermissionOrgList(request, "SYS_ORG_EMP"); if (body.type === 0) { typeCondition = { orgRootId: body.id, @@ -1139,6 +1140,56 @@ export class EmployeePositionController extends Controller { .leftJoinAndSelect("positions.posType", "posType") .leftJoinAndSelect("positions.posLevel", "posLevel") .where(conditions) + .andWhere( + _data.root != undefined && _data.root != null + ? _data.root[0] != null + ? `posMaster.orgRootId IN (:...root)` + : `posMaster.orgRootId is null` + : "1=1", + { + root: _data.root, + }, + ) + .andWhere( + _data.child1 != undefined && _data.child1 != null + ? _data.child1[0] != null + ? `posMaster.orgChild1Id IN (:...child1)` + : `posMaster.orgChild1Id is null` + : "1=1", + { + child1: _data.child1, + }, + ) + .andWhere( + _data.child2 != undefined && _data.child2 != null + ? _data.child2[0] != null + ? `posMaster.orgChild2Id IN (:...child2)` + : `posMaster.orgChild2Id is null` + : "1=1", + { + child2: _data.child2, + }, + ) + .andWhere( + _data.child3 != undefined && _data.child3 != null + ? _data.child3[0] != null + ? `posMaster.orgChild3Id IN (:...child3)` + : `posMaster.orgChild3Id is null` + : "1=1", + { + child3: _data.child3, + }, + ) + .andWhere( + _data.child4 != undefined && _data.child4 != null + ? _data.child4[0] != null + ? `posMaster.orgChild4Id IN (:...child4)` + : `posMaster.orgChild4Id is null` + : "1=1", + { + child4: _data.child4, + }, + ) .orWhere( new Brackets((qb) => { qb.andWhere( @@ -1330,6 +1381,40 @@ export class EmployeePositionController extends Controller { }; }), ); + + if(_data.privilege === 'NORMAL'|| _data.privilege === 'PARENT'|| _data.privilege === 'CHILD'){ //PARENT จะไม่มีทางเห็น ROOT , CHILD ยึดจาก CHILD ที่อยู่ลงไปข้างล่างและจะไม่เห็น CHILD ที่อยู่เหนือกว่า + const nextChildMap:any = { //เอาไวเช็ค CHILD ถัดไป + 0: _data.child1, + 1: _data.child2, + 2: _data.child3, + 3: _data.child4, + }; + const childValue = nextChildMap[body.type]; + if(_data.privilege === 'NORMAL'){ + if (Array.isArray(childValue) && childValue.some(item => item != null)) { + return new HttpSuccess({ data: [], total: 0 }); + } + }else if(_data.privilege === 'PARENT'){ + if (body.type == 0){ + return new HttpSuccess({ data: [], total: 0 }); + } + } else if (_data.privilege === 'CHILD') { + const higherChildChecks = [ + { type: [0], child: _data.child1, next: _data.child2 }, + { type: [0, 1], child: _data.child2, next: _data.child3 }, + { type: [0, 1, 2], child: _data.child3, next: _data.child4 }, + { type: [0, 1, 2, 3], child: _data.child4, next: true }, + ]; + + for (const check of higherChildChecks) { + if (Array.isArray(check.child) && check.next == null) { + if (check.type.includes(body.type)) { + return new HttpSuccess({ data: [], total: 0 }); + } + } + } + } + } return new HttpSuccess({ data: formattedData, total }); } diff --git a/src/controllers/EmployeeTempPositionController.ts b/src/controllers/EmployeeTempPositionController.ts index 7f526c8d..c9621e77 100644 --- a/src/controllers/EmployeeTempPositionController.ts +++ b/src/controllers/EmployeeTempPositionController.ts @@ -754,6 +754,7 @@ export class EmployeeTempPositionController extends Controller { */ @Post("master/list") async listEmp( + @Request() request: RequestWithUser, @Body() body: { id: string; @@ -774,7 +775,7 @@ export class EmployeeTempPositionController extends Controller { let searchShortName2 = `CONCAT(orgChild2.orgChild2ShortName," ",posMaster.posMasterNoPrefix,posMaster.posMasterNo,posMaster.posMasterNoSuffix)`; let searchShortName3 = `CONCAT(orgChild3.orgChild3ShortName," ",posMaster.posMasterNoPrefix,posMaster.posMasterNo,posMaster.posMasterNoSuffix)`; let searchShortName4 = `CONCAT(orgChild4.orgChild4ShortName," ",posMaster.posMasterNoPrefix,posMaster.posMasterNo,posMaster.posMasterNoSuffix)`; - + let _data = await new permission().PermissionOrgList(request, "SYS_ORG_TEMP"); if (body.type === 0) { typeCondition = { orgRootId: body.id, @@ -887,6 +888,56 @@ export class EmployeeTempPositionController extends Controller { .leftJoinAndSelect("positions.posType", "posType") .leftJoinAndSelect("positions.posLevel", "posLevel") .where(conditions) + .andWhere( + _data.root != undefined && _data.root != null + ? _data.root[0] != null + ? `posMaster.orgRootId IN (:...root)` + : `posMaster.orgRootId is null` + : "1=1", + { + root: _data.root, + }, + ) + .andWhere( + _data.child1 != undefined && _data.child1 != null + ? _data.child1[0] != null + ? `posMaster.orgChild1Id IN (:...child1)` + : `posMaster.orgChild1Id is null` + : "1=1", + { + child1: _data.child1, + }, + ) + .andWhere( + _data.child2 != undefined && _data.child2 != null + ? _data.child2[0] != null + ? `posMaster.orgChild2Id IN (:...child2)` + : `posMaster.orgChild2Id is null` + : "1=1", + { + child2: _data.child2, + }, + ) + .andWhere( + _data.child3 != undefined && _data.child3 != null + ? _data.child3[0] != null + ? `posMaster.orgChild3Id IN (:...child3)` + : `posMaster.orgChild3Id is null` + : "1=1", + { + child3: _data.child3, + }, + ) + .andWhere( + _data.child4 != undefined && _data.child4 != null + ? _data.child4[0] != null + ? `posMaster.orgChild4Id IN (:...child4)` + : `posMaster.orgChild4Id is null` + : "1=1", + { + child4: _data.child4, + }, + ) .orWhere( new Brackets((qb) => { qb.andWhere( @@ -1078,6 +1129,39 @@ export class EmployeeTempPositionController extends Controller { }; }), ); + if(_data.privilege === 'NORMAL'|| _data.privilege === 'PARENT'|| _data.privilege === 'CHILD'){ //PARENT จะไม่มีทางเห็น ROOT , CHILD ยึดจาก CHILD ที่อยู่ลงไปข้างล่างและจะไม่เห็น CHILD ที่อยู่เหนือกว่า + const nextChildMap:any = { //เอาไวเช็ค CHILD ถัดไป + 0: _data.child1, + 1: _data.child2, + 2: _data.child3, + 3: _data.child4, + }; + const childValue = nextChildMap[body.type]; + if(_data.privilege === 'NORMAL'){ + if (Array.isArray(childValue) && childValue.some(item => item != null)) { + return new HttpSuccess({ data: [], total: 0 }); + } + }else if(_data.privilege === 'PARENT'){ + if (body.type == 0){ + return new HttpSuccess({ data: [], total: 0 }); + } + } else if (_data.privilege === 'CHILD') { + const higherChildChecks = [ + { type: [0], child: _data.child1, next: _data.child2 }, + { type: [0, 1], child: _data.child2, next: _data.child3 }, + { type: [0, 1, 2], child: _data.child3, next: _data.child4 }, + { type: [0, 1, 2, 3], child: _data.child4, next: true }, + ]; + + for (const check of higherChildChecks) { + if (Array.isArray(check.child) && check.next == null) { + if (check.type.includes(body.type)) { + return new HttpSuccess({ data: [], total: 0 }); + } + } + } + } + } return new HttpSuccess({ data: formattedData, total }); } diff --git a/src/controllers/OrganizationController.ts b/src/controllers/OrganizationController.ts index 64ae57b1..c03ff83f 100644 --- a/src/controllers/OrganizationController.ts +++ b/src/controllers/OrganizationController.ts @@ -6098,7 +6098,7 @@ export class OrganizationController extends Controller { if (!orgRevision) { throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่พบข้อมูล"); } - let _data = { + let _data:any = { root: null, child1: null, child2: null, @@ -6111,6 +6111,58 @@ export class OrganizationController extends Controller { ) { _data = await new permission().PermissionOrgList(request, system.trim().toUpperCase()); } + + const profile = await this.profileRepo.findOne({ + where: { keycloak: request.user.sub }, + relations: ["permissionProfiles", "current_holders"], + }); + + if (!profile) { + throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่พบข้อมูลผู้ใช้งานในทะเบียนประวัติ"); + } + + let _privilege = await new permission().PermissionOrgList(request, system); + const attrOwnership = _privilege.root === null ? true : false; + + if (orgRevision.orgRevisionIsDraft && !orgRevision.orgRevisionIsCurrent && !attrOwnership) { + if(Array.isArray(profile.permissionProfiles) && profile.permissionProfiles.length > 0){ + _data.root = profile.permissionProfiles.map((x) => x.orgRootId); + }else{ + return new HttpSuccess({ remark: "", data: [] }); + } + } + + // กำหนดการเข้าถึงข้อมูลตามสถานะและสิทธิ์ + const isCurrentActive = !orgRevision.orgRevisionIsDraft && orgRevision.orgRevisionIsCurrent; + if (isCurrentActive) { + if(_privilege.privilege == "NORMAL"){ + const holder = profile.current_holders.find(x => x.orgRevisionId === id); + if (!holder) return; + _data.root = [holder.orgRootId]; + _data.child1 = [holder.orgChild1Id]; + _data.child2 = [holder.orgChild2Id]; + _data.child3 = [holder.orgChild3Id]; + _data.child4 = [holder.orgChild4Id]; + }else if(_privilege.privilege == "CHILD"){ + const holder = profile.current_holders.find(x => x.orgRevisionId === id); + if (!holder) return; + _data.root = [holder.orgRootId]; + if (_privilege.root && _privilege.child1 === null) { + } else if (_privilege.child1 && _privilege.child2 === null) { + _data.child1 = [holder.orgChild1Id]; + } else if (_privilege.child2 && _privilege.child3 === null) { + _data.child1 = [holder.orgChild1Id]; + _data.child2 = [holder.orgChild2Id]; + } else if (_privilege.child3 && _privilege.child4 === null) { + _data.child1 = [holder.orgChild1Id]; + _data.child2 = [holder.orgChild2Id]; + _data.child3 = [holder.orgChild3Id]; + _data.child4 = [holder.orgChild4Id]; + } + }else{ + _data.root = [profile.current_holders.find((x) => x.orgRevisionId === id)?.orgRootId]; + } + } const orgRootData = await AppDataSource.getRepository(OrgRoot) .createQueryBuilder("orgRoot")