hrms-bangkok/hrms-api-org
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

role เมนู ลูกจ้างประจำ กทม.

Browse source
This commit is contained in:
AdisakKanthawilang 2024-08-23 16:28:31 +07:00
parent 359d22beec
commit 7237c68cb8
23 changed files with 327 additions and 155 deletions
Download patch file Download diff file Expand all files Collapse all files

30
src/controllers/ProfileAbilityEmployeeController.ts
View file

@ -73,7 +73,8 @@ export class ProfileAbilityEmployeeController extends Controller {
},
],
})
public async detailProfileAbility(@Path() profileEmployeeId: string) {
public async detailProfileAbility(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const getProfileAbilityId = await this.profileAbilityRepo.findBy({ profileEmployeeId });
if (!getProfileAbilityId) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
@ -120,7 +121,15 @@ export class ProfileAbilityEmployeeController extends Controller {
},
],
})
public async getProfileAbilityHistory(@Path() abilityId: string) {
public async getProfileAbilityHistory(@Path() abilityId: string, @Request() req: RequestWithUser) {
const _record = await this.profileAbilityRepo.findOneBy({ id: abilityId });
if (_record) {
await new permission().PermissionOrgUserList(
req,
"SYS_REGISTRY_EMP",
_record.profileEmployeeId,
);
}
const record = await this.profileAbilityHistoryRepo.findBy({
profileAbilityId: abilityId,
});
@ -135,15 +144,15 @@ export class ProfileAbilityEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileAbilityEmployee,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
if (!body.profileEmployeeId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileEmployeeId");
}
const profile = await this.profileEmployeeRepo.findOneBy({ id: body.profileEmployeeId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id);
const data = new ProfileAbility();
const meta = {
@ -170,10 +179,10 @@ export class ProfileAbilityEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Path() abilityId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
const record = await this.profileAbilityRepo.findOneBy({ id: abilityId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", record.profileEmployeeId);
const history = new ProfileAbilityHistory();
Object.assign(record, body);
@ -197,7 +206,14 @@ export class ProfileAbilityEmployeeController extends Controller {
@Delete("{abilityId}")
public async deleteProfileAbility(@Path() abilityId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_EMP");
const _record = await this.profileAbilityRepo.findOneBy({ id: abilityId });
if (_record) {
await new permission().PermissionOrgUserDelete(
req,
"SYS_REGISTRY_EMP",
_record.profileEmployeeId,
);
}
await this.profileAbilityHistoryRepo.delete({
profileAbilityId: abilityId,
});

10
src/controllers/ProfileAddressEmployeeController.ts
View file

@ -69,7 +69,8 @@ export class ProfileAddressEmployeeController extends Controller {
*
*/
@Get("{profileEmployeeId}")
public async detailProfileAddress(@Path() profileEmployeeId: string) {
public async detailProfileAddress(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const getProfileAddress = await this.profileEmployeeRepo.findOne({
where: { id: profileEmployeeId },
select: [
@ -140,7 +141,8 @@ export class ProfileAddressEmployeeController extends Controller {
*
*/
@Get("history/{profileId}")
public async getProfileAddressHistory(@Path() profileId: string) {
public async getProfileAddressHistory(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileId);
const record = await this.profileAddressHistoryRepo.find({
where: { profileEmployeeId: profileId },
relations: {
@ -183,10 +185,10 @@ export class ProfileAddressEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Path() profileId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
const record = await this.profileEmployeeRepo.findOneBy({ id: profileId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", record.id);
const history = new ProfileAddressHistory();
Object.assign(record, body);

21
src/controllers/ProfileAssessmentsEmployeeController.ts
View file

@ -78,7 +78,8 @@ export class ProfileAssessmentsEmployeeController extends Controller {
},
],
})
public async detailProfileAssessments(@Path() profileEmployeeId: string) {
public async detailProfileAssessments(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const getProfileAssessments = await this.profileAssessmentsRepository.findBy({
profileEmployeeId,
});
@ -131,11 +132,14 @@ export class ProfileAssessmentsEmployeeController extends Controller {
},
],
})
public async getProfileAssessmentsHistory(@Path() assessmentId: string) {
public async getProfileAssessmentsHistory(@Path() assessmentId: string, @Request() req: RequestWithUser) {
const _record = await this.profileAssessmentsRepository.findOneBy({ id: assessmentId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", _record.profileId);
}
const record = await this.profileAssessmentsHistoryRepository.findBy({
profileAssessmentId: assessmentId,
});
if (!record) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
}
@ -148,15 +152,15 @@ export class ProfileAssessmentsEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileEmployeeAssessment,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
if (!body.profileEmployeeId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileEmployeeId");
}
const profile = await this.profileEmployeeRepo.findOneBy({ id: body.profileEmployeeId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id);
const data = new ProfileAssessment();
const meta = {
@ -182,9 +186,9 @@ export class ProfileAssessmentsEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Path() assessmentId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
const record = await this.profileAssessmentsRepository.findOneBy({ id: assessmentId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", record.profileEmployeeId);
const history = new ProfileAssessmentHistory();
@ -212,7 +216,10 @@ export class ProfileAssessmentsEmployeeController extends Controller {
@Path() assessmentId: string,
@Request() req: RequestWithUser,
) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_EMP");
const _record = await this.profileAssessmentsRepository.findOneBy({ id: assessmentId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
await this.profileAssessmentsHistoryRepository.delete({
profileAssessmentId: assessmentId,
});

21
src/controllers/ProfileAvatarEmployeeController.ts
View file

@ -15,7 +15,11 @@ export class ProfileAvatarEmployeeController extends Controller {
private avatarRepository = AppDataSource.getRepository(ProfileAvatar);
@Get("{profileEmployeeId}")
public async getAvatarEmployee(@Path() profileEmployeeId: string) {
public async getAvatarEmployee(
@Path() profileEmployeeId: string,
@Request() req: RequestWithUser,
) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const lists = await this.avatarRepository.find({
where: { profileEmployeeId },
});
@ -23,7 +27,12 @@ export class ProfileAvatarEmployeeController extends Controller {
}
@Get("select/{profileEmployeeId}/{id}")
public async selectAvatarEmployee(@Path() profileEmployeeId: string, @Path() id: string) {
public async selectAvatarEmployee(
@Path() profileEmployeeId: string,
@Path() id: string,
@Request() req: RequestWithUser,
) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const result = await this.avatarRepository.findOneBy({ id: id });
if (!result) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
@ -54,14 +63,13 @@ export class ProfileAvatarEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileEmployeeAvatar,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
const profile = await this.profileRepository.findOne({
where: { id: body.profileEmployeeId },
});
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id);
const data = new ProfileAvatar();
@ -106,7 +114,10 @@ export class ProfileAvatarEmployeeController extends Controller {
@Delete("{avatarId}")
public async deleteAvatarEmployee(@Path() avatarId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_EMP");
const _record = await this.avatarRepository.findOneBy({ id: avatarId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
const result = await this.avatarRepository.delete({ id: avatarId });
if (result.affected == undefined || result.affected <= 0) {

22
src/controllers/ProfileCertificateEmployeeController.ts
View file

@ -67,7 +67,8 @@ export class ProfileCertificateEmployeeController extends Controller {
},
],
})
public async getCertificate(@Path() profileEmployeeId: string) {
public async getCertificate(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const record = await this.certificateRepo.findBy({ profileEmployeeId });
return new HttpSuccess(record);
}
@ -109,7 +110,11 @@ export class ProfileCertificateEmployeeController extends Controller {
},
],
})
public async certificateHistory(@Path() certificateId: string) {
public async certificateHistory(@Path() certificateId: string, @Request() req: RequestWithUser) {
const _record = await this.certificateRepo.findOneBy({ id: certificateId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
const record = await this.certificateHistoryRepo.findBy({
profileCertificateId: certificateId,
});
@ -121,16 +126,15 @@ export class ProfileCertificateEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileEmployeeCertificate,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
if (!body.profileEmployeeId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileEmployeeId");
}
const profile = await this.profileEmployeeRepo.findOneBy({ id: body.profileEmployeeId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id);
const data = new ProfileCertificate();
@ -158,10 +162,9 @@ export class ProfileCertificateEmployeeController extends Controller {
@Body() body: UpdateProfileCertificate,
@Path() certificateId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
const record = await this.certificateRepo.findOneBy({ id: certificateId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", record.profileEmployeeId);
const history = new ProfileCertificateHistory();
@ -186,7 +189,10 @@ export class ProfileCertificateEmployeeController extends Controller {
@Delete("{certificateId}")
public async deleteCertificate(@Path() certificateId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_EMP");
const _record = await this.certificateRepo.findOneBy({ id: certificateId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
await this.certificateHistoryRepo.delete({
profileCertificateId: certificateId,
});

23
src/controllers/ProfileChangeNameEmployeeController.ts
View file

@ -64,7 +64,8 @@ export class ProfileChangeNameEmployeeController extends Controller {
},
],
})
public async getChangeName(@Path() profileEmployeeId: string) {
public async getChangeName(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const lists = await this.changeNameRepository.find({
where: { profileEmployeeId: profileEmployeeId },
select: ["id", "prefix", "firstName", "lastName", "status"],
@ -98,7 +99,12 @@ export class ProfileChangeNameEmployeeController extends Controller {
},
],
})
public async changeNameHistory(@Path() changeNameId: string) {
public async changeNameHistory(@Path() changeNameId: string, @Request() req: RequestWithUser) {
const _record = await this.changeNameRepository.findOneBy({ id: changeNameId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId,
);
}
const record = await this.changeNameHistoryRepository.find({
where: { profileChangeNameId: changeNameId },
select: [
@ -120,16 +126,15 @@ export class ProfileChangeNameEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileChangeNameEmployee,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
if (!body.profileEmployeeId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileEmployeeId");
}
const profile = await this.profileEmployeeRepo.findOneBy({ id: body.profileEmployeeId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id);
const data = new ProfileChangeName();
@ -169,10 +174,9 @@ export class ProfileChangeNameEmployeeController extends Controller {
@Body() body: UpdateProfileChangeName,
@Path() changeNameId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
const record = await this.changeNameRepository.findOneBy({ id: changeNameId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", record.profileEmployeeId);
const history = new ProfileChangeNameHistory();
@ -216,7 +220,10 @@ export class ProfileChangeNameEmployeeController extends Controller {
@Delete("{changeNameId}")
public async deleteTraning(@Path() changeNameId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_EMP");
const _record = await this.changeNameRepository.findOneBy({ id: changeNameId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
await this.changeNameHistoryRepository.delete({
profileChangeNameId: changeNameId,
});

22
src/controllers/ProfileChildrenEmployeeController.ts
View file

@ -49,7 +49,8 @@ export class ProfileChildrenEmployeeController extends Controller {
}
@Get("{profileEmployeeId}")
public async getChildren(@Path() profileEmployeeId: string) {
public async getChildren(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const lists = await this.childrenRepository.find({
where: { profileEmployeeId: profileEmployeeId },
});
@ -57,7 +58,12 @@ export class ProfileChildrenEmployeeController extends Controller {
}
@Get("history/{childrenId}")
public async childrenHistory(@Path() childrenId: string) {
public async childrenHistory(@Path() childrenId: string, @Request() req: RequestWithUser) {
const _record = await this.childrenRepository.findOneBy({ id: childrenId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId,
);
}
const record = await this.childrenHistoryRepository.find({
where: { profileChildrenId: childrenId },
order: { createdAt: "DESC" },
@ -70,12 +76,11 @@ export class ProfileChildrenEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileChildrenEmployee,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
const profile = await this.profileRepository.findOneBy({ id: body.profileEmployeeId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id);
const data = new ProfileChildren();
@ -105,10 +110,10 @@ export class ProfileChildrenEmployeeController extends Controller {
@Body() body: UpdateProfileChildren,
@Path() childrenId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
const record = await this.childrenRepository.findOneBy({ id: childrenId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", record.profileEmployeeId);
const history = new ProfileChildrenHistory();
Object.assign(record, body);
Object.assign(history, body);
@ -132,7 +137,10 @@ export class ProfileChildrenEmployeeController extends Controller {
@Delete("{childrenId}")
public async deleteTraning(@Path() childrenId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_EMP");
const _record = await this.childrenRepository.findOneBy({ id: childrenId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
await this.childrenHistoryRepository.delete({
profileChildrenId: childrenId,
});

2
src/controllers/ProfileController.ts
View file

@ -4849,7 +4849,7 @@ export class ProfileController extends Controller {
* @summary
*
*/
@Get("profileid/retire/{year}")
@Get("profileid/retire/{year}") //ตส
async getProfileByRetireYear(@Path() year: number) {
const profiles = await this.profileRepo
.createQueryBuilder("profile")

20
src/controllers/ProfileDisciplineEmployeeController.ts
View file

@ -72,7 +72,8 @@ export class ProfileDisciplineEmployeeController extends Controller {
},
],
})
public async getDiscipline(@Path() profileId: string) {
public async getDiscipline(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profileId);
const lists = await this.disciplineRepository.find({
where: { profileEmployeeId: profileId },
select: [
@ -91,7 +92,11 @@ export class ProfileDisciplineEmployeeController extends Controller {
}
@Get("history/{disciplineId}")
public async disciplineHistory(@Path() disciplineId: string) {
public async disciplineHistory(@Path() disciplineId: string, @Request() req: RequestWithUser) {
const _record = await this.disciplineRepository.findOneBy({ id: disciplineId });
if (_record) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
const record = await this.disciplineHistoryRepository.find({
where: { profileDisciplineId: disciplineId },
select: [
@ -115,16 +120,15 @@ export class ProfileDisciplineEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileEmployeeDiscipline,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
if (!body.profileEmployeeId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepository.findOneBy({ id: body.profileEmployeeId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id);
const data = new ProfileDiscipline();
@ -152,10 +156,9 @@ export class ProfileDisciplineEmployeeController extends Controller {
@Body() body: UpdateProfileDiscipline,
@Path() disciplineId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
const record = await this.disciplineRepository.findOneBy({ id: disciplineId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", record.profileEmployeeId)
const history = new ProfileDisciplineHistory();
@ -180,7 +183,10 @@ export class ProfileDisciplineEmployeeController extends Controller {
@Delete("{disciplineId}")
public async deleteDiscipline(@Path() disciplineId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_EMP");
const _record = await this.disciplineRepository.findOneBy({ id: disciplineId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
await this.disciplineHistoryRepository.delete({
profileDisciplineId: disciplineId,
});

20
src/controllers/ProfileDutyEmployeeController.ts
View file

@ -51,7 +51,8 @@ export class ProfileDutyEmployeeController extends Controller {
}
@Get("{profileId}")
public async getDuty(@Path() profileId: string) {
public async getDuty(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileId);
const lists = await this.dutyRepository.find({
where: { profileEmployeeId: profileId },
select: [
@ -68,7 +69,11 @@ export class ProfileDutyEmployeeController extends Controller {
}
@Get("history/{dutyId}")
public async dutyHistory(@Path() dutyId: string) {
public async dutyHistory(@Path() dutyId: string, @Request() req: RequestWithUser) {
const _record = await this.dutyRepository.findOneBy({ id: dutyId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
const record = await this.dutyHistoryRepository.find({
where: { profileDutyId: dutyId },
select: [
@ -89,16 +94,15 @@ export class ProfileDutyEmployeeController extends Controller {
@Post()
public async newDuty(@Request() req: RequestWithUser, @Body() body: CreateProfileEmployeeDuty) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
if (!body.profileEmployeeId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepository.findOneBy({ id: body.profileEmployeeId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_EMP", profile.id);
const data = new ProfileDuty();
@ -126,10 +130,9 @@ export class ProfileDutyEmployeeController extends Controller {
@Body() body: UpdateProfileDuty,
@Path() dutyId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
const record = await this.dutyRepository.findOneBy({ id: dutyId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", record.profileEmployeeId)
const history = new ProfileDutyHistory();
@ -151,7 +154,10 @@ export class ProfileDutyEmployeeController extends Controller {
@Delete("{dutyId}")
public async deleteDuty(@Path() dutyId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_EMP");
const _record = await this.dutyRepository.findOneBy({ id: dutyId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
await this.dutyHistoryRepository.delete({
profileDutyId: dutyId,
});

22
src/controllers/ProfileEducationsEmployeeController.ts
View file

@ -91,7 +91,8 @@ export class ProfileEducationsEmployeeController extends Controller {
},
],
})
public async detailProfileEducation(@Path() profileEmployeeId: string) {
public async detailProfileEducation(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const getProfileEducation = await this.profileEducationRepo.find({
where: { profileEmployeeId: profileEmployeeId },
});
@ -168,7 +169,12 @@ export class ProfileEducationsEmployeeController extends Controller {
},
],
})
public async getProfileEducationHistory(@Path() educationId: string) {
public async getProfileEducationHistory(@Path() educationId: string, @Request() req: RequestWithUser) {
const _record = await this.profileEducationRepo.findOneBy({ id: educationId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
const record = await this.profileEducationHistoryRepo.findBy({
profileEducationId: educationId,
});
@ -183,15 +189,15 @@ export class ProfileEducationsEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileEducationEmployee,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
if (!body.profileEmployeeId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileEmployeeId");
}
const profile = await this.profileEmployeeRepo.findOneBy({ id: body.profileEmployeeId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id);
const data = new ProfileEducation();
const meta = {
@ -218,9 +224,9 @@ export class ProfileEducationsEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Path() educationId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
const record = await this.profileEducationRepo.findOneBy({ id: educationId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", record.profileEmployeeId);
const history = new ProfileEducationHistory();
@ -248,7 +254,11 @@ export class ProfileEducationsEmployeeController extends Controller {
@Path() educationId: string,
@Request() req: RequestWithUser,
) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_EMP");
const _record = await this.profileEducationRepo.findOneBy({ id: educationId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
await this.profileEducationHistoryRepo.delete({
profileEducationId: educationId,
});

72
src/controllers/ProfileEmployeeController.ts
View file

@ -117,7 +117,7 @@ export class ProfileEmployeeController extends Controller {
* @param {string} id Id
*/
@Get("kp7-short/{id}")
async kp7ShortById(@Path() id: string) {
async kp7ShortById(@Path() id: string, @Request() req: RequestWithUser) {
const orgRevision = await this.orgRevisionRepo.findOne({
where: { orgRevisionIsCurrent: true },
});
@ -136,6 +136,7 @@ export class ProfileEmployeeController extends Controller {
where: { id: id },
});
if (!profile) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_EMP", profile.id);
const province = await this.provinceRepository.findOneBy({
id: profile.registrationProvinceId,
@ -240,7 +241,7 @@ export class ProfileEmployeeController extends Controller {
* @param {string} id Id
*/
@Get("kk1/{id}")
public async getKk1Employee(@Path() id: string) {
public async getKk1Employee(@Path() id: string, @Request() req: RequestWithUser) {
const profiles = await this.profileRepo.findOne({
// select: [
// "citizenId",
@ -257,6 +258,9 @@ export class ProfileEmployeeController extends Controller {
relations: ["currentSubDistrict", "currentDistrict", "currentProvince"],
where: { id: id },
});
if(profiles){
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_EMP", profiles.id);
}
const profileOc = await this.profileRepo.findOne({
relations: [
"current_holders",
@ -576,8 +580,7 @@ export class ProfileEmployeeController extends Controller {
*
*/
@Post()
async createProfile(@Body() body: CreateProfileEmployee, @Request() request: RequestWithUser) {
await new permission().PermissionCreate(request, "SYS_REGISTRY_TEMP");
async createProfile(@Body() body: CreateProfileEmployee, @Request() request: RequestWithUser) { //ตส
if (await this.profileRepo.findOneBy({ citizenId: body.citizenId })) {
throw new HttpError(
HttpStatus.INTERNAL_SERVER_ERROR,
@ -630,7 +633,7 @@ export class ProfileEmployeeController extends Controller {
@Path() id: string,
@Body() body: UpdateProfileEmployee,
) {
await new permission().PermissionUpdate(request, "SYS_REGISTRY_EMP");
await new permission().PermissionOrgUserUpdate(request, "SYS_REGISTRY_EMP", id)
const exists =
!!body.citizenId &&
(await this.profileRepo.findOne({
@ -694,11 +697,11 @@ export class ProfileEmployeeController extends Controller {
*/
@Delete("{id}")
async deleteProfile(@Path() id: string, @Request() request: RequestWithUser) {
await new permission().PermissionDelete(request, "SYS_REGISTRY_EMP");
const result = await this.profileRepo.findOne({ where: { id: id } });
if (!result) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
}
await new permission().PermissionOrgUserDelete(request, "SYS_REGISTRY_EMP", result.id);
await this.informationHistoryRepository.delete({ profileEmployeeId: id });
await this.profileRepo.remove(result);
return new HttpSuccess();
@ -1054,7 +1057,8 @@ export class ProfileEmployeeController extends Controller {
* @param {string} id Id
*/
@Get("{id}")
async detailProfile(@Path() id: string) {
async detailProfile(@Path() id: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_EMP", id);
const profile = await this.profileRepo.findOne({
relations: {
posLevel: true,
@ -1307,7 +1311,8 @@ export class ProfileEmployeeController extends Controller {
}
@Get("history/{id}")
async getProfileHistory(@Path() id: string) {
async getProfileHistory(@Path() id: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_EMP", id);
const profile = await this.profileHistoryRepo.find({
relations: {
posLevel: true,
@ -2072,7 +2077,7 @@ export class ProfileEmployeeController extends Controller {
@Path() id: string,
@Body() body: UpdatePositionTempProfileEmployee,
) {
await new permission().PermissionCreate(request, "SYS_REGISTRY_TEMP");
await new permission().PermissionOrgUserUpdate(request, "SYS_REGISTRY_EMP", id)
if (body.posLevelId === "") body.posLevelId = null;
if (body.posTypeId === "") body.posTypeId = null;
@ -2202,9 +2207,11 @@ export class ProfileEmployeeController extends Controller {
@Put("citizenId/{id}")
async checkCitizenIdProfile(
@Path() id: string,
@Request() req: RequestWithUser,
@Body()
requestBody: { citizenId: string },
) {
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", id)
const profile = await this.profileRepo.findOne({
where: { id: Not(id), citizenId: requestBody.citizenId },
});
@ -2553,6 +2560,7 @@ export class ProfileEmployeeController extends Controller {
@Get("keycloak/position/{revisionId}")
async getProfileByKeycloakByRevision(
@Path() revisionId: string,
@Path() req: RequestWithUser,
@Request() request: { user: Record<string, any> },
) {
const profile = await this.profileRepo.findOne({
@ -2562,7 +2570,7 @@ export class ProfileEmployeeController extends Controller {
if (!profile) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลบุคคลนี้ในระบบ");
}
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profile.id)
const _profile = {
profileId: profile.id,
rank: profile.rank,
@ -2651,7 +2659,7 @@ export class ProfileEmployeeController extends Controller {
* @summary
*
*/
@Get("profileid/retire/{year}")
@Get("profileid/retire/{year}") //ตส
async getProfileByRetireYear(@Path() year: number) {
const profiles = await this.profileRepo
.createQueryBuilder("profileEmployee")
@ -2849,12 +2857,13 @@ export class ProfileEmployeeController extends Controller {
@Path() id: string,
@Body()
requestBody: { isLeave: boolean; leaveReason: string; dateLeave: Date },
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
) {
const profile = await this.profileRepo.findOne({
where: { id: id },
});
if (!profile) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserCreate(request, "SYS_REGISTRY_EMP", profile.id)
profile.isLeave = requestBody.isLeave;
profile.leaveReason = requestBody.leaveReason;
@ -2885,7 +2894,8 @@ export class ProfileEmployeeController extends Controller {
@Path() profileEmployeeId: string,
@Body() body: UpdateInformationProfileEmployee,
) {
await new permission().PermissionUpdate(request, "SYS_REGISTRY_TEMP");
await new permission().PermissionOrgUserUpdate(request, "SYS_REGISTRY_EMP", profileEmployeeId)
const profileEmp = await this.profileRepo.findOneBy({ id: profileEmployeeId });
if (!profileEmp) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลโปรไฟล์นี้");
@ -2913,7 +2923,8 @@ export class ProfileEmployeeController extends Controller {
* @param {string} profileEmployeeId profileEmployeeId
*/
@Get("information/{profileEmployeeId}")
async getInformationById(@Path() profileEmployeeId: string) {
async getInformationById(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_EMP", profileEmployeeId)
const profileInformation = await this.profileRepo.findOne({
where: { id: profileEmployeeId },
});
@ -2943,7 +2954,8 @@ export class ProfileEmployeeController extends Controller {
* @param {string} profileEmployeeId profileEmployeeId
*/
@Get("information/history/{profileEmployeeId}")
async getInformationHistory(@Path() profileEmployeeId: string) {
async getInformationHistory(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileEmployeeId)
const profileInformation = await this.profileRepo.find({
relations: {
information_histories: true,
@ -2984,7 +2996,8 @@ export class ProfileEmployeeController extends Controller {
* @param {string} profileEmployeeId profileEmployeeId
*/
@Get("employment/{profileEmployeeId}")
async ProfileEmployeeEmployment(@Path() profileEmployeeId: string) {
async ProfileEmployeeEmployment(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileEmployeeId)
const employment = await this.employmentRepository.find({
where: { profileEmployeeId: profileEmployeeId },
order: { createdAt: "ASC" },
@ -3005,10 +3018,13 @@ export class ProfileEmployeeController extends Controller {
* @param {string} id Id
*/
@Get("employment/id/{id}")
async GetEmploymentById(@Path() id: string) {
async GetEmploymentById(@Path() id: string, @Request() req: RequestWithUser) {
const employment = await this.employmentRepository.findOne({
where: { id: id },
});
if (employment) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_EMP", employment.profileEmployeeId)
}
return new HttpSuccess(employment);
}
@ -3020,7 +3036,13 @@ export class ProfileEmployeeController extends Controller {
* @param {string} id Id
*/
@Get("employment/history/{id}")
async GetHistoryEmploymentById(@Path() id: string) {
async GetHistoryEmploymentById(@Path() id: string, @Request() req: RequestWithUser) {
const employment = await this.employmentRepository.findOne({
where: { id: id },
});
if (employment) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", employment.profileEmployeeId)
}
const employmentHistory = await this.employmentHistoryRepository.find({
where: { profileEmployeeEmploymentId: id },
order: { lastUpdatedAt: "ASC" },
@ -3045,6 +3067,7 @@ export class ProfileEmployeeController extends Controller {
where: { id: profileEmployeeId },
});
if (!profile) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserList(request, "SYS_REGISTRY_EMP", profile.id)
const employment = new ProfileEmployeeEmployment();
// const history = new ProfileEmployeeEmploymentHistory();
@ -3076,7 +3099,12 @@ export class ProfileEmployeeController extends Controller {
*/
@Delete("employment/{id}")
async DeleteEmployment(@Path() id: string, @Request() request: RequestWithUser) {
await new permission().PermissionDelete(request, "SYS_REGISTRY_TEMP");
const employment = await this.employmentRepository.findOne({
where: { id: id },
});
if (employment) {
await new permission().PermissionOrgUserDelete(request, "SYS_REGISTRY_EMP", employment.profileEmployeeId)
}
await this.employmentHistoryRepository.delete({
profileEmployeeEmploymentId: id,
});
@ -3101,9 +3129,10 @@ export class ProfileEmployeeController extends Controller {
@Path() id: string,
@Body() body: UpdateEmploymentProfileEmployee,
) {
await new permission().PermissionUpdate(request, "SYS_REGISTRY_TEMP");
const employment = await this.employmentRepository.findOneBy({ id });
if (!employment) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(request, "SYS_REGISTRY_EMP", employment.profileEmployeeId)
const history = new ProfileEmployeeEmploymentHistory();
Object.assign(history, { ...employment, id: undefined });
@ -3386,7 +3415,7 @@ export class ProfileEmployeeController extends Controller {
*/
@Get("profileid/position/{id}")
async getProfileByProfileid(
@Request() request: { user: Record<string, any> },
@Request() request: RequestWithUser,
@Path() id: string,
) {
const profile = await this.profileRepo.findOne({
@ -3396,6 +3425,7 @@ export class ProfileEmployeeController extends Controller {
if (!profile) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลบุคคลนี้ในระบบ");
}
await new permission().PermissionOrgUserGet(request, "SYS_REGISTRY_EMP", profile.id);
const orgRevisionPublish = await this.orgRevisionRepo
.createQueryBuilder("orgRevision")

13
src/controllers/ProfileFamilyCoupleEmployeeController.ts
View file

@ -77,14 +77,15 @@ export class ProfileFamilyCoupleEmployeeController extends Controller {
profileEmployeeId: "1526d9d3-d8b1-43ab-81b5-a84dfbe99201",
},
})
public async getFamilyCouple(@Path() profileEmployeeId: string) {
public async getFamilyCouple(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
const profile = await this.profileRepo.findOne({
where: { id: profileEmployeeId },
});
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_EMP", profile.id);
const familyCouple = await this.ProfileFamilyCouple.findOne({
select: [
"id",
@ -176,13 +177,14 @@ export class ProfileFamilyCoupleEmployeeController extends Controller {
},
],
})
public async familyCoupleHistory(@Path() profileEmployeeId: string) {
public async familyCoupleHistory(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
const profile = await this.profileRepo.findOne({
where: { id: profileEmployeeId },
});
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profile.id);
const familyCouple = await this.ProfileFamilyCouple.find({
relations: ["histories"],
@ -220,7 +222,6 @@ export class ProfileFamilyCoupleEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileEmployeeFamilyCouple,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
const familyCouple = Object.assign(new ProfileFamilyCouple(), body);
if (!familyCouple) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
@ -229,6 +230,8 @@ export class ProfileFamilyCoupleEmployeeController extends Controller {
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id);
familyCouple.coupleCitizenId = Extension.CheckCitizen(String(body.coupleCitizenId));
familyCouple.createdUserId = req.user.sub;
familyCouple.createdFullName = req.user.name;
@ -253,7 +256,7 @@ export class ProfileFamilyCoupleEmployeeController extends Controller {
@Body() body: UpdateProfileFamilyCouple,
@Path() profileEmployeeId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", profileEmployeeId)
const familyCouple = await this.ProfileFamilyCouple.findOneBy({
profileEmployeeId: profileEmployeeId,
});

11
src/controllers/ProfileFamilyFatherEmployeeController.ts
View file

@ -73,11 +73,11 @@ export class ProfileFamilyFatherEmployeeController extends Controller {
profileEmployeeId: "1526d9d3-d8b1-43ab-81b5-a84dfbe99201",
},
})
public async getFamilyFather(@Path() profileEmployeeId: string) {
public async getFamilyFather(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const profile = await this.profileRepo.findOne({
where: { id: profileEmployeeId },
});
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
@ -164,7 +164,8 @@ export class ProfileFamilyFatherEmployeeController extends Controller {
},
],
})
public async familyFatherHistory(@Path() profileEmployeeId: string) {
public async familyFatherHistory(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const profile = await this.profileRepo.findOne({
where: { id: profileEmployeeId },
});
@ -206,7 +207,6 @@ export class ProfileFamilyFatherEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileEmployeeFamilyFather,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
const familyFather = Object.assign(new ProfileFamilyFather(), body);
if (!familyFather) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
@ -215,6 +215,7 @@ export class ProfileFamilyFatherEmployeeController extends Controller {
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id);
familyFather.fatherCitizenId = Extension.CheckCitizen(String(body.fatherCitizenId));
familyFather.createdUserId = req.user.sub;
familyFather.createdFullName = req.user.name;
@ -237,7 +238,7 @@ export class ProfileFamilyFatherEmployeeController extends Controller {
@Body() body: UpdateProfileFamilyFather,
@Path() profileEmployeeId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const familyFather = await this.ProfileFamilyFather.findOneBy({
profileEmployeeId: profileEmployeeId,
});

11
src/controllers/ProfileFamilyMotherEmployeeController.ts
View file

@ -73,7 +73,8 @@ export class ProfileFamilyMotherEmployeeController extends Controller {
profileEmployeeId: "1526d9d3-d8b1-43ab-81b5-a84dfbe99201",
},
})
public async getFamilyMother(@Path() profileEmployeeId: string) {
public async getFamilyMother(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const profile = await this.profileRepo.findOne({
where: { id: profileEmployeeId },
});
@ -164,14 +165,14 @@ export class ProfileFamilyMotherEmployeeController extends Controller {
},
],
})
public async familyMotherHistory(@Path() profileEmployeeId: string) {
public async familyMotherHistory(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const profile = await this.profileRepo.findOne({
where: { id: profileEmployeeId },
});
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
const familyMother = await this.ProfileFamilyMother.find({
relations: ["histories"],
order: { lastUpdatedAt: "DESC" },
@ -206,7 +207,6 @@ export class ProfileFamilyMotherEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileEmployeeFamilyMother,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
const familyMother = Object.assign(new ProfileFamilyMother(), body);
if (!familyMother) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
@ -215,6 +215,7 @@ export class ProfileFamilyMotherEmployeeController extends Controller {
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id);
familyMother.motherCitizenId = Extension.CheckCitizen(String(body.motherCitizenId));
familyMother.createdUserId = req.user.sub;
familyMother.createdFullName = req.user.name;
@ -237,7 +238,7 @@ export class ProfileFamilyMotherEmployeeController extends Controller {
@Body() body: UpdateProfileFamilyMother,
@Path() profileEmployeeId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const familyMother = await this.ProfileFamilyMother.findOneBy({
profileEmployeeId: profileEmployeeId,
});

8
src/controllers/ProfileGovernmentEmployeeController.ts
View file

@ -134,7 +134,8 @@ export class ProfileGovernmentEmployeeController extends Controller {
*/
@Get("{profileEmployeeId}")
@Example({})
public async getGovHistory(@Path() profileEmployeeId: string) {
public async getGovHistory(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const record = await this.profileEmployeeRepo.findOne({
where: { id: profileEmployeeId },
relations: {
@ -240,7 +241,8 @@ export class ProfileGovernmentEmployeeController extends Controller {
*/
@Get("history/{profileEmployeeId}")
@Example({})
public async govHistory(@Path() profileEmployeeId: string) {
public async govHistory(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileEmployeeId)
const record = await this.govRepo.find({
order: { lastUpdatedAt: "DESC" },
where: { profileEmployeeId: profileEmployeeId },
@ -259,7 +261,7 @@ export class ProfileGovernmentEmployeeController extends Controller {
@Body() body: UpdateProfileGovernment,
@Path() profileEmployeeId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", profileEmployeeId)
const record = await this.profileEmployeeRepo.findOne({
where: { id: profileEmployeeId },
});

24
src/controllers/ProfileHonorEmployeeController.ts
View file

@ -68,7 +68,8 @@ export class ProfileHonorEmployeeController extends Controller {
},
],
})
public async getHonor(@Path() profileEmployeeId: string) {
public async getHonor(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const record = await this.honorRepo.findBy({ profileEmployeeId });
return new HttpSuccess(record);
}
@ -133,7 +134,12 @@ export class ProfileHonorEmployeeController extends Controller {
},
],
})
public async honorHistory(@Path() honorId: string) {
public async honorHistory(@Path() honorId: string, @Request() req: RequestWithUser) {
const _record = await this.honorRepo.findOneBy({ id: honorId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
const record = await this.honorHistoryRepo.findBy({
profileHonorId: honorId,
});
@ -142,16 +148,15 @@ export class ProfileHonorEmployeeController extends Controller {
@Post()
public async newHonor(@Request() req: RequestWithUser, @Body() body: CreateProfileEmployeeHonor) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
if (!body.profileEmployeeId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileEmployeeId");
}
const profile = await this.profileEmployeeRepo.findOneBy({ id: body.profileEmployeeId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id);
const data = new ProfileHonor();
@ -179,11 +184,10 @@ export class ProfileHonorEmployeeController extends Controller {
@Body() body: UpdateProfileHonor,
@Path() honorId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
const record = await this.honorRepo.findOneBy({ id: honorId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", record.profileEmployeeId)
const history = new ProfileHonorHistory();
Object.assign(record, body);
@ -204,7 +208,11 @@ export class ProfileHonorEmployeeController extends Controller {
@Delete("{honorId}")
public async deleteTraning(@Path() honorId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_EMP");
const _record = await this.honorRepo.findOneBy({ id: honorId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
await this.honorHistoryRepo.delete({
profileHonorId: honorId,
});

21
src/controllers/ProfileInsigniaEmployeeController.ts
View file

@ -83,7 +83,8 @@ export class ProfileInsigniaEmployeeController extends Controller {
},
],
})
public async getInsignia(@Path() profileEmployeeId: string) {
public async getInsignia(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const record = await this.insigniaRepo.find({
relations: {
insignia: {
@ -150,7 +151,11 @@ export class ProfileInsigniaEmployeeController extends Controller {
},
],
})
public async getInsigniaHistory(@Path() InsigniaId: string) {
public async getInsigniaHistory(@Path() InsigniaId: string, @Request() req: RequestWithUser) {
const _record = await this.insigniaRepo.findOneBy({ id: InsigniaId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
const record = await this.insigniaHistoryRepo.find({
relations: {
insignia: {
@ -169,16 +174,15 @@ export class ProfileInsigniaEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileEmployeeInsignia,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
if (!body.profileEmployeeId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileEmployeeId");
}
const profile = await this.profileEmployeeRepo.findOneBy({ id: body.profileEmployeeId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id)
const insignia = await this.insigniaMetaRepo.findOne({
where: { id: body.insigniaId },
@ -213,10 +217,9 @@ export class ProfileInsigniaEmployeeController extends Controller {
@Body() body: UpdateProfileInsignia,
@Path() insigniaId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
const record = await this.insigniaRepo.findOneBy({ id: insigniaId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", record.profileEmployeeId)
const insignia = await this.insigniaMetaRepo.findOne({
where: { id: body.insigniaId },
@ -245,7 +248,11 @@ export class ProfileInsigniaEmployeeController extends Controller {
@Delete("{insigniaId}")
public async deleteInsignia(@Path() insigniaId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_EMP");
const _record = await this.insigniaRepo.findOneBy({ id: insigniaId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
await this.insigniaHistoryRepo.delete({
profileInsigniaId: insigniaId,
});

23
src/controllers/ProfileLeaveEmployeeController.ts
View file

@ -49,7 +49,8 @@ export class ProfileLeaveEmployeeController extends Controller {
}
@Get("{profileId}")
public async getLeave(@Path() profileId: string) {
public async getLeave(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileId);
const record = await this.leaveRepo.find({
relations: { leaveType: true },
where: { profileEmployeeId: profileId },
@ -58,7 +59,11 @@ export class ProfileLeaveEmployeeController extends Controller {
}
@Get("history/{leaveId}")
public async leaveHistory(@Path() leaveId: string) {
public async leaveHistory(@Path() leaveId: string, @Request() req: RequestWithUser) {
const _record = await this.leaveRepo.findOneBy({ id: leaveId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
const record = await this.leaveHistoryRepo.find({
relations: { leaveType: true },
where: { profileLeaveId: leaveId },
@ -68,16 +73,17 @@ export class ProfileLeaveEmployeeController extends Controller {
@Post()
public async newLeave(@Request() req: RequestWithUser, @Body() body: CreateProfileEmployeeLeave) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
if (!body.profileEmployeeId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepo.findOneBy({ id: body.profileEmployeeId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id);
const leaveType = await this.leaveTypeRepository.findOne({
where: { id: body.leaveTypeId },
});
@ -111,10 +117,9 @@ export class ProfileLeaveEmployeeController extends Controller {
@Body() body: UpdateProfileLeave,
@Path() leaveId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
const record = await this.leaveRepo.findOneBy({ id: leaveId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", record.profileEmployeeId)
const leaveType = await this.leaveTypeRepository.findOne({
where: { id: body.leaveTypeId },
@ -143,7 +148,11 @@ export class ProfileLeaveEmployeeController extends Controller {
@Delete("{leaveId}")
public async deleteLeave(@Path() leaveId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_EMP");
const _record = await this.leaveRepo.findOneBy({ id: leaveId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
await this.leaveHistoryRepo.delete({
profileLeaveId: leaveId,
});

13
src/controllers/ProfileNopaidEmployeeController.ts
View file

@ -67,16 +67,16 @@ export class ProfileNopaidEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileEmployeeNopaid,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
if (!body.profileEmployeeId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepository.findOneBy({ id: body.profileEmployeeId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id);
const data = new ProfileNopaid();
@ -104,10 +104,9 @@ export class ProfileNopaidEmployeeController extends Controller {
@Body() body: UpdateProfileNopaid,
@Path() nopaidId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
const record = await this.nopaidRepository.findOneBy({ id: nopaidId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", record.profileEmployeeId)
const history = new ProfileNopaidHistory();
@ -132,7 +131,11 @@ export class ProfileNopaidEmployeeController extends Controller {
@Delete("{nopaidId}")
public async deleteNopaid(@Path() nopaidId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_EMP");
const _record = await this.nopaidRepository.findOneBy({ id: nopaidId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
await this.nopaidHistoryRepository.delete({
profileNopaidId: nopaidId,
});

22
src/controllers/ProfileOtherEmployeeController.ts
View file

@ -46,7 +46,8 @@ export class ProfileOtherEmployeeController extends Controller {
}
@Get("{profileId}")
public async getOther(@Path() profileId: string) {
public async getOther(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileId);
const lists = await this.otherRepository.find({
where: { profileEmployeeId: profileId },
});
@ -54,7 +55,11 @@ export class ProfileOtherEmployeeController extends Controller {
}
@Get("history/{otherId}")
public async otherHistory(@Path() otherId: string) {
public async otherHistory(@Path() otherId: string, @Request() req: RequestWithUser) {
const _record = await this.otherRepository.findOneBy({ id: otherId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
const record = await this.otherHistoryRepository.find({
where: { profileOtherId: otherId },
order: { createdAt: "DESC" },
@ -64,16 +69,15 @@ export class ProfileOtherEmployeeController extends Controller {
@Post()
public async newOther(@Request() req: RequestWithUser, @Body() body: CreateProfileEmployeeOther) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
if (!body.profileEmployeeId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
}
const profile = await this.profileRepository.findOneBy({ id: body.profileEmployeeId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id);
const data = new ProfileOther();
@ -101,10 +105,10 @@ export class ProfileOtherEmployeeController extends Controller {
@Body() body: UpdateProfileOther,
@Path() otherId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
const record = await this.otherRepository.findOneBy({ id: otherId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", record.profileEmployeeId)
const history = new ProfileOtherHistory();
@ -129,7 +133,11 @@ export class ProfileOtherEmployeeController extends Controller {
@Delete("{otherId}")
public async deleteOther(@Path() otherId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_EMP");
const _record = await this.otherRepository.findOneBy({ id: otherId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
await this.otherHistoryRepository.delete({
profileOtherId: otherId,
});

28
src/controllers/ProfileSalaryEmployeeController.ts
View file

@ -48,7 +48,8 @@ export class ProfileSalaryEmployeeController extends Controller {
}
@Get("{profileId}")
public async getSalaryEmployee(@Path() profileId: string) {
public async getSalaryEmployee(@Path() profileId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileId);
const record = await this.salaryRepo.find({
where: { profileEmployeeId: profileId },
order: { order: "ASC" },
@ -57,7 +58,11 @@ export class ProfileSalaryEmployeeController extends Controller {
}
@Get("history/{salaryId}")
public async salaryHistory(@Path() salaryId: string) {
public async salaryHistory(@Path() salaryId: string, @Request() req: RequestWithUser) {
const _record = await this.salaryRepo.findOneBy({ id: salaryId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
const record = await this.salaryHistoryRepo.findBy({
profileSalaryId: salaryId,
});
@ -69,16 +74,15 @@ export class ProfileSalaryEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileSalaryEmployee,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
if (!body.profileEmployeeId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileEmployeeId");
}
const profile = await this.profileRepo.findOneBy({ id: body.profileEmployeeId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id);
const dest_item = await this.salaryRepo.findOne({
where: { profileEmployeeId: body.profileEmployeeId },
@ -112,10 +116,10 @@ export class ProfileSalaryEmployeeController extends Controller {
@Body() body: UpdateProfileSalaryEmployee,
@Path() salaryId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
const record = await this.salaryRepo.findOneBy({ id: salaryId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", record.profileEmployeeId)
const history = new ProfileSalaryHistory();
@ -137,7 +141,11 @@ export class ProfileSalaryEmployeeController extends Controller {
@Delete("{salaryId}")
public async deleteSalaryEmployee(@Path() salaryId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_EMP");
const _record = await this.salaryRepo.findOneBy({ id: salaryId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
await this.salaryHistoryRepo.delete({
profileSalaryId: salaryId,
});
@ -152,7 +160,11 @@ export class ProfileSalaryEmployeeController extends Controller {
}
@Get("swap/{direction}/{salaryId}")
public async swapSalaryEmployee(@Path() direction: string, salaryId: string) {
public async swapSalaryEmployee(@Path() direction: string, salaryId: string, @Request() req: RequestWithUser) {
const _record = await this.salaryRepo.findOneBy({ id: salaryId });
if (_record) {
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
const source_item = await this.salaryRepo.findOne({ where: { id: salaryId } });
if (source_item == null) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
const sourceOrder = source_item.order;

23
src/controllers/ProfileTrainingEmployeeController.ts
View file

@ -74,7 +74,8 @@ export class ProfileTrainingEmployeeController extends Controller {
},
],
})
public async getTraining(@Path() profileEmployeeId: string) {
public async getTraining(@Path() profileEmployeeId: string, @Request() req: RequestWithUser) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileEmployeeId);
const record = await this.trainingRepo.findBy({ profileEmployeeId });
return new HttpSuccess(record);
}
@ -130,7 +131,12 @@ export class ProfileTrainingEmployeeController extends Controller {
},
],
})
public async trainingHistory(@Path() trainingId: string) {
public async trainingHistory(@Path() trainingId: string, @Request() req: RequestWithUser) {
const _record = await this.trainingRepo.findOneBy({ id: trainingId });
if (_record) {
await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
const record = await this.trainingHistoryRepo.findBy({
profileTrainingId: trainingId,
});
@ -142,16 +148,16 @@ export class ProfileTrainingEmployeeController extends Controller {
@Request() req: RequestWithUser,
@Body() body: CreateProfileEmployeeTraining,
) {
await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
if (!body.profileEmployeeId) {
throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileEmployeeId");
}
const profile = await this.profileEmployeeRepo.findOneBy({ id: body.profileEmployeeId });
if (!profile) {
throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
}
await new permission().PermissionOrgUserCreate(req, "SYS_REGISTRY_EMP", profile.id);
const data = new ProfileTraining();
@ -179,10 +185,9 @@ export class ProfileTrainingEmployeeController extends Controller {
@Body() body: UpdateProfileTraining,
@Path() trainingId: string,
) {
await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
const record = await this.trainingRepo.findOneBy({ id: trainingId });
if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", record.profileEmployeeId)
const history = new ProfileTrainingHistory();
@ -204,7 +209,11 @@ export class ProfileTrainingEmployeeController extends Controller {
@Delete("{trainingId}")
public async deleteTraining(@Path() trainingId: string, @Request() req: RequestWithUser) {
await new permission().PermissionDelete(req, "SYS_REGISTRY_EMP");
const _record = await this.trainingRepo.findOneBy({ id: trainingId });
if (_record) {
await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
}
await this.trainingHistoryRepo.delete({
profileTrainingId: trainingId,
});