hrms-bangkok/hrms-api-org
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

no message

Browse source
This commit is contained in:
kittapath 2024-09-04 17:05:25 +07:00
parent f0aa757b79
commit d30c07b0aa
2 changed files with 127 additions and 216 deletions
Download patch file Download diff file Expand all files Collapse all files

328
src/controllers/PermissionController.ts
View file

@ -33,13 +33,102 @@ export class PermissionController extends Controller {
private redis = require("redis");
@Get("")
public async getPermission(@Request() request: RequestWithUser) {
let data = this.getPermissionFunc(request);
return new HttpSuccess(data);
public async getPermission(@Request() request: { user: Record<string, any> }) {
const orgRevision = await this.orgRevisionRepository.findOne({
select: ["id"],
where: {
orgRevisionIsDraft: false,
orgRevisionIsCurrent: true,
},
});
const redisClient = await this.redis.createClient({
host: REDIS_HOST,
port: REDIS_PORT,
});
const getAsync = promisify(redisClient.get).bind(redisClient);
let profileType = "OFFICER";
let profile: any = await this.profileRepo.findOne({
select: ["id"],
where: { keycloak: request.user.sub },
});
if (!profile) {
profileType = "EMPLOYEE";
profile = await this.profileEmployeeRepo.findOne({
select: ["id"],
where: { keycloak: request.user.sub },
});
if (!profile) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลบุคคลนี้ในระบบ");
}
}
let reply = await getAsync("role_" + profile.id);
if (reply != null) {
reply = JSON.parse(reply);
} else {
let posMaster: any = await this.posMasterRepository.findOne({
select: ["authRoleId"],
where: {
current_holderId: profile.id,
// orgRevision: {
// orgRevisionIsDraft: false,
// orgRevisionIsCurrent: true,
// },
orgRevisionId: orgRevision?.id,
},
});
if (!posMaster) {
posMaster = await this.posMasterEmpRepository.findOne({
select: ["authRoleId"],
where: {
current_holderId: profile.id,
// orgRevision: {
// orgRevisionIsDraft: false,
// orgRevisionIsCurrent: true,
// },
orgRevisionId: orgRevision?.id,
},
});
if (!posMaster) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์");
}
}
const getDetail = await this.authRoleRepo.findOne({
select: ["id", "roleName", "roleDescription"],
where: { id: posMaster.authRoleId },
});
if (!getDetail) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
}
const roleAttrData = await this.authRoleAttrRepo.find({
select: [
"authSysId",
"parentNode",
"attrOwnership",
"attrIsCreate",
"attrIsList",
"attrIsGet",
"attrIsUpdate",
"attrIsDelete",
"attrPrivilege",
],
where: { authRoleId: getDetail.id },
});
reply = {
...getDetail,
roles: roleAttrData,
};
redisClient.setex("role_" + profile.id, 86400, JSON.stringify(reply));
}
return new HttpSuccess(reply);
}
@Get("menu")
public async listAuthSys(@Request() request: RequestWithUser) {
public async listAuthSys(@Request() request: { user: Record<string, any> }) {
const orgRevision = await this.orgRevisionRepository.findOne({
select: ["id"],
where: {
@ -77,6 +166,10 @@ export class PermissionController extends Controller {
select: ["authRoleId"],
where: {
current_holderId: profile.id,
// orgRevision: {
// orgRevisionIsDraft: false,
// orgRevisionIsCurrent: true,
// },
orgRevisionId: orgRevision?.id,
},
});
@ -85,6 +178,10 @@ export class PermissionController extends Controller {
select: ["authRoleId"],
where: {
current_holderId: profile.id,
// orgRevision: {
// orgRevisionIsDraft: false,
// orgRevisionIsCurrent: true,
// },
orgRevisionId: orgRevision?.id,
},
});
@ -303,100 +400,6 @@ export class PermissionController extends Controller {
@Get("user/{id}")
public async listOrgUser(@Request() request: RequestWithUser, @Path() id: string) {
const redisClient = await this.redis.createClient({
host: REDIS_HOST,
port: REDIS_PORT,
});
const getAsync = promisify(redisClient.get).bind(redisClient);
let reply = await getAsync("user_" + id);
if (reply != null) {
reply = JSON.parse(reply);
} else {
const orgRevision = await this.orgRevisionRepository.findOne({
select: ["id"],
where: {
orgRevisionIsDraft: false,
orgRevisionIsCurrent: true,
},
});
let profileType = "OFFICER";
let profile: any = await this.profileRepo.findOne({
select: ["id"],
where: { id: id },
});
if (!profile) {
profileType = "EMPLOYEE";
profile = await this.profileEmployeeRepo.findOne({
select: ["id"],
where: { id: id },
});
if (!profile) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลบุคคลนี้ในระบบ");
}
}
if (profileType == "OFFICER") {
const posMaster = await this.posMasterRepository.findOne({
where: {
current_holderId: profile.id,
orgRevisionId: orgRevision?.id,
},
});
if (!posMaster) {
reply = {
orgRootId: null,
orgChild1Id: null,
orgChild2Id: null,
orgChild3Id: null,
orgChild4Id: null,
};
} else {
reply = {
orgRootId: posMaster.orgRootId,
orgChild1Id: posMaster.orgChild1Id,
orgChild2Id: posMaster.orgChild2Id,
orgChild3Id: posMaster.orgChild3Id,
orgChild4Id: posMaster.orgChild4Id,
};
}
redisClient.setex("user_" + profile.id, 86400, JSON.stringify(reply));
} else {
const posMaster = await this.posMasterEmpRepository.findOne({
where: {
current_holderId: profile.id,
orgRevisionId: orgRevision?.id,
},
});
if (!posMaster) {
reply = {
orgRootId: null,
orgChild1Id: null,
orgChild2Id: null,
orgChild3Id: null,
orgChild4Id: null,
};
} else {
reply = {
orgRootId: posMaster.orgRootId,
orgChild1Id: posMaster.orgChild1Id,
orgChild2Id: posMaster.orgChild2Id,
orgChild3Id: posMaster.orgChild3Id,
orgChild4Id: posMaster.orgChild4Id,
};
}
redisClient.setex("user_" + profile.id, 86400, JSON.stringify(reply));
}
}
return new HttpSuccess(reply);
}
@Get("org/{action}/{system}")
public async listAuthSysOrgSystem(
@Request() request: RequestWithUser,
@Path() action: string,
@Path() system: string,
) {
const orgRevision = await this.orgRevisionRepository.findOne({
select: ["id"],
where: {
@ -413,28 +416,31 @@ export class PermissionController extends Controller {
let profileType = "OFFICER";
let profile: any = await this.profileRepo.findOne({
select: ["id"],
where: { keycloak: request.user.sub },
where: { id: id },
});
if (!profile) {
profileType = "EMPLOYEE";
profile = await this.profileEmployeeRepo.findOne({
select: ["id"],
where: { keycloak: request.user.sub },
where: { id: id },
});
if (!profile) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลบุคคลนี้ในระบบ");
}
}
let reply = await getAsync("posMaster_" + profile.id);
let reply = await getAsync("user_" + profile.id);
if (reply != null) {
reply = JSON.parse(reply);
} else {
let privilege = this.Permission(request, system.toLocaleUpperCase(), action);
if (profileType == "OFFICER") {
const posMaster = await this.posMasterRepository.findOne({
where: {
current_holderId: profile.id,
// orgRevision: {
// orgRevisionIsDraft: false,
// orgRevisionIsCurrent: true,
// },
orgRevisionId: orgRevision?.id,
},
});
@ -445,7 +451,6 @@ export class PermissionController extends Controller {
orgChild2Id: null,
orgChild3Id: null,
orgChild4Id: null,
privilege: privilege,
};
} else {
reply = {
@ -454,14 +459,17 @@ export class PermissionController extends Controller {
orgChild2Id: posMaster.orgChild2Id,
orgChild3Id: posMaster.orgChild3Id,
orgChild4Id: posMaster.orgChild4Id,
privilege: privilege,
};
}
redisClient.setex("posMaster_" + profile.id, 86400, JSON.stringify(reply));
redisClient.setex("user_" + profile.id, 86400, JSON.stringify(reply));
} else {
const posMaster = await this.posMasterEmpRepository.findOne({
where: {
current_holderId: profile.id,
// orgRevision: {
// orgRevisionIsDraft: false,
// orgRevisionIsCurrent: true,
// },
orgRevisionId: orgRevision?.id,
},
});
@ -472,7 +480,6 @@ export class PermissionController extends Controller {
orgChild2Id: null,
orgChild3Id: null,
orgChild4Id: null,
privilege: privilege,
};
} else {
reply = {
@ -481,119 +488,12 @@ export class PermissionController extends Controller {
orgChild2Id: posMaster.orgChild2Id,
orgChild3Id: posMaster.orgChild3Id,
orgChild4Id: posMaster.orgChild4Id,
privilege: privilege,
};
}
redisClient.setex("posMaster_" + profile.id, 86400, JSON.stringify(reply));
redisClient.setex("user_" + profile.id, 86400, JSON.stringify(reply));
}
}
return new HttpSuccess(reply);
}
public async getPermissionFunc(@Request() request: RequestWithUser) {
const orgRevision = await this.orgRevisionRepository.findOne({
select: ["id"],
where: {
orgRevisionIsDraft: false,
orgRevisionIsCurrent: true,
},
});
const redisClient = await this.redis.createClient({
host: REDIS_HOST,
port: REDIS_PORT,
});
const getAsync = promisify(redisClient.get).bind(redisClient);
let profile: any = await this.profileRepo.findOne({
select: ["id"],
where: { keycloak: request.user.sub },
});
if (!profile) {
profile = await this.profileEmployeeRepo.findOne({
select: ["id"],
where: { keycloak: request.user.sub },
});
if (!profile) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลบุคคลนี้ในระบบ");
}
}
let reply = await getAsync("role_" + profile.id);
if (reply != null) {
reply = JSON.parse(reply);
} else {
let posMaster: any = await this.posMasterRepository.findOne({
select: ["authRoleId"],
where: {
current_holderId: profile.id,
orgRevisionId: orgRevision?.id,
},
});
if (!posMaster) {
posMaster = await this.posMasterEmpRepository.findOne({
select: ["authRoleId"],
where: {
current_holderId: profile.id,
orgRevisionId: orgRevision?.id,
},
});
if (!posMaster) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์");
}
}
const getDetail = await this.authRoleRepo.findOne({
select: ["id", "roleName", "roleDescription"],
where: { id: posMaster.authRoleId },
});
if (!getDetail) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
}
const roleAttrData = await this.authRoleAttrRepo.find({
select: [
"authSysId",
"parentNode",
"attrOwnership",
"attrIsCreate",
"attrIsList",
"attrIsGet",
"attrIsUpdate",
"attrIsDelete",
"attrPrivilege",
],
where: { authRoleId: getDetail.id },
});
reply = {
...getDetail,
roles: roleAttrData,
};
redisClient.setex("role_" + profile.id, 86400, JSON.stringify(reply));
}
return reply;
}
public async Permission(request: RequestWithUser, system: string, action: string) {
if (
request.headers.hasOwnProperty("api_key") &&
request.headers["api_key"] &&
request.headers["api_key"] == process.env.API_KEY
) {
return null;
}
let data: any = this.getPermissionFunc(request);
let permission = false;
let role = data.roles.find((x: any) => x.authSysId == system);
if (!role) throw "ไม่มีสิทธิ์เข้าระบบ";
if (role.attrOwnership == "OWNER") return "OWNER";
if (action.trim().toLocaleUpperCase() == "CREATE") permission = role.attrIsCreate;
if (action.trim().toLocaleUpperCase() == "DELETE") permission = role.attrIsDelete;
if (action.trim().toLocaleUpperCase() == "GET") permission = role.attrIsGet;
if (action.trim().toLocaleUpperCase() == "LIST") permission = role.attrIsList;
if (action.trim().toLocaleUpperCase() == "UPDATE") permission = role.attrIsUpdate;
if (permission == false) throw "ไม่มีสิทธิ์ใช้งานระบบนี้";
return role.attrPrivilege;
}
}

15
src/interfaces/permission.ts
View file

@ -45,9 +45,20 @@ class CheckAuth {
return null;
}
return await new CallAPI()
.GetData(req, `/org/permission/org/${action}/${system}`)
.GetData(req, "/org/permission/org")
.then(async (x) => {
let privilege = x.privilege;
let privilege = null;
if (action.trim().toLocaleUpperCase() == "CREATE")
privilege = await this.PermissionCreate(req, system);
if (action.trim().toLocaleUpperCase() == "DELETE")
privilege = await this.PermissionDelete(req, system);
if (action.trim().toLocaleUpperCase() == "GET")
privilege = await this.PermissionGet(req, system);
if (action.trim().toLocaleUpperCase() == "LIST")
privilege = await this.PermissionList(req, system);
if (action.trim().toLocaleUpperCase() == "UPDATE")
privilege = await this.PermissionUpdate(req, system);
let data: any = {
root: [null],
child1: [null],