Merge branch 'develop' into dev

2025-11-12 14:40:36 +07:00 · 2025-11-12 14:40:36 +07:00 · ccf012ee1d
commit ccf012ee1d
parent 3195dc7c04 7ca6b28efa
2 changed files with 12 additions and 1 deletions
--- a/src/controllers/ProfileController.ts
+++ b/src/controllers/ProfileController.ts
@ -86,7 +86,7 @@ import { ProfileSalaryHistory } from "../entities/ProfileSalaryHistory";
 import { ProfileAssistance } from "../entities/ProfileAssistance";
 import { CommandRecive } from "../entities/CommandRecive";
 import { EmployeePosMaster } from "../entities/EmployeePosMaster";
-import { getTopDegrees } from "../services/PositionService";
+import { CreatePosMasterHistoryOfficer, getTopDegrees } from "../services/PositionService";
 import { ProfileLeaveService } from "../services/ProfileLeaveService";

@Route("api/v1/org/profile")
@ -10789,6 +10789,9 @@ export class ProfileController extends Controller {
    await this.profileRepo.save(profile, { data: request });
    setLogDataDiff(request, { before, after: profile });
    if (requestBody.isLeave == true) {
+      if(orgRevisionRef){
+        await CreatePosMasterHistoryOfficer(orgRevisionRef.id, request);
+      }
      await removeProfileInOrganize(profile.id, "OFFICER");
    }
    return new HttpSuccess();
--- a/src/middlewares/auth.ts
+++ b/src/middlewares/auth.ts
@ -27,6 +27,14 @@ export async function expressAuthentication(
  securityName: string,
  _scopes?: string[],
 ) {
+  // API_KEY bypass logic (support api_key, x-api-key, apikey)
+  const apiKeyHeader =
+    request.headers["api-key"] || request.headers["x-api-key"] || request.headers["apikey"];
+  if (apiKeyHeader !== undefined) {
+    if (apiKeyHeader === process.env.API_KEY) {
+      return { preferred_username: "api_key_bypass", apiKeyBypass: true };
+    }
+  }
  if (process.env.NODE_ENV !== "production" && process.env.AUTH_BYPASS) {
    return { preferred_username: "bypassed" };
  }