role เมนู ข้าราชการ กทม. สามัญ

2024-08-22 17:25:25 +07:00 · 2024-08-22 17:25:25 +07:00 · 4b42b896fa
commit 4b42b896fa
parent edad154826
22 changed files with 307 additions and 157 deletions
--- a/src/controllers/ProfileDisciplineController.ts
+++ b/src/controllers/ProfileDisciplineController.ts
@ -57,7 +57,8 @@ export class ProfileDisciplineController extends Controller {
  }

  @Get("{profileId}")
-  public async getDiscipline(@Path() profileId: string) {
+  public async getDiscipline(@Path() profileId: string, @Request() req: RequestWithUser) {
+    await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", profileId);
    const lists = await this.disciplineRepository.find({
      where: { profileId: profileId },
      select: [
@ -100,7 +101,11 @@ export class ProfileDisciplineController extends Controller {
      },
    ],
  })
-  public async disciplineHistory(@Path() disciplineId: string) {
+  public async disciplineHistory(@Path() disciplineId: string, @Request() req: RequestWithUser) {
+    const _record = await this.disciplineRepository.findOneBy({ id: disciplineId });
+    if (_record) {
+      await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_OFFICER", _record.profileId);
+    }
    const record = await this.disciplineHistoryRepository.find({
      where: { profileDisciplineId: disciplineId },
      select: [
@ -124,16 +129,16 @@ export class ProfileDisciplineController extends Controller {
    @Request() req: RequestWithUser,
    @Body() body: CreateProfileDiscipline,
  ) {
-    await new permission().PermissionCreate(req, "SYS_REGISTRY_OFFICER");
    if (!body.profileId) {
      throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
    }
-
+    
    const profile = await this.profileRepository.findOneBy({ id: body.profileId });
-
+    
    if (!profile) {
      throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
    }
+    await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_OFFICER", profile.id);

    const data = new ProfileDiscipline();

@ -161,10 +166,9 @@ export class ProfileDisciplineController extends Controller {
    @Body() body: UpdateProfileDiscipline,
    @Path() disciplineId: string,
  ) {
-    await new permission().PermissionUpdate(req, "SYS_REGISTRY_OFFICER");
    const record = await this.disciplineRepository.findOneBy({ id: disciplineId });
-
    if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
+    await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_OFFICER", record.profileId);

    const history = new ProfileDisciplineHistory();

@ -189,7 +193,10 @@ export class ProfileDisciplineController extends Controller {

  @Delete("{disciplineId}")
  public async deleteDiscipline(@Path() disciplineId: string, @Request() req: RequestWithUser) {
-    await new permission().PermissionDelete(req, "SYS_REGISTRY_OFFICER");
+    const _record = await this.disciplineRepository.findOneBy({ id: disciplineId });
+    if (_record) {
+      await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_OFFICER", _record.profileId);
+    }
    await this.disciplineHistoryRepository.delete({
      profileDisciplineId: disciplineId,
    });