From e64cd3f38461fc0c712aba4f72e5cb6f3251547a Mon Sep 17 00:00:00 2001 From: "DESKTOP-1R2VSQH\\Lenovo ThinkPad E490" Date: Tue, 12 May 2026 15:14:21 +0700 Subject: [PATCH] fix: permission --- src/controllers/PermissionController.ts | 172 +++++++++++++--------- src/controllers/PosMasterActController.ts | 17 +++ 2 files changed, 121 insertions(+), 68 deletions(-) diff --git a/src/controllers/PermissionController.ts b/src/controllers/PermissionController.ts index 27da092f..8c713947 100644 --- a/src/controllers/PermissionController.ts +++ b/src/controllers/PermissionController.ts @@ -91,34 +91,49 @@ export class PermissionController extends Controller { orgRevisionId: orgRevision?.id, }, }); - if (!posMaster) { - throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์"); + } + + // ตรวจสอบว่ามีสิทธิ์อย่างน้อยหนึ่งอย่าง (posMaster หรือ acting position) + if (!posMaster && !actingData.isAct) { + throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์"); + } + + let getDetail: any = null; + let roleAttrData: any[] = []; + + if (posMaster) { + getDetail = await this.authRoleRepo.findOne({ + select: ["id", "roleName", "roleDescription"], + where: { id: posMaster.authRoleId }, + }); + + if (!getDetail) { + throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล"); } - } - const getDetail = await this.authRoleRepo.findOne({ - select: ["id", "roleName", "roleDescription"], - where: { id: posMaster.authRoleId }, - }); - if (!getDetail) { - throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล"); + roleAttrData = await this.authRoleAttrRepo.find({ + select: [ + "authSysId", + "parentNode", + "attrOwnership", + "attrIsCreate", + "attrIsList", + "attrIsGet", + "attrIsUpdate", + "attrIsDelete", + "attrPrivilege", + ], + where: { authRoleId: getDetail.id }, + }); + } else { + // ถ้าไม่มี posMaster แต่มี acting: สร้าง getDetail เปล่าๆ + getDetail = { + id: null, + roleName: "Acting", + roleDescription: "สิทธิ์จากตำแหน่งรักษาการ", + }; } - const roleAttrData = await this.authRoleAttrRepo.find({ - select: [ - "authSysId", - "parentNode", - "attrOwnership", - "attrIsCreate", - "attrIsList", - "attrIsGet", - "attrIsUpdate", - "attrIsDelete", - "attrPrivilege", - ], - where: { authRoleId: getDetail.id }, - }); - // ถ้า User มีตำแหน่งรักษาการ ให้รวมสิทธิ์ if (actingData.isAct && actingData.posMasterActs.length > 0) { // ดึง authRoleId ของทุกตำแหน่งรักษาการ @@ -314,30 +329,37 @@ export class PermissionController extends Controller { orgRevisionId: orgRevision?.id, }, }); - if (!posMaster) { + } + + // ตรวจสอบว่ามีสิทธิ์อย่างน้อยหนึ่งอย่าง (posMaster หรือ acting position) + if (!posMaster && !actingData.isAct) { + throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์"); + } + + let authRole: any = null; + let roleAttrData: any[] = []; + + if (posMaster) { + if (!posMaster.authRoleId) { throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์"); } + + authRole = await this.authRoleRepo.findOne({ + select: ["id"], + where: { id: posMaster.authRoleId }, + }); + + if (!authRole) { + throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์"); + } + + // ดึง roleAttrData ของ user ปกติ + roleAttrData = await this.authRoleAttrRepo.find({ + select: ["authSysId", "parentNode"], + where: { authRoleId: authRole.id, attrIsList: true }, + }); } - if (!posMaster.authRoleId) { - throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์"); - } - - const authRole = await this.authRoleRepo.findOne({ - select: ["id"], - where: { id: posMaster.authRoleId }, - }); - - if (!authRole) { - throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์"); - } - - // ดึง roleAttrData ของ user ปกติ - let roleAttrData = await this.authRoleAttrRepo.find({ - select: ["authSysId", "parentNode"], - where: { authRoleId: authRole.id, attrIsList: true }, - }); - // ถ้ามี acting positions ให้รวมสิทธิ์ if (actingData.isAct && actingData.posMasterActs.length > 0) { // ดึง authRoleId ของทุกตำแหน่งรักษาการ @@ -901,34 +923,48 @@ export class PermissionController extends Controller { orgRevisionId: orgRevision?.id, }, }); - if (!posMaster) { - throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์"); + } + + // ตรวจสอบว่ามีสิทธิ์อย่างน้อยหนึ่งอย่าง (posMaster หรือ acting position) + if (!posMaster && !actingData.isAct) { + throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์"); + } + + let getDetail: any = null; + let roleAttrData: any[] = []; + + if (posMaster) { + getDetail = await this.authRoleRepo.findOne({ + select: ["id", "roleName", "roleDescription"], + where: { id: posMaster.authRoleId }, + }); + if (!getDetail) { + throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล"); } - } - const getDetail = await this.authRoleRepo.findOne({ - select: ["id", "roleName", "roleDescription"], - where: { id: posMaster.authRoleId }, - }); - if (!getDetail) { - throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล"); + roleAttrData = await this.authRoleAttrRepo.find({ + select: [ + "authSysId", + "parentNode", + "attrOwnership", + "attrIsCreate", + "attrIsList", + "attrIsGet", + "attrIsUpdate", + "attrIsDelete", + "attrPrivilege", + ], + where: { authRoleId: getDetail.id }, + }); + } else { + // ถ้าไม่มี posMaster แต่มี acting: สร้าง getDetail เปล่าๆ + getDetail = { + id: null, + roleName: "Acting", + roleDescription: "สิทธิ์จากตำแหน่งรักษาการ", + }; } - const roleAttrData = await this.authRoleAttrRepo.find({ - select: [ - "authSysId", - "parentNode", - "attrOwnership", - "attrIsCreate", - "attrIsList", - "attrIsGet", - "attrIsUpdate", - "attrIsDelete", - "attrPrivilege", - ], - where: { authRoleId: getDetail.id }, - }); - // ถ้ามี acting positions ให้รวมสิทธิ์ if (actingData.isAct && actingData.posMasterActs.length > 0) { // ดึง authRoleId ของทุกตำแหน่งรักษาการ diff --git a/src/controllers/PosMasterActController.ts b/src/controllers/PosMasterActController.ts index 72aac19b..fbc09201 100644 --- a/src/controllers/PosMasterActController.ts +++ b/src/controllers/PosMasterActController.ts @@ -296,6 +296,7 @@ export class PosMasterActController extends Controller { where: { id: id, }, + relations: ["posMasterChild", "posMasterChild.current_holder"], }); try { result = await this.posMasterActRepository.delete({ id: id }); @@ -320,6 +321,22 @@ export class PosMasterActController extends Controller { await this.posMasterActRepository.save(p); }); } + + // ลบ Redis cache ของคนที่เป็น acting + if (posMasterAct != null && posMasterAct.posMasterChild?.current_holderId) { + const profileId = posMasterAct.posMasterChild.current_holderId; + const redisClient = await this.redis.createClient({ + host: REDIS_HOST, + port: REDIS_PORT, + }); + + const delAsync = promisify(redisClient.del).bind(redisClient); + await delAsync("role_" + profileId); + await delAsync("menu_" + profileId); + + redisClient.quit(); + } + return new HttpSuccess(); }