hrms-bangkok/hrms-api-org
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

role เมนู ข้าราชการ กทม. สามัญ

Browse source
This commit is contained in:
AdisakKanthawilang 2024-08-22 17:25:25 +07:00
parent edad154826
commit 4b42b896fa
22 changed files with 307 additions and 157 deletions
Download patch file Download diff file Expand all files Collapse all files

31
src/controllers/ProfileAbilityController.ts
View file

@ -71,7 +71,8 @@ export class ProfileAbilityController extends Controller {
},
],
})
public async detailProfileAbility(@Path() profileId: string) {
public async detailProfileAbility(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const getProfileAbilityId = await this.profileAbilityRepo.findBy({ profileId });
if (!getProfileAbilityId) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
@ -118,10 +119,21 @@ export class ProfileAbilityController extends Controller {
},
],
})
public async getProfileAbilityHistory(@Path() abilityId: string) {
const record = await this.profileAbilityHistoryRepo.findBy({
profileAbilityId: abilityId,
public async getProfileAbilityHistory(
@Path() abilityId: string,
@Request() req: RequestWithUser,
) {
const _record = await this.profileAbilityRepo.findOne({
where: { id: abilityId },
});
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
const record = await this.profileAbilityHistoryRepo.find({
relations: ["histories"],
where: { profileAbilityId: abilityId },
});
if (!record) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
}
@ -133,15 +145,15 @@ export class ProfileAbilityController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileAbility,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
if (!body.profileId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepo.findOneBy({ id: body.profileId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);//ตส
const data = new ProfileAbility();
const meta = {
@ -168,9 +180,9 @@ export class ProfileAbilityController extends Controller {
@Request() req: RequestWithUser,
@Path() abilityId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
const record = await this.profileAbilityRepo.findOneBy({ id: abilityId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", record.profileId);
const history = new ProfileAbilityHistory();
@ -195,7 +207,10 @@ export class ProfileAbilityController extends Controller {
@Delete("{abilityId}")
public async deleteProfileAbility(@Path() abilityId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_OFFICER");
const _record = await this.profileAbilityRepo.findOneBy({ id: abilityId });
if (_record) {
await new permission().PermissionOrgUserDelete(req,"SYS_REGISTRY_OFFICER",_record.profileId);
}
await this.profileAbilityHistoryRepo.delete({
profileAbilityId: abilityId,
});

8
src/controllers/ProfileAddressController.ts
View file

@ -68,7 +68,8 @@ export class ProfileAddressController extends Controller {
*
*/
@Get("{profileId}")
public async detailProfileAddress(@Path() profileId: string) {
public async detailProfileAddress(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const getProfileAddress = await this.profileRepo.findOne({
where: { id: profileId },
select: [
@ -139,7 +140,8 @@ export class ProfileAddressController extends Controller {
*
*/
@Get("history/{profileId}")
public async getProfileAddressHistory(@Path() profileId: string) {
public async getProfileAddressHistory(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const record = await this.profileAddressHistoryRepo.find({
where: { profileId: profileId },
relations: {
@ -182,7 +184,7 @@ export class ProfileAddressController extends Controller {
@Request() req: RequestWithUser,
@Path() profileId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", profileId);
const record = await this.profileRepo.findOneBy({ id: profileId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");

34
src/controllers/ProfileAssessmentsController.ts
View file

@ -78,7 +78,11 @@ export class ProfileAssessmentsController extends Controller {
},
],
})
public async detailProfileAssessments(@Path() profileId: string) {
public async detailProfileAssessments(
@Path() profileId: string,
@Request() req: RequestWithUser,
) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const getProfileAssessments = await this.profileAssessmentsRepository.findBy({ profileId });
if (!getProfileAssessments) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
@ -129,7 +133,10 @@ export class ProfileAssessmentsController extends Controller {
},
],
})
public async getProfileAssessmentsHistory(@Path() assessmentId: string) {
public async getProfileAssessmentsHistory(
@Path() assessmentId: string,
@Request() req: RequestWithUser,
) {
const record = await this.profileAssessmentsHistoryRepository.findBy({
profileAssessmentId: assessmentId,
});
@ -137,7 +144,14 @@ export class ProfileAssessmentsController extends Controller {
if (!record) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
}
const _record = await this.profileAssessmentsRepository.findOne({
where: {
id: assessmentId,
},
});
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
return new HttpSuccess(record);
}
@ -146,15 +160,15 @@ export class ProfileAssessmentsController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileAssessment,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
if (!body.profileId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepo.findOneBy({ id: body.profileId });
if (!profile) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);//ตส
const data = new ProfileAssessment();
const meta = {
@ -180,10 +194,11 @@ export class ProfileAssessmentsController extends Controller {
@Request() req: RequestWithUser,
@Path() assessmentId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
const record = await this.profileAssessmentsRepository.findOneBy({ id: assessmentId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", record.profileId);
const history = new ProfileAssessmentHistory();
Object.assign(record, body);
@ -210,7 +225,10 @@ export class ProfileAssessmentsController extends Controller {
@Path() assessmentId: string,
@Request() req: RequestWithUser,
) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_OFFICER");
const _record = await this.profileAssessmentsRepository.findOneBy({ id: assessmentId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
await this.profileAssessmentsHistoryRepository.delete({
profileAssessmentId: assessmentId,
});

21
src/controllers/ProfileAvatarController.ts
View file

@ -15,7 +15,8 @@ export class ProfileAvatarController extends Controller {
private avatarRepository = AppDataSource.getRepository(ProfileAvatar);
@Get("{profileId}")
public async getAvatar(@Path() profileId: string) {
public async getAvatar(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const lists = await this.avatarRepository.find({
where: { profileId: profileId },
});
@ -23,7 +24,8 @@ export class ProfileAvatarController extends Controller {
}
@Get("profileId/{id}")
async getProfile(@Path() id: string) {
async getProfile(@Path() id: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", id);
const profile = await this.profileRepository.findOne({
select: ["id", "avatar", "avatarName"],
where: { id },
@ -35,7 +37,8 @@ export class ProfileAvatarController extends Controller {
}
@Get("select/{profileId}/{id}")
public async selectAvatar(@Path() profileId: string, @Path() id: string) {
public async selectAvatar(@Path() profileId: string, @Path() id: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const result = await this.avatarRepository.findOneBy({ id: id });
if (!result) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
@ -63,14 +66,14 @@ export class ProfileAvatarController extends Controller {
@Post()
public async newAvatar(@Request() req: RequestWithUser, @Body() body: CreateProfileAvatar) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
const profile = await this.profileRepository.findOne({
where: { id: body.profileId },
});
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);
const data = new ProfileAvatar();
@ -114,8 +117,12 @@ export class ProfileAvatarController extends Controller {
}
@Delete("{avatarId}")
public async deleteAvatar(@Path() avatarId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_OFFICER");
public async deleteAvatar(@Path() avatarId: string, @Request() req: RequestWithUser)
{
const _record = await this.avatarRepository.findOneBy({ id: avatarId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
const result = await this.avatarRepository.delete({ id: avatarId });
if (result.affected == undefined || result.affected <= 0) {

26
src/controllers/ProfileCertificateController.ts
View file

@ -67,7 +67,8 @@ export class ProfileCertificateController extends Controller {
},
],
})
public async getCertificate(@Path() profileId: string) {
public async getCertificate(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const record = await this.certificateRepo.findBy({ profileId });
return new HttpSuccess(record);
}
@ -109,11 +110,16 @@ export class ProfileCertificateController extends Controller {
},
],
})
public async certificateHistory(@Path() certificateId: string) {
public async certificateHistory(@Path() certificateId: string, @Request() req: RequestWithUser) {
const _record = await this.certificateRepo.findOneBy({ id: certificateId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
const record = await this.certificateHistoryRepo.findBy({
profileCertificateId: certificateId,
});
return new HttpSuccess(record);
}
@Post()
@ -121,16 +127,16 @@ export class ProfileCertificateController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileCertificate,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
if (!body.profileId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepo.findOneBy({ id: body.profileId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);
const data = new ProfileCertificate();
@ -158,11 +164,10 @@ export class ProfileCertificateController extends Controller {
@Body() body: UpdateProfileCertificate,
@Path() certificateId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
const record = await this.certificateRepo.findOneBy({ id: certificateId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", record.profileId);
const history = new ProfileCertificateHistory();
Object.assign(record, body);
@ -186,7 +191,10 @@ export class ProfileCertificateController extends Controller {
@Delete("{certificateId}")
public async deleteCertificate(@Path() certificateId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_OFFICER");
const _record = await this.certificateRepo.findOneBy({ id: certificateId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
await this.certificateHistoryRepo.delete({
profileCertificateId: certificateId,
});

24
src/controllers/ProfileChangeNameController.ts
View file

@ -63,7 +63,8 @@ export class ProfileChangeNameController extends Controller {
},
],
})
public async getChangeName(@Path() profileId: string) {
public async getChangeName(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const lists = await this.changeNameRepository.find({
where: { profileId: profileId },
select: ["id", "prefix", "firstName", "lastName", "status"],
@ -97,7 +98,11 @@ export class ProfileChangeNameController extends Controller {
},
],
})
public async changeNameHistory(@Path() changeNameId: string) {
public async changeNameHistory(@Path() changeNameId: string, @Request() req: RequestWithUser) {
const _record = await this.changeNameRepository.findOneBy({ id: changeNameId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
const record = await this.changeNameHistoryRepository.find({
where: { profileChangeNameId: changeNameId },
select: [
@ -119,17 +124,16 @@ export class ProfileChangeNameController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileChangeName,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
if (!body.profileId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepository.findOneBy({ id: body.profileId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);
const data = new ProfileChangeName();
const meta = {
@ -168,10 +172,9 @@ export class ProfileChangeNameController extends Controller {
@Body() body: UpdateProfileChangeName,
@Path() changeNameId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
const record = await this.changeNameRepository.findOneBy({ id: changeNameId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", record.profileId);
const history = new ProfileChangeNameHistory();
@ -223,7 +226,10 @@ export class ProfileChangeNameController extends Controller {
@Delete("{changeNameId}")
public async deleteTraning(@Path() changeNameId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_OFFICER");
const _record = await this.changeNameRepository.findOneBy({ id: changeNameId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
await this.changeNameHistoryRepository.delete({
profileChangeNameId: changeNameId,
});

19
src/controllers/ProfileChildrenController.ts
View file

@ -47,7 +47,8 @@ export class ProfileChildrenController extends Controller {
}
@Get("{profileId}")
public async getChildren(@Path() profileId: string) {
public async getChildren(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const lists = await this.childrenRepository.find({
where: { profileId: profileId },
});
@ -55,7 +56,11 @@ export class ProfileChildrenController extends Controller {
}
@Get("history/{childrenId}")
public async childrenHistory(@Path() childrenId: string) {
public async childrenHistory(@Path() childrenId: string, @Request() req: RequestWithUser) {
const _record = await this.childrenRepository.findOneBy({ id: childrenId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
const record = await this.childrenHistoryRepository.find({
where: { profileChildrenId: childrenId },
order: { createdAt: "DESC" },
@ -65,12 +70,11 @@ export class ProfileChildrenController extends Controller {
@Post()
public async newChildren(@Request() req: RequestWithUser, @Body() body: CreateProfileChildren) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
const profile = await this.profileRepository.findOneBy({ id: body.profileId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);
const data = new ProfileChildren();
const meta = {
@ -99,9 +103,9 @@ export class ProfileChildrenController extends Controller {
@Body() body: UpdateProfileChildren,
@Path() childrenId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
const record = await this.childrenRepository.findOneBy({ id: childrenId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", record.profileId);
const history = new ProfileChildrenHistory();
Object.assign(record, body);
@ -125,7 +129,10 @@ export class ProfileChildrenController extends Controller {
@Delete("{childrenId}")
public async deleteTraning(@Path() childrenId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_OFFICER");
const _record = await this.childrenRepository.findOneBy({ id: childrenId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
await this.childrenHistoryRepository.delete({
profileChildrenId: childrenId,
});

32
src/controllers/ProfileController.ts
View file

@ -108,7 +108,8 @@ export class ProfileController extends Controller {
* @param {string} id Id
*/
@Get("kp7-short/{id}")
async kp7ShortById(@Path() id: string) {
async kp7ShortById(@Path() id: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", id);
const orgRevision = await this.orgRevisionRepo.findOne({
where: { orgRevisionIsCurrent: true },
});
@ -248,7 +249,8 @@ export class ProfileController extends Controller {
* @param {string} id Id
*/
@Get("kk1/{id}")
public async getKk1(@Path() id: string) {
public async getKk1(@Path() id: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", id);
const profiles = await this.profileRepo.findOne({
// select: [
// "citizenId",
@ -581,7 +583,7 @@ export class ProfileController extends Controller {
* @param {string} id Id
*/
@Get("placement/{id}")
async getProfilePlacement(@Request() request: RequestWithUser, @Path() id: string) {
async getProfilePlacement(@Path() id: string) {
const profile = await this.profileRepo.findOne({
where: { id: id },
});
@ -992,6 +994,7 @@ export class ProfileController extends Controller {
*/
@Get("commander/{profileId}")
async getProfileCommanderUser(@Request() request: RequestWithUser, @Path() profileId: string) {
await new permission().PermissionOrgUserGet(request, "SYS_REGISTRY_OFFICER", profileId);
const profile = await this.profileRepo.findOne({
where: { id: profileId },
});
@ -2280,7 +2283,10 @@ export class ProfileController extends Controller {
@Path() id: string,
@Body() body: UpdateProfile,
) {
await new permission().PermissionUpdate(request, "SYS_REGISTRY_OFFICER");
const _record = await this.profileRepo.findOneBy({ id: id });
if (_record) {
await new permission().PermissionOrgUserUpdate(request, "SYS_REGISTRY_OFFICER", id);//ตส
}
const exists =
!!body.citizenId &&
(await this.profileRepo.findOne({
@ -2496,7 +2502,8 @@ export class ProfileController extends Controller {
// }
@Get("history/{id}")
async getProfileHistory(@Path() id: string) {
async getProfileHistory(@Path() id: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", id);
const profile = await this.profileHistoryRepo.find({
relations: {
posLevel: true,
@ -3153,9 +3160,10 @@ export class ProfileController extends Controller {
*/
@Get("profileid/position/{id}")
async getProfileByProfileid(
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
@Path() id: string,
) {
await new permission().PermissionOrgUserGet(request, "SYS_REGISTRY_OFFICER", id);
const profile = await this.profileRepo.findOne({
where: { id: id },
relations: ["posLevel", "posType", "current_holders", "current_holders.orgRoot"],
@ -3369,7 +3377,7 @@ export class ProfileController extends Controller {
*/
@Get("keycloakid/position/{id}")
async getProfileByKeycloakid(
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
@Path() id: string,
) {
const profile = await this.profileRepo.findOne({
@ -3379,6 +3387,7 @@ export class ProfileController extends Controller {
if (!profile) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลบุคคลนี้ในระบบ");
}
await new permission().PermissionOrgUserList(request, "SYS_REGISTRY_OFFICER", profile.id);
return new HttpSuccess(profile);
}
@ -3391,7 +3400,7 @@ export class ProfileController extends Controller {
*/
@Get("citizenid/position/{id}")
async getProfileByCitizenId(
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
@Path() id: string,
) {
const profile = await this.profileRepo.findOne({
@ -3401,6 +3410,7 @@ export class ProfileController extends Controller {
if (!profile) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลบุคคลนี้ในระบบ");
}
await new permission().PermissionOrgUserList(request, "SYS_REGISTRY_OFFICER", profile.id);
const orgRevisionPublish = await this.orgRevisionRepo
.createQueryBuilder("orgRevision")
@ -3515,9 +3525,10 @@ export class ProfileController extends Controller {
*/
@Get("profileempid/position/{id}")
async getProfileByProfileempid(
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
@Path() id: string,
) {
await new permission().PermissionOrgUserList(request, "SYS_REGISTRY_OFFICER", id);
const profile = await this.profileEmpRepo.findOne({
where: { id: id },
relations: ["posLevel", "posType", "current_holders", "current_holders.orgRoot"],
@ -4715,7 +4726,7 @@ export class ProfileController extends Controller {
@Get("keycloak/position/{revisionId}")
async getProfileByKeycloakByRevision(
@Path() revisionId: string,
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
) {
const profile = await this.profileRepo.findOne({
where: { keycloak: request.user.sub },
@ -4724,6 +4735,7 @@ export class ProfileController extends Controller {
if (!profile) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลบุคคลนี้ในระบบ");
}
await new permission().PermissionOrgUserList(request, "SYS_REGISTRY_OFFICER", profile.id);
const posMaster = await this.posMasterRepo.findOne({
where: {

23
src/controllers/ProfileDisciplineController.ts
View file

@ -57,7 +57,8 @@ export class ProfileDisciplineController extends Controller {
}
@Get("{profileId}")
public async getDiscipline(@Path() profileId: string) {
public async getDiscipline(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const lists = await this.disciplineRepository.find({
where: { profileId: profileId },
select: [
@ -100,7 +101,11 @@ export class ProfileDisciplineController extends Controller {
},
],
})
public async disciplineHistory(@Path() disciplineId: string) {
public async disciplineHistory(@Path() disciplineId: string, @Request() req: RequestWithUser) {
const _record = await this.disciplineRepository.findOneBy({ id: disciplineId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
const record = await this.disciplineHistoryRepository.find({
where: { profileDisciplineId: disciplineId },
select: [
@ -124,16 +129,16 @@ export class ProfileDisciplineController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileDiscipline,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
if (!body.profileId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepository.findOneBy({ id: body.profileId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);
const data = new ProfileDiscipline();
@ -161,10 +166,9 @@ export class ProfileDisciplineController extends Controller {
@Body() body: UpdateProfileDiscipline,
@Path() disciplineId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
const record = await this.disciplineRepository.findOneBy({ id: disciplineId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", record.profileId);
const history = new ProfileDisciplineHistory();
@ -189,7 +193,10 @@ export class ProfileDisciplineController extends Controller {
@Delete("{disciplineId}")
public async deleteDiscipline(@Path() disciplineId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_OFFICER");
const _record = await this.disciplineRepository.findOneBy({ id: disciplineId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
await this.disciplineHistoryRepository.delete({
profileDisciplineId: disciplineId,
});

22
src/controllers/ProfileDutyController.ts
View file

@ -66,7 +66,8 @@ export class ProfileDutyController extends Controller {
},
],
})
public async getDuty(@Path() profileId: string) {
public async getDuty(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const lists = await this.dutyRepository.find({
where: { profileId: profileId },
select: [
@ -107,7 +108,11 @@ export class ProfileDutyController extends Controller {
},
],
})
public async dutyHistory(@Path() dutyId: string) {
public async dutyHistory(@Path() dutyId: string, @Request() req: RequestWithUser) {
const _record = await this.dutyRepository.findOneBy({ id: dutyId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
const record = await this.dutyHistoryRepository.find({
where: { profileDutyId: dutyId },
select: [
@ -128,16 +133,15 @@ export class ProfileDutyController extends Controller {
@Post()
public async newDuty(@Request() req: RequestWithUser, @Body() body: CreateProfileDuty) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
if (!body.profileId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepository.findOneBy({ id: body.profileId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);//ตส
const data = new ProfileDuty();
@ -165,10 +169,9 @@ export class ProfileDutyController extends Controller {
@Body() body: UpdateProfileDuty,
@Path() dutyId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
const record = await this.dutyRepository.findOneBy({ id: dutyId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", record.profileId);
const history = new ProfileDutyHistory();
@ -190,7 +193,10 @@ export class ProfileDutyController extends Controller {
@Delete("{dutyId}")
public async deleteDuty(@Path() dutyId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_OFFICER");
const _record = await this.dutyRepository.findOneBy({ id: dutyId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
await this.dutyHistoryRepository.delete({
profileDutyId: dutyId,
});

20
src/controllers/ProfileEducationsController.ts
View file

@ -91,7 +91,8 @@ export class ProfileEducationsController extends Controller {
},
],
})
public async detailProfileEducation(@Path() profileId: string) {
public async detailProfileEducation(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const getProfileEducation = await this.profileEducationRepo.findBy({ profileId });
if (!getProfileEducation) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
@ -166,7 +167,11 @@ export class ProfileEducationsController extends Controller {
},
],
})
public async getProfileEducationHistory(@Path() educationId: string) {
public async getProfileEducationHistory(@Path() educationId: string, @Request() req: RequestWithUser) {
const _record = await this.profileEducationRepo.findOneBy({ id: educationId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
const record = await this.profileEducationHistoryRepo.findBy({
profileEducationId: educationId,
});
@ -181,15 +186,15 @@ export class ProfileEducationsController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileEducation,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
if (!body.profileId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepo.findOneBy({ id: body.profileId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);
const data = new ProfileEducation();
const meta = {
@ -216,9 +221,9 @@ export class ProfileEducationsController extends Controller {
@Request() req: RequestWithUser,
@Path() educationId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
const record = await this.profileEducationRepo.findOneBy({ id: educationId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", record.profileId);
const history = new ProfileEducationHistory();
@ -246,7 +251,10 @@ export class ProfileEducationsController extends Controller {
@Path() educationId: string,
@Request() req: RequestWithUser,
) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_OFFICER");
const record = await this.profileEducationRepo.findOneBy({ id: educationId });
if (record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_OFFICER", record.profileId);
}
await this.profileEducationHistoryRepo.delete({
profileEducationId: educationId,
});

10
src/controllers/ProfileFamilyCoupleController.ts
View file

@ -77,7 +77,8 @@ export class ProfileFamilyCoupleController extends Controller {
profileId: "1526d9d3-d8b1-43ab-81b5-a84dfbe99201",
},
})
public async getFamilyCouple(@Path() profileId: string) {
public async getFamilyCouple(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const profile = await this.profileRepo.findOne({
where: { id: profileId },
});
@ -176,7 +177,8 @@ export class ProfileFamilyCoupleController extends Controller {
},
],
})
public async familyCoupleHistory(@Path() profileId: string) {
public async familyCoupleHistory(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const profile = await this.profileRepo.findOne({
where: { id: profileId },
});
@ -220,7 +222,6 @@ export class ProfileFamilyCoupleController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileFamilyCouple,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
const familyCouple = Object.assign(new ProfileFamilyCouple(), body);
if (!familyCouple) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
@ -229,6 +230,7 @@ export class ProfileFamilyCoupleController extends Controller {
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);//ตส
familyCouple.coupleCitizenId = Extension.CheckCitizen(String(body.coupleCitizenId));
familyCouple.createdUserId = req.user.sub;
familyCouple.createdFullName = req.user.name;
@ -253,7 +255,7 @@ export class ProfileFamilyCoupleController extends Controller {
@Body() body: UpdateProfileFamilyCouple,
@Path() profileId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", profileId);
const familyCouple = await this.ProfileFamilyCouple.findOneBy({ profileId: profileId });
if (!familyCouple) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");

10
src/controllers/ProfileFamilyFatherController.ts
View file

@ -73,7 +73,8 @@ export class ProfileFamilyFatherController extends Controller {
profileId: "1526d9d3-d8b1-43ab-81b5-a84dfbe99201",
},
})
public async getFamilyFather(@Path() profileId: string) {
public async getFamilyFather(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const profile = await this.profileRepo.findOne({
where: { id: profileId },
});
@ -164,7 +165,8 @@ export class ProfileFamilyFatherController extends Controller {
},
],
})
public async familyFatherHistory(@Path() profileId: string) {
public async familyFatherHistory(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const profile = await this.profileRepo.findOne({
where: { id: profileId },
});
@ -206,7 +208,6 @@ export class ProfileFamilyFatherController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileFamilyFather,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
const familyFather = Object.assign(new ProfileFamilyFather(), body);
if (!familyFather) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
@ -215,6 +216,7 @@ export class ProfileFamilyFatherController extends Controller {
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);//ตส
familyFather.fatherCitizenId = Extension.CheckCitizen(String(body.fatherCitizenId));
familyFather.createdUserId = req.user.sub;
familyFather.createdFullName = req.user.name;
@ -237,7 +239,7 @@ export class ProfileFamilyFatherController extends Controller {
@Body() body: UpdateProfileFamilyFather,
@Path() profileId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", profileId);//ตส
const familyFather = await this.ProfileFamilyFather.findOneBy({ profileId: profileId });
if (!familyFather) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");

11
src/controllers/ProfileFamilyMotherController.ts
View file

@ -73,7 +73,8 @@ export class ProfileFamilyMotherController extends Controller {
profileId: "1526d9d3-d8b1-43ab-81b5-a84dfbe99201",
},
})
public async getFamilyMother(@Path() profileId: string) {
public async getFamilyMother(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const profile = await this.profileRepo.findOne({
where: { id: profileId },
});
@ -164,14 +165,14 @@ export class ProfileFamilyMotherController extends Controller {
},
],
})
public async familyMotherHistory(@Path() profileId: string) {
public async familyMotherHistory(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", profileId);
const profile = await this.profileRepo.findOne({
where: { id: profileId },
});
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
const familyMother = await this.ProfileFamilyMother.find({
relations: ["histories"],
order: { lastUpdatedAt: "DESC" },
@ -206,7 +207,6 @@ export class ProfileFamilyMotherController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileFamilyMother,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
const familyMother = Object.assign(new ProfileFamilyMother(), body);
if (!familyMother) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
@ -215,6 +215,7 @@ export class ProfileFamilyMotherController extends Controller {
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER",profile.id);//ตส
familyMother.motherCitizenId = Extension.CheckCitizen(String(body.motherCitizenId));
familyMother.createdUserId = req.user.sub;
familyMother.createdFullName = req.user.name;
@ -237,7 +238,7 @@ export class ProfileFamilyMotherController extends Controller {
@Body() body: UpdateProfileFamilyMother,
@Path() profileId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER",profileId);//ตส
const familyMother = await this.ProfileFamilyMother.findOneBy({ profileId: profileId });
if (!familyMother) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");

8
src/controllers/ProfileGovernmentController.ts
View file

@ -127,7 +127,8 @@ export class ProfileGovernmentHistoryController extends Controller {
*/
@Get("{profileId}")
@Example({})
public async getGovHistory(@Path() profileId: string) {
public async getGovHistory(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const record = await this.profileRepo.findOne({
where: { id: profileId },
relations: {
@ -243,7 +244,8 @@ export class ProfileGovernmentHistoryController extends Controller {
*/
@Get("history/{profileId}")
@Example({})
public async govHistory(@Path() profileId: string) {
public async govHistory(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const record = await this.govRepo.find({
order: { lastUpdatedAt: "DESC" },
where: { profileId: profileId },
@ -265,7 +267,7 @@ export class ProfileGovernmentHistoryController extends Controller {
@Body() body: UpdateProfileGovernment,
@Path() profileId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", profileId);
const record = await this.profileRepo.findOne({
where: { id: profileId },
});

23
src/controllers/ProfileHonorController.ts
View file

@ -64,7 +64,8 @@ export class ProfileHonorController extends Controller {
},
],
})
public async getHonor(@Path() profileId: string) {
public async getHonor(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const record = await this.honorRepo.findBy({ profileId });
return new HttpSuccess(record);
}
@ -129,7 +130,11 @@ export class ProfileHonorController extends Controller {
},
],
})
public async honorHistory(@Path() honorId: string) {
public async honorHistory(@Path() honorId: string, @Request() req: RequestWithUser) {
const _record = await this.honorRepo.findOneBy({ id: honorId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
const record = await this.honorHistoryRepo.findBy({
profileHonorId: honorId,
});
@ -138,16 +143,16 @@ export class ProfileHonorController extends Controller {
@Post()
public async newHonor(@Request() req: RequestWithUser, @Body() body: CreateProfileHonor) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
if (!body.profileId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepo.findOneBy({ id: body.profileId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);
const data = new ProfileHonor();
@ -175,10 +180,9 @@ export class ProfileHonorController extends Controller {
@Body() body: UpdateProfileHonor,
@Path() honorId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
const record = await this.honorRepo.findOneBy({ id: honorId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", record.profileId);
const history = new ProfileHonorHistory();
@ -200,7 +204,10 @@ export class ProfileHonorController extends Controller {
@Delete("{honorId}")
public async deleteTraning(@Path() honorId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_OFFICER");
const _record = await this.honorRepo.findOneBy({ id: honorId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_OFFICER", _record.id);
}
await this.honorHistoryRepo.delete({
profileHonorId: honorId,
});

26
src/controllers/ProfileInsigniaController.ts
View file

@ -83,7 +83,8 @@ export class ProfileInsigniaController extends Controller {
},
],
})
public async getInsignia(@Path() profileId: string) {
public async getInsignia(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const record = await this.insigniaRepo.find({
relations: {
insignia: {
@ -150,7 +151,11 @@ export class ProfileInsigniaController extends Controller {
},
],
})
public async getInsigniaHistory(@Path() InsigniaId: string) {
public async getInsigniaHistory(@Path() InsigniaId: string, @Request() req: RequestWithUser) {
const _record = await this.insigniaRepo.findOneBy({ id: InsigniaId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
const record = await this.insigniaHistoryRepo.find({
relations: {
insignia: {
@ -166,16 +171,15 @@ export class ProfileInsigniaController extends Controller {
@Post()
public async newInsignia(@Request() req: RequestWithUser, @Body() body: CreateProfileInsignia) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
if (!body.profileId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepo.findOneBy({ id: body.profileId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);
const insignia = await this.insigniaMetaRepo.findOne({
where: { id: body.insigniaId },
@ -210,10 +214,9 @@ export class ProfileInsigniaController extends Controller {
@Body() body: UpdateProfileInsignia,
@Path() insigniaId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
const record = await this.insigniaRepo.findOneBy({ id: insigniaId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", record.profileId);
const insignia = await this.insigniaMetaRepo.findOne({
where: { id: body.insigniaId },
@ -242,13 +245,16 @@ export class ProfileInsigniaController extends Controller {
@Delete("{insigniaId}")
public async deleteInsignia(@Path() insigniaId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_OFFICER");
const _record = await this.insigniaRepo.findOneBy({ id: insigniaId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
await this.insigniaHistoryRepo.delete({
profileInsigniaId: insigniaId,
});
const result = await this.insigniaRepo.delete({ id: insigniaId });
if (result.affected == undefined || result.affected <= 0) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
}

21
src/controllers/ProfileLeaveController.ts
View file

@ -160,7 +160,8 @@ export class ProfileLeaveController extends Controller {
},
},
})
public async getLeave(@Path() profileId: string) {
public async getLeave(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const record = await this.leaveRepo.find({
relations: { leaveType: true },
where: { profileId },
@ -237,7 +238,11 @@ export class ProfileLeaveController extends Controller {
},
],
})
public async leaveHistory(@Path() leaveId: string) {
public async leaveHistory(@Path() leaveId: string, @Request() req: RequestWithUser) {
const _record = await this.leaveRepo.findOneBy({ id: leaveId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
const record = await this.leaveHistoryRepo.find({
relations: { leaveType: true },
where: { profileLeaveId: leaveId },
@ -247,16 +252,16 @@ export class ProfileLeaveController extends Controller {
@Post()
public async newLeave(@Request() req: RequestWithUser, @Body() body: CreateProfileLeave) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
if (!body.profileId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepo.findOneBy({ id: body.profileId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);
const leaveType = await this.leaveTypeRepository.findOne({
where: { id: body.leaveTypeId },
});
@ -290,10 +295,9 @@ export class ProfileLeaveController extends Controller {
@Body() body: UpdateProfileLeave,
@Path() leaveId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
const record = await this.leaveRepo.findOneBy({ id: leaveId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", record.profileId);
const leaveType = await this.leaveTypeRepository.findOne({
where: { id: body.leaveTypeId },
@ -322,7 +326,10 @@ export class ProfileLeaveController extends Controller {
@Delete("{leaveId}")
public async deleteLeave(@Path() leaveId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_OFFICER");
const _record = await this.leaveRepo.findOneBy({ id: leaveId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
await this.leaveHistoryRepo.delete({
profileLeaveId: leaveId,
});

22
src/controllers/ProfileNopaidController.ts
View file

@ -56,7 +56,8 @@ export class ProfileNopaidController extends Controller {
},
],
})
public async getNopaid(@Path() profileId: string) {
public async getNopaid(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const lists = await this.nopaidRepository.find({
where: { profileId },
});
@ -86,7 +87,11 @@ export class ProfileNopaidController extends Controller {
},
],
})
public async nopaidHistory(@Path() nopaidId: string) {
public async nopaidHistory(@Path() nopaidId: string, @Request() req: RequestWithUser) {
const _record = await this.nopaidRepository.findOneBy({ id: nopaidId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", _record.profileId);
};
const record = await this.nopaidHistoryRepository.find({
where: { profileNopaidId: nopaidId },
order: { createdAt: "DESC" },
@ -96,16 +101,15 @@ export class ProfileNopaidController extends Controller {
@Post()
public async newNopaid(@Request() req: RequestWithUser, @Body() body: CreateProfileNopaid) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
if (!body.profileId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepository.findOneBy({ id: body.profileId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);
const data = new ProfileNopaid();
@ -133,10 +137,9 @@ export class ProfileNopaidController extends Controller {
@Body() body: UpdateProfileNopaid,
@Path() nopaidId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
const record = await this.nopaidRepository.findOneBy({ id: nopaidId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", record.profileId);
const history = new ProfileNopaidHistory();
@ -161,7 +164,10 @@ export class ProfileNopaidController extends Controller {
@Delete("{nopaidId}")
public async deleteNopaid(@Path() nopaidId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_OFFICER");
const _record = await this.nopaidRepository.findOneBy({ id: nopaidId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
await this.nopaidHistoryRepository.delete({
profileNopaidId: nopaidId,
});

22
src/controllers/ProfileOtherController.ts
View file

@ -57,7 +57,8 @@ export class ProfileOtherController extends Controller {
},
],
})
public async getOther(@Path() profileId: string) {
public async getOther(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const lists = await this.otherRepository.find({
where: { profileId: profileId },
});
@ -83,7 +84,11 @@ export class ProfileOtherController extends Controller {
},
],
})
public async otherHistory(@Path() otherId: string) {
public async otherHistory(@Path() otherId: string, @Request() req: RequestWithUser) {
const _record = await this.otherRepository.findOneBy({ id: otherId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
const record = await this.otherHistoryRepository.find({
where: { profileOtherId: otherId },
order: { createdAt: "DESC" },
@ -93,16 +98,15 @@ export class ProfileOtherController extends Controller {
@Post()
public async newOther(@Request() req: RequestWithUser, @Body() body: CreateProfileOther) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
if (!body.profileId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepository.findOneBy({ id: body.profileId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);
const data = new ProfileOther();
@ -130,10 +134,9 @@ export class ProfileOtherController extends Controller {
@Body() body: UpdateProfileOther,
@Path() otherId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
const record = await this.otherRepository.findOneBy({ id: otherId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", record.profileId);
const history = new ProfileOtherHistory();
@ -158,7 +161,10 @@ export class ProfileOtherController extends Controller {
@Delete("{otherId}")
public async deleteOther(@Path() otherId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_OFFICER");
const _record = await this.otherRepository.findOneBy({ id: otherId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
await this.otherHistoryRepository.delete({
profileOtherId: otherId,
});

29
src/controllers/ProfileSalaryController.ts
View file

@ -72,7 +72,8 @@ export class ProfileSalaryController extends Controller {
},
],
})
public async getSalary(@Path() profileId: string) {
public async getSalary(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const record = await this.salaryRepo.find({
where: { profileId: profileId },
order: { order: "ASC" },
@ -131,7 +132,11 @@ export class ProfileSalaryController extends Controller {
},
],
})
public async salaryHistory(@Path() salaryId: string) {
public async salaryHistory(@Path() salaryId: string, @Request() req: RequestWithUser) {
const _record = await this.salaryRepo.findOneBy({ id: salaryId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
const record = await this.salaryHistoryRepo.findBy({
profileSalaryId: salaryId,
});
@ -140,16 +145,15 @@ export class ProfileSalaryController extends Controller {
@Post()
public async newSalary(@Request() req: RequestWithUser, @Body() body: CreateProfileSalary) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
if (!body.profileId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepo.findOneBy({ id: body.profileId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);
const dest_item = await this.salaryRepo.findOne({
where: { profileId: body.profileId },
@ -183,11 +187,10 @@ export class ProfileSalaryController extends Controller {
@Body() body: UpdateProfileSalary,
@Path() salaryId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
const record = await this.salaryRepo.findOneBy({ id: salaryId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", record.profileId);
const history = new ProfileSalaryHistory();
Object.assign(record, body);
@ -208,7 +211,10 @@ export class ProfileSalaryController extends Controller {
@Delete("{salaryId}")
public async deleteSalary(@Path() salaryId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_OFFICER");
const _record = await this.salaryRepo.findOneBy({ id: salaryId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
await this.salaryHistoryRepo.delete({
profileSalaryId: salaryId,
});
@ -223,8 +229,11 @@ export class ProfileSalaryController extends Controller {
}
@Get("swap/{direction}/{salaryId}")
public async swapSalary(@Path() direction: string, salaryId: string) {
public async swapSalary(@Path() direction: string, salaryId: string, @Request() req: RequestWithUser) {
const source_item = await this.salaryRepo.findOne({ where: { id: salaryId } });
if (source_item) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", source_item.profileId);
}
if (source_item == null) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
const sourceOrder = source_item.order;
if (direction.trim().toUpperCase() == "UP") {

22
src/controllers/ProfileTrainingController.ts
View file

@ -74,7 +74,8 @@ export class ProfileTrainingController extends Controller {
},
],
})
public async getTraining(@Path() profileId: string) {
public async getTraining(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
const record = await this.trainingRepo.findBy({ profileId });
return new HttpSuccess(record);
}
@ -130,7 +131,11 @@ export class ProfileTrainingController extends Controller {
},
],
})
public async trainingHistory(@Path() trainingId: string) {
public async trainingHistory(@Path() trainingId: string, @Request() req: RequestWithUser) {
const _record = await this.trainingRepo.findOneBy({ id: trainingId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
const record = await this.trainingHistoryRepo.findBy({
profileTrainingId: trainingId,
});
@ -139,16 +144,15 @@ export class ProfileTrainingController extends Controller {
@Post()
public async newTraining(@Request() req: RequestWithUser, @Body() body: CreateProfileTraining) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
if (!body.profileId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepo.findOneBy({ id: body.profileId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);
const data = new ProfileTraining();
@ -176,10 +180,9 @@ export class ProfileTrainingController extends Controller {
@Body() body: UpdateProfileTraining,
@Path() trainingId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
const record = await this.trainingRepo.findOneBy({ id: trainingId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", record.profileId);
const history = new ProfileTrainingHistory();
@ -201,7 +204,10 @@ export class ProfileTrainingController extends Controller {
@Delete("{trainingId}")
public async deleteTraining(@Path() trainingId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_OFFICER");
const _record = await this.trainingRepo.findOneBy({ id: trainingId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_OFFICER", _record.profileId);
}
await this.trainingHistoryRepo.delete({
profileTrainingId: trainingId,
});