diff --git a/src/controllers/PermissionController.ts b/src/controllers/PermissionController.ts
index 52b4603b..bc95151e 100644
--- a/src/controllers/PermissionController.ts
+++ b/src/controllers/PermissionController.ts
@@ -208,6 +208,33 @@ export class PermissionController extends Controller {
     return new HttpSuccess(res);
   }
 
+  /**
+   * API permission (dotnet api)
+   * @summary permission (dotnet api)
+   * @param {string} action  action
+   * @param {string} system  authSysId
+   * @param {string} profileId  profileId
+   */
+  @Get("dotnet-user/{action}/{system}/{profileId}")
+  public async dotnetUser(
+    @Request() req: RequestWithUser,
+    @Path() action: string,
+    @Path() system: string,
+    @Path() profileId: string,
+  ) {
+    if (!["CREATE", "DELETE", "GET", "LIST", "UPDATE"].includes(action)) {
+      throw new HttpError(HttpStatus.NOT_FOUND, "Action ไม่ถูกต้อง");
+    }
+
+    let res = await new permission().PermissionOrgByUser(
+      req,
+      system.toLocaleUpperCase(),
+      action,
+      profileId,
+    );
+    return new HttpSuccess(res);
+  }
+
   @Get("org")
   public async listAuthSysOrg(@Request() request: RequestWithUser) {
     const redisClient = await this.redis.createClient({
@@ -217,7 +244,7 @@ export class PermissionController extends Controller {
     const getAsync = promisify(redisClient.get).bind(redisClient);
 
     const profile = await this.profileRepo.findOne({
-        select: ["id"],
+      select: ["id"],
       where: { keycloak: request.user.sub },
     });
     if (!profile) {
@@ -238,15 +265,22 @@ export class PermissionController extends Controller {
         },
       });
       if (!posMaster) {
-        throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลตำแหน่งในโครงสร้าง");
+        reply = {
+          orgRootId: null,
+          orgChild1Id: null,
+          orgChild2Id: null,
+          orgChild3Id: null,
+          orgChild4Id: null,
+        };
+      } else {
+        reply = {
+          orgRootId: posMaster.orgRootId,
+          orgChild1Id: posMaster.orgChild1Id,
+          orgChild2Id: posMaster.orgChild2Id,
+          orgChild3Id: posMaster.orgChild3Id,
+          orgChild4Id: posMaster.orgChild4Id,
+        };
       }
-      reply = {
-        orgRootId: posMaster.orgRootId,
-        orgChild1Id: posMaster.orgChild1Id,
-        orgChild2Id: posMaster.orgChild2Id,
-        orgChild3Id: posMaster.orgChild3Id,
-        orgChild4Id: posMaster.orgChild4Id,
-      };
       redisClient.setex("posMaster_" + profile.id, 86400, JSON.stringify(reply));
     }
 
@@ -254,7 +288,7 @@ export class PermissionController extends Controller {
   }
 
   @Get("user/{id}")
-  public async listOrgUser(@Request() request: RequestWithUser,@Path() id: string) {
+  public async listOrgUser(@Request() request: RequestWithUser, @Path() id: string) {
     const redisClient = await this.redis.createClient({
       host: REDIS_HOST,
       port: REDIS_PORT,
@@ -262,7 +296,7 @@ export class PermissionController extends Controller {
     const getAsync = promisify(redisClient.get).bind(redisClient);
 
     const profile = await this.profileRepo.findOne({
-        select: ["id"],
+      select: ["id"],
       where: { id: id },
     });
     if (!profile) {
@@ -283,15 +317,22 @@ export class PermissionController extends Controller {
         },
       });
       if (!posMaster) {
-        throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลตำแหน่งในโครงสร้าง");
+        reply = {
+          orgRootId: null,
+          orgChild1Id: null,
+          orgChild2Id: null,
+          orgChild3Id: null,
+          orgChild4Id: null,
+        };
+      } else {
+        reply = {
+          orgRootId: posMaster.orgRootId,
+          orgChild1Id: posMaster.orgChild1Id,
+          orgChild2Id: posMaster.orgChild2Id,
+          orgChild3Id: posMaster.orgChild3Id,
+          orgChild4Id: posMaster.orgChild4Id,
+        };
       }
-      reply = {
-        orgRootId: posMaster.orgRootId,
-        orgChild1Id: posMaster.orgChild1Id,
-        orgChild2Id: posMaster.orgChild2Id,
-        orgChild3Id: posMaster.orgChild3Id,
-        orgChild4Id: posMaster.orgChild4Id,
-      };
       redisClient.setex("user_" + profile.id, 86400, JSON.stringify(reply));
     }
 
diff --git a/src/controllers/ProfileEmployeeController.ts b/src/controllers/ProfileEmployeeController.ts
index 746511aa..727cab8a 100644
--- a/src/controllers/ProfileEmployeeController.ts
+++ b/src/controllers/ProfileEmployeeController.ts
@@ -482,7 +482,7 @@ export class ProfileEmployeeController extends Controller {
           ? `${Extension.ToThaiNumber(Extension.ToThaiFullDate2(item.startDate))} - ${Extension.ToThaiNumber(Extension.ToThaiFullDate2(item.endDate))}`
           : "",
       Level: item.educationLevel ?? "",
-      Degree: item.degree ? `${item.degree} ${item.field ? item.field : "" }`: "", 
+      Degree: item.degree ? `${item.degree} ${item.field ? item.field : ""}` : "",
       Field: item.field ?? "-",
     }));
     const salarys = await this.salaryRepository.find({
@@ -577,7 +577,7 @@ export class ProfileEmployeeController extends Controller {
    */
   @Post()
   async createProfile(@Body() body: CreateProfileEmployee, @Request() request: RequestWithUser) {
-    await new permission().PermissionCreate(request, "SYS_REGISTRY_EMP");
+    await new permission().PermissionCreate(request, "SYS_REGISTRY_TEMP");
     if (await this.profileRepo.findOneBy({ citizenId: body.citizenId })) {
       throw new HttpError(
         HttpStatus.INTERNAL_SERVER_ERROR,