api test สิทธิ์
This commit is contained in:
kittapath
parent
99255ff36b
commit
bd1f889fba
3 changed files with 119 additions and 2 deletions
|
|
@ -217,7 +217,7 @@ export class PermissionController extends Controller {
|
|||
const getAsync = promisify(redisClient.get).bind(redisClient);
|
||||
|
||||
const profile = await this.profileRepo.findOne({
|
||||
// select: ["id"],
|
||||
select: ["id"],
|
||||
where: { keycloak: request.user.sub },
|
||||
});
|
||||
if (!profile) {
|
||||
|
|
@ -252,4 +252,49 @@ export class PermissionController extends Controller {
|
|||
|
||||
return new HttpSuccess(reply);
|
||||
}
|
||||
|
||||
@Get("user/{id}")
|
||||
public async listOrgUser(@Request() request: RequestWithUser,@Path() id: string) {
|
||||
const redisClient = await this.redis.createClient({
|
||||
host: REDIS_HOST,
|
||||
port: REDIS_PORT,
|
||||
});
|
||||
const getAsync = promisify(redisClient.get).bind(redisClient);
|
||||
|
||||
const profile = await this.profileRepo.findOne({
|
||||
select: ["id"],
|
||||
where: { id: id },
|
||||
});
|
||||
if (!profile) {
|
||||
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลบุคคลนี้ในระบบ");
|
||||
}
|
||||
|
||||
let reply = await getAsync("user_" + profile.id);
|
||||
if (reply != null) {
|
||||
reply = JSON.parse(reply);
|
||||
} else {
|
||||
const posMaster = await this.posMasterRepository.findOne({
|
||||
where: {
|
||||
current_holderId: profile.id,
|
||||
orgRevision: {
|
||||
orgRevisionIsDraft: false,
|
||||
orgRevisionIsCurrent: true,
|
||||
},
|
||||
},
|
||||
});
|
||||
if (!posMaster) {
|
||||
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลตำแหน่งในโครงสร้าง");
|
||||
}
|
||||
reply = {
|
||||
orgRootId: posMaster.orgRootId,
|
||||
orgChild1Id: posMaster.orgChild1Id,
|
||||
orgChild2Id: posMaster.orgChild2Id,
|
||||
orgChild3Id: posMaster.orgChild3Id,
|
||||
orgChild4Id: posMaster.orgChild4Id,
|
||||
};
|
||||
redisClient.setex("user_" + profile.id, 86400, JSON.stringify(reply));
|
||||
}
|
||||
|
||||
return new HttpSuccess(reply);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2465,7 +2465,8 @@ export class ProfileController extends Controller {
|
|||
* @param {string} id Id ทะเบียนประวัติ
|
||||
*/
|
||||
@Get("{id}")
|
||||
async getProfile(@Path() id: string) {
|
||||
async getProfile(@Request() req: RequestWithUser, @Path() id: string) {
|
||||
await new permission().PermissionOrgUserGet(req, "SYS_REGISTRY_OFFICER", id);
|
||||
const profile = await this.profileRepo.findOne({
|
||||
relations: {
|
||||
posLevel: true,
|
||||
|
|
|
|||
|
|
@ -126,6 +126,61 @@ class CheckAuth {
|
|||
throw new HttpError(HttpStatus.FORBIDDEN, x);
|
||||
});
|
||||
}
|
||||
public async PermissionOrgByUser(
|
||||
req: RequestWithUser,
|
||||
system: string,
|
||||
action: string,
|
||||
profileId: string,
|
||||
) {
|
||||
if (
|
||||
req.headers.hasOwnProperty("api_key") &&
|
||||
req.headers["api_key"] &&
|
||||
req.headers["api_key"] == process.env.API_KEY
|
||||
) {
|
||||
return true;
|
||||
}
|
||||
return await new CallAPI()
|
||||
.GetData(req, `/org/permission/user/${profileId}`)
|
||||
.then(async (x) => {
|
||||
let org = {
|
||||
orgRootId: [null],
|
||||
orgChild1Id: [null],
|
||||
orgChild2Id: [null],
|
||||
orgChild3Id: [null],
|
||||
orgChild4Id: [null],
|
||||
};
|
||||
if (action.trim().toLocaleUpperCase() == "CREATE")
|
||||
org = await this.PermissionOrgCreate(req, system);
|
||||
if (action.trim().toLocaleUpperCase() == "DELETE")
|
||||
org = await this.PermissionOrgDelete(req, system);
|
||||
if (action.trim().toLocaleUpperCase() == "GET")
|
||||
org = await this.PermissionOrgGet(req, system);
|
||||
if (action.trim().toLocaleUpperCase() == "LIST")
|
||||
org = await this.PermissionOrgList(req, system);
|
||||
if (action.trim().toLocaleUpperCase() == "UPDATE")
|
||||
org = await this.PermissionOrgUpdate(req, system);
|
||||
|
||||
if (org.orgRootId != null)
|
||||
if (x.orgRootId != org.orgRootId[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล";
|
||||
if (org.orgChild1Id != null)
|
||||
if (x.orgChild1Id != org.orgChild1Id[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล";
|
||||
if (org.orgChild2Id != null)
|
||||
if (x.orgChild2Id != org.orgChild2Id[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล";
|
||||
if (org.orgChild3Id != null)
|
||||
if (x.orgChild3Id != org.orgChild3Id[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล";
|
||||
if (org.orgChild4Id != null)
|
||||
if (x.orgChild4Id != org.orgChild4Id[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล";
|
||||
|
||||
return true;
|
||||
})
|
||||
.catch((x) => {
|
||||
if (x.status == 403) {
|
||||
throw new HttpError(HttpStatus.FORBIDDEN, x.message);
|
||||
} else {
|
||||
throw new HttpError(HttpStatus.FORBIDDEN, x);
|
||||
}
|
||||
});
|
||||
}
|
||||
public async PermissionCreate(req: RequestWithUser, system: string) {
|
||||
return await this.Permission(req, system, "CREATE");
|
||||
}
|
||||
|
|
@ -157,6 +212,22 @@ class CheckAuth {
|
|||
public async PermissionOrgUpdate(req: RequestWithUser, system: string) {
|
||||
return await this.PermissionOrg(req, system, "UPDATE");
|
||||
}
|
||||
|
||||
public async PermissionOrgUserCreate(req: RequestWithUser, system: string, profileId: string) {
|
||||
return await this.PermissionOrgByUser(req, system, "CREATE", profileId);
|
||||
}
|
||||
public async PermissionOrgUserDelete(req: RequestWithUser, system: string, profileId: string) {
|
||||
return await this.PermissionOrgByUser(req, system, "DELETE", profileId);
|
||||
}
|
||||
public async PermissionOrgUserGet(req: RequestWithUser, system: string, profileId: string) {
|
||||
return await this.PermissionOrgByUser(req, system, "GET", profileId);
|
||||
}
|
||||
public async PermissionOrgUserList(req: RequestWithUser, system: string, profileId: string) {
|
||||
return await this.PermissionOrgByUser(req, system, "LIST", profileId);
|
||||
}
|
||||
public async PermissionOrgUserUpdate(req: RequestWithUser, system: string, profileId: string) {
|
||||
return await this.PermissionOrgByUser(req, system, "UPDATE", profileId);
|
||||
}
|
||||
}
|
||||
|
||||
export default CheckAuth;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue