role เมนู ลูกจ้างประจำ กทม.

2024-08-23 16:28:31 +07:00 · 2024-08-23 16:28:31 +07:00 · 7237c68cb8
commit 7237c68cb8
parent 359d22beec
23 changed files with 327 additions and 155 deletions
--- a/src/controllers/ProfileDutyEmployeeController.ts
+++ b/src/controllers/ProfileDutyEmployeeController.ts
@ -51,7 +51,8 @@ export class ProfileDutyEmployeeController extends Controller {
  }

  @Get("{profileId}")
-  public async getDuty(@Path() profileId: string) {
+  public async getDuty(@Path() profileId: string, @Request() req: RequestWithUser) {
+    await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", profileId);
    const lists = await this.dutyRepository.find({
      where: { profileEmployeeId: profileId },
      select: [
@ -68,7 +69,11 @@ export class ProfileDutyEmployeeController extends Controller {
  }

  @Get("history/{dutyId}")
-  public async dutyHistory(@Path() dutyId: string) {
+  public async dutyHistory(@Path() dutyId: string, @Request() req: RequestWithUser) {
+    const _record = await this.dutyRepository.findOneBy({ id: dutyId });
+    if (_record) {
+      await new permission().PermissionOrgUserList(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
+    }
    const record = await this.dutyHistoryRepository.find({
      where: { profileDutyId: dutyId },
      select: [
@ -89,16 +94,15 @@ export class ProfileDutyEmployeeController extends Controller {

  @Post()
  public async newDuty(@Request() req: RequestWithUser, @Body() body: CreateProfileEmployeeDuty) {
-    await new permission().PermissionCreate(req, "SYS_REGISTRY_EMP");
    if (!body.profileEmployeeId) {
      throw new HttpError(HttpStatus.BAD_REQUEST, "กรุณากรอก profileId");
    }

    const profile = await this.profileRepository.findOneBy({ id: body.profileEmployeeId });
-
    if (!profile) {
      throw new HttpError(HttpStatus.BAD_REQUEST, "ไม่พบ profile ดังกล่าว");
    }
+    await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_EMP", profile.id);

    const data = new ProfileDuty();

@ -126,10 +130,9 @@ export class ProfileDutyEmployeeController extends Controller {
    @Body() body: UpdateProfileDuty,
    @Path() dutyId: string,
  ) {
-    await new permission().PermissionUpdate(req, "SYS_REGISTRY_EMP");
    const record = await this.dutyRepository.findOneBy({ id: dutyId });
-
    if (!record) throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
+    await new permission().PermissionOrgUserUpdate(req, "SYS_REGISTRY_EMP", record.profileEmployeeId)

    const history = new ProfileDutyHistory();

@ -151,7 +154,10 @@ export class ProfileDutyEmployeeController extends Controller {

  @Delete("{dutyId}")
  public async deleteDuty(@Path() dutyId: string, @Request() req: RequestWithUser) {
-    await new permission().PermissionDelete(req, "SYS_REGISTRY_EMP");
+    const _record = await this.dutyRepository.findOneBy({ id: dutyId });
+    if (_record) {
+      await new permission().PermissionOrgUserDelete(req, "SYS_REGISTRY_EMP", _record.profileEmployeeId);
+    }
    await this.dutyHistoryRepository.delete({
      profileDutyId: dutyId,
    });