hrms-bangkok/hrms-api-org
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

update privilege validate (OWNER)

Browse source
This commit is contained in:
Adisak 2025-10-17 13:51:43 +07:00
parent f2efb44336
commit 645f9760f0
1 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/controllers/OrganizationController.ts
View file

@ -1973,6 +1973,8 @@ export class OrganizationController extends Controller {
throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่พบข้อมูล"); throw new HttpError(HttpStatusCode.NOT_FOUND, "ไม่พบข้อมูล");
} }
let _privilege = await new permission().PermissionOrgList(request, "SYS_ORG"); let _privilege = await new permission().PermissionOrgList(request, "SYS_ORG");
// console.log("privilege>>>>",_privilege);
const attrOwnership = _privilege.root === null ? true : false; const attrOwnership = _privilege.root === null ? true : false;
const profile = await this.profileRepo.findOne({ const profile = await this.profileRepo.findOne({
@ -1986,6 +1988,8 @@ export class OrganizationController extends Controller {
?.find((x) => x.orgRevisionId === id) ?.find((x) => x.orgRevisionId === id)
?.posMasterAssigns.find((x) => x.assignId === "SYS_ORG"); ?.posMasterAssigns.find((x) => x.assignId === "SYS_ORG");
// console.log("profileAssign>>>>",profileAssign);
if (orgRevision.orgRevisionIsDraft && !orgRevision.orgRevisionIsCurrent && !attrOwnership) { if (orgRevision.orgRevisionIsDraft && !orgRevision.orgRevisionIsCurrent && !attrOwnership) {
_data.root = profile.permissionProfiles.map((x) => x.orgRootId); _data.root = profile.permissionProfiles.map((x) => x.orgRootId);
} }
@ -1993,7 +1997,7 @@ export class OrganizationController extends Controller {
const isCurrentActive = !orgRevision.orgRevisionIsDraft && orgRevision.orgRevisionIsCurrent; const isCurrentActive = !orgRevision.orgRevisionIsDraft && orgRevision.orgRevisionIsCurrent;
if (isCurrentActive) { if (isCurrentActive) {
if (profileAssign) { if (profileAssign && _privilege.privilege !== "OWNER") {
_data.root = [profile.current_holders.find((x) => x.orgRevisionId === id)?.orgRootId]; _data.root = [profile.current_holders.find((x) => x.orgRevisionId === id)?.orgRootId];
} else { } else {
if (!attrOwnership) _data = _privilege; if (!attrOwnership) _data = _privilege;