From 6207ba1a91728df28396eaddbce478bb382658d3 Mon Sep 17 00:00:00 2001
From: waruneeauy <warunee.auy@gmail.com>
Date: Tue, 23 Jul 2024 19:06:51 +0700
Subject: [PATCH] add api permission of user

---
 src/controllers/PermissionController.ts | 70 +++++++++++++++++++++++++
 1 file changed, 70 insertions(+)
 create mode 100644 src/controllers/PermissionController.ts

diff --git a/src/controllers/PermissionController.ts b/src/controllers/PermissionController.ts
new file mode 100644
index 00000000..53935c4c
--- /dev/null
+++ b/src/controllers/PermissionController.ts
@@ -0,0 +1,70 @@
+import { Body, Controller, Get, Path, Post, Request, Route, Security, Tags } from "tsoa";
+import { AppDataSource } from "../database/data-source";
+import { RequestWithUser } from "../middlewares/user";
+import HttpError from "../interfaces/http-error";
+import HttpStatus from "../interfaces/http-status";
+import HttpSuccess from "../interfaces/http-success";
+import HttpStatusCode from "../interfaces/http-status";
+import { AuthRole } from "../entities/AuthRole";
+import { AuthRoleAttr } from "../entities/AuthRoleAttr";
+import { PosMaster } from "../entities/PosMaster";
+import { Profile } from "../entities/Profile";
+
+@Route("api/v1/org/permission")
+@Tags("Permission")
+@Security("bearerAuth")
+export class PermissionController extends Controller {
+  private profileRepo = AppDataSource.getRepository(Profile);
+  private posMasterRepository = AppDataSource.getRepository(PosMaster);
+  private authRoleRepo = AppDataSource.getRepository(AuthRole);
+  private authRoleAttrRepo = AppDataSource.getRepository(AuthRoleAttr);
+
+  @Get("")
+  public async getPermission(@Request() request: { user: Record<string, any> }) {
+    const profile = await this.profileRepo.findOne({
+      select: ["id"],
+      where: { keycloak: request.user.sub },
+    });
+    if (!profile) {
+      throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลบุคคลนี้ในระบบ");
+    }
+
+    const posMaster = await this.posMasterRepository.findOne({
+      select: ["authRoleId"],
+      where: { current_holderId: profile.id },
+    });
+    if (!posMaster) {
+      throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์");
+    }
+
+    const getDetail = await this.authRoleRepo.findOne({
+      select: ["roleName", "roleDescription"],
+      where: { id: posMaster.authRoleId },
+    });
+    if (!getDetail) {
+      throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
+    }
+
+    const roleAttrData = await this.authRoleAttrRepo.find({
+      select: [
+        "authSysId",
+        "parentNode",
+        "attrOwnership",
+        "attrIsCreate",
+        "attrIsList",
+        "attrIsGet",
+        "attrIsUpdate",
+        "attrIsDelete",
+        "attrPrivilege",
+      ],
+      where: { authRoleId: getDetail.id },
+    });
+
+    const formattedData = {
+      ...getDetail,
+      roleAttributes: roleAttrData,
+    };
+
+    return new HttpSuccess(formattedData);
+  }
+}