fix: permission
All checks were successful
Build & Deploy on Dev / build (push) Successful in 1m11s

This commit is contained in:
DESKTOP-1R2VSQH\Lenovo ThinkPad E490 2026-05-12 15:14:21 +07:00
parent 0718f28e5e
commit e64cd3f384
2 changed files with 121 additions and 68 deletions

View file

@ -91,11 +91,18 @@ export class PermissionController extends Controller {
orgRevisionId: orgRevision?.id, orgRevisionId: orgRevision?.id,
}, },
}); });
if (!posMaster) { }
// ตรวจสอบว่ามีสิทธิ์อย่างน้อยหนึ่งอย่าง (posMaster หรือ acting position)
if (!posMaster && !actingData.isAct) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์"); throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์");
} }
}
const getDetail = await this.authRoleRepo.findOne({ let getDetail: any = null;
let roleAttrData: any[] = [];
if (posMaster) {
getDetail = await this.authRoleRepo.findOne({
select: ["id", "roleName", "roleDescription"], select: ["id", "roleName", "roleDescription"],
where: { id: posMaster.authRoleId }, where: { id: posMaster.authRoleId },
}); });
@ -104,7 +111,7 @@ export class PermissionController extends Controller {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล"); throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
} }
const roleAttrData = await this.authRoleAttrRepo.find({ roleAttrData = await this.authRoleAttrRepo.find({
select: [ select: [
"authSysId", "authSysId",
"parentNode", "parentNode",
@ -118,6 +125,14 @@ export class PermissionController extends Controller {
], ],
where: { authRoleId: getDetail.id }, where: { authRoleId: getDetail.id },
}); });
} else {
// ถ้าไม่มี posMaster แต่มี acting: สร้าง getDetail เปล่าๆ
getDetail = {
id: null,
roleName: "Acting",
roleDescription: "สิทธิ์จากตำแหน่งรักษาการ",
};
}
// ถ้า User มีตำแหน่งรักษาการ ให้รวมสิทธิ์ // ถ้า User มีตำแหน่งรักษาการ ให้รวมสิทธิ์
if (actingData.isAct && actingData.posMasterActs.length > 0) { if (actingData.isAct && actingData.posMasterActs.length > 0) {
@ -314,16 +329,22 @@ export class PermissionController extends Controller {
orgRevisionId: orgRevision?.id, orgRevisionId: orgRevision?.id,
}, },
}); });
if (!posMaster) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์");
}
} }
// ตรวจสอบว่ามีสิทธิ์อย่างน้อยหนึ่งอย่าง (posMaster หรือ acting position)
if (!posMaster && !actingData.isAct) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์");
}
let authRole: any = null;
let roleAttrData: any[] = [];
if (posMaster) {
if (!posMaster.authRoleId) { if (!posMaster.authRoleId) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์"); throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์");
} }
const authRole = await this.authRoleRepo.findOne({ authRole = await this.authRoleRepo.findOne({
select: ["id"], select: ["id"],
where: { id: posMaster.authRoleId }, where: { id: posMaster.authRoleId },
}); });
@ -333,10 +354,11 @@ export class PermissionController extends Controller {
} }
// ดึง roleAttrData ของ user ปกติ // ดึง roleAttrData ของ user ปกติ
let roleAttrData = await this.authRoleAttrRepo.find({ roleAttrData = await this.authRoleAttrRepo.find({
select: ["authSysId", "parentNode"], select: ["authSysId", "parentNode"],
where: { authRoleId: authRole.id, attrIsList: true }, where: { authRoleId: authRole.id, attrIsList: true },
}); });
}
// ถ้ามี acting positions ให้รวมสิทธิ์ // ถ้ามี acting positions ให้รวมสิทธิ์
if (actingData.isAct && actingData.posMasterActs.length > 0) { if (actingData.isAct && actingData.posMasterActs.length > 0) {
@ -901,12 +923,18 @@ export class PermissionController extends Controller {
orgRevisionId: orgRevision?.id, orgRevisionId: orgRevision?.id,
}, },
}); });
if (!posMaster) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์");
}
} }
const getDetail = await this.authRoleRepo.findOne({ // ตรวจสอบว่ามีสิทธิ์อย่างน้อยหนึ่งอย่าง (posMaster หรือ acting position)
if (!posMaster && !actingData.isAct) {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูลสิทธิ์");
}
let getDetail: any = null;
let roleAttrData: any[] = [];
if (posMaster) {
getDetail = await this.authRoleRepo.findOne({
select: ["id", "roleName", "roleDescription"], select: ["id", "roleName", "roleDescription"],
where: { id: posMaster.authRoleId }, where: { id: posMaster.authRoleId },
}); });
@ -914,7 +942,7 @@ export class PermissionController extends Controller {
throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล"); throw new HttpError(HttpStatus.NOT_FOUND, "ไม่พบข้อมูล");
} }
const roleAttrData = await this.authRoleAttrRepo.find({ roleAttrData = await this.authRoleAttrRepo.find({
select: [ select: [
"authSysId", "authSysId",
"parentNode", "parentNode",
@ -928,6 +956,14 @@ export class PermissionController extends Controller {
], ],
where: { authRoleId: getDetail.id }, where: { authRoleId: getDetail.id },
}); });
} else {
// ถ้าไม่มี posMaster แต่มี acting: สร้าง getDetail เปล่าๆ
getDetail = {
id: null,
roleName: "Acting",
roleDescription: "สิทธิ์จากตำแหน่งรักษาการ",
};
}
// ถ้ามี acting positions ให้รวมสิทธิ์ // ถ้ามี acting positions ให้รวมสิทธิ์
if (actingData.isAct && actingData.posMasterActs.length > 0) { if (actingData.isAct && actingData.posMasterActs.length > 0) {

View file

@ -296,6 +296,7 @@ export class PosMasterActController extends Controller {
where: { where: {
id: id, id: id,
}, },
relations: ["posMasterChild", "posMasterChild.current_holder"],
}); });
try { try {
result = await this.posMasterActRepository.delete({ id: id }); result = await this.posMasterActRepository.delete({ id: id });
@ -320,6 +321,22 @@ export class PosMasterActController extends Controller {
await this.posMasterActRepository.save(p); await this.posMasterActRepository.save(p);
}); });
} }
// ลบ Redis cache ของคนที่เป็น acting
if (posMasterAct != null && posMasterAct.posMasterChild?.current_holderId) {
const profileId = posMasterAct.posMasterChild.current_holderId;
const redisClient = await this.redis.createClient({
host: REDIS_HOST,
port: REDIS_PORT,
});
const delAsync = promisify(redisClient.del).bind(redisClient);
await delAsync("role_" + profileId);
await delAsync("menu_" + profileId);
redisClient.quit();
}
return new HttpSuccess(); return new HttpSuccess();
} }